Privacy Policy

1. Introduction

Covered ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our invoice processing and payment services.

As a data controller, we determine the purposes and means of processing your personal data. By using our services, you consent to the collection and use of information in accordance with this policy.

2. Information We Collect

Account & Profile Data

When you create an account, we collect information such as your name, email address, company name, and business details.

Financial Data

To process payments, we collect wallet addresses, transaction history, and for vendors receiving fiat payments, bank account information including account numbers and routing numbers.

Identity Data

For compliance with Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations, we may collect government-issued identification documents, tax identification numbers, and business registration information.

Usage Data

We automatically collect information about how you interact with our services, including pages visited, features used, and actions taken within the platform.

Device & Technical Data

We collect device information, IP addresses, browser type, operating system, and approximate geolocation to provide and secure our services.

3. How We Use Your Information

We use the information we collect for the following purposes:

• Provide, maintain, and improve our services
• Process invoice payments and cryptocurrency transactions
• Facilitate fiat off-ramp payments to vendor bank accounts
• Verify your identity and comply with KYC/AML requirements
• Detect and prevent fraud, unauthorized access, and security threats
• Communicate with you about your account, transactions, and service updates
• Respond to customer support inquiries
• Comply with legal obligations and regulatory requirements

4. Information Sharing

We may share your information with the following parties:

Service Providers

We share data with third-party service providers who assist in operating our platform, including payment processors and cloud infrastructure providers.

Financial Partners

To facilitate ACH transfers and bank payments, we share necessary information with banking partners and financial institutions.

Legal & Regulatory Requirements

We may disclose your information when required by law, in response to legal process, or to protect our rights, privacy, safety, or property.

Business Transfers

In connection with a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

5. Data Security

We implement appropriate physical, technical, and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include encryption of data in transit and at rest, access controls, and regular security assessments.

However, no method of transmission over the Internet or electronic storage is completely secure. While we strive to protect your personal information, we cannot guarantee its absolute security.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal data, subject to legal retention requirements
• Portability: Request transfer of your data to another service provider
• Objection: Object to certain processing activities
• Opt-out: Unsubscribe from marketing communications

To exercise these rights, please contact us at legal@allcovered.xyz.

7. Cookies and Tracking

We use cookies and similar tracking technologies to:

• Essential cookies: Enable core functionality like authentication and security
• Analytics: Understand how users interact with our services (we use PostHog for product analytics)
• Preferences: Remember your settings and preferences

You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of our services.

8. Data Retention

We retain your personal data for as long as necessary to provide our services and fulfill the purposes described in this policy. Financial transaction records are retained for a minimum of 5-7 years to comply with AML regulations and tax requirements. After the retention period, data is securely deleted or anonymized.

9. International Transfers

Your information may be transferred to and processed in countries other than your country of residence. When we transfer data internationally, we implement appropriate safeguards, including Standard Contractual Clauses approved by relevant authorities, to ensure your data is protected.

10. State and Regional Privacy Rights

California Residents (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act, including the right to know what personal information is collected, the right to delete personal information, the right to opt-out of the sale of personal information, and the right to non-discrimination for exercising these rights.

EU/UK Residents (GDPR)

If you are located in the European Economic Area or United Kingdom, you have rights under the General Data Protection Regulation, including the right to access, rectify, erase, restrict processing, data portability, and object to processing. You also have the right to lodge a complaint with a supervisory authority.

11. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of our services after any changes indicates your acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us at: