1. Introduction
Mintoria Ltd. (“Mintoria,” “we,” “us,” or “our”) is committed to
protecting your privacy. This Privacy Policy explains how we collect,
use, share, and safeguard your personal data across our websites, mobile
apps, APIs, and financial services (the “Services”).
We comply with all relevant data protection laws, including GDPR, CCPA/CPRA,
GLBA, PIPEDA, and BIPA. By using Mintoria, you consent to the practices described
in this Privacy Policy.
2. What Personal Data We Collect
- General Identification: Full name, email, phone number, birth date, and mailing address
- Financial & Transactional Data: Wallet addresses, transaction history, linked fiat account and card usage
- Identity Verification (KYC/KYB): Government-issued ID, proof of address, live capture selfies, videos, and document scans
- Biometric Data (Sensitive): Facial geometry, voice samples (if used)
- Device & Usage Data: IP address, browser version, OS, device fingerprint, location (if permitted)
- Communication Logs: Customer support messages, emails, and platform feedback
3. How We Use Your Data
- Create and manage accounts
- Verify identity (KYC/KYB)
- Power crypto, stablecoin, and fiat transactions
- Issue and manage virtual cards
- Monitor fraud and comply with AML/sanctions rules
- Communicate with users and provide support
- Improve and secure our platform
We do not sell, rent, or use your data for advertising, behavioral profiling, or affiliate marketing.
4. Legal Basis for Processing
- Contractual necessity
- Legal obligations
- Legitimate interests
- Consent (for biometrics, cookies, optional features)
5. Automated Decision-Making
Algorithms may be used to detect suspicious transactions and flag accounts for review. Final decisions always involve human review.
6. Biometric Data Usage
- Mintoria uses WithPersona for facial/voice verification and biometric matching
- Mintoria does not store biometric templates
- Biometric data is encrypted and stored by WithPersona
- Used only for onboarding, fraud protection, and compliance
- Retained for a maximum of 3 years, unless required by law
- You may opt-out after onboarding is completed
7. Sharing & Service Providers
- WithPersona: Identity and biometric verification
- Bridge.xyz: Fiat payments and virtual accounts
- Zoho: CRM and customer support
All third parties are bound by Data Processing Agreements (DPAs) and may not reuse or resell your data.
8. Your Privacy Rights
- Access, Correction, Deletion, Restriction, Portability, Objection, Consent Withdrawal, CPRA "Limit Use"
To exercise your rights, email privacy@mintoria.com or go to Settings → Privacy.
9. Data Retention
- Transaction records: 7 years
- KYC/KYB data: 5 years after account closure
- Biometric data: Max 3 years with consent
- Session logs & account metadata: Deleted or anonymized within 6 months of closure
10. Data Security
- AES-256 and TLS 1.3 encryption
- Role-based access and zero-trust infrastructure
- Biometric data stored in secure, access-controlled environments
- MFA for sensitive systems
- Automated breach monitoring, audit logs, and threat detection
11. International Data Transfers
Your data may be stored or processed in the U.S., Canada, EU, or other jurisdictions. We ensure adequate safeguards such as SCCs, DPAs, and regional hosting where required.
12. Children’s Privacy
We do not knowingly collect data from users under the age of 16. If we become aware of such collection, we will delete the data. Please contact privacy@mintoria.com if you believe this has occurred.
13. Data Breach Notification
If a breach poses a risk to your data rights or freedoms, we will notify affected users promptly, in line with applicable data breach laws.
14. Changes to This Policy
We may update this policy as laws or services evolve. If changes are material, we will notify you through email, dashboard, or alerts.
15. Contact Information
For questions, data access requests, or to file a complaint:
support@mintoria.com
Mintoria Ltd.
8 The Green, Suite #14329
Dover, DE 19901, USA