Privacy Policy

We collect information you provide directly to us, such as when you create an account, complete identity verification (KYB/KYC), initiate a transaction, or contact our support team.

Personal Identification Information: Full legal name, date of birth, nationality, government-issued ID numbers, passport or driver's license copies.

Business Information: Company name, registration number, registered address, beneficial ownership details, articles of incorporation, and other corporate documents.

Financial Information: Bank account details, transaction history, source of funds declarations, and payment method information.

Technical Information: IP addresses, browser type and version, device identifiers, operating system, referring URLs, and pages visited within our platform.

Communications: Records of correspondence with our support team, including emails, chat logs, and call recordings where applicable.

FDraft LLC uses the information we collect for the following purposes:

Service Delivery: To process payments, execute currency exchanges, issue virtual accounts, and provide all features of the NexaPay platform.

Identity Verification & Compliance: To verify your identity and business legitimacy as required by applicable financial regulations, including AML/CFT obligations.

Fraud Prevention & Security: To detect, investigate, and prevent fraudulent transactions, unauthorized access, and other illegal activities.

Communication: To send transaction confirmations, security alerts, product updates, and respond to your inquiries.

Legal Obligations: To comply with applicable laws, regulations, court orders, and requests from regulatory authorities.

Product Improvement: To analyze usage patterns, conduct research, and improve our platform's features and user experience.

We do not sell, rent, or trade your personal information to third parties for their marketing purposes. We may share your information in the following circumstances:

Service Providers: We engage trusted third-party vendors (payment processors, cloud infrastructure providers, identity verification services) who process data on our behalf under strict confidentiality agreements.

Financial Partners: Banking partners, correspondent banks, and payment networks necessary to execute your transactions.

Regulatory Authorities: We may disclose information to financial regulators, law enforcement agencies, or government bodies when required by law or to protect our legal rights.

Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction, subject to equivalent privacy protections.

With Your Consent: We may share information with third parties when you have explicitly authorized us to do so.

We retain your personal information for as long as necessary to provide our services and comply with our legal obligations.

Active Accounts: We retain account data for the duration of your relationship with FDraft LLC.

Closed Accounts: Following account closure, we retain transaction records and identity verification documents for a minimum of 5 years, as required by anti-money laundering regulations.

Marketing Data: If you have opted in to marketing communications, we retain your contact preferences until you opt out.

We periodically review our data retention practices and securely delete or anonymize data that is no longer required.

FDraft LLC implements industry-standard security measures to protect your information:

• ·Encryption:: All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption.
• ·Access Controls:: Strict role-based access controls limit employee access to personal data on a need-to-know basis.
• ·Infrastructure Security:: Our systems are hosted on SOC 2 Type II certified cloud infrastructure with continuous monitoring.
• ·Penetration Testing:: We conduct regular third-party security audits and penetration tests.
• ·Incident Response:: We maintain a documented incident response plan and will notify affected users of any data breach within 72 hours as required by applicable law.

No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Right of Access: You may request a copy of the personal data we hold about you.

Right to Rectification: You may request correction of inaccurate or incomplete personal data.

Right to Erasure: You may request deletion of your personal data, subject to our legal retention obligations.

Right to Restriction: You may request that we restrict processing of your data in certain circumstances.

Right to Data Portability: You may request your data in a structured, machine-readable format.

Right to Object: You may object to processing of your data for direct marketing purposes at any time.

To exercise any of these rights, please contact us at privacy@fdraftllc.com. We will respond to your request within 30 days.

We use cookies and similar tracking technologies to enhance your experience on our platform. Please refer to our Cookie Policy for detailed information about the types of cookies we use and how to manage your preferences.

FDraft LLC operates globally, and your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws than your home country.

When we transfer personal data internationally, we implement appropriate safeguards such as Standard Contractual Clauses approved by relevant data protection authorities, or rely on adequacy decisions where applicable.

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have collected personal data from a child under 18, we will take steps to delete that information promptly.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting the updated policy on our website and, where appropriate, sending you an email notification.

Your continued use of our services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

**FDraft LLC — Data Privacy Team** Email: privacy@fdraftllc.com Address: 1500 N Grant St Ste R, Denver, Colorado 80203, United States FinCEN MSB Registration No.: 31000327144592

For users in the European Economic Area, our Data Protection Officer can be reached at dpo@fdraftllc.com.