Last updated: January 2025
We respect your privacy and are committed to protecting your personal data. This Privacy Notice explains how CloovaPay (“we”, “us”, “our”) collects, uses, discloses, and safeguards information when you use our websites, apps, products, and services (collectively, the “Services”).
This Notice describes our data processing activities and your rights. It applies to all personal data processed by us across the Services.
CloovaPay operates global digital asset and payments services. Contact details are provided in Section 12.
We may collect identity and contact data, KYC information (including identity documents and facial images captured via your device camera), transaction and on-chain data, device identifiers, usage analytics, communications, marketing preferences, and any information you provide to support requests.
Data is collected directly from you (e.g., account creation, KYC verification using camera-based document and selfie capture), automatically (cookies, SDKs, device data), and from third parties (verification providers, analytics, on-chain sources) where lawful.
We use personal data to provide and secure the Services, verify identity, comply with legal and regulatory obligations (including KYC, AML, and CFT requirements), prevent fraud and unauthorized access, personalize user experience, communicate with you, and improve our products.
Where you grant permission, we use your device camera solely for identity verification, document scanning, profile photo capture, or QR-related features. Camera access is used only when actively initiated by you and is never accessed in the background.
We may share data with affiliates, service providers, partners, verification vendors, regulators, and law enforcement where required by law or to protect users and our platform. All disclosures are governed by appropriate confidentiality and security obligations.
Your data may be processed globally. Where required, we implement appropriate safeguards such as Standard Contractual Clauses and additional technical and organizational measures.
We apply organizational and technical measures including encryption in transit, encryption at rest where appropriate, strict access control, audit logging, and routine security testing to protect your personal data.
We retain personal data only for as long as necessary to fulfill the purposes outlined in this Notice and to meet legal, accounting, or regulatory requirements, after which data is securely deleted or anonymized.
Depending on your jurisdiction, you may have rights to access, correct, delete, restrict, or object to processing of your personal data, request data portability, and withdraw consent where applicable. You may also lodge a complaint with your local data protection authority.
Questions or requests can be sent to privacy@cloovapay.com. For security or abuse reports, contact security@cloovapay.com.