Privacy Policy

Piers Technology Inc. (“Copperx”, “we”, “us” or “our”) is committed to protecting the privacy of its users (“you” or “your”) of the Copperx website available at https://copperx.io, any Copperx mobile applications, related media forms, media channels, mobile websites, software applications, dashboards, APIs, or other online or digital services provided by Copperx (collectively, the “Platform”). The Platform provides access to certain products, services, features, technologies, and programs offered by Copperx, whether offered directly by Copperx or in partnership with third-party providers (collectively, the “Copperx Offerings”).

This Privacy Policy (the “Privacy Policy”) outlines the types of information we collect, how we use and share it, and the rights you have. The terms of this Privacy Policy are applicable to you for accessing our Platform and the Copperx Offerings as detailed in our Terms of Service that can be accessed via the Platform and are available at: https://copperx.io/legal/terms. You are subject to the Terms of Service of this Platform. By accessing the Platform or using any Copperx Offering, you acknowledge that you have read and understood this Privacy Policy and our Terms of Service. Capitalized terms used but not defined in this Privacy Policy have the meanings given in our Terms of Service. Please read this Privacy Policy carefully. If you do not agree with this Privacy Policy or any part thereof, you should not access or use any part of the Platform or the Copperx Offerings.

1. ABOUT THE PLATFORM

At Copperx, we’re building powerful financial products for startups and businesses. Copperx is a financial technology provider. We are not a bank or money services business and we do not hold, store, or take custody of user funds, digital assets, or private keys. Certain Copperx Offerings are issued and/or managed by third-party partners, including licensed financial institutions, payment networks, and program managers. For those Copperx Offerings, we may act as a data controller for certain activities (e.g., user accounts, marketing) and as a data processor for others (e.g., facilitating partner-required KYC/KYB).

Our partners act as independent controllers for the personal data they collect and process in connection with their own services, including compliance with applicable laws and payment network rules. You should review their privacy policies for details.

2. DATA WE COLLECT

The information we collect depends on how you interact with the Platform and which Copperx Offerings you use. We collect and process two broad categories of data from and about you when you use the Platform:

2.1. Data You Voluntarily Provide

This includes any data you voluntarily submit or make available to us in the course of using the Platform and/or the Copperx Offerings. It may be personal (information that can identify you or is linked to you) or non-personal (information that does not identify you directly). Such data may include:

2.1.1. Account & Identity Information. We may collect your name, residential and/or business address, email address, phone number, nationality, date of birth, copies of government issued identity proof, proof of address (e.g. utility bill, bank statement), business registration documents and self image or video for identity verification, in relation to creating and managing your Copperx Account, meeting AML/KYC/KYB and sanctions screening requirements, compliance with applicable laws and to deliver such Copperx Offerings that require verified identity.

2.1.2. Financial Information. We may collect your bank account details, payment card details (processed via PCI-compliant providers), blockchain wallet addresses for sending or receiving funds, tax identification numbers for reporting, collateral deposit details (digital asset type, amount, transaction IDs) for the Copperx Card or other collateralized offerings, to process payments, payouts and settlements, manage collateral for certain offerings, comply with tax reporting and financial recordkeeping obligations under applicable laws and to detect and prevent fraudulent or unauthorized transactions.

2.1.3. Transactional & Usage Context. We may collect data pertaining to payment requests (amounts, currency), descriptions or references entered for transactions, invoice or order details submitted via APIs, API keys and associated metadata for integrations, to execute and record your transactions, troubleshoot technical or operational issues and to improve performance and reliability of the Copperx Offerings.

2.1.4 Communications. We may collect emails, support tickets, live chat logs, call recordings (if applicable), survey responses, product feedback, beta testing input, dispute or chargeback evidence that you may share with us to respond to your inquiries and requests, resolve any disputes or enforce agreements, gather feedback for service improvements and to maintain evidence for compliance and legal purposes.

2.1.5 Marketing & Preferences. We may collect your opt-in or opt-out choices for newsletters or promotions (if applicable), and preferred communication format to send you relevant marketing and services updates (if permitted), and tailor your user experience and communications.

2.2. Data We Automatically Collect We may collect certain data as a technical or operational byproduct of your interaction with the Platform, our systems, or partner integrations. Such data may include:

2.2.1 Technical & Device data. IP addresses and inferred approximate location, device type, operating system, browser type or version, unique device identifiers, screen resolution, time zone and language settings to optimize the Platform for your device, maintain security and detect suspicious access, enforce geographical restrictions such as sanctioned jurisdictions, and to support analytics and performance improvements.

2.2.2 Platform Interaction data. We may collect data regarding pages or screens viewed, navigation paths, session duration, links clicked, features accessed, form completion rates, API call logs (timestamps, endpoints called and status codes), and transaction attempt metadata (amount, currency and merchant category code) to analyse usage patterns and improve user experience, identify and fix usability or technical issues, ensure APIs and Developer Tools are functioning as intended and to maintain accurate transaction and operational records.

2.2.3 Cookies & similar technologies. We may collect data relating to session cookies for login persistence, functional cookies for preferences and analytics cookies for usage statistics, to personalize content and settings and understand site performance and user flows.

2.2.4 Partner generated data. We may collect verification data from KYC/KYB providers, sanctions screening outcomes, issuer or payment network transaction responses or dispute / chargeback status updates to meet compliance obligations under applicable laws, validate transactions and user eligibility, resolve disputes and ensure alignment with partner and network requirements.

We do not seek to collect information from Minors, for details please refer to Section 12 (Minors) of the Privacy Policy below.

3. HOW WE COLLECT DATA

We may collect the data described in this Privacy Policy through the following methods:

3.1. Directly from you. You provide data to us when you: (a) Create or update a Copperx Account; (b) submit identity or business verification documents during onboarding or for compliance reviews; (c) link a bank account, blockchain wallet, or payment method; (d) create or process a transaction, payment link, or payout; (e) use our developer APIs or generate API keys; (f) communicate with us via email, chat, support tickets, or phone (as may be applicable); (g) respond to surveys, beta program invitations, or product feedback requests (if applicable), (h) opt-in to marketing communications or set communication preferences (as may be applicable); or (i) participate in a promotion, referral program, or event we organize.

3.2. Automatically through the Platform. When you interact with the Platform, certain information is collected automatically by our systems, third-party analytics tools, and security services. This may include: (a) server logs capturing IP addresses, request details, and timestamps; (b) cookies and similar tracking technologies storing identifiers, preferences, and usage history; (c) session monitoring tools that record navigation paths and interactions for debugging and improvement; (d) device and browser fingerprinting to maintain security and prevent fraud; (e) API call logs generated when you or your application interact with Copperx endpoints; or (f) payment network responses (e.g., transaction approval/decline codes) captured during processing flows.

3.3. From our partners or service providers. We may receive information from trusted third parties when you: (a) complete KYC/KYB through an identity verification provider; (b) are screened against sanctions, fraud, or watchlists by a compliance vendor; (c) conduct a card transaction (we may receive transaction metadata from the issuer, program manager, or payment network); (d) are involved in a dispute or chargeback (we may receive dispute details from the payment network or issuer); or (e) interact with an integration partner that passes usage or account data to us as part of their service.

We may combine data gathered from the above sources to verify accuracy and completeness of information you provide, derive insights about Platform usage or service performance or create aggregated, anonymized datasets for analytics, reporting, or product development (which do not identify you personally).

4. HOW WE USE DATA

We may use the data we collect, whether provided voluntarily or collected automatically, to operate, improve, and protect the Platform and Copperx Offerings, to meet legal obligations, and to support legitimate business purposes, including:

4.1. To provide and operate the Platform. We may use your data to create and manage user Accounts, developer Accounts, and business profiles, enable you to access and use Copperx Offerings, process, settle, and record transactions, payouts, and collateral deposits (as applicable), and maintain technical functionality, performance, and availability of the Platform.

4.2. To verify identity and ensure compliance. We may use your data to conduct Know Your Customer (KYC), Know Your Business (KYB), and anti-money laundering (AML) checks, screen against government sanctions, watchlists, and other regulatory lists, confirm eligibility for Copperx Offerings and use of the Platform, and meet our legal, regulatory, tax, and contractual obligations with partners and payment networks.

4.3. To secure the Platform and prevent fraud. We may use your data to authenticate users and authorize Account actions, detect, investigate, and prevent fraud, unauthorized transactions, chargebacks, and prohibited activities, enforce our Terms of Service and Prohibited Use Policy, and protect the rights, property, and safety of Copperx, our users, and our partners.

4.4. To improve and develop the Platform and Copperx Offerings. We may use your data to debug errors, measure performance, and enhance user experience, test, research, and develop new features or integrations and personalize your interface, dashboard, and available features based on your activity.

4.5. To communicate with you. We may use your data to respond to your inquiries, support tickets, and feedback, send operational notifications (e.g., transaction status, policy changes, security alerts), deliver marketing communications (if you’ve opted in), promotions, event invitations, and product updates and provide educational materials, onboarding guides, and developer resources.

4.6. To facilitate partner and network operations. We may use your data to share necessary transaction, verification, and compliance data with issuer, program manager, and payment network for Copperx Offerings,e xchange required technical and Account information with integration partners to support your setup, and support dispute resolution and chargeback processes with networks and financial institutions.

4.7. To meet legal and regulatory requirements. We may use your data to respond to lawful requests, court orders, and regulatory inquiries, comply with AML/CTF laws, sanctions regimes, and other applicable regulations, as well as to fulfill tax reporting and other financial disclosure obligations.

5. WHO WE SHARE THE DATA WITH

In the context of processing the data we collect in accordance with this Privacy Policy, we may communicate such data with trusted third parties as necessary to operate the Platform, deliver Copperx Offerings, and comply with our legal and contractual obligations. This may include service providers who perform functions on our behalf, such as identity verification, compliance and sanctions screening, payment processing, transaction settlement, cloud hosting, analytics, customer support, and permitted marketing communications. We may also share data with our subsidiaries, affiliates or group entities for operational purposes, only if necessary.

If you apply for or use any Copperx Offerings, we may share relevant data with our Payment Partners (including Card Program partners, payout providers, banks, settlement agents and virtual account providers), payment networks, vendors responsible for card manufacturing and delivery, and integration partners you choose to connect with such as e-commerce platforms, automation tools, or other applications that interact with our APIs.

We may disclose information to regulatory authorities, government agencies, payment networks, and law enforcement when required by law, regulation, court order, or applicable network rules, or when necessary to protect the rights, property, and safety of Copperx, our users, or others. Information may also be shared in connection with dispute resolution, chargebacks, legal proceedings, or as part of a corporate transaction such as a merger, acquisition, or sale of assets.

Finally, we may share information with your consent or at your direction, and we may share aggregated or anonymized data that does not directly identify you with business partners, industry groups, or the public for analytical, research, or marketing purposes.

We will only communicate the data we collect to any recipient on a need-to-know basis and only when the processing by the recipient is strictly limited to the purposes identified in this Privacy Policy. As we operate globally, we may process your personal data around the world where our facilities or providers are located. We do not sell your personal data.

We may transfer and process your information outside your country (including the United States). Where required, we use appropriate safeguards for cross-border transfers and take additional measures as needed to protect your information. You can contact us for more details about these safeguards by reaching out to [email protected].

6. DATA RETENTION AND STORAGE

We will retain your personal data only for as long as necessary for the purposes for which it has been collected, as specified in this Privacy Policy, and in accordance with the applicable laws. This means that the retention periods we apply may vary depending on the purpose for which we process your personal data. When determining the appropriate retention period, we take into account the category and amount of personal data, potential risks and harm that may arise from unauthorized access or disclosure, the specific purposes for which the data is processed, the availability of alternative means to achieve those purposes, and the applicable legal requirements.

We may also retain personal data in order to comply with legal and regulatory obligations that may apply to us. We may also keep your personal data for as long as it is needed in relation to a legal claim, complaint, litigation or regulatory proceedings. Sometimes business and legal requirements oblige us to retain certain data, for specific purposes, for an extended period of time (e.g., to comply with AML compliance requirements, or record-keeping obligations imposed by applicable accounting, financial, or regulatory laws). In some situations, we may anonymize personal information about you so that it can no longer be used to identify you. In such cases, we can use this information indefinitely without further notice to you.

7. COOKIES AND SIMILAR TECHNOLOGIES

The Platform uses a variety of tracking technologies, including cookies, pixels, software development kits (SDKs), local storage objects, and other similar tools (collectively, “cookies”) to provide functionality, operate securely, improve performance, analyze usage, and deliver a personalized experience. A cookie is a small text file placed on your browser, device, or application by a website or service you visit, and it may be read or retrieved later by the same service. Pixels are small image files or code snippets that enable us or third parties to monitor user activity and gather analytics. SDKs are code packages embedded in our mobile applications or integrations that serve similar purposes to cookies.

Cookies may be used both by Copperx and by our service providers and partners. Copperx’s cookies are placed directly by Copperx to enable core Platform features, such as secure login sessions, user settings, and authenticated API calls. Third-party cookies such as those of our service providers or partners are placed by other entities to perform functions such as measuring website traffic, enabling customer support chat, detecting fraudulent transactions, and facilitating secure card enrolment processes.

Some cookies are considered strictly necessary because the Platform cannot function properly without them. These may include session cookies for authentication when you log into your Copperx Account, security cookies used to detect and prevent unauthorized access to the developer dashboard or payment flows, and cookies required to process transactions or maintain your selected language and region preferences. Because these cookies are essential, they cannot be disabled in our systems, although you can block them in your browser; doing so may render the Platform unusable.

We also use performance and analytics cookies to understand how users interact with the Platform, such as which pages are visited most often, how users navigate between screens in the merchant dashboard, how API endpoints are accessed over time, and where users encounter errors. To provide these insights, we use third-party analytics and customer experience tools including, for example, Google Analytics, PostHog (posthog.com), Amplitude (amplitude.com), and Intercom (intercom.com). These tools place their own cookies, pixels, or SDKs to collect usage information, which we use to analyze trends, improve functionality, and provide personalized support experiences. These analytics help us improve the Platform and Copperx Offerings, identify areas that require optimization, and troubleshoot technical issues. You can control the use of these analytics cookies through the cookie preference tools on our Platform, by adjusting your browser or device settings, or by using the vendor-provided opt-out mechanisms (for example, the Google Analytics Opt-out Browser Add-on).

Functional cookies allow us to remember your settings and preferences, such as your preferred currency, your saved API sandbox environment configuration, or pre-filled form data when enrolling in the Copperx Card program. They make your interactions smoother and more personalized without requiring you to re-enter the same information each time.

In addition to cookies placed in your browser, we may use SDKs in our mobile applications and API libraries to collect technical and usage data, authenticate requests, and enable push notifications. Like cookies, these SDKs can be first-party or third-party, and you can control some of them through your device’s operating system settings.

Where legally required, we will request your consent before placing non-essential cookies, such as analytics cookies, on your device. You can withdraw consent at any time through the cookie preference tools provided on the Platform or by adjusting your browser or device settings. You may also delete cookies that have already been set by visiting your browser’s privacy settings. Please note that disabling or blocking certain cookies may affect the availability and functionality of the Platform and Copperx Offerings.

If you would like more detailed information about the cookies used on the Platform, including their specific names, providers, purposes, and retention periods, you may contact us at [email protected] and request our full cookie inventory.

8. YOUR RIGHTS

Depending on where you are located, you may have certain rights under applicable data protection and privacy laws. These may include the right to:

8.1. access the personal information we hold about you, and to receive a copy in a portable format;

8.2. correct inaccurate or incomplete personal information;

8.3. delete personal information, subject to legal, regulatory, or contractual record-keeping requirements (for example, AML/KYC laws may require us to retain certain records for a set period);

8.4. restrict or object to certain processing activities, including processing for direct marketing purposes;

8.5. withdraw consent where processing is based on your consent, without affecting the lawfulness of processing carried out before withdrawal;

8.6. opt-out of the “sale” or “sharing” of personal information, or of targeted advertising, where applicable under laws such as the California Consumer Privacy Act (CCPA/CPRA);

8.7. request details about how we process your personal information, including the categories and sources of data collected, the purposes of processing, and the categories of recipients with whom we share the information; and

8.8. appeal a decision we make in response to your privacy request if applicable laws grant you such a right.

You may exercise these rights by contacting us at [email protected] with “Privacy Request” in the subject line. We may need to verify your identity before fulfilling your request and may deny or limit certain requests if allowed or required by law.

Region specific disclosures. This section supplements this Privacy Policy for individuals in certain jurisdictions.

1. California and other U.S. state laws.

Depending on your state, you may have rights to know / access, delete, correct, opt-out of the “sale” or “sharing” of personal information and targeted advertising, and to limit use of “sensitive” personal information. We do not sell personal information. If our practices change to involve “sharing” for cross-context behavioural advertising, we will provide required opt-out mechanisms and honor Global Privacy Control signals.

You may exercise rights or appeal a denied request by emailing [email protected] with “Privacy Request”.

2. EEA/UK (GDPR /UK GDPR).

Legal bases include performance of a contract, compliance with legal obligations, our legitimate interests (e.g., security, fraud prevention, product improvement), and consent (where used). You may have rights to access, rectification, erasure, restriction / objection, and data portability, and to lodge a complaint with your data protection authority.

9. STORAGE, SECURITY AND RISK MITIGATION

We use a combination of technical, organizational, and administrative measures designed to protect the information we collect from loss, misuse, unauthorized access, disclosure, alteration, and destruction. These measures may include encryption in transit and at rest, secure server infrastructure, access controls, network monitoring, intrusion detection systems, and regular security testing.

However, no system or method of transmission over the Internet is completely secure. We cannot guarantee the absolute security of your data. You are responsible for maintaining the confidentiality of your Account credentials, private keys, recovery phrases, and any other security information associated with your use of the Platform. We strongly recommend enabling multi-factor authentication where available.

If we become aware of a data breach affecting your personal information, we will notify you and/or relevant authorities as required by applicable law.

10. THIRD PARTY SERVICES & LINKS

The Platform may contain links to third-party websites, applications, and services, or may allow you to connect to and interact with third-party services (including our integration partners, card program partners, and other external tools). If you choose to use these third-party services or click on external links, you may provide information directly to them or they may collect information about you automatically.

We are not responsible for the content, privacy practices, or security of these third-party services. Your interactions with them are governed by their own terms and privacy policies, not ours. We encourage you to review the privacy policies of any third-party service you use in connection with the Platform before providing them with your information.

11. NON-CUSTODIAL & REGULATORY NOTICES

Copperx is a financial technology provider and does not hold or custody funds, digital assets, or private keys. Certain records and transaction data are controlled by our regulated Payment Partners, Issuers, and payment networks. We may be legally prohibited from notifying you of certain compliance actions across all Copperx Offerings, including the filing of suspicious activity reports (SARs) or other regulatory reports. Nothing in this Privacy Policy constitutes legal, investment, or tax advice. You are solely responsible for your decisions and for complying with your tax obligations.

12. MINORS

As provided in our Terms of Service, the Platform and the Copperx Offerings are not intended for anyone who is under the age of 18 (eighteen) years or minor under their respective jurisdictions, or where the Platform or Copperx Offerings are being accessed (“Minor”). We do not intend to or knowingly collect any data related to a Minor. If you believe that any kind of data related to a Minor has been collected or provided to us, please contact us at [email protected].

13. CHANGES TO THIS PRIVACY POLICY

We reserve the right to amend this Privacy Policy at any time to reflect changes in the law, our data collection, use or sharing practices, advances in technology, changes in features, security measures, or compliance requirements, as indicated by “Last Updated” date at the beginning of this Privacy Policy. Therefore, we encourage you to review this Privacy Policy regularly. Any modifications will take effect on the date specified as the “Last Updated” date.

By continuing to access or use the Platform and Services, you are confirming you have read and understood the latest version of this Privacy Policy.

14. CONTACT INFORMATION

If you have any questions or comments about this Privacy Policy, our privacy practices, the processing of your personal data under this Privacy Policy, including the exercise of your rights as detailed above, please contact us by email at [email protected].