CHEQs Global Ltd
Privacy Policy

Effective 9th September 2025

CHEQs is committed to protecting the privacy and security of your personal information. This Privacy Policy (“Privacy Policy”) explains how we collect, use, disclose, and safeguard your personal data in connection with the products, services or any other features, technologies or functionalities related to services that enable you to send cryptocurrency or other forms of digital assets to recipients (“Services”) provided by CHEQs Inc. of Delaware, U.S. and CHEQs Global Ltd, a private limited company formed in England and Wales, and all subsidiaries and affiliates under common ownership of or by the foregoing (“CHEQs”, “we”, “our”, or “us”) through CHEQs’s website located at www.cheqs.com and  app.cheqs.com (the “Site”), API or through any other means we provide to you (“Business Customer”, “you” or “your”).

By using the Services, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein. If you do not agree with the practices described in this Privacy Policy, you may not use the Services.


1. Non-Custodial Nature of Our Services


It is important to understand that CHEQs operates a non-custodial blockchain-based platform. This means that while we provide the technology infrastructure for you to interact with blockchain networks, we do not have custody or control over your digital assets or certain types of data that are recorded on public blockchains. Information recorded on public blockchains is inherently public and cannot be modified or deleted by CHEQs. This limitation on our control over blockchain data has important implications for how we process your personal data, as further explained throughout this Privacy Policy.


2. Personal Data We Collect


In the course of providing the Services, we may collect the following categories of personal data about you:


2.1 Identifiers
Your name, email address, mailing address, phone number, username, account credentials, digital wallet addresses, and other unique personal identifiers. For example, when you create an account, we collect your name and email address to establish your user profile.


2.2 Financial Information
Your payment card information, bank account details, transaction history, digital asset holdings, and other financial data related to your use of the Services. For instance, when you conduct a transaction through our platform, we process the transaction details necessary to complete your request.


2.3 Commercial Information
Records of products or services purchased, obtained, or considered, as well as other purchasing or consuming histories or tendencies. This includes your transaction history with us, such as records of digital asset transfers facilitated through our platform.


2.4 Internet or Other Electronic Network Activity Information
Information about your device, browser, and online activity, such as your IP address, device identifiers, operating system, browser type, browsing history, clickstream data, and interaction with our Services. For example, we collect information about how you navigate our website to improve user experience.


2.5 Geolocation Data
Information about your physical location derived from your IP address, GPS, or other sources. We may use this information to comply with regional regulations and provide localized services.


2.6 Sensitive Personal Data
In limited circumstances and with your explicit consent, we may collect biometric data (e.g., your digital signature for identity verification purposes). For example, we may collect biometric data during our identity verification process to comply with anti-money laundering regulations.

We collect this personal data through various channels:

  • Directly from you: When you register for an account, conduct transactions, communicate with us, or otherwise use our Services.
  • Automatically: Through cookies, web beacons, and similar technologies when you interact with our Services.
  • From third-party sources: Such as credit reporting agencies, sanctions screening providers, identity verification services, and other service providers, with your consent or as permitted by law.
  • From blockchain networks: Public information recorded on blockchain networks that you interact with through our Services.

3. How We Use Your Personal Data
We use your personal data for the following purposes:

3.1 Service Provision and Maintenance
To provide, operate, maintain, and improve the Services, including processing transactions, verifying your identity, preventing fraud, and facilitating your interaction with blockchain networks. For example, we use your account information to authenticate your access to the platform and process your transaction requests.

3.2 Legal Compliance
To comply with applicable laws and regulations, such as anti-money laundering laws, know-your-customer requirements, tax reporting obligations, and sanctions screening. For instance, we may use your identification information to conduct required regulatory checks before allowing certain transactions.

3.3 Communication
To communicate with you, respond to your inquiries, provide customer support, and send service-related notifications. This includes sending you confirmations of transactions, security alerts, and updates about changes to our Services.

3.4 Service Improvement and Development
To analyze usage patterns, conduct research, and develop new features and functionality for our Services. For example, we may analyze how users interact with our platform to identify areas for improvement and innovation.

3.5 Marketing and Promotion
With your consent, to send you marketing communications about our products, services, promotions, and events that may be of interest to you. You may opt out of receiving marketing communications at any time.

3.6 Security and Protection
To protect the security and integrity of the Services, prevent unauthorized access, detect and prevent fraud, and enforce our Terms of Service. For instance, we monitor account activity for suspicious patterns that may indicate fraudulent behavior.

3.7 Blockchain Interactions
To facilitate your interactions with blockchain networks, including the execution of smart contracts and the recording of transactions on public blockchains. Due to the non-custodial nature of our Services, certain data may be recorded on public blockchains beyond our control.

We process your personal data based on one or more of the following legal bases:

  • Contractual Necessity: Processing is necessary for the performance of our contract with you (our Terms of Service) or to take steps at your request before entering into a contract.
  • Legitimate Interests: Processing is necessary for our legitimate business interests, such as improving our Services, preventing fraud, and ensuring security, provided these interests are not overridden by your rights and freedoms.
  • Legal Obligation: Processing is necessary to comply with our legal obligations under applicable laws and regulations.
  • Consent: Processing is based on your specific consent, which you may withdraw at any time.

4. Sharing of Personal Data
We may share your personal data with the following categories of recipients:

4.1 Affiliates and Subsidiaries
We may share your personal data with our corporate affiliates and subsidiaries for the purposes described in this Privacy Policy. For example, we may share data with affiliated companies that help provide customer support services.

4.2 Service Providers
We engage third-party service providers to perform functions on our behalf, identity verification, data analysis, hosting, customer support, and marketing. These service providers have access to your personal data only to perform these tasks on our behalf and are contractually obligated to protect your information. These service providers have their own privacy policies to protect your information. For instance, we use KYC providers to securely process identity verification providers to confirm user identities.

Provider Service About
Google Third-party account login service Learn More
LinkedIn Third-party account login service Learn More
X (Twitter) Third-party account login service Learn More
Microsoft Third-party account login service Learn More
Apple Third-party account login service Learn More
Brevo Emailing service Learn More
Gleap Support chat and notifications Learn More
Webflow Website hosting Learn More
Google Play Store Appstore app distribution Learn More
Apple App Store Appstore app distribution Learn More
Google Site Analytics Learn More
Sumsub KYC, KYB, AML review and identity verification Learn More


4.3 User-Authorized Third Parties
We may share your personal data with third parties when you explicitly authorize us to do so. This includes social media platforms you choose to link your account with, other financial services you connect to our platform, or any other third party with whom you request us to share your information.

4.4 Legal and Regulatory Authorities
We may disclose your personal data to regulatory authorities, law enforcement agencies, courts, and other governmental bodies when required by law, regulation, legal process, or enforceable governmental request. We may also disclose information to protect our rights, property, or safety, or the rights, property, or safety of others.

4.5 Business Transfers
In the event of a merger, acquisition, reorganization, bankruptcy, or other similar event, your personal data may be transferred to our successor or assign, subject to the same privacy protections as described in this Privacy Policy.

4.6 Blockchain Networks
Due to the nature of blockchain technology, when you use our Services to interact with blockchain networks, certain information (such as wallet addresses and transaction details) is recorded on public blockchains and becomes publicly available. This information is inherently public and cannot be modified or deleted by CHEQs.

We only share your personal data with third parties that have agreed to maintain appropriate security and privacy measures to protect your personal data. We do not sell your personal data to third parties for monetary consideration.

5. Your Rights
Depending on your location and the applicable privacy laws, you may have the following rights with respect to your personal data:

5.1 Right to Access
You have the right to access your personal data and receive information about how we process it. For example, you may request a copy of the personal data we hold about you and information about how we use it.

5.2 Right to Rectification
You have the right to request the correction of inaccurate or incomplete personal data. If you notice that your account information is incorrect, you can update it through your account settings or by contacting us.

5.3 Right to Erasure
You have the right to request the deletion of your personal data in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected. However, please note that information recorded on public blockchains cannot be deleted due to the immutable nature of blockchain technology.

5.4 Right to Data Portability
You have the right to obtain a copy of your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller, where technically feasible.

5.5 Right to Object
You have the right to object to the processing of your personal data based on our legitimate interests, including for direct marketing purposes. If you object to marketing communications, we will cease sending such communications to you.

5.6 Right to Restrict Processing
You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data or when the processing is unlawful.

5.7 Right to Withdraw Consent
Where we process your personal data based on your consent, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on your consent before its withdrawal.

5.8 Right to Non-Discrimination
You have the right not to be discriminated against for exercising any of your privacy rights. We will not deny you goods or services, charge different prices, or provide a different level of quality for exercising your rights.

5.9 Additional Rights and Exercise of Rights
The list of rights included in this Section 5 is non-exhaustive and you may have additional rights under the laws of the jurisdiction in which you are located, including the right to opt out of the sale or sharing of your personal data, the right to omit the use and disclosure of sensitive personal data, or the right to lodge a complaint with a supervisory authority.

To exercise these or any other rights, please contact us using the information provided in Section 8 of this Privacy Policy. We may need to verify your identity before responding to your request. We will respond to your request within the timeframe required by applicable law.

5.10 Limitations on Rights Related to Blockchain Data
Due to the non-custodial and decentralized nature of blockchain technology, we may be unable to modify or delete certain information that is recorded on public blockchains. This limitation applies regardless of your privacy rights under applicable law.

6. International Data Transfers
Your personal data may be transferred to, stored, and processed in countries outside of your country of residence, including the United States and countries within the European Economic Area (EEA). These countries may have data protection laws that differ from those in your country.

When we transfer personal data from the EEA, United Kingdom, or Switzerland to countries that have not been deemed to provide an adequate level of data protection, we use specific legal mechanisms designed to safeguard your personal data, such as:

  • Standard Contractual Clauses (SCCs): We implement the European Commission's approved Standard Contractual Clauses in our agreements with third parties that receive data outside the EEA.
  • Binding Corporate Rules: Where applicable, we may rely on Binding Corporate Rules for transfers to our affiliates and subsidiaries.
  • Adequacy Decisions: We may transfer data to countries that have been deemed to provide an adequate level of protection by the European Commission.
  • Derogations: In limited circumstances, we may rely on derogations such as your explicit consent or the necessity of the transfer for the performance of a contract.

By using our Services, you acknowledge and consent to the transfer of your personal data to countries outside your country of residence, subject to the safeguards described above.

7. Data Security and Retention

7.1 Data Security
We have implemented appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing and against accidental loss, destruction, or damage. These measures include:

  • Encryption: We use industry-standard encryption technologies to protect sensitive data both in transit and at rest.
  • Access Controls: We implement strict access controls and authentication mechanisms to ensure that only authorized personnel can access personal data.
  • Regular Security Assessments: We conduct regular security assessments and penetration testing to identify and address potential vulnerabilities.
  • Employee Training: We provide regular training to our employees on data protection and security best practices.
  • Incident Response Plan: We maintain an incident response plan to promptly address any security incidents or data breaches.

While we strive to protect your personal data, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee absolute security.

7.2 Data Retention
We will retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • To provide the Services you have requested
  • To comply with legal and regulatory obligations
  • To resolve disputes and enforce our agreements
  • To protect our legitimate business interests

Specific retention periods vary depending on the type of data and the purpose of processing. For example:

  • Account Information: We retain your account information for as long as your account is active and for a reasonable period thereafter to comply with legal obligations or resolve disputes.
  • Transaction Data: We retain transaction records for the period required by applicable tax, securities, anti-money laundering, and other laws.
  • Marketing Data: We retain marketing preferences until you opt out or request deletion.

When your personal data is no longer needed, we will securely delete or anonymize it. However, please note that information recorded on public blockchains will remain permanently on those networks and cannot be deleted by CHEQs.

8. Cookies and Similar Technologies
We use cookies, web beacons, and similar technologies to collect information about your interactions with our Services. Cookies are small text files that are stored on your device when you visit a website. They help us provide and improve our Services in various ways, such as:

  • Essential Cookies: These cookies are necessary for the functioning of our Services and cannot be disabled.
  • Analytical Cookies: These cookies help us understand how users interact with our Services, allowing us to improve functionality and performance.
  • Functional Cookies: These cookies enable enhanced functionality, such as remembering your preferences.
  • Targeting/Advertising Cookies: With your consent, these cookies may be used to deliver advertisements relevant to your interests.

You can manage your cookie preferences through your browser settings. Most browsers allow you to block or delete cookies. However, if you block essential cookies, you may not be able to use all features of our Services.


9. Children's Privacy
Our Services are not directed to children under the age of 18, and we do not knowingly collect personal data from children. If you are a parent or guardian and believe that your child has provided us with personal data without your consent, please contact us using the information in Section 11, and we will take steps to delete such information.


10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. If we make material changes, we will notify you as required by applicable law, which may include posting the revised Privacy Policy on our Site with an updated effective date, sending you an email, or providing a notification through our Services.

We encourage you to review this Privacy Policy periodically to stay informed about our data practices. Your continued use of the Services after any changes to this Privacy Policy constitutes your acceptance of such changes.


11. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us at:

Data Processing Officer
CHEQs Global Ltd
4th Floor Office, 205 Regent Street,
London, W1B 4HB, United Kingdom

In addition for Individuals in the United States:
CHEQs Global Ltd
Email: dpo@cheqs.com

In addition for For Individuals in the European Union:
CHEQs Global Ltd.
Email: dpo@cheqs.com

For Data Subject Rights Requests:
To exercise your data subject rights as described in Section 5, please submit your request through email us at dpo@cheqs.com.

If you are located in the European Economic Area, you have the right to lodge a complaint with your local data protection authority if you believe that our processing of your personal data does not comply with applicable law.


12. Blockchain-Specific Privacy Considerations

12.1 Public Nature of Blockchain Data
When you use our Services to interact with blockchain networks, certain information is recorded on public blockchains and becomes publicly available. This includes:

  • Wallet Addresses: Your blockchain wallet addresses are visible on the public blockchain.
  • Transaction Details: Information about your transactions, including amounts, timestamps, and the addresses involved.
  • Smart Contract Interactions: Data related to your interactions with smart contracts, including function calls and parameters.

This information is inherently public, immutable, and beyond CHEQs' control once recorded on the blockchain. While blockchain addresses themselves do not directly identify individuals, it may be possible for third parties to analyze blockchain data and associate addresses with identities.


12.2 Non-Custodial Services Limitations
As a provider of non-custodial blockchain services, CHEQs:

  • Does not have custody of your digital assets or private keys.
  • Cannot reverse transactions once they are confirmed on the blockchain.
  • Cannot remove information that has been recorded on public blockchains.
  • Has limited ability to comply with certain data subject requests regarding blockchain data.

We encourage you to consider these privacy implications before using our Services to interact with blockchain networks.


12.3 Privacy-Enhancing Practices
To enhance your privacy when using our blockchain-based Services, we recommend:

  • Being cautious about linking your blockchain addresses to your identity on public forums or social media.
  • Reviewing the privacy practices of any third-party wallets or services you connect to our platform.

13. Jurisdiction-Specific Provisions
13.1 European Union (GDPR)
If you are located in the European Economic Area, United Kingdom, or Switzerland, the following additional provisions apply:

  • Data Controller: CHEQs Global Ltd. is the data controller responsible for your personal data.
  • Legal Bases: We process your personal data in accordance with Article 6 of the GDPR, as detailed in Section 3.
  • Data Protection Officer: You can contact our Data Protection Officer at dpo@cheqs.com.
  • Cross-Border Transfers: We implement appropriate safeguards for international data transfers as described in Section 6.
  • Automated Decision-Making: We may use automated decision-making, including profiling, for fraud prevention and compliance purposes. You have the right not to be subject to decisions based solely on automated processing that produce legal effects or similarly significantly affect you, except in limited circumstances permitted by law.

13.2 California (CCPA/CPRA)
If you are a California resident, the following additional provisions apply under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
Categories of Personal Information: The categories of personal information we collect are described in Section 2.

  • Sources of Personal Information: We collect personal information directly from you, automatically through your use of the Services, from third-party sources, and from blockchain networks.
  • Business or Commercial Purpose: The purposes for which we use your personal information are described in Section 3.
  • Categories of Third Parties: The categories of third parties with whom we share personal information are described in Section 4.
  • Sale or Sharing of Personal Information: We do not sell your personal information for monetary consideration. However, some sharing of information for targeted advertising purposes may constitute "sharing" under California law. You have the right to opt out of such sharing.
  • Sensitive Personal Information: We only process sensitive personal information for purposes permitted by law or with your explicit consent.
  • Shine the Light: California residents may request information about our disclosure of personal information to third parties for their direct marketing purposes. We do not share personal information with third parties for their direct marketing purposes without your consent.

To exercise your California privacy rights, please contact us using the information in Section 11.

13.3 Other U.S. State Privacy Laws
If you are a resident of Colorado, Connecticut, Utah, Virginia, or another state with comprehensive privacy legislation, you may have similar rights to access, correct, delete, and obtain a copy of your personal data. Please contact us using the information in Section 11 to exercise these rights.


14. Additional Information
14.1 Third-Party Links and Services
Our Services may contain links to third-party websites, applications, or services that are not operated or controlled by CHEQs. This Privacy Policy does not apply to such third-party services. We encourage you to review the privacy policies of any third-party services you access through our Services.

14.2 Do Not Track Signals
Some browsers have a "Do Not Track" feature that signals to websites that you do not want to have your online activities tracked. Due to the lack of a common understanding of how to interpret these signals, our Services do not currently respond to browser Do Not Track signals.

14.3 Business Transfers
In the event of a merger, acquisition, reorganization, bankruptcy, or other similar event, your personal data may be transferred to our successor or assign. We will notify you of any such change in ownership or control of your personal data through our Services or by email.


14.4 Conflict Resolution
If you have a privacy or data use concern that we have not addressed satisfactorily, please contact us, and we will seek to resolve the issue. If you are located in the European Economic Area and believe that we have not complied with data protection laws, you have the right to lodge a complaint with your local supervisory authority.