Short version: We collect the minimum information needed to operate our pre‑launch website and waitlist. If you choose to use product features that require regulated services, we may share information with Licensed Partners to comply with law and run those features. You control your data rights under applicable laws (e.g., GDPR/UK GDPR, CCPA/CPRA, and similar local rules).

1) Who we are and how to contact us

Neobank is operated by [Neobank Finance UAB] (the “Controller”). Email: privacy@neobank.io or legal@neobank.io.

2) Scope

This Policy explains how we collect, use, disclose, and safeguard personal data when you visit neobank.io, join our waitlist, interact with previews/betas, or use our apps and APIs (collectively, the “Services”). It does not cover third‑party websites or services that we do not control.

3) What we collect

a) Information you provide

• Contact & account details: name, email, phone, username/handles, and preferences (e.g., region, language).

• Identity & compliance data (optional; feature‑gated): documents or information needed for KYC/AML checks if you opt into regulated features via Licensed Partners.

• Communications: messages to support, surveys, and feedback forms.

b) Information collected automatically

• Usage data: app interactions, feature usage, clicks, referring pages/UTM, and crash logs.

• Device & technical data: IP address, browser/app version, operating system, device identifiers, time zone, and network information.

• Cookies & similar tech: for sign‑in, fraud prevention, analytics, and remembering preferences. See Section 10 (Cookies).

c) Information from third parties

• Licensed Partners: verification status, transaction metadata, and risk flags needed to enable regulated features.

• Service providers: analytics, error reporting, A/B testing, email delivery.

• Public & social sources: if you connect social accounts or public profiles, we may receive profile information consistent with your settings.

We do not intentionally collect data from children or minors; see Section 12.

4) How we use personal data (purposes & legal bases)

• Provide, maintain, and improve the Services (Contract; Legitimate Interests).

• Account creation & authentication (Contract; Legitimate Interests).

• Fraud, security, and compliance, including sanctions/AML checks (Legal Obligation; Legitimate Interests).

• Connect you with Licensed Partners where you opt into regulated features (Contract; Legitimate Interests; Legal Obligation for KYC/AML where applicable).

• Communications such as onboarding, service notices, and updates (Contract; Legitimate Interests). Marketing communications use Consent where required, and you can opt out any time.

• Analytics & product research to understand feature adoption (Legitimate Interests).

• Legal, accounting, and record‑keeping (Legal Obligation; Legitimate Interests).

5) When we share data

We share personal data only as needed with: (a) our service providers (processors) under contract; (b) Licensed Partners to enable regulated features; (c) professional advisors; (d) authorities when required by law; and (e) affiliates or a successor in a corporate transaction. We do not sell personal information. We may share aggregated or de‑identified data that cannot reasonably identify you.

6) International transfers

Where data is transferred internationally, we use appropriate safeguards (e.g., Standard Contractual Clauses, UK IDTA/Addendum, or other lawful mechanisms). You may request a copy of relevant safeguards.

7) Data retention

We keep personal data only as long as necessary for the purposes described, including to meet legal, tax, accounting, or compliance requirements and to resolve disputes. If you close your account, we will delete or anonymize data within a reasonable period unless law requires retention.

8) Your rights

Depending on your location, you may have rights to access, rectify, erase, restrict or object to processing, portability, and to withdraw consent.

• EU/UK (GDPR/UK GDPR): You may lodge a complaint with your supervisory authority.

• California (CCPA/CPRA): You may request to know, delete, or correct personal information and to opt out of “sale or sharing” for cross‑context behavioral advertising (we do not sell personal information). Designated agent requests must include proof of authority.

• Türkiye (KVKK): If applicable, you may exercise rights under Law No. 6698 by contacting us as the data controller.

To exercise rights, email privacy@neobank.io with “Data Rights Request” and your country/region. We will verify your identity before responding.

9) Security

We implement administrative, technical, and physical safeguards appropriate to the risk (e.g., encryption in transit, access controls, vulnerability management). No system is 100% secure; you are responsible for safeguarding your devices, credentials, and any recovery phrases used with non‑custodial wallets.

10) Cookies & tracking technologies

We use:

• Strictly necessary cookies for sign‑in, fraud prevention, and security.

• Functional cookies to remember settings (language, region, theme).

• Analytics cookies to understand usage and improve performance.

• Optional marketing cookies (pre‑launch: off by default).

You can control cookies in your browser settings and, where offered, via our in‑product Cookie Preferences. If your browser sends a Global Privacy Control (GPC) signal, we will treat it as an opt‑out of sale/share where legally required.

11) Third‑party links & services

The Services may link to third‑party sites or allow integrations. Their privacy practices are governed by their own policies. Review those policies before providing data to such third parties.

12) Children’s privacy

The Services are not directed to individuals under 18. We do not knowingly collect personal data from children. If you believe a child has provided personal data, contact us and we will delete it.

13) Changes to this Policy

We will post any changes here with an updated effective date. Material changes may be announced in‑product or by email where appropriate.

14) Contact

Questions or requests: privacy@neobank.io or legal@neobank.io.