Privacy Policy

Last updated: 19th December 2025

At Pair, we believe that privacy is foundational to trust in financial systems. This Privacy Policy explains how Pair Financial Technologies, Inc. and its affiliates ("Pair", "we", "us", or "our") collect, use, share, store, and protect personal data when you access or use our websites, applications, APIs, and financial products (collectively, the "Services").

We design our Services to minimise data collection, protect confidentiality, and comply with applicable data protection and financial regulations globally, including GDPR, UK GDPR, CCPA/CPRA, and other applicable US state privacy laws.

1. Scope and Application

This Privacy Policy applies to personal data processed by Pair in connection with:

  • Use of our Services
  • Business relationships with customers, partners, vendors, and end users
  • Regulatory, compliance, and risk management activities

By accessing or using our Services, you acknowledge that your personal data will be processed in accordance with this Policy.

2. Information We Collect

We collect personal data that is necessary to provide secure, compliant financial services. This includes:

a. Identity and Verification Data
  • Full name
  • Date of birth
  • Government-issued identification numbers and documents
  • Verification and authentication data required for KYC and AML compliance
b. Financial and Transaction Data
  • Bank account, wallet, and payment instrument details
  • Transaction history and settlement data
  • Account balances and ledger information
  • Credit, risk, or underwriting information, where applicable

For US users, financial data is treated as non-public personal information and handled in accordance with financial privacy expectations applicable to regulated financial services providers.

c. Technical and Usage Data
  • IP address
  • Device identifiers and operating system
  • Browser type and access logs
  • API usage data, timestamps, and performance metrics
d. Communications Data
  • Customer support requests and correspondence
  • Emails, chat messages, and call records where legally permitted

We do not knowingly collect personal data from individuals under the age of 18.

3. Lawful Basis for Processing

We process personal data only where permitted by law, including where processing is necessary for:

  • Performance of a contract
  • Compliance with legal and regulatory obligations
  • Legitimate business interests, such as security, fraud prevention, and service improvement
  • User consent, where required

Where consent is relied upon, it may be withdrawn at any time, subject to applicable legal or regulatory requirements.

4. How We Use Personal Data

We use personal data to:

Provide, operate, and maintain the Services

Process payments and financial transactions

Verify identity and conduct KYC, AML, and sanctions screening

Detect, prevent, and investigate fraud, abuse, or security incidents

Comply with legal, tax, and regulatory obligations

Improve product functionality, reliability, and user experience

Communicate service-related updates and customer support information

We do not sell personal data and do not use personal data for third-party advertising.

5. Data Sharing and Disclosure

We share personal data only where necessary and subject to strict safeguards:

a. Service Providers

With vetted third-party vendors who support infrastructure, cloud hosting, identity verification, analytics, and customer support. All service providers are contractually required to protect personal data and use it only for authorised purposes.

b. Financial and Banking Partners

With regulated financial institutions, payment processors, settlement partners, and liquidity providers where required to deliver financial services.

c. Legal and Regulatory Authorities

Where required to comply with applicable laws, regulations, court orders, or lawful requests from regulators or law enforcement authorities.

d. Corporate Transactions

In connection with a merger, acquisition, financing, restructuring, or sale of assets, subject to appropriate confidentiality and data protection safeguards.

6. US Privacy Rights and Disclosures

This section applies to individuals residing in the United States, including California.

a. Categories of Personal Information

In the past 12 months, we may have collected the categories of personal information described in Section 2 for business and operational purposes.

b. No Sale or Sharing of Personal Information

Pair does not sell personal information and does not share personal information for cross-context behavioural advertising, as those terms are defined under the California Consumer Privacy Act and the California Privacy Rights Act.

c. Your US Privacy Rights

Subject to applicable law, US residents may have the right to:

  • Request access to the personal information we collect about you
  • Request correction of inaccurate personal information
  • Request deletion of personal information, subject to legal and regulatory retention requirements
  • Opt out of certain processing activities where applicable
  • Not be discriminated against for exercising privacy rights

d. Submitting Requests

Privacy requests may be submitted by contacting us using the details in Section 12. We will verify your identity before processing requests and respond within legally required timeframes.

7. International Data Transfers

Pair operates globally. Where personal data is transferred across borders, we ensure appropriate safeguards are in place, including standard contractual clauses or other legally recognised transfer mechanisms.

8. Data Security

We implement technical and organisational security measures designed to protect personal data against unauthorised access, loss, misuse, or alteration. These measures include:

Encryption of data in transit and at rest

Role-based access controls and least-privilege principles

Continuous monitoring, logging, and incident response procedures

Regular security testing and audits

No system is completely secure, but we follow industry best practices consistent with financial services and infrastructure providers.

9. Data Retention

We retain personal data only for as long as necessary to:

  • Provide the Services
  • Fulfil contractual obligations
  • Comply with legal, regulatory, accounting, and reporting requirements

When retention is no longer required, personal data is securely deleted or anonymised.

10. Your Rights Outside the United States

Depending on your jurisdiction, you may have rights to access, correct, delete, restrict, or object to the processing of your personal data, and to lodge a complaint with a relevant data protection authority.

11. Cookies and Tracking Technologies

We use cookies and similar technologies to operate and improve our Services. You can manage cookie preferences through your browser settings. Additional details are provided in our Cookie Policy.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements, technology, or business practices. Material changes will be communicated through our Services or other appropriate channels.

Continued use of the Services after an update constitutes acceptance of the revised Policy.

13. Contact Information

For questions, concerns, or requests related to this Privacy Policy or our data practices, please contact:

aveer, co