Privacy Policy πŸ”’

Consumers are advised to read and understand the applicable terms when considering a product or service.

Fin Inc. (β€œFin”, β€œwe”, β€œour”) is committed to protecting the privacy of Merchants, their customers, and all individuals whose personal data we process. This Privacy Policy explains what data we collect, how we use it, and your rights.

This policy applies to all users of Fin's Services as defined in the Commercial Agreement and Terms & Conditions.

1. Who We Are

Fin Inc. Registration No. 39-4436653, 74-09 37th Ave, Jackson Heights, NY 11372. Contact: a@fin.com.

2. What Data We Collect

We collect and process the following categories of personal data:

From Merchants

  • Business name, registration number, and address
  • Authorized signatory names, titles, and email addresses
  • Banking and payment account details
  • KYB (Know Your Business) documentation

From Merchant's Customers (Transaction Data)

  • Full name and identification documents (for KYC verification)
  • Bank account details and payment information
  • Transaction amounts, timestamps, and references
  • Country of origin and destination

Technical Data

  • API access logs and usage data
  • IP addresses and device identifiers
  • Authentication credentials and session data

3. How We Use Your Data

We use personal data strictly to:

  • Process and execute payment Transactions on behalf of Merchants
  • Perform KYB and KYC verification as required by applicable law
  • Comply with AML (Anti-Money Laundering) and CFT (Counter-Financing of Terrorism) obligations
  • Maintain Transaction records as required by law (minimum 5 years)
  • Provide Merchants with reporting and account management
  • Detect and prevent fraud, unauthorized access, and financial crime
  • Comply with requests from regulatory authorities and law enforcement

We do not sell personal data. We do not use personal data for advertising or marketing purposes without explicit consent.

4. Legal Basis for Processing

We process personal data on the following legal bases:

  • Contractual necessity β€” to perform the Commercial Agreement with the Merchant
  • Legal obligation β€” to comply with AML/CFT, financial regulation, and data protection laws
  • Legitimate interests β€” to detect fraud, secure our infrastructure, and improve our Services
  • Consent β€” where required and obtained from the relevant individual

5. Data Sharing

We share personal data only where necessary:

  • Licensed payment partners and liquidity providers in our Network, to execute Transactions
  • Banks and financial institutions as required to process payments
  • Regulatory authorities and law enforcement where required by law
  • KYB/KYC verification providers for identity and business verification
  • Payment processors including Stripe (see Stripe's privacy policy at stripe.com/privacy)

All third parties are contractually required to protect personal data and process it only for specified purposes.

6. International Transfers

Fin operates a global payments network. Transaction Data may be transferred to and processed in countries outside your jurisdiction, including countries that may not have equivalent data protection laws.

Where we transfer data internationally, we ensure appropriate safeguards are in place, including:

  • Contractual protections (standard contractual clauses where applicable)
  • Processing only through licensed and regulated partners
  • Compliance with applicable data transfer frameworks

7. Data Retention

We retain personal data for as long as necessary to fulfil the purposes described in this policy, and in accordance with applicable law:

  • Transaction records β€” minimum 5 years from the date of the Transaction
  • KYB/KYC records β€” minimum 5 years from the end of the business relationship
  • Account and contract data β€” duration of the Commercial Agreement plus 5 years
  • Technical logs β€” up to 12 months unless required longer for legal or security purposes

8. Data Security

We implement appropriate technical and organizational security measures to protect personal data against unauthorized access, loss, or disclosure, including:

  • Encryption of data in transit and at rest
  • Access controls restricted to authorized personnel only
  • Regular security reviews and risk assessments
  • Incident response procedures β€” we will notify affected parties promptly in the event of a data breach

9. Your Rights

Depending on your jurisdiction and applicable law, you may have the right to:

  • Access β€” request a copy of personal data we hold about you
  • Correction β€” request correction of inaccurate or incomplete data
  • Deletion β€” request deletion of personal data, subject to legal retention requirements
  • Restriction β€” request that we restrict processing in certain circumstances
  • Objection β€” object to processing based on legitimate interests
  • Portability β€” receive your data in a structured, machine-readable format

To exercise any of these rights, contact us at: a@fin.com. We will respond to all valid requests within 30 days.

10. Singapore PDPA Compliance

Fin's data practices comply with the Singapore Personal Data Protection Act 2012 (PDPA) and maintain standards comparable to PDPA for all data subjects, regardless of jurisdiction.

11. Cookies and Technical Data

Our API and web portal may collect technical usage data including IP addresses, access logs, and session identifiers. This data is used solely for security, authentication, and service improvement purposes.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify Merchants of any material changes via email or through the Fin portal. The date of the most recent update is shown at the top of this page.

Continued use of the Services after notification constitutes acceptance of the updated policy.

13. Contact

For any privacy-related questions, requests, or concerns:

Notices to Fin: Aubrey Cheung, 74-09 37th Ave, Jackson Heights, NY 11372, a.cheung@fin.com