Legal

Privacy Policy & Data Safeguards

Last updated: July 2, 2026

This policy explains how Furlpay collects, uses and protects your data. It is designed to meet the requirements of the GDPR, the CCPA and the Gramm-Leach-Bliley Act (GLBA).

Data minimization

Furlpay does not store raw KYC documents. All identity checks are processed directly by our secure verification partners (Sumsub / Persona) via tokenized APIs. We retain only the verification result and the minimal metadata required to meet our regulatory obligations.

On-chain privacy

Public wallet addresses are indexed to build your transaction history. Private transaction details — such as recipient identities and notes — are stored encrypted off-chain and are never written to a public ledger.

Hardware authentication data

Biometrics never leave your device

Biometric data (Face ID, Touch ID) used for WebAuthn passkeys never leaves your local device and is never transmitted to or stored on Furlpay’s servers. Furlpay only ever sees the public key of your passkey credential.

Your rights

Depending on your jurisdiction, you may have rights to access, correct, port or delete your personal data, and to object to certain processing. Requests are handled subject to the record-keeping obligations imposed on regulated financial services.