Phoenix SwapPhoenixSwap

Privacy Policy

Last updated: February 2026

1. Introduction

Phoenix Financial Services LLC ("Phoenix Swap", "we", "us") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share your information when you use our cryptocurrency exchange platform at phoenixswap.ge.

2. Data We Collect

Identity data: Full name, date of birth, nationality, government-issued ID documents collected for KYC compliance.

Contact data: Email address, phone number.

Financial data: Bank account details, crypto wallet addresses, transaction history.

Technical data: IP address, browser type, device identifiers, login timestamps, session data.

Usage data: Pages visited, features used, order history.

3. How We Use Your Data

  • To verify your identity and comply with KYC/AML obligations under Georgian law
  • To process your cryptocurrency exchange orders
  • To detect and prevent fraud, money laundering, and other illegal activities
  • To send transaction confirmations and account notifications
  • To respond to your support requests
  • To improve the Platform through aggregated, anonymised analytics

4. Legal Basis for Processing

Contract performance: Processing is necessary to provide the exchange service.

Legal obligation: KYC/AML data is processed to comply with Georgian financial regulations, including the Law of Georgia on Facilitating the Prevention of Money Laundering.

Legitimate interests: Fraud prevention and platform security.

Consent: Marketing communications, where applicable.

5. Data Sharing

We do not sell your personal data. We may share it with:

  • Regulatory authorities — as required by Georgian law (Financial Monitoring Service, NBG)
  • Banking partners — for payment processing and verification
  • Compliance service providers — for sanctions screening and identity verification
  • IT service providers — hosting, cloud infrastructure, operating under strict data processing agreements

6. Data Retention

We retain your personal data for a minimum of 5 years after your last transaction or account closure, as required by Georgian AML legislation. Identity documents are retained for the period required by law. You may request deletion of data not subject to legal retention obligations.

7. Security

We implement industry-standard security measures including TLS encryption in transit, AES-256 encryption at rest, bcrypt password hashing, two-factor authentication, and regular security audits. Despite these measures, no system is 100% secure. Please use a strong, unique password and enable 2FA.

8. Your Rights

Under Georgian data protection law, you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of data not subject to retention obligations
  • Object to processing based on legitimate interests
  • Data portability (receive your data in a structured format)
  • Lodge a complaint with the Georgian Personal Data Protection Service

To exercise these rights, contact privacy@phoenixswap.ge

9. Cookies

We use only essential cookies required for authentication and security (session tokens, CSRF protection). We do not use tracking or advertising cookies.

10. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes via email or a prominent notice on the Platform. Continued use after notification constitutes acceptance of the updated policy.

11. Contact

Data Controller: Phoenix Financial Services LLC, Tbilisi, Georgia
Privacy enquiries: privacy@phoenixswap.ge