Privacy Policy

Effective Date: 05 January 2025 | Version: 10.1

1. Introduction

This Privacy Policy explains how ZizaPay and its affiliated entities (“ZizaPay LLC”, “we”, “our”, “us”) collect, verify, process, store, disclose, and protect personal data in connection with our financial services. It also describes the rights you have over your personal data.

Personal data means any information about an identified or identifiable individual. It does not include anonymous data, which cannot be linked back to an individual.

ZizaPay operates as a financial technology platform and Money Services Business (MSB) providing services including:

  • International money transfers
  • Cross-border remittance services
  • Wallet and payment services
  • Currency exchange and settlement services

Personal Data means any information relating to an identified or identifiable individual. Data that has been irreversibly anonymized is not considered personal data.

Zizapay primarily processes information provided directly by the user. This data is fundamental to the delivery of our services and the maintenance of a secure financial ecosystem. By collecting specific data points, we enhance the security of cross-border transfers while mitigating risks associated with fraud, money laundering, and illicit financial activities in accordance with federal regulations.

This Privacy Policy applies globally and is aligned with:

  • U.S. Bank Secrecy Act (BSA) and FinCEN AML Regulations
  • USA PATRIOT Act
  • OFAC Sanctions Compliance Requirements
  • General Data Protection Regulation (GDPR)
  • UK GDPR & Data Protection Act 2018
  • Canada PIPEDA
  • Other applicable international privacy and financial regulations
2. Regulatory Status and Compliance Framework

ZizaPay operates under strict regulatory obligations applicable to Money Services Businesses, including:

  • Implementation of a risk-based Anti-Money Laundering (AML) Program
  • Customer Identification Program (CIP) under FinCEN rules
  • Know Your Customer (KYC) and Customer Due Diligence (CDD)
  • Enhanced Due Diligence (EDD) where risk thresholds require
  • Continuous transaction monitoring and suspicious activity reporting (SARs)
  • Compliance with recordkeeping and travel rule requirements

We collect and process personal data as a legal requirement, not optional, in order to:

  • Verify customer identity
  • Detect and prevent fraud and financial crime
  • Report suspicious activity to regulators
  • Maintain audit trails required by law

Failure to provide required data will result in inability to onboard or maintain services.

3. Data Controller and Contact Information

ZizaPay Inc. is the data controller responsible for processing your personal data unless otherwise specified.

  • Email: privacy@zizapay.com
  • Compliance & AML: compliance@zizapay.com
  • Address: [Insert Registered Address]

Where required, ZizaPay appoints a Data Protection Officer (DPO) responsible for oversight of data protection obligations.

4. Personal Data We Collect

We collect personal data directly, indirectly, and through regulatory verification sources.

4.1 Identity and Verification Data (CIP/KYC Required)

Data Sourcing and Security Protocols

We collect personal data directly from you to facilitate our services and ensure the integrity of our payment network. This information is a mechanical necessity for providing secure financial products and fulfills our legal mandate to monitor for fraud and financial crime. Through precise data processing, Zizapay ensures a higher standard of protection for your funds and your identity.

Collection Source / Context Data Points Collected
Information automatically collected via our App or website during your sessions.
  • Transactional Data: Comprehensive records of your activity, including transfer timestamps, transaction volumes, currency pairings, applied exchange rates, and beneficiary identifiers. This also includes communication logs and specific payment method details, such as encrypted banking or card information.
  • Card Activity: Real-time data regarding the geographic location and timing of card-based transactions or ATM withdrawals.
  • Technical Metadata: System-level information including IP addresses, authentication logs, browser specifications (version and type), time zone configurations, and device operating system details.
  • Platform Analytics: Behavioral data, including clickstream paths to and from our interfaces, page latency metrics, error reports, and interaction durations to ensure optimal site performance.
  • User-Authorized Data:
    • Geolocation: Precise location data via GPS technology, subject to your mobile device permissions.
  • Sync Services: Access to local device storage, such as contact lists, to facilitate seamless recipient selection.
The data we collect when you:
  • Register on the Zizapay app
  • Use our services
  • Fill in your details
  • Respond to any of our services
  • Take part in any of our online discussions
  • Speak to a member of our staff
  • Correspond or contact us
  • Contact and Communication Details: Primary email address, mobile phone number, and comprehensive records of all correspondence, including telephonic logs and digital chat transcripts.
  • Identity and KYC Documentation: Full legal name, residential address, date and place of birth, and official government-issued identification (e.g., Passport, Driver’s License). This includes biometric data, such as photographs or video captures, used for identity verification.
  • Government Identifiers: Taxpayer identification numbers where legally required, such as a Social Security Number (SSN) or Tax Identification Number (TIN).
  • Information regarding your current occupation, income levels, and verified proof of residency.
  • Transactional Metadata: Detailed records of your transfers, including beneficiary identity, the stated purpose of the payment, and encrypted funding source details (e.g., bank account or card information).
  • Technical and Device Data: Unique device identifiers (Device ID), IP addresses, and specific configuration settings such as language preferences and time zone data.
  • Geolocation Information: Real-time geographic positioning data used for fraud prevention and regional compliance.
  • Security Credentials: Encrypted authentication data, including unique usernames, passwords, and other security-related parameters.
  • Consumer Reporting: Information obtained from credit bureaus and other consumer reporting agencies as permitted by law.
Data we collect from third-party applications. We also use our third-party applications, such as the Apple App Store or Google Play Store, social networking sites, such as name, your social network ID, location information, email, device ID, browser ID, and profile picture. Your use of third-party applications is subject to the privacy policy and terms of service for such applications.
Data From Social Media We may cross-reference public information from digital and social media sources to fulfill our regulatory obligations regarding customer identification and risk mitigation.
Information for the Public Zizapay may utilize publicly accessible data from digital platforms to perform Enhanced Due Diligence (EDD) as required by federal Anti-Money Laundering (AML) and global sanctions screening protocols.
4.3 Financial and Transaction Data
  • Bank account details
  • Payment card details (tokenized/encrypted)
  • Transaction history (amount, currency, recipients, timestamps)
  • Source of funds and purpose of transaction
4.4 Risk and Compliance Data
  • Sanctions screening results
  • Politically Exposed Person (PEP) status
  • Fraud risk indicators
  • Device fingerprinting and behavioral analytics
4.5 Technical and Device Data
  • IP address
  • Device ID and operating system
  • Browser type and session logs
  • Geolocation (when enabled)
4.6 Data from Third Parties
  • Identity verification providers
  • Financial institutions and payment processors
  • Credit bureaus and fraud prevention agencies
  • Public databases and sanctions lists
5. Purpose of Data Processing

ZizaPay processes personal data strictly for defined, lawful, and auditable purposes. In the course of providing our services, Zizapay may process the personal data of third parties, including transaction beneficiaries, merchants, and individuals initiating inquiries or formal complaints.

5.1 Service Delivery
  • Account creation and management
  • Processing domestic and cross-border payments
  • Executing transactions and maintaining transaction records
5.2 Regulatory Compliance (MANDATORY)
  • Identity verification under CIP/KYC
  • AML monitoring and fraud detection
  • Sanctions screening (OFAC, UN, EU lists)
  • Filing Suspicious Activity Reports (SARs)
  • Record retention under BSA (minimum 5 years or more where required)
5.3 Risk Management
  • Fraud prevention and detection
  • Transaction monitoring using rules-based and machine learning systems
  • Account security and authentication
5.4 Operational Integrity
  • System monitoring and performance optimization
  • Audit, internal controls, and compliance reporting
5.5 Customer Communication
  • Transaction confirmations
  • Security alerts
  • Regulatory disclosures
5.6 Marketing (Where Lawful)
  • Product updates and service offerings
  • Only where consent or legal basis exists
6. Legal Basis for Processing

We process personal data based on:

  • Legal Obligation → AML, KYC, sanctions compliance
  • Contractual Necessity → delivering financial services
  • Legitimate Interest → fraud prevention, system security
  • Consent → marketing communications where required

For sensitive data (e.g., biometrics), processing is conducted under:

  • Substantial public interest (financial crime prevention)
  • Explicit consent where required by law
7. Data Sharing and Disclosure

ZizaPay does not sell personal data. Data is shared only under defined and lawful conditions:

7.1 Regulatory and Legal Authorities
  • FinCEN
  • Law enforcement agencies
  • Financial regulators
  • Courts and government authorities
7.2 Financial Ecosystem Partners
  • Sponsor banks
  • Payment processors and card networks
  • Correspondent banking partners
7.3 Compliance and Verification Providers
  • Identity verification vendors
  • AML screening providers
  • Fraud detection platforms
7.4 Service Providers
  • Cloud infrastructure providers
  • Security and analytics vendors
  • Customer support systems

All third parties are bound by:

  • Data Processing Agreements (DPAs)
  • Confidentiality obligations
  • Regulatory compliance requirements
8. International Data Transfers

Due to the global nature of remittance services, personal data may be transferred across jurisdictions. Where data is transferred internationally, ZizaPay ensures:

  • Standard Contractual Clauses (SCCs)
  • Equivalent data protection safeguards
  • Compliance with local data transfer laws
9. Data Retention Policy

Zizapay maintains a rigorous data retention policy to ensure compliance with federal and international financial regulations. We typically retain personal data for a period of ten (10) years following the termination of the business relationship. This duration is mandated by Anti-Money Laundering (AML) statutes, tax laws, and specific regulatory guidelines governing Money Services Businesses (MSBs).

As a regulated financial institution, we are legally obligated to archive specific datasets beyond the closure of your account. Access to archived data is strictly restricted to essential compliance or legal necessity. Upon the expiration of the required retention period, Zizapay employs secure manual or automated protocols to permanently delete or anonymize personal information, ensuring it can no longer be associated with an identifiable individual.

  • AML / BSA Compliance: Minimum 5–10 years after account closure
  • Transaction Records: Retained for audit and regulatory review
  • Fraud and Risk Data: Retained as necessary for risk mitigation

Data is securely deleted or anonymized when no longer legally required.

10. Data Security

ZizaPay implements bank-grade security controls, including:

  • End-to-end encryption (TLS 1.2+)
  • Data encryption at rest (AES-256)
  • Role-based access control (RBAC)
  • Multi-factor authentication (MFA)
  • Continuous monitoring and intrusion detection

Access to personal data is strictly limited to authorized personnel.

11. Automated Decision-Making and Profiling

ZizaPay uses automated systems for:

  • Fraud detection
  • Transaction monitoring
  • Identity verification

These systems may result in:

  • Transaction blocking
  • Account suspension
  • Enhanced due diligence requirements

Users have the right to request manual review of automated decisions by contacting support@zizapay.com.

12. Your Data Protection Rights

Under applicable data protection statutes, you are granted specific rights regarding the processing and oversight of your personal information. To exercise these rights, please submit a formal written request to privacy@zizapay.com.

To safeguard our users and maintain the integrity of our financial ecosystem, Zizapay requires rigorous identity verification before fulfilling any data-related request. We may request supplemental documentation to confirm your identity. While we strive to honor all requests, our ability to do so may be limited by statutory obligations, such as Anti-Money Laundering (AML) retention requirements or other legitimate legal interests.

Please be advised that certain objections to data processing may necessitate the suspension or closure of your Zizapay account, as those data points may be mechanically essential to our service delivery.

Zizapay aims to provide a substantive response or implement requested changes within thirty (30) days, unless a different timeline is mandated by local law. Requests are processed within legally required timeframes.

13. Age Restrictions

ZizaPay services are strictly limited to individuals 18 years or older. We do not knowingly collect data from minors. We will take all reasonable steps to ensure that we do not process their data further and will inform them of this.

14. Cookies and Tracking Technologies

Cookies are unique identifiers stored on your device used to maintain user preferences and optimize platform performance. Zizapay utilizes cookies and associated tracking technologies across our web interfaces, mobile applications, and digital correspondence.

We deploy essential cookies strictly necessary for the secure and functional operation of our services. By interacting with our platform, you acknowledge the deployment of these core technical cookies. Users may modify their preferences via our Cookie Settings menu; however, restricting certain technologies may diminish site functionality or limit access to specific secure features. For further information, please consult our full Cookie Policy.

15. Policy Updates

This Privacy Policy is reviewed regularly and updated to reflect:

  • Regulatory changes
  • Operational updates
  • Risk and compliance improvements

Material changes will be communicated via official channels.

16. Contact and Complaints

For privacy-related inquiries:

  • Email: privacy@zizapay.com
  • Compliance: compliance@zizapay.com

Users also have the right to file complaints with relevant data protection authorities.

Thank you for choosing ZizaPay.

Trust and Security are Built into Every Transaction.

Experience the gold standard of borderless payments. Download the ZizaPay app today to send support securely and instantly.

Download on App Store Download on Google Play Our Infrastructure