Privacy Policy

Keepaa Limited ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our financial services platform.

We are the data controller for the personal data we collect and process. Our registered office is University of Wolverhampton Science Park, PA103 Technology Centre, Wolverhampton, WV10 9RU, United Kingdom.

2.1 Personal Information

• Name, email address, and phone number
• Date of birth and nationality
• Address and postcode
• Bank account details and payment information
• Government-issued identification documents
• Financial information and transaction history

2.2 Technical Information

• IP address and device information
• Browser type and version
• Operating system
• Usage data and analytics
• Cookies and similar technologies

2.3 Financial Information

• Transaction details and payment history
• Account balances and financial goals
• Group membership and contribution records
• Risk assessment and compliance data

3.1 Direct Collection

• When you register for an account
• When you complete KYC verification
• When you make payments or transactions
• When you contact our support team
• When you participate in surveys or feedback

3.2 Automatic Collection

• Through cookies and tracking technologies
• From your device and browser
• From third-party services (with your consent)
• From public sources for compliance purposes

3.3 Third-Party Sources

• Credit reference agencies
• Fraud prevention services
• Government databases for verification
• Social media platforms (if you connect accounts)

We process your personal data based on the following legal grounds:

4.1 Contract Performance

• To provide our financial services
• To process payments and transactions
• To manage your account and settings
• To fulfill our obligations under our Terms of Service

4.2 Legal Obligations

• To comply with financial regulations (FCA, AML)
• To meet tax and reporting requirements
• To prevent fraud and money laundering
• To respond to legal requests and court orders

4.3 Legitimate Interests

• To improve our services and user experience
• To detect and prevent fraud
• To ensure platform security
• To provide customer support

4.4 Consent

• For marketing communications (where applicable)
• For third-party data sharing (where required)
• For cookies and analytics

5.1 Service Provision

• To create and manage your account
• To process payments and transactions
• To provide customer support
• To send service-related notifications

5.2 Compliance and Security

• To verify your identity and prevent fraud
• To comply with financial regulations
• To maintain platform security
• To investigate suspicious activity

5.3 Service Improvement

• To analyze usage patterns and trends
• To develop new features and services
• To personalize your experience
• To conduct research and surveys

We may share your information in the following circumstances:

6.1 Service Providers

• Payment processors (Stripe)
• Cloud hosting and infrastructure providers
• Customer support and communication services
• Analytics and monitoring services

6.2 Legal and Regulatory

• Financial Conduct Authority (FCA)
• HM Revenue & Customs (HMRC)
• Law enforcement agencies
• Courts and legal proceedings

6.3 Business Transfers

• In case of merger or acquisition
• For business restructuring
• With your explicit consent

We implement appropriate technical and organizational measures to protect your data:

• Encryption of data in transit and at rest
• Regular security assessments and penetration testing
• Access controls and authentication measures
• Employee training on data protection
• Incident response and breach notification procedures
• Regular backups and disaster recovery planning

We retain your personal data for the following periods:

8.1 Account Data

• Active accounts: Duration of account plus 7 years
• Closed accounts: 7 years (regulatory requirement)
• KYC documents: 7 years after account closure

8.2 Financial Data

• Transaction records: 7 years (legal requirement)
• Payment information: 7 years
• Audit logs: 7 years

8.3 Marketing Data

• Marketing preferences: Until consent withdrawal
• Analytics data: 2 years
• Cookies: As specified in our Cookie Policy

Under GDPR, you have the following rights:

9.1 Access and Portability

• Right to access your personal data
• Right to receive a copy of your data in a portable format
• Right to know how we process your data

9.2 Correction and Erasure

• Right to correct inaccurate data
• Right to request deletion of your data (with limitations)
• Right to restrict processing in certain circumstances

9.3 Objection and Withdrawal

• Right to object to processing based on legitimate interests
• Right to withdraw consent (where applicable)
• Right to lodge a complaint with the ICO

Your data may be transferred to countries outside the UK/EEA. We ensure appropriate safeguards are in place:

• Adequacy decisions by the UK government
• Standard contractual clauses
• Binding corporate rules
• Other approved transfer mechanisms

We use cookies and similar technologies for:

• Essential functionality and security
• Analytics and performance monitoring
• Personalization and user experience
• Marketing and advertising (with consent)

You can manage your cookie preferences through your browser settings or our cookie consent manager.

Our services are not intended for children under 18. We do not knowingly collect personal data from children under 18. If we become aware that we have collected such data, we will take steps to delete it promptly.

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Email notification to your registered email address
• In-app notification
• Posting the updated policy on our website

Continued use of our services after changes constitutes acceptance of the updated policy.

For privacy-related questions or to exercise your rights, contact us:

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.