← Back
Version: 21.04.2026

Privacy Policy

THEBOT – www.the-bot.io
Pursuant to Art. 13 / 14 GDPR (EU) 2016/679 · Version: 21.04.2026

1. Controller within the meaning of the GDPR

Company: DIGITARGET LTD
Legal form: Private Company Limited by Shares / Ltd.
Address: JASMINE GARDENS, VILLAS, 8036, Paphos, Republic of Cyprus
Registration number: HE-488535
E-mail: thebot.io@gmx.net
Website: www.the-bot.io
Data protection contact: thebot.io@gmx.net

If you have any questions regarding data protection or would like to exercise your rights, please contact us by e-mail at: thebot.io@gmx.net. We will respond to your request within 30 days.

2. Principles of data processing

We process personal data only within the framework of the statutory provisions of the General Data Protection Regulation (GDPR), the Cypriot Data Protection Act, as well as other applicable EU data protection regulations. Personal data means all information relating to an identified or identifiable natural person.

We only process your data if one of the following legal bases pursuant to Art. 6 para. 1 GDPR applies:

3. Data collection when visiting the website

3.1 Server log files

When accessing our website www.the-bot.io, the hosting provider automatically collects and stores information in so-called server log files, which your browser automatically transmits. These include in particular:

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest in the security and operation of the website). The log files are generally deleted automatically after 7 to 30 days.

3.2 Cookies

Our website uses cookies, i.e. small text files that are stored on your end device. There are:

You can deactivate or delete cookies in your browser at any time. Please note that this may mean certain functions of the website are no longer fully usable.

4. Registration and use of the dashboard

4.1 Creation and management of your user account

Registration is required to use the THEBOT dashboard. In doing so, we process the following data:

Legal basis: Art. 6 para. 1 lit. b GDPR (performance of a contract). Storage period: for the duration of the contractual relationship plus the statutory retention periods (generally 7 years after the end of the contract for accounting-relevant data).

4.2 API key connection to the exchange

To connect THEBOT to your exchange account, your API key file (API key, API secret and, depending on the exchange, API passphrase) is required. The following applies:

Legal basis: Art. 6 para. 1 lit. b GDPR (performance of a contract).

4.3 Trading data and activity logs

As part of the operation of the bot, technical log data is collected, in particular:

This data serves error diagnosis, technical improvement of the product, and the provision of your trading history in the dashboard. Legal basis: Art. 6 para. 1 lit. b and f GDPR.

5. Payment processing – Whop

Payment processing for THEBOT subscriptions is carried out exclusively via Whop Marketplace Inc. (hereinafter “Whop”). When you click on “Subscribe to THEBOT”, you will be redirected to Whop.

DIGITARGET LTD does not process, store, or have access at any time to your payment data (in particular credit card numbers, bank account numbers, or other payment information). This data is processed fully and exclusively by Whop.

Service: Whop Marketplace Inc.
Purpose: Payment processing, subscription management
Data: Payment data, if applicable name/e-mail for invoicing
Legal basis: Art. 6 para. 1 lit. b GDPR
Whop privacy policy: https://whop.com/privacy
Registered office: USA (with EU protection mechanisms, if applicable SCCs)

If Whop transfers data to the USA or other third countries, this is done on the basis of the EU Standard Contractual Clauses (SCCs) pursuant to Art. 46 para. 2 lit. c GDPR. Further information can be found in Whop’s privacy policy.

6. Contact by e-mail

If you contact us by e-mail (thebot.io@gmx.net), we process the data you provide to us (in particular your e-mail address, your name and the content of your message) for the purpose of handling your request.

Legal basis: Art. 6 para. 1 lit. b GDPR (pre-contractual or contractual measures) or Art. 6 para. 1 lit. f GDPR (legitimate interest in customer support). The data will be deleted as soon as it is no longer required for handling your request, unless statutory retention obligations prevent deletion.

7. Disclosure of personal data to third parties

Your personal data will only be disclosed to third parties in the following cases:

We do not sell your personal data and do not pass it on to third parties for advertising purposes.

8. Data transfer to third countries

Insofar as we pass on data to services that are based outside the EU/EEA (in particular Whop Marketplace Inc. based in the USA), this is done on the basis of appropriate safeguards pursuant to Art. 46 GDPR, in particular the EU Standard Contractual Clauses (Standard Contractual Clauses, SCCs). We ensure that the level of protection of your data corresponds to that of the GDPR.

9. Storage period

Account data: Duration of the subscription + 3 years (limitation periods)
Accounting data: 7 years from creation (statutory retention)
API keys: Deletion upon subscription cancellation
Trading logs: Duration of the subscription + 1 year
Server log files: 7-30 days (automatic)
E-mail communication: 2 years after completion of the matter
Cookies (techn. necessary): End of session or max. 12 months

After expiry of the respective storage period, your data will be deleted or anonymized, unless a statutory retention obligation prevents deletion.

10. Your rights as a data subject

Under the GDPR, you have the following rights vis-à-vis the controller:

11. Competent data protection supervisory authority

As the provider is based in the Republic of Cyprus, the competent data protection supervisory authority is:

Authority: Commissioner for Personal Data Protection (CPDP)
Address: 1 Iasonos Street, 1082 Nicosia, Cyprus
Website: https://www.dataprotection.gov.cy
E-mail: commissioner@dataprotection.gov.cy
Telephone: +357 22 818 456

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with the above supervisory authority if you believe that the processing of your personal data violates the GDPR.

If you have your habitual residence in another EU Member State, you may alternatively contact the data protection authority of your country of residence.

12. Data security

We use technical and organizational measures to protect your personal data against accidental or intentional manipulation, loss, destruction, or unauthorized access. These include:

In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will inform you without undue delay and in accordance with Art. 34 GDPR.

13. Minors

THEBOT is intended exclusively for persons who have reached the age of 18. We do not knowingly collect personal data from minors. If we become aware that a minor has transmitted data, we will delete it without undue delay.

14. Changes to this privacy policy

We reserve the right to amend this privacy policy at any time with effect for the future in order to adapt it to changed legal situations, technical developments, or new processing activities. The current version is always available at www.the-bot.io/datenschutz. We will notify you of significant changes by e-mail or by a prominent notice on the website.

Complaint Procedure

THEBOT – Complaint Procedure
Pursuant to EU ADR Directive 2013/11/EU · EU ODR Regulation No. 524/2013 · Version: 21.04.2026

1. Scope and purpose

This complaint procedure describes how customers of DIGITARGET LTD (hereinafter “provider”) can submit a complaint and how the provider handles it. It applies to all users of the THEBOT SaaS subscription, regardless of their country of residence within the European Union.

The aim of this procedure is the transparent, fair and efficient handling of complaints, without customers having to immediately resort to external legal remedies. The provider undertakes to seriously examine every complaint and provide a reasoned response.

2. What counts as a complaint?

A complaint is any expression of dissatisfaction by a customer relating to:

Trading losses do not constitute a subject of complaint within the meaning of this procedure, as the provider is not a financial service provider and accepts no liability for trading results (cf. Terms and Conditions § 9).

3. How and where can a complaint be submitted?

3.1 Primary channel – Discord support ticket (preferred)

The preferred way to submit complaints is a support ticket in our Discord server. Discord enables fast, direct and traceable communication.

3.2 Alternative channel – E-mail

If Discord is not possible, a complaint may also be submitted by e-mail:

E-mail: thebot.io@gmx.net
Subject: Complaint – [brief description]
Response time: no later than within 14 working days.

3.3 Required information upon submission

To enable prompt processing, we kindly ask you to provide the following information:

4. Complaint handling process

Receipt: Complaint via Discord or e-mail
Initial review: 5 working days – Substantive review and, if applicable, follow-up questions to the customer
Processing: 14 working days – In-depth analysis and, if applicable, technical investigation
Response: approx. 15 working days – Written, reasoned response with decision / proposed solution

The provider undertakes to respond to every complaint within approx. 15 working days from receipt with a reasoned statement. In the case of complex matters, this period may be extended to a maximum of 35 working days; in this case, the customer will be informed about the delay and the expected completion.

5. Internal escalation

If the customer is not satisfied with the initial response, they may request escalation to management. The request must include the following:

Management will review the matter independently and provide a final statement within 15 working days.

6. External dispute resolution

6.1 EU Online Dispute Resolution platform (ODR platform)

If complaints cannot be resolved internally, consumers have access to the European Online Dispute Resolution platform:

EU ODR platform
URL: https://ec.europa.eu/consumers/odr/
Provider’s e-mail for ODR proceedings: thebot.io@gmx.net

The ODR platform provides an out-of-court procedure for resolving disputes between consumers and online traders.

6.2 Data protection complaints

In the case of complaints relating to data protection, customers may contact the competent data protection supervisory authority directly:

Data Protection Authority Cyprus
Commissioner for Personal Data Protection (CPDP)
1 Iasonos Street, 1082 Nicosia, Cyprus
Website: https://www.dataprotection.gov.cy
E-mail: commissioner@dataprotection.gov.cy

6.3 Note regarding participation in conciliation procedures

The provider is neither obliged nor willing to participate in dispute resolution proceedings before a consumer arbitration board, unless the provider voluntarily decides to do so in an individual case. The use of the EU ODR platform and legal recourse remain unaffected by this.

7. Publication and findability

This complaint procedure is available at:

The ODR platform link is published in the legal notice at www.the-bot.io.

8. Changes to this procedure

The provider reserves the right to amend this complaint procedure at any time. The current version is available on the website. Customers will be informed of significant changes.