Log in Sign up
bg-img

Privacy Policy

Privacy Policy

This Privacy Policy explains how Palzea Inc. (“Palzea”, “we”, “us”) collects, uses, discloses, and protects information when you use our websites, apps, APIs, and services. By using Palzea you agree to this Policy.

1) Who We Are & Scope

Controller: Palzea Inc., incorporated under the laws of the Republic of Panama.
Contact: [email protected]

This Policy covers personal data we process about account holders, P2P counterparties, site visitors, job applicants, and support contacts. Additional product-specific terms may apply.

2) Categories of Data We Collect

Category Examples Sources
Account & Contact Email, username, preferred language, settings; optional phone if enabled in future. You
Verification Status (from providers) Limited information we receive from external payment / on-ramp providers, such as whether your profile is verified with them, method availability, or high-level risk flags (we do not receive or store your ID documents from those checks). Third-party providers you choose to use.
Financial & Transaction Wallet addresses, deposit/withdrawal details, order history, P2P offers and trades; payment confirmations (no full card numbers stored). You; blockchain networks; payment partners.
Technical Device info, OS, browser, IP, timestamps, activity logs, security events, crash/diagnostics. Automatic collection.
Cookies & Analytics Strictly necessary, security, preference, and limited analytics cookies. We do not use cross-context advertising cookies. Automatic collection.
Support & Comms Tickets, chat/email content, attachments, dispute evidence, call logs (if applicable). You; counterparties (P2P); our support tools.

3) Why We Use Data & Legal Bases

Purpose Examples Legal Basis (GDPR/UK GDPR)
Provide & operate services Account creation, orders, wallets, P2P escrow, support. Contract performance
Compliance & sanctions Using transaction data and limited information from third-party providers to help meet AML/CTF and sanctions requirements; record-keeping; responding to lawful requests. Legal obligation; public interest
Security & fraud prevention 2FA, monitoring, incident response, abuse detection. Legitimate interests; legal obligation
Improve & troubleshoot Analytics, diagnostics, feature measurement. Legitimate interests; consent where required
Communications Service notices, changes to terms/policies; optional product updates. Contract; legitimate interests; consent where required

Where consent is used, you can withdraw it at any time without affecting prior processing.

4) Third-Party Verification & Compliance

  • Palzea does not run its own KYC process or ask you to upload identity documents directly to us. When you use certain services (for example, card payments, bank transfers or on-ramp/off-ramp options), you may be redirected to independent providers that carry out their own verification.
  • Any identity checks for those services happen between you and the external provider, under their terms and privacy policy. They are responsible for how they handle your documents and verification data.
  • Palzea may receive limited information from these providers (for example, whether a method is available, whether your profile is verified with them, or if additional checks are required), but we do not access your underlying documents from those checks.
  • In some situations, these providers may pause or block a transaction on their side. This can temporarily affect your ability to use a specific payment method inside Palzea.

5) Cookies & Similar Technologies

  • Strictly necessary: authentication, session security, fraud prevention.
  • Preferences: language, theme, regional settings.
  • Analytics (limited): usage and performance metrics (no cross-context behavioral ads).

You can manage non-essential cookies in your browser and, where available, in our in-product controls.

6) How We Share Information

  • Processors: hosting, security, analytics, messaging, and customer-support vendors under contracts and data-protection terms.
  • Payment & verification partners: where needed to initiate or confirm a transaction, or to receive limited status information related to compliance checks performed by those partners.
  • Counterparties: limited data necessary to complete a P2P trade (e.g., payment instructions, order details).
  • Affiliates & corporate transactions: as part of a reorganization, merger, or acquisition.
  • Legal & compliance: where required by law, court orders, or to enforce our rights and protect users.

No Sale: We do not sell personal information or share it for cross-context behavioral advertising.

7) International Transfers

We operate globally. Where applicable (EEA/UK), we use transfer mechanisms such as the EU/UK Standard Contractual Clauses and supplementary safeguards. Copies or a summary can be provided where required by law.

8) Retention

We retain data while your account is active and as needed to provide services and meet legal obligations. Compliance and transaction records may need to be kept for a number of years after account closure, depending on local laws. When data is no longer needed, we anonymize or securely delete it.

9) Security

  • Encryption in transit and at rest, role-based access controls, monitoring, and vulnerability management.
  • Support for 2FA for sensitive actions; anti-phishing code and session controls.
  • Incident response procedures and user notification where required by law.

No method of transmission or storage is 100% secure. Please use unique passwords and enable 2FA.

10) Your Privacy Rights

  • EEA/UK (GDPR): access, rectification, erasure, restriction, portability, objection. You may also lodge a complaint with your supervisory authority.
  • California (CCPA/CPRA): right to know, delete, correct, and opt-out of sale/share (not practiced); limit use of sensitive data (we use sensitive data only for essential security and compliance purposes).
  • Brazil (LGPD) & Canada (PIPEDA): similar rights to access, correction, deletion, and portability, subject to exceptions.

To exercise rights, contact [email protected]. We may verify your request and respond within statutory timelines. Authorized agents may act where permitted by law.

11) Automated Decisions

We may use automated checks for fraud, sanctions screening, and risk scoring. You can request human review where required by law.

12) Children

Palzea is intended for individuals aged 18+.

13) Third-Party Links

Our services may link to third-party sites. Their privacy practices are governed by their own policies.

14) Changes to this Policy

We may update this Policy from time to time. Material changes will be notified in-product or by email where appropriate. Continued use of Palzea after the effective date means you accept the updated Policy.

Effective date: 06 Sep 2025 — © Palzea. All rights reserved.