Privacy Policy

Last updated: January 8, 2026

This Privacy Policy explains how BondPay collects, uses, and protects personal data when you use our Services.

1. Data Controller

BondPay is the data controller responsible for your personal data, unless stated otherwise.

2. Personal Data We Collect

We may collect:

  • Identification information (name, date of birth, ID documents);
  • Contact details (email address, phone number);
  • Payment and transaction data;
  • Compliance-related information required for AML/KYC purposes.

3. Purposes of Processing

We process personal data to:

  • Provide and operate the Services;
  • Process payments and transfers;
  • Perform identity verification and compliance checks;
  • Prevent fraud and financial crime;
  • Comply with legal and regulatory obligations;
  • Communicate with users and provide support.

Depending on the context, processing is based on:

  • Performance of a contract;
  • Compliance with legal obligations;
  • Legitimate interests (e.g. fraud prevention, service security);
  • Consent, where required.

5. Data Sharing

We may share personal data with:

  • Financial institutions and payment partners;
  • Identity verification and compliance service providers;
  • Regulators, authorities, or law enforcement where required by law;
  • Professional advisers and service providers.

All third parties are required to process data securely and lawfully.

6. International Transfers

Where personal data is transferred outside your jurisdiction, appropriate safeguards will be applied in accordance with applicable data protection laws.

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes outlined in this Policy and to comply with legal and regulatory requirements.

8. Your Rights

Subject to applicable law, you may have the right to:

  • Access your personal data;
  • Rectify inaccurate data;
  • Request erasure or restriction;
  • Object to processing;
  • Data portability;
  • Lodge a complaint with a supervisory authority.

9. Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or misuse.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Updates will be published on our website.

11. Contact

For privacy-related enquiries, please contact [email protected].