Last Updated: October 28, 2025 — Effective Date: October 28, 2025
At WowBat, we are committed to safeguarding your privacy while delivering innovative wallet services for users globally. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information when you engage with our Services, including our mobile application and related platforms (collectively, "Services"). By using our Services, you consent to the practices described herein. This policy complies with applicable laws, including the General Data Protection Regulation (GDPR), local regulations in Turkey and other jurisdictions, with a strong emphasis on Know Your Customer (KYC), Anti-Money Laundering (AML), and Countering the Financing of Terrorism (CFT) compliance.
We collect various categories of information to deliver our Services and meet legal obligations:
Full name, email address, phone number, date of birth, nationality, and identity verification documents (e.g., passport, driver's license, or government-issued ID). These are collected during account registration and KYC verification to comply with Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations, ensuring we verify your identity and prevent illicit activities. This information is processed by certified identity verification service providers who specialize in compliance and regulatory adherence.
Transaction histories (including timestamps, amounts, cryptocurrency addresses, and recipient details), wallet balances, conversion records, and payment metadata. This data is collected to facilitate cryptocurrency transactions, monitor activity for AML/CFT compliance, and maintain accurate transaction records.
Your wallet addresses, public keys, transaction hashes, and blockchain interactions.
IP addresses, browser type, operating system details, device identifiers, and application usage logs. These help us secure your account, detect suspicious activity, and optimize performance.
Details of your interactions with our Services, such as transaction frequency, conversion history, app navigation patterns, and feature usage, used to enhance user experience and identify potential risks.
Non-identifiable data derived from your usage, such as statistical trends, for analytics and service improvements.
We collect this information when you register an account, complete KYC verification, initiate transactions, contact support, or interact with our website or app.
We process your information for the following purposes:
To facilitate cryptocurrency transactions, enable wallet management, provide on-ramp services (fiat-to-crypto conversion), and ensure the security and functionality of our wallet platform.
We use your personal identification information to verify your identity during onboarding and periodically thereafter, as required by financial regulations in Turkey, the EU, and other applicable jurisdictions. This verification is conducted by certified identity verification service providers. This helps us prevent identity theft, unauthorized account use, and ensure compliance with regulatory requirements.
We analyze financial and technical data (e.g., wallet addresses, transaction patterns, cryptocurrency sources) to detect and prevent money laundering, terrorist financing, sanctions evasion, or other illegal activities. This includes monitoring for:
This monitoring is conducted in line with guidelines from the Financial Action Task Force (FATF), Turkish financial regulations, and international standards. We may flag, freeze, or report transactions to authorities if suspicious activity is detected, as mandated by law.
To protect your account and our platform from fraud, cyberattacks, or unauthorized access, leveraging technical data and real-time monitoring tools.
To analyze usage patterns, troubleshoot issues, and enhance our app's functionality, user interface, and customer support processes.
To send transactional notifications (e.g., transaction confirmations, security alerts), service updates, and, with your explicit consent, promotional materials about new features or services. We may use anonymized data for statistical analysis, research, or to develop new features without identifying you personally.
We may share your information with the following entities under strict conditions to operate our Services effectively:
Your personal identification information and financial data are shared with certified identity verification service providers to perform identity verification, conduct KYC checks, and monitor transactions for AML/CFT compliance. These providers screen your information against compliance databases and monitor for suspicious patterns to ensure regulatory adherence.
To facilitate fiat-to-crypto conversion, merchant payments, and currency exchange services, we partner with licensed financial service providers who hold appropriate regulatory authorizations in their respective jurisdictions. These partners:
Your financial transaction data and wallet information are shared with these partners to the extent necessary to facilitate the requested services.
We collaborate with trusted third parties to support our wallet platform:
All third-party providers are carefully vetted, bound by confidentiality agreements, and required to comply with applicable data protection laws. We conduct regular audits to ensure their adherence to these standards.
We share data when required by law, court orders, or to cooperate with fraud prevention agencies in jurisdictions including Turkey, the EU, and internationally. For AML/CFT purposes, this may include submitting reports to regulators, disclosing personal and financial information to meet tax, AML, or sanctions obligations.
With your explicit permission, we may share data with additional third parties or service providers.
Data may be transferred internationally (e.g., to the United States, EU, or other regions) for processing by these third parties. We use Standard Contractual Clauses (SCCs), encryption, and contractual safeguards to ensure equivalent protection, meeting GDPR and other international standards.
We do not share your account numbers, wallet addresses, or personal data with non-affiliated third parties for marketing purposes without your explicit consent. You may opt out of non-essential data sharing at any time by contacting privacy@wowbat.asia.
We implement robust security practices to protect your data, critical for KYC/AML/CFT compliance and safeguarding your digital assets:
All stored data is encrypted using industry-standard encryption protocols (such as AES-256), and data in transit uses Transport Layer Security (TLS) 1.2 or higher to prevent interception.
Multi-factor authentication (MFA) is available for account access and high-value transactions, reducing the risk of unauthorized use.
WowBat provides secure wallet infrastructure and technology. You are responsible for securing your account credentials and maintaining device-level security.
Real-time transaction monitoring systems analyze patterns to detect suspicious activities related to AML/CFT, supported by regular security audits conducted by independent experts.
Our servers and backups are housed in secure facilities with restricted access to prevent physical breaches.
We recommend users maintain updated security on their devices, use strong passwords, and enable device-level security features.
Despite these measures, no system is entirely immune to breaches. In case of a significant data incident impacting sensitive information, we will notify you and relevant authorities promptly, as required by law.
At WowBat, we prioritize the security and integrity of our platform by proactively identifying and managing suspicious funds to protect our users and comply with Anti-Money Laundering (AML) and Countering the Financing of Terrorism (CFT) regulations.
We continuously monitor cryptocurrency transactions and wallet addresses for potential risks associated with:
Transactions and wallets with low risk profiles proceed normally without interruption, ensuring a seamless experience for legitimate users.
Transactions or wallets with moderate risk are flagged for additional monitoring. We observe patterns and activities over time to assess potential risks without imposing immediate restrictions. If patterns escalate or additional verification is needed, we may request voluntary clarification from the user (e.g., additional documentation) or conduct enhanced due diligence.
Transactions identified as high risk are subject to immediate action, including:
If your transaction or wallet is flagged, you will be contacted at support@wowbat.asia with clear instructions to resolve the issue. Funds are released promptly once compliance is verified, ensuring minimal disruption for legitimate users.
We regularly review our risk assessment methodology and adjust our thresholds in response to emerging fraud patterns, regulatory updates, or technological advancements.
We retain your personal data only as long as necessary:
Data is kept while your account remains active to ensure uninterrupted service and ongoing KYC/AML monitoring.
After account deactivation, we retain data for up to 5–7 years to comply with legal obligations (e.g., AML/CFT record-keeping requirements under international standards, tax laws, regulatory requirements in Turkey and other jurisdictions) or resolve disputes, unless a longer period is mandated by specific jurisdictions.
Post-retention, data is securely deleted or anonymized. You may request earlier deletion where no legal obligation exists, though KYC/AML records may be exempt due to regulatory requirements.
Data recorded on blockchain networks is permanent and immutable. We cannot delete or modify blockchain transaction records.
You have extensive rights over your personal data, balanced with our legal obligations:
Request a copy of your data, including KYC/AML records, in a machine-readable format.
Correct inaccurate or incomplete information, such as outdated personal details or identification information.
Request deletion of your data, subject to KYC/AML retention requirements and other legal obligations.
Obtain your data for transfer to another service, excluding certain compliance-related records.
Oppose certain types of processing, though AML/CFT monitoring may continue as required by law.
Revoke consent at any time, though this may limit service access or require account closure if KYC/AML obligations cannot be met.
To exercise these rights, contact our Privacy Officer at privacy@wowbat.asia. We will respond within 30 days per GDPR standards, unless delayed by legal investigations or compliance requirements.
We may send you promotional messages about new features, services, or partnerships if you opt in during registration or later. To unsubscribe, email privacy@wowbat.asia or use the "unsubscribe" link in our communications.
We adhere to a robust framework of laws, with a focus on KYC/AML/CFT:
Ensures lawful processing, transparency, and data rights for European users.
Complies with Turkish privacy and data protection requirements as the company is registered in Turkey.
Complies with regulations in countries where our Services are available, including AML/CFT requirements.
Guides our global AML/CFT practices, ensuring we combat money laundering and terrorist financing effectively.
Our legal basis for processing includes your consent, contractual necessity (e.g., providing wallet services), and compliance with legal obligations.
As a global service, your data may be transferred to jurisdictions outside your residence (e.g., servers in multiple regions) for processing by these third parties. We use Standard Contractual Clauses (SCCs), encryption, and contractual safeguards to ensure equivalent protection, meeting GDPR and other international standards.
When you access our website or use our Services, we may use cookies and similar technologies to improve your experience and ensure the security of your account. Cookies are small data files that your browser saves on your device when you visit our site. These cookies help us recognize you as a user, understand how you interact with our Services, and provide a more personalized experience. They also assist us in maintaining the security of your account by detecting irregular or suspicious activities.
We use cookies for several purposes, including:
Some cookies are temporary and expire when you close your browser, while others may remain on your device for a longer period until they expire or you delete them.
You can choose to disable cookies through your browser settings, but please note that doing so may affect the functionality of our Services or your overall user experience. Additionally, some browsers offer a "Do Not Track" (DNT) feature. At this time, our Services do not respond to DNT signals, but you can manage your cookie preferences directly via your browser.
We may revise this policy to reflect legal, operational, or technological changes. Updates will be posted at wowbat.asia and, if significant, notified via email or app alerts. Continued use of our Services after updates implies acceptance of the revised terms.
Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from minors. If we become aware that we have collected data from a minor, we will take steps to delete such information promptly.
Our Services may contain links to third-party websites and services. WowBat is not responsible for the privacy practices of these third-party sites. We encourage you to review the privacy policies of any third-party services before providing your information.
For questions, concerns, or to exercise your rights, reach out to:
General Inquiries:
contact@wowbat.asia
Privacy Requests:
privacy@wowbat.asia
Support:
support@wowbat.asia
Registered Address:
WIN WIN ORGANIZASYON VE DANIŞMANLIK LİMİTED ŞİRKETİ
Aksaray Mah. Koçibey Sk. Özel İşhanı No: 2 İç Kapı No: 11
Fatih, Istanbul, Turkey
Company Registration No. 414233-5
Website:
wowbat.asia
For data protection matters, you may contact our Data Protection Officer at:
Email:dpo@wowbat.asia
Last Updated: October 28, 2025 — Effective Date: October 28, 2025