Privacy Policy

1. Personal Data We Collect, Use, and Share

Our collection and use of Personal Data varies based on whether you are an End Customer, Representative, or Visitor, and on which Services you use.

1.1 End Customers

When we act as a Business User's service provider (processor), we process Personal Data in accordance with our agreement with that Business User and its lawful instructions.

a. Data we collect

• • Transaction Data related to payments, refunds, donations, and purchase attempts.
• • Identity/Verification data (for example government ID, selfie, payment method image) used for fraud prevention and identity checks.

b. How we use/share End Customer data

• • Payments and accounting services for Business Users.
• • Fraud prevention, security, and service improvement.
• • Sharing with payment methods, merchants, and authorized third parties as needed to complete transactions.
• • We do not use, sell, or share End Customer Personal Data for third-party marketing/advertising unrelated to the transaction context.

1.2 Representatives

a. Data we collect

• • Registration/contact data (name, login credentials, phone, email, postal address).
• • Identification information required for onboarding, financial partner, and regulatory obligations.

b. How we use/share Representative data

• • To provide Services requested by the associated Business User.
• • To share required onboarding information with authorized financial partners (for example card networks).

1.3 Visitors

We collect Personal Data from Visitors directly and via cookies/similar technologies when using Sites.

We use this data for personalization, engagement measurement, navigation improvements, and content relevance. We do not sell Visitor Personal Data for third-party advertising.

2. Additional Collection, Use, and Sharing

a. Collection

We may collect online activity and technical information including devices, browsers, IP address, plug-ins, language, time on pages, links clicked, payment methods used, and referral pages.

b. Usage

• • Improve/develop Services and diagnose technical issues.
• • Communications, including authentication codes via SMS.
• • Comply with AML/KYC, anti-terrorism, export control, and related legal obligations.
• • Services are not directed to minors (including children under 13).

c. Sharing

• • Service providers/processors (hosting, analytics, verification, support, auditing).
• • Financial partners supporting Service delivery.
• • Compliance and harm prevention disclosures as required by law or payment rules.

3. Legal Bases for Processing

• • Contractual/pre-contractual performance.
• • Legal compliance (including AML/KYC and fraud obligations).
• • Legitimate interests (security, analytics, service operation/improvement).
• • Consent (where required; withdrawable at any time).

4. Your Rights and Choices

• • Opt out of marketing emails via unsubscribe links.
• • Access, correct, update, delete, restrict, object, and portability rights where applicable.
• • Right to withdraw consent where processing is consent-based.
• • Right not to be discriminated against for exercising privacy rights.
• • Right to appeal privacy-right decisions where applicable.

Submit privacy requests to privacy@kachyng.com.

5. Security and Retention

We use organizational, technical, and administrative safeguards designed to protect Personal Data from unauthorized access, loss, misuse, alteration, or destruction. No system is guaranteed 100% secure.

We retain Personal Data as needed to provide Services, meet legal/regulatory, accounting/tax/reporting, contractual, and dispute-resolution obligations.

6. International Data Transfers

We may transfer Personal Data to countries outside your own, including the United States. Where required, we implement lawful transfer mechanisms, including adequacy decisions and Standard Contractual Clauses with applicable UK addendum.

7. Updates and Notifications

We may update this Policy from time to time to reflect new services, legal changes, or updates to privacy practices. The "Last updated" date reflects the current revision.

8. Jurisdiction-Specific Provisions (California)

If you are a California consumer, we process data in accordance with California law, including CCPA rights and related disclosures.

• • Right to know categories/sources/purposes/third-party disclosures.
• • Right to request deletion/correction and exercise opt-out rights where applicable.
• • We do not sell personal information for monetary value.
• • We do not sell/share sensitive personal information in the prior 12 months.
• • Authorized agents may submit requests on your behalf, subject to verification.