Privacy Policy

1. Personal Data We Collect

We collect Personal Data to provide and improve our Services. The types of data we collect include:

a. Information You Provide: When you register for a X-Link account as a merchant, we collect Know-Your-Customer (KYC) information, such as your full name, business name, address, email address, phone number, date of birth, business registration documents, and valid government-issued IDs. We also collect financial information like bank account details for settlement purposes.

b. Information From Transactions: When you or your customers conduct a transaction using our Services, we collect transaction details, including the amount, payment method, and information about the customer, such as their name, email, and payment card details.

c. Information We Collect Automatically: We automatically collect information about your device and your use of our Services, including your IP address, device type, browser information, and location data.

2. How We Use Your Personal Data

We use the Personal Data we collect for the following purposes:

• To provide, operate, and maintain our Services, including processing payments, authenticating users, and settling funds to your account.
• To comply with our legal and regulatory obligations, including KYC, Anti-Money Laundering (AML) requirements, and fraud prevention.
• To communicate with you, provide customer support, and send you important service-related notices.
• To improve and personalize our Services and to develop new products and features.

3. How We Share Your Personal Data

We do not sell your Personal Data. We may share your information with third parties only in the following circumstances:

a. With Financial Partners: We share transaction data with our banking partners, payment networks (like Visa and Mastercard), and other financial institutions required to process transactions.

b. With Service Providers: We engage third-party service providers for identity verification, fraud detection, and other services. These providers are contractually obligated to protect your data and use it only for the purposes for which it was disclosed.

c. For Legal Reasons: We may disclose your information if required by law, subpoena, or other legal processes, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.

4. Data Security

We are committed to protecting your Personal Data. Our platform is designed to meet high industry standards for payment security. We implement robust, enterprise-grade technical, physical, and administrative security measures, including encryption and tokenization, to protect your data against unauthorized access, loss, or destruction.

5. Data Retention

We retain your Personal Data for as long as necessary to fulfill the purposes for which it was collected, to comply with our legal and regulatory obligations (such as those required by anti-money laundering regulations), to resolve disputes, and to enforce our agreements. At the end of the retention period, we will securely delete or anonymize your data.

6. Your Rights as a Data Subject

Depending on your location and applicable data protection laws, you may have the right to:

• Be informed about the processing of your Personal Data.
• Access the Personal Data we hold about you.
• Object to the processing of your Personal Data.
• Request the correction, erasure, or blocking of your Personal Data.
• Lodge a complaint with a relevant data protection authority.
• Claim damages for any inaccuracies or misuse of your Personal Data.

To exercise any of these rights, please contact our Data Protection Officer.

7. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact our Data Protection Officer at billing@x-link.asia.