Bitvavo management had access to customer data for years

Published: 16 October 2025
Last updated: 16 October 2025
bitvavo-monitor
Image by Cybernews.

Management of the Amsterdam-based cryptocurrency exchange Bitvavo had access to customers’ data for years.

The company confirms that senior management had access to customer data, including accounts, until spring 2024.

According to Bitvavo, access to customers’ personal information was necessary in the early years as management assisted with customer registration and addressed their questions. Bitvavo was a “much smaller” company at the time, a company spokesperson told Dutch news outlet Het Financieel Dagblad.

ADVERTISEMENT

Privacy regulations state that access to customers’ personal information is restricted to a select group of employees, such as workers in the anti-money laundering department or customer support. Therefore, legal experts question Bitvavo’s explanation.

“Privacy law requires that access to customer data be limited to those who truly need it for the tasks assigned to them. Given the company’s size and growth, it might be advantageous to grant management all sorts of access rights, but that is at odds with the law. It’s a risky and therefore problematic choice,” said Gerrit-Jan Zwenne, lawyer and professor of Law and Digital Technologies at Leiden University.

mark-nuvelstijn
Image by Cybernews.

Mark Nuvelstijn, who stepped down as CEO of Bitvavo last Summer, suggested in WhatsApp messages to Max R., a convicted felon of investment fraud, that he had access to customer data. In 2022, Nuvelstijn asked a former employee of Max R. for his last name because he needed to look something up for Max R., who supposedly had an account with Bitvavo.

Via a spokesperson, Nuvelstijn told Het Financieele Dagblad that the chats show that he didn’t actually look into the systems and claims to have only offered help “in a general sense.” He also points out that he’s a victim of Max R., has filed a report with the police, and hasn’t been prosecuted by the authorities.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

After Nuvelstijn’s departure, Bitvavo launched an integrity investigation into Nuvelstijn. Researchers are also investigating whether the former CEO complied with privacy regulations, Bitvavo confirmed.

Bitvavo claims that the company complies with all requirements dictated by privacy laws and has systems in place to prevent unauthorized access to customer data.

ADVERTISEMENT

Unlock more exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT
Leave a Reply

Your email address will not be published. Required fields are markedmarked