Privacy Policy

Last updated: March 5, 2026

BitGorilla is built on a simple idea: the less we know about you, the less there is to worry about. This policy is honest about what that means and meets our obligations under applicable data protection laws. "We," "us," and "BitGorilla" mean Gorilla Ltd., a Samoa International Company. Privacy contact: [email protected].

1. What we don't collect

We do not ask for or collect, in the ordinary course of using BitGorilla:

  • Your name, date of birth, phone number, or postal address.
  • Your email address — unless you choose to write to support.
  • A government ID, passport, selfie, or any KYC document.
  • Payment card or bank account details.
  • A user account, password, or login — BitGorilla has none.
  • A connected wallet session — you paste an address, you don't sign in.

No signup, no profile, no cross-swap history tied to your identity — because we never learned it.

2. Data controller

Gorilla Ltd., a company incorporated in Samoa. Privacy contact: [email protected]. The privacy contact handles all questions, rights requests, and complaints.

3. What we do handle, why, and for how long

Some data is unavoidable to run a swap. The list is short and the retention windows are concrete.

DataPurposeLegal basisRetention
Swap data — deposit and destination addresses, chain, asset, amount, rate, timestamps, tx hashes, statusExecute the swap; settle with the Solver; AML recordsContract performance + legal obligation5 years
Blockchain analytics + AML screening (via AMLBot) — risk score, list matches, vendor response, wallet-address exposure dataSanctions and illicit-fund screening; transaction monitoringLegal obligation + legitimate interest5 years
Support comms — your email (if you write), content, identifiersAnswer questions, handle refundsContract performance + legitimate interest24 months after closure
Strictly necessary cookies — session, CSRF, load-balancerMake the site workLegitimate interestSession only

We do not profile, advertise to, sell, or rent your data.

4. Honest note on blockchains

BitGorilla writes transactions to public blockchains. Wallet addresses, amounts, timestamps, and tx hashes on-chain cannot be deleted, rewritten, or redacted — not by us, not by anyone. On a valid erasure request we will delete the off-chain copy we retain, subject to the retention windows in section 3; the on-chain record stays public.

An IP address plus wallet address plus timestamp can together count as personal data, and we treat it that way. We will not claim BitGorilla gives you "complete anonymity" — only that we do not add our own identity layer on top of what the blockchain already reveals.

5. Who we share it with

We never sell data and never share it for advertising. We share only with:

  • Solvers — the independent market makers who deliver your output. The winning solver receives your destination address, asset, amount, and chain; nothing else — no IP, no user-agent, no cookies, no history. Solvers act as independent controllers for that data.
  • AMLBot — our blockchain analytics and sanctions screening provider. Receives wallet addresses, transaction hashes, amounts, and timestamps for screening, risk scoring, and transaction monitoring. Retention: 5 years. Operating entity: Safe3, UAB (Lithuania) or SAFELEMENT LIMITED (Hong Kong). AMLBot acts as our processor under a Data Processing Agreement.
  • Infrastructure and support providers — each under appropriate data processing agreements.
  • Law enforcement and regulators — only on valid subpoena, court order, or MLAT request; we push back on overbroad or improperly served requests.
  • Successor entity in a merger, acquisition, insolvency, or asset sale, subject to this policy.

6. Automated decision-making

When you initiate a swap, automated screening is performed by AMLBot on the wallet addresses involved. A result of "clean" allows the swap to proceed. A result of "flagged" escalates the swap for human review under our internal AML procedures.

Because a flagged result can significantly affect you (the swap may be delayed or ultimately not executed), you have the right to:

  • Meaningful information about the logic — at a high level, screening involves matching against sanctions lists (OFAC, EU, UN, UK HMT) and risk scoring of blockchain addresses (exposure to mixers, darknet markets, ransomware clusters, known scams, and sanctioned entities). We do not disclose exact thresholds to prevent circumvention.
  • Obtain human review of any automated decision
  • Express your view before a final decision is made
  • Contest the decision (see Section 7)

To exercise any of these rights, email [email protected].

7. Your rights

You have rights of access, rectification, erasure (subject to sections 3 and 4), restriction, portability, objection to legitimate-interest processing, rights around automated decisions (see section 6), and to withdraw consent at any time.

7.1 How we verify you without an account

BitGorilla has no accounts, logins, or KYC — so we cannot check a driver's license. For data tied to a specific swap we ask you to sign a short message from the wallet address involved (standard "Sign Message" flow, no gas fee). A valid signature proves you control the address. If you no longer control the wallet, we may verify using swap-specific facts (tx hash, timestamps, refund address) at our discretion.

7.2 Making a request

Email [email protected] with the right you want to exercise and enough to find the data (a deposit or destination address and approximate date). We respond within 30 days, extendable by 60 in complex cases. Where your request concerns data held by AMLBot on our behalf, we instruct AMLBot to action it.

7.3 Complaints

You can complain to your local data protection authority. We would appreciate hearing from you first so we can try to fix it directly.

8. International transfers

Some processors (hosting, analytics, support tooling) may be located outside your jurisdiction. Where data moves across borders we use appropriate safeguards, including standard contractual clauses and transfer impact assessments where required. Copies available on request.

Our primary compliance provider AMLBot operates through Safe3, UAB (Lithuania) and SAFELEMENT LIMITED (Hong Kong).

9. Security and breach notification

Measures appropriate to the risk: TLS in transit, encryption at rest for sensitive fields, role-based access, audit logging, and separated prod and non-prod environments. No online system is ever 100% secure.

On a personal data breach likely to risk your rights, we notify the competent authority within 72 hours of becoming aware. Where risk is high, we also notify affected users — for an anonymous service, via a prominent homepage notice plus email to any user who gave us one.

10. Cookies

Strictly necessary cookies only — the ones that make the site work (session, CSRF, load-balancer, language). No advertising, no cross-site tracking, no analytics pixels. No banner needed to use BitGorilla. If we ever add non-essential cookies, we will add a consent banner first.

11. Children

BitGorilla is not intended for anyone under 18; by using the service you represent you are at least 18. We do not knowingly collect data from children, and deliberately do not collect the identity data needed to verify age. If you believe a child has used BitGorilla, contact us and we will delete anything we retain.

12. Changes

When we update this policy we will change the "Last updated" date and post the revised text here. For material changes we will show a visible notice on the homepage for at least 30 days before the change takes effect.

13. Contact

Gorilla Ltd. (a Samoa International Company) — privacy questions, rights requests, complaints: [email protected]. General support: via the support channel on the site.

To make a data-rights request, email us from the address — or sign a message from the wallet — you want the request tied to. We will take it from there.