ICT Global Digital Banking Network

ICT Pay (ICT Global Digital Banking Network) understands that your privacy is of paramount importance. This Privacy Policy explains how we collect, use, share, and protect your personal information. By using our services, you consent to the data processing practices described in this policy. We are committed to protecting your privacy rights in accordance with applicable data protection laws, including the CCPA and GDPR.

1. Information We Collect

We collect the following types of information in connection with your use of ICT Pay services: (a) Personal identification information, including your name, email address, phone number, date of birth, Social Security Number (SSN) or government-issued identification number, used for identity verification and KYC compliance; (b) Financial information, including bank account details, transaction records, income information, and source of funds, used for providing financial services and compliance monitoring; (c) Device and usage data, including IP addresses, browser type, operating system, device identifiers, login times, and usage patterns, used for security monitoring and service optimization; (d) Data collected through cookies and similar technologies, used to improve user experience and analyze service usage. We only collect information that is necessary to provide and improve our services.

2. How We Use Information

We use the information we collect for the following purposes: (a) Account management — creating and maintaining your account, verifying your identity, and processing your service requests; (b) Transaction processing — executing transfers, payments, and other financial transactions, and providing transaction records and statements; (c) KYC/AML compliance — conducting customer identity verification, anti-money laundering monitoring, and Suspicious Activity Reports (SARs) as required by federal and state laws, obligations that survive account closure; (d) Fraud prevention — detecting, investigating, and preventing fraudulent activities, unauthorized transactions, and other illegal conduct; (e) Service improvement — analyzing usage patterns to enhance our products, features, and user experience. We will not use your personal information for purposes unrelated to the above without your explicit consent.

3. Information Sharing

We do not sell your personal information. We share your information only in the following circumstances: (a) Partner banks and financial institutions — to process transactions and maintain your FBO accounts, we share necessary account and transaction information with our FDIC-insured partner banks; (b) Payment processors — including ACH network, Fedwire, SWIFT, and Visa network operators, for executing payment transactions; (c) Identity verification services — we partner with third-party KYC/AML service providers for identity verification and compliance screening; (d) Regulatory authorities — as required by law, we may disclose information to FinCEN, state financial regulators, the IRS, or law enforcement agencies. All third-party service providers are contractually bound to use your information only to the extent necessary to provide their services and must comply with appropriate data protection standards.

4. Data Security

We employ industry-leading security measures to protect your personal information: (a) All sensitive data is encrypted at rest using the AES-256 encryption standard; (b) All data in transit is encrypted using TLS 1.3 protocol; (c) We implement strict access control policies ensuring that only authorized personnel can access personal data, limited to the scope required by their job responsibilities; (d) We conduct regular independent security audits and penetration tests to identify and remediate potential vulnerabilities. While we make every effort to protect your data, no method of internet transmission or electronic storage can guarantee 100% security. In the event of a data breach, we will notify affected users and relevant regulatory authorities within the timeframes required by law.

5. Data Retention

We retain your personal information according to the following principles: (a) Active account data is retained throughout your use of services and for an additional 7 years after account closure, to satisfy federal and state financial regulatory recordkeeping requirements (including BSA/AML requirements); (b) Transaction records are retained for a minimum of 5 years, with certain cross-border transaction records potentially retained longer; (c) Device and usage log data is typically retained for 2 years for security analysis purposes. After the expiration of statutory retention periods, your data will be securely deleted or de-identified. You may request deletion of personal data not subject to mandatory legal retention at any time while your account is active. Please note that certain information cannot be deleted prior to the statutory retention period due to regulatory compliance obligations.

6. Cookie Policy

Our website and applications use cookies and similar technologies to enhance your experience: (a) Essential cookies — these cookies are necessary for basic website functionality, such as login authentication and security protections, and cannot be disabled; (b) Analytics cookies — we use analytics cookies (such as Google Analytics) to understand how users interact with our services, helping us improve service quality and user experience. These cookies collect anonymous, aggregated data; (c) Functional cookies — used to remember your preference settings (such as language selection). You can manage your cookie preferences through your browser settings, but disabling certain cookies may affect website functionality. Upon your first visit, we will request your consent for non-essential cookies via a cookie banner.

7. Your Rights

Under applicable data protection laws, you have the following rights: (a) Right of access — you have the right to request a copy of the personal information we hold about you; (b) Right of rectification — you have the right to request correction of inaccurate or incomplete personal information; (c) Right of erasure — to the extent permitted by law, you have the right to request deletion of your personal information (subject to statutory retention requirements); (d) Right of data portability — you have the right to receive your personal data in a structured, commonly used, and machine-readable format; (e) Marketing opt-out — you may opt out of marketing communications at any time by clicking the unsubscribe link in emails or adjusting your preferences in account settings. To exercise these rights, please contact support@icookpay.com. We will respond within 30 days of receiving your request.

8. CCPA Privacy Rights

If you are a California resident, you have the following additional rights under the California Consumer Privacy Act (CCPA): (a) Right to know — you have the right to know what categories of personal information we have collected about you, the purposes of collection, the sources of information, and the categories of third parties with whom it is shared; (b) Right to delete — you have the right to request deletion of personal information we have collected about you, subject to statutory exceptions (such as compliance recordkeeping); (c) Right to opt-out of sale — we do not sell your personal information. If our practices change in the future, we will provide a "Do Not Sell My Personal Information" link on our website; (d) Right to non-discrimination — we will not discriminate against you for exercising your CCPA rights, including denying services, charging different prices, or providing a different quality of service. To submit a CCPA request, please contact privacy@icookpay.com.

9. International Users

ICT Pay's servers and operational infrastructure are located in the United States. If you access our services from outside the United States, your personal data will be transferred to, processed, and stored in the United States. For European Union/European Economic Area (EU/EEA) users, we process personal data under the following legal bases: (a) Contractual performance — to provide the financial services you have requested; (b) Legal obligation — to comply with KYC/AML regulations and financial reporting requirements; (c) Legitimate interests — fraud prevention and service security; (d) Consent — marketing communications and non-essential cookies. We ensure the legality of cross-border data transfers through Standard Contractual Clauses (SCCs) and other appropriate safeguards. EU/EEA users also have the right to lodge a complaint with the data protection supervisory authority in their country of residence.

10. Contact & Updates

If you have any questions, comments, or requests regarding this Privacy Policy, please contact us through the following channels: Email: privacy@icookpay.com General support: support@icookpay.com Mailing address: ICT Global Digital Banking Network, 1209 Orange Street, Wilmington, Delaware 19801, USA We may update this Privacy Policy from time to time to reflect changes in our business practices or legal requirements. For material changes, we will notify you via email or in-app notification at least 30 days before the changes take effect. We encourage you to review this policy periodically. Continued use of our services constitutes acceptance of the updated Privacy Policy. The most current version of this policy is always available on our website.