ES/EN
Sign in

Privacy Notice

Last updated: November 2025

In accordance with the Federal Law on Protection of Personal Data Held by Private Parties (effective as of March 21, 2025) and other applicable regulations, TETHER MART S.A.P.I. DE C.V. (“DIGIMBIT”) provides the following Privacy Notice to data subjects.

I. Identity and address of the data controller

DIGIMBIT, incorporated under Mexican law, with fiscal address at Av. Rodolfo Gaona N°3, Piso 5 Int. 502, Colonia Lomas De Sotelo, Alcaldía Miguel Hidalgo, C.P. 11200, Ciudad de México, and contact email enlace@digimbit.com, is responsible for the processing of your personal data.

II. Categories of personal data processed

A) Identification data (necessary for the contractual relationship)

  • Full name and surname(s).
  • Date and place of birth.
  • Nationality and official ID documents.
  • Tax ID (RFC) and CURP.
  • Full residential address.

B) Contact data (necessary for the contractual relationship)

  • Phone numbers.
  • Email addresses.
  • Social media accounts linked to your account.

III. Purposes of data processing

Necessary purposes (legitimate interest / do not require consent)

  • To identify and authenticate users and prevent identity theft.
  • To comply with legal obligations, including those arising from the Fintech Law and anti–money–laundering and tax regulations.
  • To execute contracts and process exchanges, transfers and operations in which you participate.
  • To implement cybersecurity measures and fraud–prevention controls.
  • To manage risk, including credit and operational risk evaluations following internal methodologies.

Voluntary purposes (require express consent)

  • To conduct market analysis and studies on trends in cryptocurrencies and investment behaviour.
  • To send personalized marketing communications and recommendations about virtual assets.
  • To improve services through usability and preference analysis.
  • To develop new financial products, including those based on artificial intelligence.
  • To send newsletters and educational content related to blockchain and virtual assets.

IV. ARCO rights and mechanisms to exercise them

You may exercise your ARCO rights (Access, Rectification, Cancellation and Opposition) at any time with respect to your personal data.

Requests may be submitted in writing to DIGIMBIT's Data Protection Department through the following means:

Data Protection Department.

Address: Av. Rodolfo Gaona N°3, Piso 5 Int. 502, Colonia Lomas De Sotelo, Alcaldía Miguel Hidalgo, C.P. 11200, Ciudad de México.

Email: enlace@digimbit.com.

Your request must include at least the following information:

  • Full name and address or other means to communicate the response.
  • Documents proving your identity or, where applicable, that of your legal representative.
  • A clear and precise description of the personal data for which you wish to exercise ARCO rights and the specific right you intend to exercise.

DIGIMBIT will respond within a maximum period of 20 business days from receipt of the request, and, if applicable, will have an additional 15 business days to enforce the right requested.

V. Personal data transfers

Collected personal data may be managed or transferred, as intermediaries or processors, to third parties that collaborate in the provision of DIGIMBIT's services. Such third parties will only access the information necessary to perform their tasks and will be bound by confidentiality and data–protection obligations equivalent to those set out in this Privacy Notice.

National transfers

  • Mexican banking institutions for payment processing and verification.
  • National providers of technological and blockchain–infrastructure services that support platform operations.

International transfers

  • Crypto–asset exchanges located in jurisdictions such as the United States and the European Union for executing crypto operations.
  • International custodians or digital–asset safekeeping providers.
  • Companies specialized in risk analysis and regulatory compliance for crypto transactions.

All transfers are carried out under contracts that ensure confidentiality, integrity and a level of protection equivalent to that provided by this Privacy Notice and applicable Mexican legislation.

VI. Security measures and confidentiality

DIGIMBIT implements technical, administrative and physical security measures to protect personal data against loss, misuse, alteration, unauthorized access and disclosure. These include, among others:

  • End–to–end encryption using modern cryptographic protocols.
  • Multi–factor authentication and SSL/TLS certificates.
  • Intrusion–detection systems and continuous monitoring.
  • Automated backups with geographic redundancy.
  • Access controls based on the “need–to–know” principle.
  • Periodic staff training on data protection and security.
  • Confidentiality agreements with all personnel handling personal data.

VII. Cookies and tracking technologies

Our website uses technical, analytics and advertising cookies. You can configure or disable cookies in your browser settings. Certain cookies are essential for proper operation of the platform.

Analytics cookies (for example, Google Analytics) are used to obtain aggregated metrics on usage and performance of the site.

VIII. Data retention and deletion

Personal data will be retained for approximately the following periods:

  • Identification data: up to 10 years after the end of the contractual relationship.
  • Financial information: up to 7 years, in accordance with applicable tax provisions.
  • Transaction records: up to 5 years, in accordance with anti–money–laundering regulations.

Once these periods expire, the data will be blocked and subsequently deleted in a secure manner, unless a longer retention period is required by law.

IX. Automated decisions and profiling

DIGIMBIT may use algorithms and artificial–intelligence models to support automated decision–making and profiling for purposes such as risk evaluation, fraud detection and personalized recommendations.

You have the right to request human review of any decision that is based solely on automated processing and that produces legal effects or significantly affects you, and to express your point of view and contest such decisions.

X. Notification of security breaches

In the event of a security breach affecting personal data, DIGIMBIT will notify affected data subjects within 72 hours of becoming aware of the incident, via email and/or message in the platform, indicating the nature of the breach, the data involved (where possible), measures taken and recommendations for protecting their interests.

XI. Changes to this Privacy Notice

DIGIMBIT may modify or update this Privacy Notice at any time. Changes will be published on the official website and, where appropriate, communicated through the registered contact channels.

Continued use of the services after publication of modifications will be understood as acceptance of the updated Privacy Notice.

XII. Supervisory authority

If you have questions or concerns regarding the processing of your personal data, you may contact the competent authority in Mexico responsible for supervising compliance with data–protection regulations, in accordance with the applicable legal framework.

XIII. Applicable law and jurisdiction

This Privacy Notice is governed by the Federal Law on Protection of Personal Data Held by Private Parties, as well as, where applicable, the Fintech Law, the Federal Law for the Prevention and Identification of Transactions with Illicit Funds and other relevant regulations.

By using our services, you acknowledge that you have read and understood this Privacy Notice and consent to the processing of your personal data under the terms described herein.