1 Information We Collect

We collect only what’s necessary to provide and secure our services:

• Name and email address when you register
• Identity verification documents (KYC) required by financial regulations
• Transaction data — amounts, merchants, and timestamps
• Cryptocurrency wallet addresses used for funding
• Device and usage data (IP address, browser type, pages visited)

2 How We Use Your Information

• Provide and operate our virtual card services
• Process transactions and fund your wallet
• Comply with AML/KYC legal and regulatory obligations
• Detect and prevent fraud and unauthorized access
• Send service-related communications
• Improve our platform and user experience

3 Data Sharing

We may share data only with:

• Card issuing partners and payment processors required to deliver our services
• Regulatory authorities when required by applicable law
• Fraud prevention and identity verification providers

4 Data Security

All data is encrypted using 256-bit SSL/TLS encryption in transit and at rest. We are PCI DSS compliant and conduct regular security audits and penetration testing to protect your information.

5 Your Rights (GDPR)

If you are in the European Economic Area, you have the right to:

• Access, correct, or delete your personal data
• Object to or restrict how we process your data
• Request data portability
• Lodge a complaint with a supervisory authority

To exercise your rights, contact us at support@rivocard.com.

6 Cookies

We use cookies to operate our website and improve your experience. See our Cookie Policy for full details.

7 Data Retention

We retain personal data for as long as necessary to provide services and comply with financial regulations — typically 5 years after account closure.

8 Changes to This Policy

We may update this policy periodically. We’ll notify you of material changes by email or by posting a notice on our website.