The BitBox02 hardware wallet provides you an easy solution to keep your coins secure. You own the keys and are in full control of your funds. But what about your sensitive personal data?
As a Swiss company, privacy is one of our core values. We have no idea how you use the BitBox02, how much you store on it and what you use your money for. This is by choice. To us, Bitcoin means financial freedom, and that includes valuing your privacy. In this post, we’ll shed light on specific principles we value and actions we take to fulfil that promise to you.
BitBoxApp and BitBox02
Data protection starts with our core products. When you use the BitBox02 through the BitBoxApp or any other compatible wallet, we make sure that it does not reveal more information than absolutely necessary.
Of course, a wallet needs to communicate with the blockchain of each coin in use:
- For Bitcoin, we run our own Electrum servers that are pre-configured in the BitBoxApp. Server logs are reduced to the bare minimum, with no wallet addresses recorded and IP addresses being anonymized. We also encourage our users to connect to their own Bitcoin nodes (also see our BitBox guide).
- For Ethereum, we use the Etherscan.io API to calculate balances, as well as send and receive transactions.
Other than that, the BitBoxApp only connects to our regular web server to check for updates (showing a banner in the app), and fetch currency exchange rates, without submitting any personal information. Our server backend needs to keep minimal log files for stable operations, but all IP addresses are either removed completely or anonymized automatically.
To increase privacy, you can select the option to route all communication through the Tor network, which obfuscates your internet address and physical location.
If you buy from us, of course we need to ship our products to you. You provide us with the shipping address in our own, self-hosted webshop. For operational reasons, we store that data up to 30 days. After this time frame the information is anonymised, which means all personally identifiable details are erased from our shop system.
Due to regulatory requirements we need to retain a copy of the order invoice for up to ten years: we keep these copies on an encrypted archive storage and they are not accessible by third party services.
For checkout data that never converted to an order, all information is deleted after 5 days.
Of course we accept your precious bitcoins if you want to exchange them for a BitBox02 or other products we offer. For that, we run our own BTCPay Server instance. To collect payments, it only needs an order id and the amount due, nothing else. Data minimization is the best form of data protection.
But we also fully understand if you don’t want to part with your beloved bitcoins and would rather hand over some dirty fiat. For that, we use Stripe as an external service provider. Again, we take care to only submit the data that is really needed. Stripe collects your name, credit card number, email address and shipping country, but we take care to not submit further details like billing or shipping addresses.
Our fulfilment tool acts as a middleman between our shop and shipping providers. It automates the creation of shipping labels, tracking links and writes the updated shipping status back to our shop to enable automated order status emails.
Order details like name, items and shipping address are needed in that context. Currently, we are in contact with our provider, requesting the option to purge old order data manually and to continue doing so in the future about once per month.
While Bitcoin is borderless and does not care about your import tax, shipping internationally can be a challenge. We strive for the best user experience, shipping quickly and taking care of all your import costs. We don’t want to claim false values on tax forms, as this can lead to many issues for our customers and increased scrutiny by customs authorities.
We use UPS as an external partner offering frictionless shipping and need to submit your shipping address to their system. We inquired about possibilities to purge customer details from their systems, but unfortunately, as is likely with most external partners, that’s not possible.
As a precaution, we avoid all potential trigger words when declaring your items. We ship as “Shift Switzerland” and use the most basic description of what the device is, declaring the BitBox as a “USB stick”.
We pride ourselves with quick and friendly customer support. If you reach out to us, you're assigned a support ticket number and the email conversation is stored in our self-hosted support system. This means that our support system contains sensitive personal information, particularly crypto transactions details and holdings linked to email addresses. We don’t want to hold this kind of information longer than necessary.
Once your case is successfully resolved, the support ticket is closed. If we don’t receive a reply within 7 days, the ticket is closed automatically. We will then erase personal data, all exchanged emails text and their attachments automatically 23 days after a ticket is closed.
Our email server deletes emails as soon as they're fetched by the support system. For outgoing emails, we disabled persistent storage altogether.
If you subscribe to any of our newsletters, the only data we save are your email address and name, or alias if you chose to use one when subscribing. We don’t store order data like physical addresses or specific products ordered on that platform. You can unsubscribe at any point and all your data will be deleted from our newsletter tool within 30 days.
We take great care to only collect data that we need and be transparent about it. For systems that contain sensitive information, we run them ourselves instead of using cloud services. And finally, we get rid of all sensitive data or anonymize it as soon as possible.
Don’t own a BitBox yet?
Keeping your crypto secure doesn't have to be hard. The BitBox02 hardware wallet stores the private keys for your cryptocurrencies offline. So you can manage your coins safely.
The BitBox02 also comes in Bitcoin-only version, featuring a radically focused firmware: less code means less attack surface, which further improves your security when only storing Bitcoin.
Shift Crypto is a privately held company based in Zurich, Switzerland. Our international team of specialists across engineering, cryptosecurity and Bitcoin core development build the BitBox products and provide consulting services. The BitBox02, a second generation hardware wallet, equips individuals to easily store, protect, and transact cryptocurrencies. Its companion, the BitBoxApp, provides an all-in-one solution to securely manage your digital assets with ease.