That is a matter of concern. We cannot detect who operates the account, but we always get the sender's wallet address. If they have exchanged coins to another coin, we have that data as well, and if they have withdrawn the newly exchanged coins, we have that wallet address too. The fact is that we have no information about who operates this account - no name, IP, or location.
Do you mean you would not have any problem confiscating funds that are coming from certain addresses, maybe sanctioned addresses? If that is it, then how exactly are you defending users privacy and how are you going to achieve all the other things you say. If you check for source of funds and you track where people's funds come from, there is nothing private about your service.