Last updated: 27 January 2026
We, Vertex Capital Bank Limited dba as Bultra, 9 Turkey Lane, St. George, Roseau, Commonwealth of Dominica ("Vertex" or "us") are the operator of the website Bultra - Stablecoin-Powered Global Money Transfers ("Website") and are, unless otherwise stated in this Privacy Notice, responsible for the data processing described in this Privacy Notice.
Please take note of the information below to know what Personal Data we collect from you and for what purposes we use it. When it comes to data protection, we primarily adhere to the legal requirements of the Commonwealth of Dominica as well as the EU General Data Protection Regulation ("GDPR"), which may be applicable in individual cases.
This Privacy Notice explains what you can expect from us and what we need from you in relation to your Personal Data.
This Privacy Notice applies not only to the mere access and use of the Website, but to any Vertex Services, as defined below, regardless of how you access or use them, including through mobile devices.
We may amend this Privacy Notice at any time by posting the amended version on the Website including the effective date of the amended version. We will announce any material changes to this Privacy Notice via email. Other companies may be responsible for the specific data processing listed below under applicable data protection laws, or they may be jointly responsible with us. In these cases, the information provided by those companies is also relevant.
As used herein, the following terms are defined as follows:
A digital representation of value (also referred to as "cryptocurrency," "virtual currency," "digital currency," "crypto token," "crypto asset," or "digital commodity"), such as bitcoin, XRP or ether, which is based on the cryptographic protocol of a computer network that may be (i) centralized or decentralized, (ii) closed or open-source, and (iii) used as a medium of exchange and/or store of value.
A user-accessible account offered via the Vertex Services that allows users to view, manage, and track transactions involving Digital Assets, including the receipt of payments, conversion into fiat currency, and access to related Vertex Services.
Refers to all services provided by Vertex, including but not limited to: i) the Vertex Billing merchant invoicing solution, which enables businesses to accept cryptocurrency payments from clients and receive fiat currency instantly; ii) the provision of a secure business environment for safeguarding client funds; and iii) access to the Vertex Account for managing invoices, processing refunds, and monitoring transaction status. These services also include any access to or use of Vertex Website, platforms, and technologies.
Refers to any natural person under the age of 18.
Refers to any information relating to you, as an identified or identifiable natural person, including your name, an identification number, location data, or an online identifier or to one or more factors specific to the physical, economic, cultural or social identity of you as a natural person.
We are serious about guarding the privacy of your Personal Data and work hard to protect Vertex and you from unauthorized access to, or unauthorized alteration, disclosure, or destruction of Personal Data we collect and store. Measures we take include encryption with SSL; the availability of two-factor authentication at your discretion, and periodic review of our Personal Data collection, storage, and processing practices. We restrict access of your Personal Data only to those Vertex employees, affiliates, and subcontractors who have a legitimate business need for accessing such information. We continuously educate and train our employees about the importance of confidentiality and privacy of customer information. We maintain physical, electronic, and procedural safeguards that comply with the relevant laws and regulations to protect your Personal Data from unauthorized access.
Unfortunately, despite best practices and technical safeguards, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data during transmission, and any acts of transmission are at your own risk.
If you contact us through our contact addresses and channels (e.g., by e-mail or contact form), your Personal Data is processed. We process the Personal Data you provide us with, such as your name, email address, phone number, company and your request. Additionally, the time of receipt of the request will be documented. We process this Personal Data to address your request (e.g., providing information about Vertex Services, assisting with contract processing, incorporating your feedback into the improvement of Vertex Services, etc.).
If GDPR applies to this data processing, the legal basis for this data processing is our legitimate interest under Article 6(1)(f) of the GDPR in addressing your request or, if your request is aimed at the conclusion or performance of a contract, in the implementation of the necessary measures within the meaning of Article 6(1)(b) of the GDPR.
In order to use certain Vertex Services, you must first create a Vertex Account on the Website. For this purpose, we ask you to provide us with the name of the company you are acting on behalf, the country of registration, the default currency, and specific Personal Data about you, such as the username, first name, family name, e-mail, password. Mandatory information is marked with an asterisk (*).
To ensure you can enjoy all the functionalities and offers on our Website and the different Vertex Services, please provide complete and accurate information. Please be aware that failing to provide all the necessary information may limit the extent and quality of the Vertex Services we can provide to you.
We process this Personal Data to carry out our contractual obligations relating to you, including the fulfillment of your orders and trades, the operation of your Vertex Account and the provision of other Vertex Services requested by you. In addition, we use this information, together with other Personal Data collected about you, to verify your identity to protect against fraud, comply with financial crime laws, and to confirm your eligibility to use Vertex Services. Furthermore, we use this information, together with other Personal Data collected about you as specified in this Privacy Notice, to help us make better decisions about how we manage your Vertex Account. The email address serves as login data to ensure that the correct person uses the Website and the Vertex Services. We also need your email address for future communication with you.
If GDPR applies, the legal basis for this data processing is the performance of a contract pursuant to Article 6(1)(b) of the GDPR, and our legitimate interest in avoiding fraud, being compliant with applicable laws, managing the Vertex Accounts efficiently, and improving the Vertex Services pursuant to Article 6(1)(f) of the GDPR.
When you as customer of a merchant with a Vertex Account choose to pay for products or services using Digital Assets, we process certain Personal Data of you as a customer to facilitate the transaction. In this process, we may collect and process Personal Data such as your wallet address, transaction amount, time of payment, and technical identifiers necessary to associate the payment with the relevant merchant and transaction, as well as your full legal name, home address, including country of residence, email address, mobile phone number and date of birth. Vertex does not receive or store sensitive payment instrument data such as private keys.
If GDPR applies, the legal basis for this data processing is the performance of a contract pursuant to Article 6(1)(b) of the GDPR.
Please note that third-party service providers involved in the conversion and transfer process (e.g., liquidity providers or blockchain infrastructure providers) may also process your data independently. For more information on how these third parties handle your data, please refer to their respective privacy policies.
For processing payments made via Digital Assets, we use a digital payments service provider (the "Digital Payment Service Provider") based in the United Arab Emirates. As a result, your data may be stored in a database operated by the Digital Payment Service Provider, which may allow the Digital Payment Service Provider to access your data if necessary to provide the services. For more information about how third parties process your data and any potential international data transfers, please refer to Section 7 of this Privacy Notice.
Please note that the Digital Payment Service Provider may process some of this data for its own purposes (e.g., for sending marketing communications or conducting statistical analysis). In such cases, the Digital Payment Service Provider acts as the data controller and is responsible for ensuring that its processing activities comply with applicable data protection laws. We may collect additional Personal Data (such as proof of address, information about the source of funds, or transaction-related information) only to the extent necessary to comply with our legal obligations under applicable anti-money laundering (AML) and counter-terrorist financing laws, including but not limited to the European Union's AML Directives, the UK Money Laundering Regulations, and equivalent requirements under Dominican law. We will process this Personal Data solely for these compliance purposes, in line with the principles of data minimization and purpose limitation. The legal basis for this data processing is compliance with our legal obligations in accordance with Article 6(1)(c) of the GDPR, if the GDPR applies to this data processing.
We may receive Personal Data about you if you use any of the other websites we operate or the other services we provide. We are also working closely with third parties and may receive information about you from them. For example:
Credit reference agencies do not provide us with any Personal Data about you, but may be used to corroborate the data you have provided to us.
In providing the Personal Data of any individual (other than yourself) to us during your use of the Vertex Services, you promise that you have obtained consent from such individual to disclose his/her Personal Data to us, as well his/her consent to our collection, use and disclosure of such Personal Data for the purposes set out in this Privacy Notice.
We will store and link the Personal Data described in this Privacy Notice, i.e. your personal information, contact details, contract data, and your browsing behaviour on our Website in a central database. This allows for efficient management of customer data, enables us to adequately process your requests, and facilitates the efficient provision of the Vertex Services you requested, as well as the performance of the related contracts.
The legal basis for this data processing is our legitimate interest within the meaning of Article 6(1)(f) of the GDPR in the efficient management of user data, if GDPR applies.
We also analyse this data to further develop the Vertex Services based on your needs and to provide you with the most relevant information and offers. We also use methods that predict possible interests and future orders based on your use of our Website and the Vertex Services.
The legal basis for this data processing is our legitimate interest within the meaning of Article 6(1)(f) of the GDPR in carrying out marketing activities, if GDPR applies.
Without the support of other companies, we would not be able to provide Vertex Services in the desired form. To use the services of these companies, it is necessary to share your Personal Data with these companies to a certain extent. A disclosure of Personal Data is limited to selected third-party service providers and only to the extent necessary for the optimal provision of our services. Some of these third parties are already referenced throughout this Privacy Notice where relevant.
In addition, we may share your Personal Data with selected additional third parties including:
We may disclose your Personal Data to third parties when:
If you would like further information about who we have shared your Personal Data with, or to be provided with a list specific to you, you can request this by writing to info@Vertex.com
We have the right to transfer your Personal Data to third parties located abroad if it is necessary to carry out the data processing described in this Privacy Notice. Specific instances of such transfers are outlined in Sections 5, 6 and 11. In all cases, we ensure that these transfers comply with applicable legal requirements for international data disclosures. If you have any questions about the safeguards we apply, please contact us as indicated in Section 14.
We may in some instances use your Personal Data, such as your country of residence and trade history, in order to better address your needs. For example, if you frequently trade in a specific virtual currency, we may use this information to inform you of new product updates or features that may be useful for you. When we do this, we take all necessary measures to ensure that your privacy and security are protected, and we only use anonymous or de-identified data.
We may use Automated Decision Making (ADM) in order to improve your experience, or to help fight financial crime. For example, so that we can provide you with a fast and efficient service, we may use ADM to verify your identity documents, or to confirm the accuracy of the information you have provided to us. None of our ADM processes produce legal or similarly significant effects on you. All profiling and ADM activities are carried out in accordance with applicable data protection laws. Where required, you have the right to request human intervention, express your point of view, or contest a decision. The legal basis for this data processing is our legitimate interest in improving our services and ensuring compliance with applicable laws, in accordance with Article 6(1)(f) of the GDPR. Where required, we may rely on your consent. You may withdraw your consent at any time by contacting us through the channels provided in this Privacy Notice.
Your funding of bitcoin, XRP, ether, and other Digital Assets, may be recorded on a public blockchain. Public blockchains are distributed ledgers, intended to immutably record transactions across wide networks of computer systems. Many blockchains are open to forensic analysis which can lead to deanonymization and the unintentional revelation of private financial information, especially when blockchain data is combined with other data.
Because blockchains are decentralized or third-party networks which are not controlled or operated by Vertex or its affiliates, we are not able to erase, modify, or alter Personal Data from such networks.
Vertex is subject to various legal, compliance and reporting obligations, including BSA or national AML requirements (as defined above), we are required by law to store some of your Personal and transactional data beyond the closure of your Vertex Account with us. Your data is only accessed internally on a need to know basis, and it will only be accessed or processed if absolutely necessary. We will delete data that is no longer required by any relevant law or jurisdiction in which we operate.
When you visit our Website, the servers of our hosting provider temporarily store every access in a log file. The following data is collected without your intervention and stored by us until automatically deleted:
The collection and processing of this data is carried out for the purpose of enabling the use of our Website (establishing a connection), ensuring the long-term security and stability of the system, and enabling error and performance analysis and optimisation of our Website.
In case of an attack on the network infrastructure of the Website or suspicion of other unauthorised or improper use of the Website, the IP address and other data will be analysed for clarification and defence purposes; if necessary, they may be used in civil or criminal proceedings for the identification of the respective user.
The legal basis for this data processing is our legitimate interest within the meaning of Article 6(1)(f) of the GDPR in the purposes described above, if GDPR applies.
In addition to the log file data described above, location information may also be collected via your device settings or applications when using Vertex Services. You may be able to stop this collection through your device settings or by uninstalling our applications. However, please note that such data is used to meet legal requirements and for ongoing fraud and risk monitoring. Disabling location services may therefore affect the functionality and availability of the Vertex Services.
We use the services Google Fonts and Google Static, provided by Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, or Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (Google), to enhance the visual presentation and technical performance of our Website. When you access our Website, your browser may retrieve fonts and static resources (such as stylesheets or JavaScript libraries) directly from Google's servers. In doing so, technical data such as your IP address and browser information may be transmitted to Google. This may also result in a transfer of data to servers abroad, including the USA (for information on the absence of an adequate level of data protection and the proposed safeguards, see Section 7.2). For further information on how Google processes your data, please refer to Google's privacy policy.
The legal basis for this data processing is our legitimate interest within the meaning of Article 6(1)(f) of the GDPR in providing a user-friendly and up-to-date website, if GDPR applies. You can reject the data processing by selecting the respective browser settings.
If the legal requirements are met, as a data subject, you have the following rights with respect to data processing:
You have the right to correct any Personal Data we hold on you that is inaccurate, incorrect, or out of date.
You have the right to ask us to delete your Personal Data when it is no longer necessary, or no longer subject to a legal obligation to which Vertex is subject to.
You have the right to receive from us, free of charge, the Personal Data you have provided to us in a readable format.
You have the right to request that the processing of your Personal Data be restricted.
You have the right to object at any time to data processing, especially with regard to data processing related to direct marketing (e.g., marketing emails).
You have the right to withdraw your consent at any time. However, processing activities based on your consent in the past will not become unlawful due to your withdrawal.
Subject to applicable laws, you have the right to access Personal Data we hold about you. Your right of access can be exercised in accordance with the relevant data protection legislation. For further information, please contact info@Vertex.com
You have the right to lodge a complaint with a competent supervisory authority, e.g., against the manner in which your Personal Data is processed.
Vertex Services are not directed to Minors and we do not knowingly collect Personal Data from Minors. If we learn that we have inadvertently gathered Personal Data from a Minor, we will take legally permissible measures to remove that data from our records. Vertex will require the user to close his or her Vertex Account and will not allow the use of Vertex Services. If you are a parent or guardian of a Minor, and you become aware that a Minor has provided Personal Data to Vertex, please contact us at info@Vertex.com and you may request to exercise your rights.
Any questions, comments and requests regarding this Privacy Notice are welcomed and should be addressed to info@Vertex.com, including if you wish to exercise your rights under applicable data protection laws.