ZendFi
ZendFi.techLegal
Privacy Policy

Your data,
handled honestly.

Effective: April 30, 2026Last updated: April 30, 2026

We keep this policy focused on what matters: what we collect, why we use it, who can access it, and how you can control it.

Scope
Payments, onboarding, security, and account support.
Retention
Transaction records: minimum 5 years. OTPs: expire in 10 minutes.
Contact
privacy@zendfi.tech
00Overview

Who We Are

ZendFi ("we", "us", "our") is a cross-border payments infrastructure platform that enables merchants to accept multi-currency payments and settle in USDC or local currency. Our service is accessible at zendfi.tech.

This Privacy Policy explains what data we collect when you use ZendFi, how we use it, who we share it with, and your rights over it. By using our services, you agree to the practices described here.

01Collection

Information We Collect

We collect information necessary to provide payment infrastructure services:

  • Identity data — full name, business name, email address, phone number
  • Account data — login credentials (stored as hashed values), account preferences
  • Payment data — wallet addresses, transaction amounts, currencies, payment status
  • Business data — merchant category, country of operation, settlement preferences
  • Technical data — IP address, device type, browser, API usage logs, timestamps
  • Communication data — messages sent via WhatsApp OTP, support correspondence

We do not collect or store full card numbers, CVVs, or unencrypted financial credentials.

02Use

How We Use Your Information

We use collected data strictly to operate and improve our services:

  • Verifying your identity during onboarding and login (OTP authentication)
  • Processing and settling cross-border payments on your behalf
  • Communicating transaction statuses, receipts, and account notifications
  • Detecting and preventing fraud, security breaches, and unauthorized access
  • Complying with applicable financial regulations and legal obligations
  • Improving platform reliability, performance, and features

We do not use your data for advertising. We do not sell your data to third parties.

03Sharing

Who We Share Data With

To deliver our services, we work with the following infrastructure partners. Each partner processes only the data necessary for their specific function:

Bridge
Stablecoin issuance and USDC settlement infrastructure
Flipeet
Local currency onramp and offramp payment processing
Paj Cash
Payment processing and corridor-specific transaction routing
Meta (WhatsApp)
OTP delivery via WhatsApp Business API during onboarding
AWS
Cloud hosting and infrastructure (ECS, ALB, Secrets Manager)

We may also disclose your data to law enforcement or regulatory bodies when required by law, or to protect the rights and safety of ZendFi and its users.

04Retention

How Long We Keep Your Data

We retain your data for as long as your account is active or as required to provide our services. Transaction records are retained for a minimum of 5 years to comply with financial regulations. OTP codes are invalidated immediately after use or upon expiry (10 minutes), and are never stored in plaintext.

Upon account deletion, we will anonymize or delete personal data within 30 days, except where retention is required by law.

05Security

How We Protect Your Data

We implement industry-standard security measures including:

  • TLS encryption for all data in transit
  • Encrypted storage for sensitive credentials via AWS Secrets Manager
  • Hashed OTP codes — never stored in plaintext
  • Role-based access controls on all internal systems
  • Continuous monitoring and alerting via AWS CloudWatch

No system is completely immune to breaches. In the event of a data breach that affects your personal information, we will notify you promptly in accordance with applicable law.

06Your Rights

Your Rights Over Your Data

Regardless of where you are located, you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate or incomplete data
  • Request deletion of your account and associated personal data
  • Withdraw consent for data processing where consent is the legal basis
  • Lodge a complaint with your local data protection authority

To exercise any of these rights, contact us at the address below. We will respond within 30 days.

07Cookies

Cookies & Tracking

Our platform uses minimal cookies strictly necessary for session management and security. We do not use tracking cookies, advertising pixels, or third-party analytics that profile your behaviour across other websites.

08Changes

Updates to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page and notify active users via email or in-app notice where the changes are material. Continued use of ZendFi after any update constitutes acceptance of the revised policy.

09Contact

Get in Touch

For any privacy-related questions, data requests, or concerns:

privacy@zendfi.techhttps://zendfi.tech
ZendFi

© 2026 ZendFi. All rights reserved.

zendfi.tech