BATA logo

Privacy Policy

Last updated: 2025-10-05
Controller: PT BATA Digital Asset Indonesia (“BATACoin”, “we”, “us”, “our”)
Scope: this Policy covers the BATACoin website, dApp, and related smart contracts (the “Services”).

By using the Services you agree to this Policy. If you do not agree, do not use the Services.

1) What we collect

We collect only what we need to operate, secure, and improve the Services.

  • Wallet identifiers
    Public wallet addresses you connect, chain and network, transaction hashes, balances and events used for presale, vesting, claims, and eligibility checks.
  • On-chain activity
    Transactions you sign and broadcast. These records are public by design.
  • Technical and usage data
    Pages visited, clicks, approximate region from IP by providers, device and browser type, timestamps, screen size, error logs. We keep this minimal.
  • KYC and compliance data (only when required)
    For certain ticket sizes, regions, or legal requirements. Collected and verified by regulated third-party providers. Examples: name, ID document, country, sanctions screening outcome.
  • Community and airdrop data
    Usernames or handles you submit on partner platforms, referral codes, wallet proofs, task completion records.
  • Support communications
    Emails or messages sent to our support or legal addresses.

We do not collect private keys or seed phrases. Never share them with anyone.

2) Sources

  • Directly from you when you connect a wallet, fill a form, or contact us.
  • Automatically from your device while using the Services.
  • From third parties such as KYC providers, RPC and analytics vendors, airdrop platforms, exchanges used for corporate off-ramp, accountants, and auditors.

3) Purposes and legal bases

We use data to:

  • Operate the dApp and smart contracts. Quote, approve, purchase, vest, and claim.
  • Security and abuse prevention. Detect fraud, bots, sybil, and misuse.
  • Compliance. KYC and AML where required. Sanctions and jurisdiction checks.
  • Transparency and reporting. Publish non-personal metadata and document hashes.
  • Support and communications. Product notices and incident updates.
  • Product improvement. Fix bugs and improve reliability with minimal analytics.

Legal bases: performance of a contract, legitimate interests, consent where required, and legal obligations.

4) On-chain data is public and immutable

Blockchain transactions and addresses are public. We cannot alter or delete on-chain records. If you request deletion, we can remove or redact off-chain copies where law allows. The blockchain will remain unchanged.

5) Off-ramp and vendor payments

For operations we may convert funds to fiat at a corporate exchange and pay vendors from a company bank account. Land payments use PPAT or Notary escrow where applicable. We publish transparency summaries and document hashes. We do not publish personal data in public dashboards.

6) Sharing and recipients

We do not sell personal data. We share data only as needed to run the Services, under contracts with confidentiality and security duties:

  • KYC and AML providers
  • Cloud hosting and infrastructure
  • RPC and node providers
  • Privacy-respecting analytics and monitoring
  • Corporate exchanges and payment partners for off-ramp
  • Accountants, auditors, and legal counsels

We may disclose information where required by law or to protect users and the platform.

7) Cookies and local storage

We may use cookies or localStorage for preferences and basic session needs, for example selected wallet, UI settings, and cached caps. You can control cookies in your browser. Disabling some features may affect functionality.

8) Retention

We keep personal data only as long as needed for the purposes above and to meet legal or accounting requirements. Logs are rotated on reasonable schedules. On-chain data persists on public ledgers.

9) Security

We apply role-based access, least privilege, encryption in transit, and internal reviews. No online system is perfectly secure. You are responsible for your wallet, keys, and devices.

10) International transfers

Services and providers may operate globally. Where required, we use appropriate safeguards for cross-border transfers, such as contractual clauses.

11) Your rights

Subject to law you may have the right to:

  • Access, correct, or delete your off-chain personal data
  • Object to or restrict certain processing
  • Withdraw consent where processing is based on consent
  • Request data portability where applicable

To make a request email privacy@batacoin.io. We may need to verify your identity. On-chain records cannot be edited or removed by us.

12) Children

The Services are not intended for individuals under 18. Do not use the Services if you are under 18.

13) Transparency

We publish non-personal transparency summaries such as Safe addresses, stage parameters, recent payment metadata, and document hashes. Full documents may be available to verified investors under NDA in a separate data room. We do not publish personal data.

14) Changes to this Policy

We may update this Policy. A new “Last updated” date will appear at the top. Continued use after an update means you accept the changes.

15) Contact

  • Data and privacy: privacy@batacoin.io
  • Support: hello@batacoin.io
  • Terms of Use: /terms