Covered

Privacy Policy

Last Updated: January 29, 2026

This Privacy Policy explains how Covered, Inc. ("Covered," "we," "us," or "our") collects, uses, discloses, and protects personal information in connection with our websites, software, and services (collectively, the "Services").

This Privacy Policy applies solely to U.S.-based business customers and their authorized users. It does not apply to personal, household, or consumer use.

1. Scope and Roles

Depending on the context, Covered may act as:

  • A data controller for personal information related to Covered's own operations, such as account administration, billing, and communications; and
  • A data processor or service provider when processing personal information on behalf of business customers in connection with the Services.

2. Information We Collect

Business Account Information

  • Company name, address, and tax identification number
  • Authorized user names, titles, and business contact details
  • Account credentials and authentication information

Identity and Compliance Information

  • Government-issued identification
  • Beneficial ownership and control information
  • Sanctions screening, AML, and fraud-prevention data

Transaction and Financial Information

  • Payment instructions and transaction details
  • Wallet addresses and bank account information
  • Transaction metadata such as timestamps and counterparties

Technical and Usage Information

  • IP address, device identifiers, and log data
  • Usage metrics, analytics, and performance data

3. How We Use Information

We use personal information to:

  • Provide, operate, and improve the Services
  • Verify identity and meet legal and regulatory obligations
  • Prevent fraud, abuse, and security incidents
  • Process transactions and payments
  • Communicate operational, legal, and support messages
  • Enforce our Terms of Service and other agreements

4. Legal Bases for Processing

We process personal information based on contractual necessity, legal obligations, legitimate business interests, and user consent where required.

5. Sharing and Disclosure

We may share personal information with:

  • Service providers such as cloud hosting and analytics vendors
  • Payment processors, compliance vendors, financial institutions, and blockchain infrastructure providers
  • Regulators, law enforcement, or courts where legally required
  • Affiliates or acquirers in connection with a corporate transaction

Covered does not sell personal information.

6. Data Retention

We retain personal information for as long as necessary to provide the Services, resolve disputes, and comply with legal, tax, and regulatory requirements. Financial and compliance data is typically retained for 5–7 years.

7. Security

Covered maintains administrative, technical, and physical safeguards designed to protect personal information, including encryption in transit and at rest, access controls, monitoring, and incident response procedures.

No system is completely secure, and we cannot guarantee absolute security.

8. Business User Rights

Authorized users may request access to, correction of, or deletion of their personal information, subject to legal retention requirements.

Requests may be submitted to privacy@allcovered.xyz.

9. California Privacy Notice

When processing personal information on behalf of customers, Covered acts as a service provider under the California Consumer Privacy Act (CCPA/CPRA). Covered does not sell or share personal information for cross-context behavioral advertising.

10. Updates

We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated effective date.

11. Contact

Covered, Inc.
Email: privacy@allcovered.xyz