Privacy Policy
How SCFI PRO collects, uses, and protects your personal information.
Effective Date: March 2026 · Version 1.0.0
1. Introduction
This Privacy Policy is published by SCFI PRO Ltd. ("we", "us", or "our") and applies to the SCFI PRO mobile application (available on Android and iOS) and our website (collectively, the "Platform"). It describes what personal information we collect, why we collect it, how we use and protect it, and the choices you have regarding your data. This policy is effective as of March 2026. By downloading, installing, or otherwise using the SCFI PRO app or website, you agree to the terms of this Privacy Policy.
2. Information We Collect
2.1 Account Registration
When you create an account, we collect:
- First name and last name
- Email address
- Phone number (optional)
- Password — stored as a secure hash, never in plain text
- Referral code (optional, if provided)
2.2 Identity Verification (KYC)
KYC verification is required before you can access investment features. This is a regulatory (AML) requirement. We collect:
- Full legal name
- Date of birth
- Nationality
- Home address
- Government-issued document type (Passport, National ID, or Driver's License)
- Document number
- Photos of the document (front and back)
- Selfie / live photo for identity matching
Note: KYC data is processed in accordance with applicable Anti-Money Laundering (AML) and Know Your Customer regulations.
2.3 Financial Transactions
When you make deposits or withdrawals, we collect:
- Deposit amount
- Sender wallet address
- Transaction hash (blockchain transaction ID)
- Proof of payment image (screenshot uploaded by you)
- Withdrawal destination details
2.4 Profile Information
When you update your profile, we collect your profile photo (taken with your camera or chosen from your photo library).
2.5 Device & Security Data
- Biometric identifiers (Face ID / fingerprint) — used only for local authentication on your device. These are never transmitted to our servers.
- Authentication tokens — stored securely on your device using encrypted storage.
2.6 Usage Data
Collected automatically when you use the app:
- App activity logs (screens visited, actions taken)
- Error logs for debugging and improving the app
- Device type and operating system version
3. How We Use Your Information
| Data | Purpose |
|---|---|
| Name, email, phone | Account creation and communication |
| KYC documents | Regulatory compliance (AML/KYC), identity verification |
| Transaction data | Processing deposits, withdrawals, and investment positions |
| Profile photo | Personalising your account |
| Biometrics | Convenient, secure login on your device only — never sent to our servers |
| Usage logs | Improving app performance and user experience |
| Email address | Sending verification codes, important account updates, and notifications |
4. Permissions the App Requests
| Permission | Why We Need It |
|---|---|
| Camera | To take photos of your identity documents and selfie during KYC verification, and to take a profile photo. |
| Photo Library / Media Access | To upload photos of your identity documents, deposit payment proof, or profile photo from your gallery. |
| Face ID / Biometrics | To let you log in quickly and securely using your device's biometric authentication instead of typing your password. |
SCFI PRO does not request microphone access. The app does not use audio recording in any form.
6. Data Retention
Active Account Data
Retained for as long as your account remains active.
KYC Documents
Retained for the period required by applicable financial regulations — typically 5–7 years.
Account Deletion
You may request deletion of your account and personal data by contacting support, subject to legal retention requirements.
7. Security
TLS / HTTPS Encryption
All data transmitted between your device and our servers is protected using TLS/HTTPS encryption.
Hashed Passwords
Passwords are hashed using strong cryptographic algorithms and are never stored in plain text.
Encrypted On-Device Storage
Authentication tokens are stored in encrypted storage on your device — not in plain accessible storage.
Biometric Data Stays On-Device
Biometric data (Face ID / fingerprint) never leaves your device and is never transmitted to our servers.
Access Controls
We implement strict access controls to ensure only authorised personnel can access user data.
Audit Logging
All access to sensitive data is logged and monitored for suspicious activity.
8. Your Rights
Depending on your jurisdiction (including under the GDPR, NDPR, and similar regulations), you have the following rights regarding your personal data:
Right to Access
You can request a copy of the personal data we hold about you at any time.
Right to Correction
You can update your personal information directly in the app under Profile Settings.
Right to Deletion
You can request account deletion by contacting support, subject to regulatory retention obligations.
Right to Withdraw Consent
You may withdraw consent for optional data uses at any time.
Right to Data Portability
You can request an export of your personal data in a portable format.
9. Children's Privacy
SCFI PRO is not intended for users under 18 years of age. We do not knowingly collect personal information from minors.
If we discover that a minor has created an account, we will close the account and delete the associated personal data promptly.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or via an in-app notification before the changes take effect.
The "Last Updated" date at the top of this page will always reflect the most recent version of the policy.
Your continued use of SCFI PRO after the effective date of any changes constitutes your acceptance of the updated policy.