Soft white clouds on a light background, decorative visual for website design

Privacy Policy

PROOF SYSTEMS

1. Overview

This Privacy Policy explains how PROOF SYSTEMS collects, uses, and protects personal data in accordance with the General Data Protection Regulation.

We are committed to ensuring transparency, security, and lawful processing of personal data across all our services.

2. Roles and Responsibilities

Depending on the service:

  • PROOF may act as a Data Processor (on behalf of partners)
  • Or as a Data Controller (e.g. onboarding, internal operations)

We clearly define roles in agreements with partners.

3. Types of Data We Collect

We may process the following categories of personal data:

3.1 Identity Data

  • Full name
  • Date of birth
  • Nationality

3.2 Contact Data

  • Email address
  • Phone number

3.3 Financial Data

  • Bank account details (IBAN)
  • Card-related data (tokenized)
  • Transaction history

3.4 Verification Data (KYC/AML)

  • Government-issued ID
  • Selfie / biometric verification
  • Source of funds / wealth information

3.5 Technical Data

  • IP address
  • Device information
  • Usage logs

4. Legal Basis for Processing

We process personal data based on:

  • Contractual necessity — to provide our services
  • Legal obligations — AML/KYC compliance
  • Legitimate interest — fraud prevention and system security
  • Consent — where explicitly required

5. How We Use Data

We use personal data to:

  • Provide payment and crypto-related services
  • Verify user identity (KYC)
  • Prevent fraud and financial crime
  • Comply with legal and regulatory requirements
  • Improve system performance and security

6. Sharing of Data

We may share data with:

  • Licensed financial institutions and banks
  • Card issuers and payment processors
  • Crypto on/off-ramp providers
  • KYC/AML verification providers
  • Regulators and law enforcement (when required)

All partners are subject to due diligence and data protection requirements.

7. International Transfers

Where personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards, including:

  • Standard Contractual Clauses (SCCs)
  • Transfers to jurisdictions with adequacy decisions

8. Data Retention

We retain personal data:

  • For as long as necessary to provide services
  • To comply with legal obligations (typically 5 years for AML)

After this period, data is deleted or anonymized.

9. Your Rights

Under GDPR, individuals have the right to:

  • Access their personal data
  • Correct inaccurate data
  • Request deletion of data
  • Restrict or object to processing
  • Request data portability

Requests can be submitted via the contact details below.

10. Data Security

We implement industry-standard security measures, including:

  • Encryption (in transit and at rest)
  • Access controls (role-based)
  • Monitoring and logging systems
  • Regular security audits

11. Data Breach Procedures

In case of a data breach:

  • We notify relevant authorities within 72 hours (if required)
  • Affected users are informed when there is a high risk

12. Cookies and Tracking

We use cookies and similar technologies:

  • To ensure platform functionality
  • To improve user experience
  • For analytics (where applicable)

Consent is obtained where required.

13. Contact Information

For privacy-related inquiries: compliance@proof.community

Privacy Policy

PROOF SYSTEMS

1. Overview

This Privacy Policy explains how PROOF SYSTEMS collects, uses, and protects personal data in accordance with the General Data Protection Regulation.

We are committed to ensuring transparency, security, and lawful processing of personal data across all our services.

2. Roles and Responsibilities

Depending on the service:

  • PROOF may act as a Data Processor (on behalf of partners)
  • Or as a Data Controller (e.g. onboarding, internal operations)

We clearly define roles in agreements with partners.

3. Types of Data We Collect

We may process the following categories of personal data:

3.1 Identity Data

  • Full name
  • Date of birth
  • Nationality

3.2 Contact Data

  • Email address
  • Phone number

3.3 Financial Data

  • Bank account details (IBAN)
  • Card-related data (tokenized)
  • Transaction history

3.4 Verification Data (KYC/AML)

  • Government-issued ID
  • Selfie / biometric verification
  • Source of funds / wealth information

3.5 Technical Data

  • IP address
  • Device information
  • Usage logs

4. Legal Basis for Processing

We process personal data based on:

  • Contractual necessity — to provide our services
  • Legal obligations — AML/KYC compliance
  • Legitimate interest — fraud prevention and system security
  • Consent — where explicitly required

5. How We Use Data

We use personal data to:

  • Provide payment and crypto-related services
  • Verify user identity (KYC)
  • Prevent fraud and financial crime
  • Comply with legal and regulatory requirements
  • Improve system performance and security

6. Sharing of Data

We may share data with:

  • Licensed financial institutions and banks
  • Card issuers and payment processors
  • Crypto on/off-ramp providers
  • KYC/AML verification providers
  • Regulators and law enforcement (when required)

All partners are subject to due diligence and data protection requirements.

7. International Transfers

Where personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards, including:

  • Standard Contractual Clauses (SCCs)
  • Transfers to jurisdictions with adequacy decisions

8. Data Retention

We retain personal data:

  • For as long as necessary to provide services
  • To comply with legal obligations (typically 5 years for AML)

After this period, data is deleted or anonymized.

9. Your Rights

Under GDPR, individuals have the right to:

  • Access their personal data
  • Correct inaccurate data
  • Request deletion of data
  • Restrict or object to processing
  • Request data portability

Requests can be submitted via the contact details below.

10. Data Security

We implement industry-standard security measures, including:

  • Encryption (in transit and at rest)
  • Access controls (role-based)
  • Monitoring and logging systems
  • Regular security audits

11. Data Breach Procedures

In case of a data breach:

  • We notify relevant authorities within 72 hours (if required)
  • Affected users are informed when there is a high risk

12. Cookies and Tracking

We use cookies and similar technologies:

  • To ensure platform functionality
  • To improve user experience
  • For analytics (where applicable)

Consent is obtained where required.

13. Contact Information

For privacy-related inquiries: compliance@proof.community