Privacy Policy
1. Introduction
SterlingtoUSDT values your privacy. This Privacy Policy explains how we collect, use, store, disclose and otherwise process personal data of customers, website visitors and other users of the Services. It also explains the choices you have regarding your personal data. By accessing or using our Services, you consent to the collection and use of your information in accordance with this Policy.2. Data We Collect
We collect various types of information, including:- Personal identification information — such as your name, date of birth, nationality, government-issued identification numbers, addresses, e-mail addresses, telephone numbers and any other information required to verify your identity under KYC policies and AML rules.
- Business information — information about your company, its directors and beneficial owners, the goods or services you sell, and your customer base.
- Financial information — bank account numbers, payment card details, transaction histories and account balances required to facilitate payments and currency exchanges.
- Verification documents — copies of passports, driver’s licences, utility bills, corporate documents or other evidence necessary for identity verification and compliance screening.
- Technical and usage data — IP addresses, device identifiers, browser types, access times, pages visited, language preferences, session durations and similar information collected through automated means.
- Marketing and communication preferences — your preferences for receiving marketing communications, newsletters or product updates.
3. How We Collect Data
We collect information in several ways:- Directly from you. You provide personal and business information when you create an account, complete KYC questionnaires, conduct transactions or communicate with us.
- Automatically. We automatically collect technical and usage data when you access or use our Services through cookies and similar technologies (described in our Cookie Policy).
- From third parties. We may receive information about you from banks, payment networks, identity verification service providers, credit bureaus, fraud-prevention agencies and publicly available databases.
4. How We Use Data
We use your personal data for the following purposes:- Provision of Services. To perform our contractual obligations — such as processing payments, converting currencies, issuing payment instruments and providing customer support.
- Compliance with legal obligations. To verify your identity, conduct AML screening and monitor transactions; to comply with reporting obligations under applicable AML/KYC laws; to respond to lawful requests and orders from regulators or law enforcement.
- Security and risk management. To detect and prevent fraud, security breaches and abuse of the Services.
- Improving our Services. To analyse how users interact with our Services, troubleshoot problems and develop new features or products.
- Marketing and communications. To send you service notices, marketing communications, newsletters, surveys and updates. Consent will be obtained where required by law, with the option to opt out.
- Compliance audits. To conduct audits and maintain records to demonstrate compliance with legal, regulatory or contractual obligations.
5. Legal Basis for Processing
Depending on your jurisdiction, we rely on one or more of the following legal bases to process personal data:- Contractual necessity. To provide the Services and fulfil our agreement with you.
- Legal obligations. Compliance with laws and regulations, including AML/KYC and payment service requirements.
- Legitimate interests. To understand service usage, improve offerings, prevent fraud and protect business and customers.
- Consent. Where required by law, we obtain consent for marketing or non-essential cookies.
6. How We Share Data
We share personal data only as necessary and as permitted by law:- Banking and payment partners. To execute payments and settlements.
- Service providers. Third parties for identity verification, AML screening, fraud prevention, cloud hosting, analytics and customer support.
- Regulators and law enforcement. Disclosure when required to comply with laws or court orders.
- Corporate transactions. In connection with mergers, acquisitions, sales, or reorganisations.
- Within our group. Shared among SterlingtoUSDT affiliates and subsidiaries for service delivery and administration.
7. Cross-Border Data Transfers
Because we operate globally, your information may be transferred internationally. We use safeguards such as encryption, contractual clauses and data-protection addenda to protect personal data. Regulators require data localisation, role-based access, and audit trails to be maintained.8. Data Security
We implement technical and organisational measures, including encryption in transit and at rest, firewalls, access controls, network monitoring and secure coding. We adhere to standards such as PCI DSS. However, no system is absolutely secure. You should protect your credentials and notify us immediately of any suspected compromise.9. Data Retention
We retain personal data as long as necessary to provide Services, comply with legal obligations and enforce agreements. Retention varies by data type and regulation. Data no longer required will be anonymised or securely deleted.10. Your Rights and Choices
Depending on law, you may have rights over your personal data:- Access. Confirm if we process your data and request a copy.
- Rectification. Request corrections to inaccurate or incomplete data.
- Erasure. Request deletion where data is no longer required or consent is withdrawn.
- Restriction. Request limited processing.
- Objection. Object to processing based on legitimate interests or direct marketing.
- Portability. Receive your data in a machine-readable format.
- Withdraw consent. Withdraw consent at any time where applicable.