Privacy Policy

LinkFi (hereinafter referred to as "LinkFi", "we", "us", or "the Platform") is committed to protecting the data security and privacy of our users and merchants. This Privacy Policy applies to the collection, use, storage, and protection of data when you access or use our services through our website, application, or API. This policy applies to individual users, merchant users, and the Ultimate Beneficial Owners (UBOs), directors, and authorized personnel of merchants.

We collect and process various types of data, including but not limited to transaction and business data. The scope of use is strictly limited to compliance, security, and service provision. Specifically:

• Personal Data: Includes full name, email address, phone number, residential address, date of birth, nationality, identification documents (passport/ID card), and facial recognition data used for identity verification.

• Merchant Data: Includes company registration information, business licenses, Ultimate Beneficial Owner (UBO) information, details of directors and management, and merchant transaction data (orders, turnover, and fund flows).

• On-chain Data: Includes wallet addresses, blockchain transaction records, timestamps, and transaction amounts.

We obtain information through the following channels:

• User Provided: Information submitted during registration, KYC/KYB certification, merchant onboarding, and records of customer support communications.

• Automatically Collected: IP addresses, device information, geolocation data, and cookie data.

• Third-party Sources: Blockchain analytics agencies, sanctions list databases (e.g., UN, SEC EDGAR), and payment service providers.

We process data based on the following legal grounds:

• Performance of Contract: Processing transactions, merchant auditing, and account management.

• Legal Obligations: Executing KYC/KYB verification, Anti-Money Laundering (AML) detection, and performing compliance analysis.

• User Consent: Facial recognition verification and opt-in product marketing/communications.

• Legitimate Interests: Risk monitoring, fraud prevention, and enhancing service experience.

1. To ensure platform security, we may perform risk assessments based on automated systems, including:

2. Anti-Money Laundering (AML) detection;

3. Fraud identification;

4. Risk scoring models. These processes may affect account audit results or lead to transaction restrictions or freezes. If you have objections to such decisions, you may contact us to request a manual review.

We only share data when necessary and strictly prohibit the sale of your personal data:

• Service Providers: Sharing with payment institutions, KYC/AML vendors, and cloud service providers.

• Legal and Regulatory: Disclosure to regulatory bodies or law enforcement agencies as required by law.

• Blockchain Rules (Travel Rule): When transferring virtual assets, we may need to share necessary identity information with the counterparty service provider.

• Retention Period: Data is typically retained for 6 to 10 years after account closure to fulfill legal and AML obligations. Voice recordings are kept for up to 6 years.

• Security Measures: We utilize AES-256 encryption for storage and TLS protocols for transmission, with strict access controls limited to authorized personnel.

• You have the right to access, rectify, or delete your data, and withdraw consent where applicable. Use of this platform by anyone under the age of 18 is strictly prohibited. For any inquiries or to exercise your rights, please contact our Data Protection Officer (DPO):

• Email: [dpo@linkfi.global]

• We may update this policy periodically. Continued use of LinkFi services after any updates signifies your acceptance of the revised terms.