Data Collection, Use & KYC Policy

This Data Collection & Use Policy explains how Maltibase (“we”, “our”, or “us”) collects, uses, stores, shares, and protects personal and business data when users access or use the Maltibase platform, website, mobile applications, and related services.

By using Maltibase, you agree to the practices described in this policy.

1. Scope of This Policy

This policy applies to:

  • All Maltibase users (individuals and businesses)
  • Website, mobile apps, APIs, and services
  • Identity verification (KYC)
  • Payments, deposits, withdrawals, and wallets
  • Communications (email and notifications)
  • Compliance, fraud prevention, and security operations

2. Categories of Data We Collect

A. Personal Identification Data

  • Full legal name
  • Email address
  • Phone number
  • Date of birth
  • Nationality and country of residence
  • Profile photo (where applicable)

B. KYC & Identity Verification Data

Collected for compliance and security purposes:

  • Government-issued ID details (ID type, issuing country, ID number)
  • Facial image or biometric verification data (for matching only)
  • Proof of address (where required)
  • Verification status, timestamps, and reference IDs
  • AML / risk screening results

⚠️ Sensitive identity data is collected only with explicit user consent and processed via authorized KYC providers.

C. Financial & Transaction Data

  • Wallet balances and activity
  • Deposit and withdrawal records
  • Transaction references and timestamps
  • Payment method metadata (masked)
  • Bank account details for payouts
  • Tax-related or regulatory transaction data

D. Business & Vendor Data (Where Applicable)

  • Business name and registration details
  • Business address
  • Ownership or representative information
  • Compliance documents
  • Vendor activity and transaction history

E. Communication Data

  • Email address
  • Email preferences and consent status
  • Support messages and correspondence
  • Service notifications and security alerts

F. Technical & Device Data

  • IP address
  • Device type, OS, browser
  • App usage logs
  • Session identifiers
  • Fraud-prevention and security signals

3. How We Collect Data

We collect data through:

  • User registration and profile updates
  • KYC verification workflows
  • Payment and withdrawal processes
  • User communications and support requests
  • Automated security and fraud-prevention systems
  • Legal and regulatory reporting obligations

All data is collected lawfully and transparently.

4. Purpose of Data Use

Maltibase uses collected data strictly for:

Core Services

  • Account creation and management
  • Secure authentication and login
  • Wallet operations and transaction processing
  • Vendor and marketplace operations

KYC & Compliance

  • Identity verification (KYC)
  • Anti-money laundering (AML)
  • Fraud detection and prevention
  • Regulatory and legal compliance

Payments & Withdrawals

  • Processing deposits and payouts
  • Reconciliation and dispute resolution
  • Financial reporting and audits

Communication

  • Service notifications
  • Transaction confirmations
  • Security alerts
  • Customer support
  • Optional marketing (opt-in only)

Security & Platform Integrity

  • Risk monitoring
  • Abuse prevention
  • System performance and reliability

5. Legal Basis for Processing

Data is processed based on:

  • User consent
  • Contractual necessity
  • Legal and regulatory obligations
  • Legitimate business interests (security, fraud prevention)

6. Data Sharing & Third Parties

Maltibase does not sell or rent user data.

Data may be shared only with:

  • Payment processors and payout providers
  • KYC and identity verification services
  • Banking and financial institutions
  • Cloud and infrastructure providers
  • Legal or regulatory authorities (when required)

All third parties operate under strict confidentiality and data-processing agreements.

7. Data Storage & Security

Maltibase uses industry-standard safeguards, including:

  • Encrypted data transmission (TLS / HTTPS)
  • Secure databases and servers
  • Role-based internal access controls
  • Secure API integrations
  • Continuous monitoring and logging
  • Regular security reviews

Sensitive data is stored only when necessary and never used beyond its intended purpose.

8. Data Retention

  • Data is retained only as long as necessary
  • Financial and compliance records may be retained longer due to legal requirements
  • Identity verification data is minimized where possible
  • Secure deletion processes are used when retention ends

9. User Rights

Users have the right to:

  • Access their personal data
  • Correct inaccurate data
  • Withdraw consent (where applicable)
  • Request deletion of eligible data
  • Restrict or object to certain processing
  • File privacy complaints

Requests can be sent to:
📧 privacy@maltibase.com

10. Email & Communication Consent

  • Marketing emails are sent only with opt-in
  • Users can unsubscribe at any time
  • Transactional and security messages remain active for safety
  • No unsolicited bulk emails are sent

11. International Data Transfers

Where data is processed across borders, Maltibase ensures:

  • Adequate legal safeguards
  • Secure transfer mechanisms
  • Compliance with applicable international data-protection laws

12. Children & Restricted Use

Maltibase services are not intended for minors.
Accounts must be operated by individuals legally eligible to enter binding agreements.

13. Policy Updates

This policy may be updated periodically to reflect:

  • Legal or regulatory changes
  • Platform improvements
  • Security or compliance enhancements

Users will be notified of material changes.

14. Contact Information

Maltibase Privacy & Compliance Team
📧 Email: privacy@maltibase.com
🌐 Website: https://policy.maltibase.com

This Policy Fully Covers

✔ KYC & AML
✔ Payments & withdrawals
✔ Wallets & vendors
✔ Email consent
✔ App store reviews
✔ Banks & Stripe/Paystack/Wise
✔ DIDIT.ME verification
✔ GDPR / NDPR readiness