Privacy Policy
Last updated: 29 June 2026 · Effective for the website at alphamonnaies.io
This Policy covers the Alpha Monnaies marketing website only. A separate, fuller privacy notice will govern the Alpha Monnaies payment platform and is provided to each client during onboarding, before any personal data relating to production payment services is processed.
Alpha Monnaies is operated by VirtuVault Technologies EOOD, a company incorporated in Bulgaria (UIC 207524160) with its registered office at 49A Bulgaria Blvd, fl. 1, Triaditsa, Sofia 1404, Bulgaria, and operating offices in Switzerland and the United Arab Emirates (in this Policy, "Alpha Monnaies", "we", "us", "our"). For personal data collected through this website, VirtuVault Technologies EOOD is the data controller.
We are committed to protecting your privacy and complying with the EU General Data Protection Regulation (GDPR) and the Bulgarian Personal Data Protection Act (Закон за защита на личните данни). Where relevant to our offices and to visitors from those regions, we also have regard to the Swiss Federal Act on Data Protection (FADP) and the UAE Personal Data Protection Law (PDPL).
1. Scope of this Policy
This Policy applies to personal data we collect from visitors and prospective clients through the Alpha Monnaies website at alphamonnaies.io. It does not cover production payment, remittance, multi-currency-account, or card services — those are governed by the client agreement and the platform privacy notice provided during onboarding, which will supersede this Policy in respect of those services.
2. Personal data we collect
Through this website we collect a deliberately minimal set of personal data:
| Category | Examples | Source |
|---|---|---|
| Contact data | The email address you submit via our "Request access" form | Provided by you |
| Communications | Messages you send to hello@, privacy@, or security@alphamonnaies.io and our replies | Provided by you |
| Technical data | IP address, browser user-agent, request timestamps and referring URL — logged by our hosting provider for security and abuse prevention | Automatic |
We do not collect names, phone numbers, postal addresses, financial-account information, identity-document data, or biometric data through this website. We do not run advertising trackers and we do not build behavioural profiles.
3. How we collect it
- Directly from you — when you submit the access-request form or send us an email.
- Automatically — server logs at our hosting provider record technical data on each request as part of standard, secure web operations.
4. Purposes & legal bases
We use your personal data only for these purposes:
- To respond to your access request and enquiries, and to contact you about onboarding. Legal basis: steps taken at your request prior to entering into a contract (GDPR Art. 6(1)(b)) and our legitimate interest in developing client relationships (GDPR Art. 6(1)(f)).
- To send you product updates you have asked for. Legal basis: your consent (GDPR Art. 6(1)(a)), which you may withdraw at any time.
- To secure the website, prevent abuse, and meet legal obligations. Legal basis: legitimate interest (GDPR Art. 6(1)(f)) and legal obligation (GDPR Art. 6(1)(c)).
We will not use your personal data for any other purpose without your prior consent or another lawful basis.
5. Disclosure to third parties & processors
We do not sell personal data and we do not share it with third parties for their own marketing. We share personal data only with trusted service providers (processors) acting on our documented instructions under Art. 28 GDPR:
| Processor | Purpose | Location |
|---|---|---|
| Netlify, Inc. | Website hosting, content delivery, request logging | USA / global edge |
| Google Ireland Ltd / Google LLC (Workspace) | Email infrastructure for the alphamonnaies.io domain | EU / USA |
We may also disclose personal data where required by law, court order, or a valid request from a competent authority, or where necessary to establish, exercise, or defend legal claims, or to protect the rights, property, or safety of Alpha Monnaies, our clients, or the public.
6. International transfers
Because some of our processors operate global infrastructure, your personal data may be processed outside the European Economic Area, including in the United States. Where it is, we rely on an adequacy decision where one exists, on the European Commission's Standard Contractual Clauses, or on the EU–US Data Privacy Framework where the recipient is certified, together with appropriate supplementary measures. You may request a copy of the relevant safeguard by emailing privacy@alphamonnaies.io.
7. Retention
- Access-request email addresses — kept until onboarding or for up to 24 months from last contact, or until you ask us to delete them, whichever is earlier.
- Email correspondence — kept for up to 24 months unless a longer retention is required for legal or accounting purposes.
- Server logs — kept for up to 90 days for security and abuse prevention, then deleted or anonymised.
8. Your rights
Under the GDPR and Bulgarian data-protection law you have the right to:
- Access — obtain confirmation of, and a copy of, the personal data we hold about you.
- Rectification — have inaccurate or incomplete data corrected.
- Erasure — have your data deleted ("right to be forgotten"), subject to legal retention requirements.
- Restriction or objection — restrict or object to certain processing, including processing based on legitimate interest.
- Portability — receive your data in a structured, commonly used, machine-readable format.
- Withdraw consent — at any time, without affecting the lawfulness of processing before withdrawal.
- Lodge a complaint — with a supervisory authority (see below).
To exercise any of these rights, email privacy@alphamonnaies.io. We will respond within one month as required by GDPR Art. 12(3), extendable by two further months for complex requests, and may need to verify your identity first.
9. Security measures
We follow OWASP best practice and apply technical and organisational measures appropriate to the risk (GDPR Art. 32), including: HSTS-enforced HTTPS across the whole site, a strict Content Security Policy, X-Frame-Options: DENY against clickjacking, MIME-sniff blocking, no third-party tracking, least-privilege access to data, and incident-response procedures. See our Security Policy for detail.
10. Cookies & tracking
The Alpha Monnaies website does not set advertising or analytics cookies. We use localStorage only to remember two of your preferences — your chosen theme (light/dark) and language — both of which stay on your device and are never sent to us. Full detail is in our Cookie Policy.
11. Children
The Alpha Monnaies website and platform are intended for businesses and adults. We do not knowingly collect personal data from children under 18. If you believe we have inadvertently done so, contact privacy@alphamonnaies.io and we will delete it.
12. Changes to this Policy
We may update this Policy to reflect changes in law or our practices. We will revise the "Last updated" date and, for material changes, notify subscribers by email. The current version is always at alphamonnaies.io/privacy.html.
13. Contact & complaints
For any privacy question, request, or complaint, contact our data-protection contact:
VirtuVault Technologies EOOD — Privacy
49A Bulgaria Blvd, fl. 1, Triaditsa, Sofia 1404, Bulgaria
Email: privacy@alphamonnaies.io
If you are not satisfied with our response, you may complain to the Bulgarian Commission for Personal Data Protection (Комисия за защита на личните данни) at cpdp.bg, or to the supervisory authority in your country of residence. Visitors in Switzerland may contact the FDPIC; visitors in the UAE may contact the UAE Data Office.