M3TACARD Privacy Policy 
Effective Date: 10/9/25

Version: 1.0

1. Information We Collect
We may collect the following types of information:

- Personal Identification Data: Name, email address, phone number, and other identifiers when you create an account or contact us.
- Wallet & Transaction Data: Public wallet addresses, transaction history, balances, and related blockchain activity.
  - We never collect or store your private keys, seed phrases, or passwords. You are solely responsible for safeguarding them.
- Device & Technical Data: IP address, browser type, operating system, app version, and diagnostic logs.
- Cookies & Usage Data: Information collected automatically through cookies, analytics tools, and similar technologies.
- KYC/AML Information (if applicable): Identification documents, verification photos, or other data required to comply with financial regulations.

2. How We Use Information
We use your information to:
- Provide, maintain, and improve our Services.
- Facilitate transactions you initiate through the wallet.
- Verify your identity and comply with KYC/AML regulations.
- Detect and prevent fraud, unauthorized activity, and abuse.
- Send updates, service notices, and security alerts.
- Comply with legal obligations under applicable laws.

3. Legal Basis for Processing (if applicable)
If you are located in the EU/EEA or similar jurisdictions, we process your data under these legal bases:
- Consent (where required, e.g., marketing).
- Contract (to provide the Services you request).
- Legal obligation (compliance with AML/KYC and financial reporting laws).
- Legitimate interest (improving Services, ensuring security).

4. Data Retention
- Personal data is kept only as long as necessary for the purposes described in this Policy.
- KYC/AML records may be stored for up to 7 years or as required by law.
- Transaction logs may be retained for regulatory or auditing purposes.
- When you delete your account, we will remove or anonymize personal data unless we are legally required to keep it.

5. User Rights
Depending on your location, you may have the right to:
- Access the personal data we hold about you.
- Request correction or deletion of your data.
- Restrict or object to certain processing.
- Request portability of your data.
- Withdraw consent at any time (where applicable).

To exercise your rights, contact us at: hello@m3tacard.com

6. International Data Transfers
We may process or store data outside your home country. When we transfer data across borders, we implement safeguards (e.g., contractual clauses, encryption) to ensure adequate protection.

7. Sharing of Information
We may share your information with:
- Service Providers: For hosting, analytics, identity verification, and customer support.
- Legal & Regulatory Authorities: If required by law or regulatory obligations.
- Business Transfers: In case of a merger, acquisition, or sale of assets.

We do not sell your personal data to third parties.

8. Security
We use industry-standard security measures, including:
- Encryption of data in transit and at rest.
- Two-factor authentication (where supported).
- Regular security testing and monitoring.

⚠️ No method of transmission or storage is 100% secure. We cannot guarantee absolute security of your data.

9. Data Breach Notification
If a data breach occurs that may affect your rights or security, we will notify you and the appropriate regulatory authorities as required by law.

10. Children’s Privacy
Our Services are not intended for children under 18 years old. We do not knowingly collect data from minors. If you believe a child has provided us with personal data, please contact us for removal.

11. Updates to This Policy
We may update this Privacy Policy from time to time. Any material changes will be communicated via the app, website, or email.

12. Contact Us
If you have questions or requests about this Privacy Policy, please contact us at:
Plan C Ltd
Email: hello@m3tacard.com