Privacy Policy

1. Introduction

PesaFi ("we," "our," or "us") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our decentralized financial platform built on the Base L2 blockchain.

By using our services, you consent to the data practices described in this Privacy Policy. If you do not agree with our practices, please do not use our services.

2. Information We Collect

2.1 Personal Information

We collect personal information that you provide directly to us, including:

• Identity Information: Full name, date of birth, government-issued ID numbers
• Contact Information: Email address, phone number, physical address
• Account Information: Username, password, security questions
• Financial Information: Bank account details (if applicable), transaction history
• Biometric Information: Fingerprint or facial recognition data (if used for authentication)

2.2 Transaction Information

We collect information about your financial transactions, including:

• Transaction Details: Amount, date, time, recipient/sender information
• Payment Methods: USDC transfers, currency conversions, merchant payments
• Transaction History: Complete record of all platform activities
• Cross-Border Payments: International transfer details and compliance information

2.3 Technical Information

We automatically collect technical information when you use our services:

• Device Information: Device type, operating system, browser type, IP address
• Usage Data: Pages visited, features used, time spent on platform
• Location Data: General location based on IP address (country/region level)
• Log Data: Server logs, error reports, performance data
• Cookies and Tracking: Browser cookies, local storage, tracking pixels

2.4 Blockchain Information

Due to the decentralized nature of our platform, certain information is publicly available on the blockchain:

• Wallet Addresses: Your public wallet address on Base L2
• Transaction Records: All transactions are recorded on the blockchain
• Smart Contract Interactions: Interactions with our smart contracts
• Network Data: Gas fees, transaction confirmations, block information

3. How We Use Your Information

3.1 Service Provision

We use your information to:

• Account Management: Create and maintain your account
• Transaction Processing: Process payments, transfers, and currency conversions
• Wallet Services: Manage your digital wallet and private keys
• Customer Support: Provide assistance and resolve issues
• Security: Protect against fraud and unauthorized access

3.2 Compliance and Legal Requirements

We use your information to:

• Regulatory Compliance: Meet AML, KYC, and other regulatory requirements
• Tax Reporting: Comply with tax obligations where applicable
• Legal Requests: Respond to law enforcement and legal requests
• Sanctions Screening: Screen against sanctions lists and watchlists
• Risk Management: Assess and manage financial and operational risks

3.3 Service Improvement

We use your information to:

• Product Development: Improve existing features and develop new ones
• Analytics: Analyze usage patterns and user behavior
• Performance Monitoring: Monitor system performance and identify issues
• Research: Conduct research to improve our services
• Personalization: Customize your experience and provide relevant content

4. Information Sharing and Disclosure

4.1 Third-Party Service Providers

We may share your information with trusted third-party service providers who assist us in:

• Payment Processing: Payment processors and financial institutions
• Identity Verification: KYC/AML service providers
• Cloud Services: Cloud storage and computing providers
• Analytics: Analytics and data analysis services
• Customer Support: Customer support and communication tools
• Security: Security and fraud prevention services

4.2 Legal and Regulatory Requirements

We may disclose your information when required by:

• Law Enforcement: Valid legal requests from law enforcement agencies
• Regulatory Authorities: Requests from financial regulators and government agencies
• Court Orders: Valid court orders, subpoenas, or legal processes
• Compliance: Compliance with applicable laws and regulations
• Protection: Protection of our rights, property, or safety

5. Data Security

5.1 Security Measures

We implement comprehensive security measures to protect your information:

• Encryption: End-to-end encryption for sensitive data transmission
• Access Controls: Role-based access controls and authentication
• Secure Storage: Encrypted data storage with regular security audits
• Network Security: Firewalls, intrusion detection, and monitoring systems
• Employee Training: Regular security training for all employees
• Incident Response: Incident response procedures and breach notification protocols

5.2 Blockchain Security

Our platform leverages blockchain technology for enhanced security:

• Decentralization: Reduced single points of failure
• Cryptographic Security: Advanced cryptographic protection
• Immutable Records: Tamper-proof transaction records
• Smart Contract Security: Audited smart contracts for secure operations

6. Your Rights and Choices

6.1 Access and Portability

You have the right to:

• Access: Request access to your personal information
• Portability: Receive your data in a portable format
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your personal information

6.2 Communication Preferences

You can control how we communicate with you:

• Email Preferences: Opt out of marketing emails while receiving important service communications
• SMS Preferences: Manage SMS notifications and alerts
• Push Notifications: Control push notification settings in the app
• Marketing: Opt out of marketing communications at any time

6.3 Exercising Your Rights

To exercise your rights, you can:

• Contact Us: Email us at privacy@pesafi.ai
• Account Settings: Use the privacy controls in your account
• Support: Contact our customer support team
• Legal: Contact our legal team for complex requests

7. Regional Privacy Rights

7.1 European Union (GDPR)

If you are in the EU, you have additional rights under the General Data Protection Regulation:

• Right to Access: Access your personal data
• Right to Rectification: Correct inaccurate data
• Right to Erasure: Request deletion of your data
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a portable format
• Right to Object: Object to certain types of processing
• Rights Related to Automated Decision Making: Rights regarding automated decisions

7.2 California (CCPA)

If you are a California resident, you have rights under the California Consumer Privacy Act:

• Right to Know: Know what personal information we collect
• Right to Delete: Request deletion of personal information
• Right to Opt-Out: Opt out of the sale of personal information
• Right to Non-Discrimination: Not be discriminated against for exercising your rights

8. Changes to This Privacy Policy

8.1 Updates

We may update this Privacy Policy from time to time to reflect:

• Changes in our services
• New legal or regulatory requirements
• Changes in industry best practices
• Feedback from users and stakeholders

8.2 Notification of Changes

We will notify you of material changes through:

• Email notification to your registered address
• In-app notification within the platform
• Notice on our website
• Announcement on our social media channels

8.3 Continued Use

Your continued use of our services after changes constitutes acceptance of the updated Privacy Policy.

9. Contact Information

9.1 Privacy Questions

If you have questions about this Privacy Policy or our privacy practices, please contact us:

• Email: privacy@pesafi.ai
• Phone: [Phone Number]
• Address: [Privacy Office Address]

9.2 Data Protection Officer

For complex privacy matters, you can contact our Data Protection Officer:

• Email: dpo@pesafi.ai
• Address: [DPO Address]

10. Glossary