Privacy Policy.

Privacy is not a setting we offer. It is the posture the firm operates from. We compartmentalize case applications. We encrypt communications. We collect only what the engagement requires. These are how we run, not how we market.

Plainly stated.

• We do not sell your personal information. Not to anyone. Not ever.
• We do not run advertising trackers, retargeting pixels, or session recording. Analytics is cookie-less Plausible.
• We collect what the engagement requires; application documents are deleted within 90 days of completion.
• Sensitive communications travel over PGP and Signal; encryption is the default, not the upgrade.
• Case files are compartmentalized at the wallet, document, and advisor layer; one engagement does not see another.

The clauses below are the binding legal text. If a line ever conflicts with this summary, the binding text governs.

1. Introduction

This Privacy Policy ("Policy") describes how passport.sv, a service operated by Bitcitizen LLC ("Bitcitizen," "we," "us," or "our"), collects, uses, shares, and protects personal information when you access or use the passport.sv website located at passport.sv and any related pages, forms, scheduling links, tools, or communications (collectively, the "Website"), and when you engage any citizenship-by-investment advisory services we offer (the "Services"). passport.sv operates as 21 CBI, a Licensed Agent of The Bitcoin Office of El Salvador.

passport.sv is part of the Bitcitizen ecosystem. This Policy is part of a legal framework that includes our Terms of Service and Cookie Policy, and it is designed to operate alongside the Bitcitizen LLC Privacy Policy (available at bitcitizen.io/privacy) and Terms of Service (available at bitcitizen.io/terms). Where this Policy addresses a matter specific to passport.sv, this Policy controls. For matters not specifically addressed here, the Bitcitizen LLC Privacy Policy applies.

By accessing or using the Website or Services, you acknowledge that you have read and understood this Policy. If you do not agree with this Policy, do not use the Website or Services.

This document is not legal advice. You remain responsible for your own legal, tax, and regulatory obligations in all applicable jurisdictions. In particular, a second citizenship does not change your home-country tax obligations; US citizens remain subject to FATCA and worldwide income reporting regardless of a second citizenship.

2. Information we collect

2.1 Information you provide directly

• Contact information (name, email, and optionally your company).
• The Freedom Passport Brief request (name and email).
• Booking screener and program-fit answers (family configuration, where you are with the capital, your timeline, and preferred contact channel).
• Engagement documents (passport copies, birth certificates, residency proofs, on-chain source-of-funds artifacts for the BTC or USDT contribution, and similar), provided after an engagement begins.
• Communications via email.
• Payment metadata (Bitcoin, Lightning, and USDT transaction references for advisory invoices; card-payment references where a card is used for the advisory fee).

2.2 Information collected automatically

• Device and browser information.
• Aggregate usage data (page views, navigation paths) via cookie-less Plausible Analytics.
• IP address and approximate geolocation, retained only for security and rate limiting.
• Local storage state for on-site tools (the calculator currency unit, the program-fit gate, and a lead queue), held on your device until you submit. See Section 7.

2.3 Information from third parties

• Government agencies that process your El Salvador file, principally The Bitcoin Office and the Dirección General de Migración y Extranjería (DGME).
• Licensed local partners and attorneys in El Salvador.
• Scheduling provider (Calendly booking confirmations) and, where a card is used for the advisory fee, the payment processor's charge metadata.
• Analytics provider (aggregate page-view counts via Plausible Analytics).

3. How we use your information

We use the information we collect for the following purposes:

• To provide and deliver the Services you request.
• To respond to your inquiries and provide client support.
• To return results from our on-site tools (the Bitcoin pricing calculator and the program-fit screener), which run in your browser.
• To communicate with you about your engagement, application, or scheduled call.
• To send you the Freedom Passport Brief you requested, then a short follow-up sequence about the program, which you can leave at any time using the one-click unsubscribe link in every email. We run no open-ended marketing list and we do not sell or rent your data.
• To improve the Website, the Services, and the user experience.
• To comply with legal, regulatory, and sanctions obligations, including screening that excludes nationals of Cuba, North Korea, Iran, or Syria, residents of Crimea, Donetsk, Luhansk, Kherson, or Zaporizhzhia, and OFAC-sanctioned persons.
• To protect our rights, your safety, or the safety of others.

Where the legal basis for processing is consent (for example, requesting the Freedom Passport Brief), you may withdraw that consent at any time. Where the basis is contract performance (engagement delivery), legal obligation (sanctions screening), or legitimate interest (security, fraud prevention), we process accordingly and document the basis on request.

4. How we share your information

We do not sell your personal information.

4.1 Within the Bitcitizen ecosystem

We may share information with other services within the Bitcitizen ecosystem to deliver integrated services, maintain consistent account management, and route cross-domain referrals (for example, US-renunciation matters routed to exit.ly). Sharing is on a need-to-know basis; no ecosystem service receives more than the engagement requires.

4.2 With government authorities

When you engage our Services for an El Salvador Freedom Passport application, we share your personal information and application documents with the relevant government authorities as required by the application process. For this program, those authorities are The Bitcoin Office and the Dirección General de Migración y Extranjería (DGME), together with any licensed local partner that supports your file. Submission and processing do not constitute pre-approval; the decision belongs to the Government of El Salvador.

4.3 With local partners

We work with licensed local partners, attorneys, and service providers in El Salvador to assemble and lodge your file. We share only the information necessary to complete the services you have engaged.

4.4 With service providers

We use a small set of third-party processors to operate the Website and Services. Each is named below with its role; sub-processor lists are available on request.

• Same-origin lead and contact endpoint: the Brief request, the booking screener, and the contact form submit to an endpoint on passport.sv itself, under Bitcitizen LLC’s direct operational control. There is no third-party form host.
• Transactional email: delivery of the Freedom Passport Brief and our replies.
• Calendly: scheduling, when you book a strategy call.
• Plausible Analytics: cookie-less, EU-hosted, aggregate page-view counts.
• Payment processor: card-payment processing for the advisory fee, where a card payment is offered.
• CoinGecko and an ECB-aligned exchange-rate feed: live Bitcoin pricing and currency conversion on the site.
• Self-hosted infrastructure: the site and its lead records run on a dedicated server under Bitcitizen LLC’s direct operational control.

4.5 Legal requirements

We may disclose your information if required to do so by law, regulation, legal process, or governmental request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4.6 Business transfers

If Bitcitizen LLC or passport.sv is involved in a merger, acquisition, or sale of assets, your personal information may be transferred as part of that transaction. We will notify you of any change in ownership or control of your personal information.

5. Data security

We implement technical and organizational measures that match the sensitivity of the data the firm handles. The controls below are what we actually run, not aspirational language.

• Encryption in transit. HTTPS with Transport Layer Security (TLS) 1.2 or higher on all web traffic; HTTP Strict Transport Security (HSTS) preload; modern ciphers only.
• Encryption at rest. All persisted personal data is encrypted at rest at the storage layer.
• End-to-end encrypted communications. Sensitive communications travel over PGP (for email) and Signal (for messaging). PGP keys and Signal handles are published on request.
• Hardware-key second factor. Administrative access to client systems requires strong authentication and a hardware security key (FIDO2 / WebAuthn).
• Compartmentalized case handling. Each engagement is isolated at the file, wallet, and advisor layer. No shared client database is exposed across engagements; one client’s application does not see another.
• Minimum-necessary data retention. Inquiry data, application documents, and analytics are retained per the schedule in Section 8 and deleted on schedule.
• Content Security Policy and security headers. Strict CSP, X-Content-Type-Options, Referrer-Policy, and Permissions-Policy are set at the edge; violations are logged.
• Audit logging. Administrative actions on client records are logged with actor, action, and timestamp; logs are retained for incident review.
• Settlement posture. The $1,000,000 government contribution settles in BTC or USDT directly to the government wallet; the firm does not custody the contribution. The advisory fee, where received in Bitcoin or Lightning, is received into wallets the firm self-custodies.

No method of transmission over the internet or electronic storage is ever absolutely secure. We commit to applying the controls above and to disclosing any material incident affecting your personal data without undue delay.

6. International data transfers

Bitcitizen LLC is registered in the State of Wyoming, United States. By using the Website or Services, your information may be transferred to, stored, and processed in the United States and in any country where the program jurisdiction, a licensed local partner, or a service provider is located. The program jurisdiction is the Republic of El Salvador.

If you are located in the European Economic Area (EEA), the United Kingdom, or another jurisdiction with cross-border data protection rules, we carry out transfers of your personal information in accordance with applicable law, including the General Data Protection Regulation (GDPR) and the UK GDPR. Where required, this includes the use of Standard Contractual Clauses (SCCs) approved by the European Commission, the UK International Data Transfer Addendum, and equivalent mechanisms.

7. Cookies and similar technologies

The Website uses very few cookies and a small amount of local storage. They fall into three categories:

• Necessary cookies: required for the Website to function (CSRF protection and cookie-consent state).
• Analytics: aggregate page-view counts via Plausible Analytics, which is cookie-less by design.
• Functionality storage: local storage that remembers your calculator currency unit, the program-fit gate state, and an in-progress lead queue across visits, held on your device.

We do not run advertising cookies, retargeting pixels, session recording, or device fingerprinting. We do not sell cookie data. For a full breakdown of every cookie and storage item we set, the third parties involved, and how to manage them, see our Cookie Policy.

8. Data retention

We retain personal information only for as long as the purpose described in this Policy requires. Standard retention schedule:

• Inquiry data: 24 months from the date of the inquiry, then deleted.
• Client engagement records: duration of the engagement plus 7 years, for tax, regulatory, and audit purposes.
• Application documents: deleted within 90 days after completion of the application process; the file is then closed.
• Aggregate analytics: retained anonymized, up to 14 months in Plausible.
• Security and audit logs: 12 months, then rotated.

Where a legal hold, sanctions inquiry, or active matter requires longer retention, we retain the affected records for the duration of that obligation. We document and disclose the basis on request.

9. Your rights

Depending on your location and the applicable law, you may have the following rights regarding your personal information:

• Access: request a copy of the personal information we hold about you.
• Correction: request that we correct inaccurate or incomplete information.
• Deletion: request that we delete your personal information, subject to legal-hold and regulatory-retention exceptions.
• Restriction: request that we restrict the processing of your information.
• Portability: request a portable copy of your information in a structured, commonly used format.
• Objection: object to processing where the basis is legitimate interest.
• Withdraw consent: withdraw consent at any time where processing is based on consent.

If you are located in the European Union, the European Economic Area, or the United Kingdom, you have rights under the General Data Protection Regulation (GDPR) and the UK GDPR, including the rights listed above. You also have the right to lodge a complaint with your local supervisory authority.

If you are a California resident, you have rights under the California Consumer Privacy Act as amended by the California Privacy Rights Act (collectively, the "CCPA/CPRA"). These include the right to know what personal information we collect, the right to delete personal information, the right to correct inaccurate personal information, the right to opt out of the sale or sharing of personal information, and the right to limit the use of sensitive personal information. We do not sell or share personal information as those terms are defined under the CCPA/CPRA.

If you are located in Brazil, the Lei Geral de Proteção de Dados (LGPD) provides analogous rights. If you are located in Canada, the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial legislation apply. If you are located in Australia, the Australian Privacy Principles apply. Where another jurisdiction grants rights not listed here, we honor those rights to the extent the law applies to our processing.

To exercise any of these rights, contact us at contact@passport.sv with the subject line "Data Rights Request." We will acknowledge receipt within 10 business days and respond substantively within 30 days, extendable as the applicable law allows.

10. Children’s privacy

The Website and Services are not directed at individuals under the age of 18. We do not knowingly collect personal information from children. Where a citizenship application includes dependent children, the information we receive is provided by the engaging adult applicant on the dependents’ behalf and is used only to support the file. If you believe we have inadvertently collected information directly from a child under 18, contact contact@passport.sv and we will take steps to delete that information promptly.

11. Third-party links

The Website may contain links to third-party websites, including government program sites such as bitcoin.gob.sv, licensed local partner sites, and other services within the Bitcitizen ecosystem. We are not responsible for the privacy practices or content of those third-party sites. Review the privacy policy of any third-party site you visit.

12. Changes to this policy

We update this Policy when our practices, technology, or legal requirements change. The "Effective" date at the top of this page reflects the date of the most recent update. Material changes are announced through the Website and, where appropriate, by direct notice to active engagement clients. Historical versions are retained internally and made available to regulators on request.

13. Contact us

Questions about this Privacy Policy or our data practices can be directed to:

Bitcitizen LLC (operating as passport.sv / 21 CBI)
30 N Gould St, Ste R
Sheridan, WY 82801
United States

General contact and privacy or data-rights requests: contact@passport.sv. Website: passport.sv.

For matters that warrant encryption, request our current PGP public key by replying to any signed message we have sent you, or open a Signal conversation; we will share the public key in-channel.