Privacy policy.

What Personal Data We Collect

To provide trading, OTC review, bill settlement, onboarding, support, and compliance workflows, Ubuntu Exchange may collect information needed to verify users, operate accounts, process requests, and protect the platform.

• Identity information: Government-issued identification, BVN where applicable, corporate registration or CAC documentation for entities, address information, source-of-funds context, and verification signals required for KYC/KYB review.
• Account and transaction data: Order history, trade and OTC request details, payout or settlement instructions, bank account details submitted for settlement, digital asset wallet addresses, bill settlement records, account balances, and support communications.
• Device and security data: IP addresses, device identifiers, browser and operating system information, authentication logs, session timing, and related access signals used to monitor account security and platform integrity.

How We Use Data

Ubuntu Exchange uses collected data for platform operations, compliance, fraud prevention, account security, customer support, and service administration. Data use may vary depending on the service requested and the level of review required.

• Compliance and fraud prevention: Supporting AML/CFT review, sanctions and risk screening, identity checks, transaction monitoring, restricted activity review, and internal escalation where required.
• Core operations: Routing supported fiat and digital asset settlement requests, reviewing OTC requests, processing bill settlement workflows, maintaining account status, and recording transaction history.
• Service support: Responding to inquiries, investigating account or execution issues, sending operational notices, and providing security or account-related communications.

Data Sharing & Disclosure

Ubuntu Exchange does not sell personal data. We may share necessary information with service providers, partners, advisers, or authorities where reasonably required for service delivery, compliance, fraud prevention, dispute handling, legal obligations, or lawful review.

• Service providers and partners: Identity verification providers, payment or settlement partners, infrastructure providers, customer support tools, bill settlement providers, and other processors that help operate the platform.
• Legal and compliance recipients: Legal advisers, competent authorities, regulators, law enforcement, or counterparties where disclosure is required by law, partner obligations, court order, lawful request, or good-faith risk assessment.

Data Security and Retention

Ubuntu Exchange applies technical, operational, and access-control safeguards intended to reduce unauthorized access, misuse, alteration, or disclosure of personal data. These safeguards may include encryption, access restrictions, monitoring, credential controls, infrastructure protections, and internal review processes.

No internet-based system is risk-free. We retain personal data and transaction records for as long as reasonably necessary for the purposes described in this policy, including service delivery, account administration, compliance, audit, dispute resolution, fraud prevention, and legal or contractual obligations.

User Rights & Contact Channels

Depending on your jurisdiction and the nature of the record, you may be able to request access, correction, clarification, portability, restriction, or deletion of personal data. Some requests may be limited where continued retention or processing is required for compliance, fraud prevention, dispute handling, account security, or legal obligations.

If you have privacy concerns or want to exercise a data request, use the privacy option on our contact page. We may need to verify your identity before acting on a request.