K
KrptoPay

Legal

Privacy Policy

Effective Date: April 1, 2026 · Last Updated: April 1, 2026

KrptoPay (“we”, “us”, “our”), operated under business registration number 2025-00823 registered in Saint Lucia, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, mobile applications, and services (collectively, the “Service”).

1. Information We Collect

1.1 Account Information

When you register, we collect your email address, name, and a hashed version of your password. We never store plaintext passwords.

1.2 KYC Verification Data

If you submit identity verification, we may collect government-issued identification documents (such as Aadhaar, PAN, or passport), your full name, date of birth, address, document photographs (front/back), a liveness verification video, and a photograph of you holding your document. This data is used solely for identity verification and regulatory compliance.

1.3 Transaction Data

We process transaction activity on the platform, including deposits, withdrawals, exchanges, and P2P trades. Customer transaction details are kept in an encrypted form and are auto-deleted after the process is completed, retaining only cryptographic proofs where required.

1.4 Wallet and Blockchain Data

When you use our crypto wallet features, we utilize your blockchain wallet addresses and associated temporary transaction data. Wallet addresses are generated through our secure routing systems and are strictly linked to your account for deposit attribution.

1.5 Technical Data

We automatically collect certain technical information including IP address, browser type, device information, operating system, and usage patterns. This data helps us maintain security, improve performance, and prevent fraud.

2. How We Use Your Information

  • To provide and maintain the Service, including wallet operations, transactions, and P2P trading
  • To verify your identity as required by applicable law (KYC/AML compliance)
  • To process your transactions, including deposits, withdrawals, and exchanges
  • To deliver real-time notifications about your account and transaction activity
  • To prevent fraud, abuse, and unauthorized access
  • To comply with legal obligations and regulatory requirements
  • To improve the Service through performance monitoring and analytics
  • To communicate with you about Service updates, security alerts, and support

3. Data Sharing

We do not sell your personal data. We may share data with:

  • Blockchain Networks: Transaction data is inherently published on-chain when you initiate cryptocurrency transfers. KrptoPay cannot control the public visibility of blockchain data.
  • Service Providers: Third-party providers that help us operate the Service (e.g., hosting, analytics, payment processing). This includes fiat bank withdrawals, which are handled by legally compliant third-party open market disbursement partners in each respective country. All user details are transmitted in a secure, encrypted format.
  • Legal Requirements: We may disclose information if required by law, regulation, legal process, or governmental request.

4. Data Security

We implement industry-standard security measures including encrypted connections (TLS), hashed passwords (bcrypt), rate limiting, audit logging, and access controls. Sensitive KYC documents are stored with restricted access. However, no system is completely secure, and we cannot guarantee absolute security.

5. Data Retention

We retain your essential account data for as long as your account is active. Customer transaction details and sensitive processing data are kept in an encrypted form and are auto-deleted from our active systems after the transaction process is completed. We retain only the minimum cryptographic proofs and KYC documents required by law.

6. Cookies

We use cookies and similar technologies for authentication, session management, and service preferences. For detailed information about our use of cookies, please see our Cookie Policy.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data (subject to legal retention requirements)
  • Object to processing of your data
  • Request data portability
  • Withdraw consent where processing is based on consent

To exercise these rights, please contact us. Note that certain requests may be limited by regulatory obligations, particularly for financial transaction records.

8. International Data Transfers

Your information may be transferred to, stored, and processed in jurisdictions outside your country of residence. By using the Service, you consent to such transfers. We take appropriate measures to protect your data in accordance with this Privacy Policy.

9. Children’s Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect data from minors. If we learn that we have collected data from a minor, we will take steps to delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. Your continued use of the Service after changes constitutes acceptance of the revised policy.

11. Contact

For privacy-related inquiries, please contact us.

Registered address: Offices of Ace Corporate Services, Ground Floor, Rodney Court Building, Rodney Bay, Gros Islet, Saint Lucia.