Introduction

This Privacy Policy explains how Borderless Banking (Borderless Banking,” “we,” “us,” or “our”) collects, uses, discloses, and protects your personal data when you use our products and services (“Service”). It complies with laws such as the GDPR, CCPA, and PCI-DSS. By using our Service, you acknowledge that you have read and understood this Policy.

1. Interpretation and Definitions

“Personal Data” means any information that identifies or relates to an identifiable individual, including definitions under GDPR and CCPA.

2. What Data We Collect

• Identity Data: Name, email, phone number, date of birth, government ID
• Contact Data: Billing and shipping address
• Technical Data: IP address, browser, device info
• Usage Data: Login activity, sessions, clicked features
• Marketing Data: Communication preferences

We collect this through direct interactions (signup, applications), automated tools (cookies, beacons), and third-party services (KYC, payments).

3. How We Use Your Data

We use Personal Data to provide services, verify identity (KYC/AML), process transactions, comply with regulations, send updates, ensure PCI-DSS compliance, and prevent fraud. Data processing is based on consent, contracts, legal obligations, or legitimate interests.

4. Legal Bases for Processing (GDPR)

• Consent (e.g., marketing)
• Contractual necessity (e.g., account services)
• Legal obligation (e.g., AML checks)
• Legitimate interests (e.g., fraud prevention)

You may withdraw consent anytime by emailing [email protected].

5. Your Rights (GDPR & CCPA)

GDPR (EU/EEA users): Access, correct, delete, restrict processing, data portability, lodge complaints.
CCPA (California users): Know what data we collect, request deletion, opt-out of sale (we do not sell data), non-discrimination.
To exercise rights, email [email protected] with subject “Privacy Rights Request.” We may verify your identity before responding.

6. PCI-DSS Compliance

We follow PCI-DSS standards to secure payment data. Card numbers are not stored unless legally required and always encrypted or tokenized. Third-party providers are PCI-DSS certified.

7. International Transfers

Your data may be transferred internationally. Safeguards include Standard Contractual Clauses, U.S. frameworks, and partner agreements.

8. Retention Policy

We retain data as long as necessary for services, compliance, or dispute resolution. Retention periods vary by data type and purpose.

9. Security Measures

• End-to-end encryption
• Multi-factor authentication
• Role-based access controls
• Regular vulnerability tests
• Data breach monitoring & response

No online system is 100% secure. You use the Service at your own risk.

10. Children’s Privacy

Our services are not for children under 13. If we discover underage data without parental consent, we will delete it.

11. Third-Party Links

We may link to third-party sites. We are not responsible for their practices. Review their privacy policies before sharing data.

12. Changes to this Policy

We may update this Privacy Policy as needed. If significant changes occur, we will notify you via email or platform alerts. The latest version is always available at www.bbanking.cards/privacy.