PairMint Logo

Privacy Policy

How we collect, use, and protect your personal information.

PairMint Privacy Policy

Effective Date: October 12, 2025

Applies To: PairMint Corporation (U.S.) and PairMint Limited (Nigeria)

Primary Address: PairMint Corporation — 8 The Green, Ste A, Dover, DE 19901, USA

Contact: [email protected]

1) Purpose & Scope

This Privacy Policy explains how PairMint (“we,” “us,” “our”) collects, uses, shares, and protects personal information when you use our website, mobile apps, APIs, and customer support (the “Services”). It applies to users in the United States and Nigeria, and to EU/UK users where GDPR/UK GDPR applies.

Our promise: We collect only what’s necessary to provide secure, compliant services. We do not sell personal information.

Laws we align with: applicable U.S. privacy/financial rules (e.g., FTC, CCPA/CPRA where applicable), Nigeria NDPA 2023, and GDPR/UK GDPR principles.

2) Information We Collect

a) Personal Information — name, date of birth, email, phone, residential address, nationality, government ID (e.g., passport, NIN, driver’s license/SSN), and bank/payment details.

b) Transaction & Offer Data — amounts, currencies, rate preferences, transaction IDs/timestamps, confirmations/receipts, limited counterparty identifiers, dispute notes.

c) Compliance Data — KYC/AML results, sanctions/PEP screening outcomes, fraud checks, consent records.

d) Device & Usage Data — IP address, device/OS/app version, crash logs, session activity, approximate location (if enabled), cookies/SDK telemetry.

e) Preferences & Communications — language/currency preferences, feedback/surveys, marketing opt-in choices.

3) How We Use Your Information (and Legal Bases)

  • Account setup & identity verification (KYC/AML checks, sanctions screening) — Legal obligation
  • Offer matching & transaction facilitation (create/confirm matches, settlement support) — Contract performance
  • Safety, security & fraud prevention (abuse detection, anomaly monitoring) — Legitimate interests
  • Service improvement & analytics (performance, diagnostics) — Legitimate interests (consent where required)
  • Communications (support, notices, service announcements) — Contract/legitimate interests
  • Marketing (optional) (updates, promotions) — Consent (opt out anytime)
  • Records & audits (tax, AML, regulatory inquiries) — Legal obligation

Communications:

  • Transactional (non-promotional) messages (security alerts, confirmations, compliance notices) are necessary and generally cannot be opted out of.
  • Marketing messages are sent only where permitted. Unsubscribe anytime via the message link or [email protected].
  • SMS/Push/Email specifics: We use phone numbers and email to send OTP/verification, security alerts, and transaction/status updates (necessary). For optional marketing via email or push, you can opt out at any time (unsubscribe link or in-app settings where available). For SMS that is not strictly transactional, reply STOP to opt out and HELP for help. Carrier rates may apply. We do not sell contact information; we share it only with operational vendors (e.g., KYC, messaging delivery) or as required by law.

4) Sharing Your Information

We share personal data only as needed to provide and protect the Services or as required by law:

  • Financial/KYC/Infrastructure Providers (regulated payment rails, identity verification, cloud/hosting, observability) under binding contracts and strict access controls.
  • Professional advisers & auditors under confidentiality.
  • Law enforcement/regulators when legally required.

We do not sell or rent personal data and do not share it for third‑party advertising.

5) International Processing & Safeguards

Data is currently stored and processed in Microsoft Azure U.S. data centers. If data is transferred outside your country, we apply appropriate safeguards such as encryption, access controls, and—where required by GDPR/NDPA—Standard Contractual Clauses (SCCs) or equivalent mechanisms.

This section concerns data processing locations only. It does not characterize PairMint as a “cross-border remittance” service.

6) Data Retention & Deletion

We retain data only as long as necessary for operations, security, and compliance—or as required by law or our regulated partners. Typical horizons:

  • KYC/Identity: up to 2 years after account closure (aligned with common partner practices), unless a longer legal period applies.
  • Transactions & audit records: up to 7 years (AML/tax/audit).
  • Logs & analytics: up to 12 months.
  • Backups: up to 90 days (rolling purge).

Inactive accounts: After 24 months of inactivity, we may anonymize or delete personal data not subject to legal retention. Where feasible, we’ll notify you beforehand.

Deletion requests: Email [email protected]. We will verify your identity and respond within 30 days (or the statutory timeframe). If law requires us to retain certain data (e.g., AML/tax/audit), we will retain only the minimum necessary in a secure archive until the obligation ends.

7) Automated Processing & Matching

We use automated systems to match offers and help detect fraud. These processes evaluate parameters you provide (e.g., rate, amounts, timing) to facilitate matching and protect the platform. If you believe an automated outcome is erroneous, contact support; we may review and, at our discretion, adjust outcomes.

8) Cookies & Tracking

We use cookies/SDKs to:

  • keep your session secure and remember preferences,
  • measure performance and fix issues,
  • (if opted in) understand usage to improve features.

You can control cookies in your browser/device settings; disabling some may affect functionality.

9) Security

We use industry-standard protections: AES-256 encryption (in transit/at rest), least-privilege access, network isolation, MFA (where supported), fraud/anomaly monitoring, and periodic testing. If a data breach occurs, we will notify affected users and regulators as required by law and follow our incident response plan.

10) Your Privacy Rights & How to Exercise Them

Depending on your location, you may have rights to access, correct, delete, restrict/opt-out, object, and data portability, and to withdraw consent (for optional processing).

How to submit a request: email [email protected]. We may need additional information to verify your identity. We aim to respond within 30 days or the timeframe required by law. If we cannot comply (e.g., legal retention), we’ll explain why and what we can do instead.

Nigeria Users (NDPA 2023)

You have the rights above and may lodge complaints with the Nigeria Data Protection Commission (NDPC). We maintain records of processing and apply transfer safeguards as required.

U.S. Users (including CCPA/CPRA where applicable)

We do not sell personal information. Subject to state law, you may request access, correction, deletion, and to limit certain uses of sensitive data. If we deny a request, you may appeal by replying to our decision email.

European Economic Area/UK Users (GDPR/UK GDPR)

We process data under the bases described in Section 3. You may exercise GDPR rights listed above and lodge a complaint with your local Data Protection Authority (or the UK ICO).

11) Children’s Privacy

Our Services are intended for 18+ only. We do not knowingly collect personal information from anyone under 18. If you believe a minor has provided data to us, contact [email protected] and we will delete it promptly.

12) Changes to This Policy

We may update this Policy from time to time. Material changes will be communicated by email or in-app at least 30 days before they take effect. The “Effective Date” above reflects the latest version.

13) Contact & Controllers

Controllers:

  • PairMint Corporation (U.S.) — 8 The Green, Ste A, Dover, DE 19901, USA
  • PairMint Limited (Nigeria)

Privacy Contact: [email protected]