Privacy policy

We, UnityF Limited, are a legal entity incorporated under the laws of the Marshall Islands, with the registration number 127542 and our registered office located at Trust Company Complex, Ajeltake Road, Ajeltake Island, Majuro, Marshall Islands MH96960 (hereafter referred to as “Unity Finance”). Together with our subsidiaries and partners (collectively referred to as the “Group”), we act as the “data controller” of your personal information and as the “processor” for certain personal data, as further outlined in this Privacy Policy. We recognize our responsibilities concerning the collection, storage, processing, use, and transfer of personal data in accordance with the General Data Protection Regulation (GDPR).

Personal data will be collected solely for legitimate and relevant purposes, and we will take all feasible steps to ensure the accuracy of the data we hold. Your personal data may be utilized in accordance with this Privacy Policy.

We regularly assess this Privacy Policy and may occasionally make revisions or introduce specific instructions, policies, and terms. If any substantial changes are made, we will notify you using the contact information you have provided. Where required by law, we will also give you the opportunity to opt out of these changes through the method communicated at that time.

2.1. Contact Information

We collect details such as your name, address, email, and phone number. Additionally, identification details like your date of birth, gender, and country of residence may be collected.

Usage:

• To process your registration, onboard you as a client, and maintain communication regarding your account.
• This data also helps manage our services, including account updates, and informs you about changes in fees or service terms.

2.2. Know Your Client (KYC) Information

We collect documents like your passport, government-issued IDs, photographs, and other documents proving your source of funds. This includes results from KYC or Politically Exposed Person (PEP) screenings, as well as personal information that may surface during these checks, such as turnover or business activity type.

Usage:

• Compliance with regulatory requirements and verifying customers' identities to prevent fraud, money laundering, terrorist financing, and identity theft.
• This information ensures regulatory checks are followed and helps us meet obligations related to fraud detection and prevention.

2.3. Account-Related Information

This includes the password for your account and any marketing preferences you have set.

Usage:

• Ensures you can securely access services, manage your account, and receive updates and promotions aligned with your preferences.
• This also facilitates smooth interaction with our system and ensures the security of your account details.

2.4. Transaction and Device Data

We collect details related to your transactions, including payment information, amounts, currency, and time stamps. In addition, device data such as operating system, IP address, and login times are also collected, along with any communications you have with us. This can include correspondence through email, phone, or social media platforms.

Usage:

• We use this information to deliver and improve our services, manage our system, monitor fraudulent activity, and enhance user experiences based on device capabilities.
• Additionally, we track communication to address queries and for quality assurance purposes.
• Collecting device data helps us ensure that access is consistent with our records, which prevents unauthorized logins and improves the overall security of our platform.

2.5. Non-Client Information

For visitors who do not have an account, we still collect device-related data, such as operating system, hardware settings, browser configurations, and website interaction details, including the length of visits, pages clicked, and referring URLs.

Usage:

• This data helps us analyze website traffic, identify potential issues with our online presence, and develop new services based on user behavior.
• It enables us to conduct security audits and enhance the website's functionality to ensure a seamless experience.
• Analyzing the site’s usage patterns also aids in identifying peak times, high-traffic content, and areas needing improvement.

2.6. Special Categories of Data

In the course of using our services, we may collect data that could reveal sensitive information.

Usage:

• Such data is processed strictly to comply with regulatory obligations like KYC checks, which may inadvertently reveal this sensitive information.
• We handle this data carefully, ensuring we meet our regulatory duties while maintaining the utmost discretion and protection.

2.7. Information from Organizational Representatives

If you represent a corporate customer or supplier, we may collect your name, role, and contact details, along with any other personal information shared during correspondence.

Usage:

• Such data is processed strictly to comply with regulatory obligations like KYC checks, which may inadvertently reveal this sensitive information.
• We also use this data to deliver marketing materials relevant to corporate needs and to enhance our B2B services based on these interactions.

2.8. Data from Promotional and Marketing Activities

If you represent an organization and are involved in our promotional or marketing campaigns, we may collect personal details such as your name, role, contact details, and survey responses.

Usage:

• This information is analyzed to improve our marketing strategies, understand market trends, and identify customer preferences.
• We use it to improve our services, and develop new offerings that align with market demands.
• We may also publish anonymized survey results to showcase industry insights and further develop our brand.

We collect personal data from you through the following channels:

• Direct Interactions: When you fill in forms on our website, or contact us via email, phone, or chat, we collect the information you provide to us voluntarily.
• Automated Technologies: When you interact with our website or services, we automatically collect certain technical information about your device, browsing patterns, and actions. This is done through the use of cookies and similar technologies.
• Third-Party Sources: We may receive data from third parties, such as payment processors, identity verification providers, credit reference agencies, or fraud prevention services.

We process personal data to ensure the proper functioning of our services and to comply with our legal and regulatory obligations. The specific purposes for which we collect and process your data include:

• Service Provision: To create and manage your account, process your transactions, and provide you with customer support.
• Identity Verification: To comply with anti-money laundering (AML) and know-your-customer (KYC) regulations, we may require you to provide identification documents and other personal data.
• Fraud Prevention and Security: We use your data to detect, prevent, and mitigate fraud, money laundering, and other illegal activities, ensuring that our platform remains secure and trusted.
• Compliance with Legal Obligations: We process personal data to fulfill our legal obligations, including reporting to regulatory bodies, tax authorities, and law enforcement agencies.
• Marketing and Communications: With your explicit consent, we may use your data to send you promotional offers, updates on new features, or other communications that may be of interest to you. You can opt out of marketing communications at any time.
• Service Improvement: We analyze data to enhance the functionality of our platform, improve customer experience, and develop new features or services.

We process your personal data under various legal bases, depending on the purpose of processing. These include:

• Contractual Necessity: We process personal data as necessary to perform the contract we have with you, such as enabling you to use our services.
• Consent: In some cases, we process your personal data based on your consent. For example, when you opt in to receive marketing communications, we rely on your consent.
• Legal Obligation: We are required by law to process certain personal data to comply with regulatory obligations, such as tax reporting, AML, and KYC requirements.
• Legitimate Interests: We may process your data for our legitimate business interests, provided that those interests are not overridden by your rights and freedoms. These interests include fraud detection, security, improving services, and marketing.

We will retain your personal data only for as long as it is necessary for the purposes outlined in this Privacy Policy. In some cases, we are required by law to retain your data for a certain period.

The retention period may vary depending on the type of data and the purposes for which it was collected:

• Account Information: Retained as long as your account is active and for a certain period after account closure to comply with legal obligations or resolve disputes.
• Transactional Data: Retained for the duration required by law, typically for tax and financial reporting purposes.
• Communication Records: Retained to maintain customer service records and resolve any potential future disputes.

Once the retention period expires, we will securely delete or anonymize your data so that it can no longer be associated with you.

We take data security seriously and implement a range of technical and organizational measures to protect your personal data from unauthorized access, use, alteration, and disclosure. These measures include:

• Encryption: All sensitive personal data, such as financial information, is encrypted both in transit and at rest.
• Access Controls: We limit access to personal data to authorized personnel who need it to perform their job duties.
• Security Audits: We regularly review and audit our security systems to identify potential vulnerabilities and ensure that we meet industry standards.
• Incident Response: In the event of a data breach, we have a protocol in place to investigate the breach, contain it, and notify affected individuals and relevant authorities as required by law.

While we take every reasonable measure to protect your data, it is important to recognize that no system is completely secure. You are responsible for safeguarding your account credentials, such as your password, and for notifying us immediately if you suspect any unauthorized access to your account.

We do not sell, rent, or trade your personal data to third parties. However, we may share your data with trusted third-party service providers to facilitate the delivery of our services. These service providers are bound by strict confidentiality agreements and are only permitted to process your data for the purposes we specify. Categories of third parties with whom we may share your data include:

• Payment Processors: To facilitate payments and ensure the security of financial transactions.
• Identity Verification Providers: To verify your identity in compliance with AML and KYC regulations.
• Legal and Regulatory Authorities: To comply with legal obligations or respond to lawful requests from public authorities, including law enforcement.
• Professional Advisors: Including lawyers, auditors, and accountants, where necessary to ensure compliance with legal or regulatory requirements.

In the event of a merger, acquisition, or asset sale, we may transfer your data to the acquiring entity, provided that the recipient agrees to adhere to the terms of this Privacy Policy.

Given the global nature of our business, your personal data may be transferred to and processed in countries outside of your jurisdiction, including countries that may not provide the same level of data protection as your home country. In such cases, we will ensure that appropriate safeguards are in place to protect your data, such as the use of standard contractual clauses approved by the European Commission.

We take all necessary steps to ensure that your data is treated securely and in accordance with this Privacy Policy during any such transfer.

As a data subject, you have several rights under the GDPR, which are designed to give you more control over how your personal data is processed. These rights include:

• Right to Access: You can request access to the personal data we hold about you and obtain a copy of that data.
• Right to Rectification: You have the right to request the correction of any inaccuracies in your personal data.
• Right to Erasure: You can request the deletion of your personal data where it is no longer necessary for the purposes for which it was collected, or if you withdraw your consent (where applicable).
• Right to Restriction of Processing: You can request that we limit the processing of your data in certain circumstances, such as when you contest the accuracy of the data.
• Right to Data Portability: You have the right to request the transfer of your personal data to another service provider in a structured, commonly used, and machine-readable format.
• Right to Object: You can object to the processing of your personal data for direct marketing purposes or other processing based on legitimate interests.
• Right to Withdraw Consent: Where we process your data based on your consent, you can**(Continued)** withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

To exercise any of your rights, please contact us using the details provided at the end of this policy. We will respond to your request within 30 days, as required by law.

Our website may contain links to third-party websites. Please be aware that we are not responsible for the privacy practices of these websites. We encourage you to review their privacy policies before providing any personal information.

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or service enhancements. If we make significant changes, we will notify you by posting a notice on our website or sending an email. Your continued use of our services following any changes to this Privacy Policy constitutes acceptance of those changes.

If you have any questions about this Privacy Policy, or if you wish to exercise any of your data protection rights, please contact us at:
UnityF Limited
Trust Company Complex, Ajeltake Road,
Ajeltake Island, Majuro, Marshall Islands MH96960
Registration Number: 127542
Email: unityflimited@gmail.com