Privacy Policy

We collect information you provide directly, information generated by your use of our services, and information from third-party sources. Here's a breakdown:

We use your personal data for the following purposes:

Depending on the type of data and the purpose, we rely on one or more of the following legal grounds to process your personal data:

Contractual necessity — processing that is required to provide you with our services under the terms of your account agreement.

Legal obligation — processing that is necessary to comply with laws and regulations that apply to us and to the third-party financial service providers operating through our platform.

Legitimate interests — processing that serves our business purposes (such as fraud prevention, product improvement, and security) provided it doesn't override your rights and freedoms.

Consent — where you've given us explicit permission, for example to send you marketing communications or to use certain cookies. You can withdraw consent at any time.

We don't sell your personal data. We may share it with the following categories of recipients when necessary:

Because Sinku operates across multiple countries, your data may be transferred to and processed in countries outside your country of residence. When this happens, we ensure appropriate safeguards are in place — such as standard contractual clauses or equivalent protections — to keep your data secure.

By using Sinku, you acknowledge that your data may be processed in jurisdictions that have different data protection laws from your own.

We keep your personal data for as long as your account is active and for a period after closure as required by law. The exact retention period depends on the type of data and the legal obligations that apply.

For most financial records, we're required to retain data for at least 5 to 7 years after your account is closed. Some data may be kept longer if needed for ongoing legal proceedings or regulatory investigations.

Once the retention period expires, your data is securely deleted or anonymised so that it can no longer be linked to you.

Depending on where you live, you may have some or all of the following rights regarding your personal data:

You can exercise most of your data rights directly in the Sinku app by going to your profile and tapping 'Privacy'. You can also contact our support team via the in-app chat or by emailing support@sinku.io.

We'll respond to your request within 30 days. In some cases, we may need to verify your identity before processing your request.

We take the security of your personal data seriously and use a combination of technical and organisational measures to protect it. These include:

Encryption of data in transit and at rest, strict access controls so that only authorised personnel can access personal data, regular security audits and vulnerability testing, employee training on data protection and security practices, and incident response procedures to handle any data breaches quickly and effectively.

While no system is completely immune to risk, we continuously invest in our security infrastructure to stay ahead of emerging threats.

Sinku operates across multiple jurisdictions. The processing of your personal data is governed by the data protection laws applicable in the country where you are located at the time of access. We are committed to respecting the principles of applicable data protection frameworks, including the General Data Protection Regulation (GDPR) for users in the European Union and European Economic Area, local data protection laws in PALOP countries and other African nations where we operate, and applicable privacy laws in the Americas and other regions where our services are available.

Regardless of your location, we apply a consistent standard of data protection based on internationally recognised best practices.

By using Sinku, you acknowledge and accept that the sharing of personal and transactional data between Sinku and its third-party partners is strictly necessary for the delivery of the services you have chosen (such as payment cards, currency exchange, and wallet functionality).

When you use services provided through our partners, your data may be processed by those partners as independent data controllers under their own privacy policies. We encourage you to review the privacy policies of our partners, including our licensed financial partner and Privy, for details on how they handle your data.

We only share the minimum data necessary for each partner to deliver their specific service, and we require all partners to maintain appropriate security and privacy safeguards.

Wallet functionality within the Sinku App is powered by Privy, a non-custodial wallet infrastructure provider. You should be aware of the following regarding your data in this context:

If you are located in the European Union or European Economic Area, the processing of your personal data is subject to the General Data Protection Regulation (GDPR). Our legal bases for processing your data include: (i) your consent for specific purposes such as marketing communications; (ii) contractual necessity to provide you with our services; (iii) compliance with legal obligations; and (iv) our legitimate interests, provided your fundamental rights and freedoms do not override those interests.

Under the GDPR, you have the right to: request access to and obtain a copy of your personal data, request rectification or erasure of your personal data, object to or restrict the processing of your data, request data portability, and withdraw your consent at any time. Please note that we cannot edit or delete information stored on a public blockchain, as such records are beyond our control.

To exercise any of your rights under the GDPR, contact us at support@sinku.io or through the in-app chat. You also have the right to lodge a complaint with your local data protection supervisory authority.

By creating a Sinku account, you consent to receive all communications, contracts, and legal notices from us electronically. These include service updates, terms changes, security alerts, transaction confirmations, and support communications.

Electronic communications from Sinku satisfy any legal requirement that such communications be made in writing. You are responsible for keeping your email address and phone number up to date to ensure you receive all important notifications.

In the event of a merger, acquisition, reorganisation, or sale of assets involving Sinku, your personal data may be transferred to the acquiring entity. Any such transfer will be conducted under the same privacy standards set out in this policy.

We will notify you of any change in ownership or use of your personal data, as well as any choices you may have regarding your data, before any such transfer takes effect.

Sinku is currently available only to individuals aged 18 and over. We do not knowingly collect personal data from anyone under 18. If we discover that we've inadvertently collected data from a minor, we'll delete it promptly.

Support for younger users is on our roadmap — when it launches, it will have its own age-appropriate privacy practices.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make significant changes, we'll notify you via the app or email before they take effect.

We encourage you to review this policy periodically. The date at the bottom of this page tells you when it was last updated.

If you have questions about this Privacy Policy or how we handle your data, get in touch:

Email: support@sinku.io

In-app chat: Go to your profile and tap 'Help'

If you're not satisfied with how we've handled a data protection concern, you may have the right to lodge a complaint with your local data protection authority.