Privacy policy

Last Updated: July 4, 2025

Introduction

This Privacy Policy details how Anzo Labs PTE LTD., a Singapore-registered company with registration number 202529216W, operating as Anzo (hereinafter referred to as “we”, “our”, “us”, or “Anzo”), collects, uses, shares, and safeguards personal information related to your interaction with our Services and Platform at anzo.app. Our policy complies with the Singapore Personal Data Protection Act (PDPA) and other relevant data protection laws, ensuring lawful, transparent, and secure handling of your data.

This document explains the types of personal data we collect through our Platform and Services, the methods and purposes of collection, how we use the data, and the third parties with whom we may share it. It also outlines your rights as a data subject and how you can exercise them.

We will communicate any updates to this Policy (and other policies, such as our Terms of Service) through our official channels, including our website, Facebook, and X. We encourage you to review this Policy to understand how your data is processed and your associated rights. For any inquiries about this Privacy Policy, data collection, usage, sharing, or other data-related concerns, please contact us via the channels listed below.

Definitions

Definitions For reference, we define the following terms used in this Privacy Policy:

Personal Data: Information that relates to an identified or identifiable individual, including names, addresses, email addresses, identification numbers, IP addresses, cookie identifiers, or any data that may reveal your physical, genetic, mental, economic, cultural, or social identity.

Data Subject: The individual whose personal data is collected and processed (i.e., you or any other person whose data we handle).

Data Controller: The entity that determines the purposes and methods of processing personal data. Anzo acts as the data controller in this context.

Data Processor: An entity that processes personal data on behalf of the data controller, such as our vendors or partners who process your data for purposes we define.

Data Protection Officer

We have appointed a Data Protection Officer (DPO) to address inquiries about this Privacy Policy and our privacy practices. To raise concerns, exercise your rights as a data subject, or inquire about our data handling, please contact our DPO at support@anzo.app.

Information We Collect

To deliver our Services and Products, we collect certain information about you.

Information You Provide

This includes data you provide when using our Services and Platform. We do not collect details about your racial or ethnic origins, personal life, sexual orientation, political opinions, philosophical or religious beliefs, biometric or genetic data, or trade union membership. When you create an account or request access to payment or banking services, we may collect: .

Category	Examples (non-exhaustive)
Identity data	Full name, date of birth, gender, nationality, passport number, national ID number
Contact data	Email address, phone number, physical address, mailing address
Financial data	Bank account numbers, credit card details, income information, tax identification number
Location data	GPS coordinates, IP addresses
Employment data	Employment details, job titles, job descriptions
Transaction data	Purchase history, transaction amounts, payment methods used
Usage data	Platform usage patterns, session durations, pages visited
Marketing data	Marketing preferences, responses to marketing campaigns
User Account data	Usernames, account identifiers, user-generated content

Communications

If you contact us directly, we may request additional details, such as your name, email address, physical address, phone number, or other relevant information. We will clearly explain the purpose of collecting this information during such communications.

Payment Information

Our Services allow you to choose your preferred payment method for transactions processed through third-party financial institutions or payment providers. We do not store your financial account details; these are securely managed by the payment provider, who may collect and process your data for their own purposes.

Information from Third Parties

To provide seamless Services, we may obtain personal data from third-party partners and vendors, who must have lawful grounds for collecting and sharing your data with us. These sources include:

Payment Service Providers: We work with third-party providers to process fiat currency transactions, receiving data such as transaction history or account details.

API Integrations: With your consent, we may access financial data (e.g., bank account details, transaction history, or balances) via third-party APIs to enhance our Services.

Public Databases: We may retrieve publicly available data, such as names, addresses, or employment details, to improve our Services or meet legal obligations.

Identity Verification Partners: We collaborate with verification services to obtain data like names, addresses, identification documents, or citizenship details for compliance and security purposes.

Financial Institutions: We may receive financial data, such as transaction history or account balances, in compliance with legal and industry standards.

Blockchain Data: We collect publicly available blockchain data (e.g., transaction details or wallet addresses) to monitor for illegal activities or ensure compliance with our terms.

Marketing Partners, Advertisers, and Analytics: We may collect data to understand your platform interactions, refine marketing strategies, and provide personalized recommendations.

How We Use Your Data

We collect, use, and share your data based on lawful grounds, depending on the context:

Consent: We process your data when you explicitly agree to our data processing purposes.

Performance of a Contract: We process data necessary to fulfill a contract, such as processing orders or adhering to agreement terms.

Legal Obligation: We process data to comply with legal requirements, such as anti-money laundering or fraud prevention regulations.

Legitimate Interests: We process data to improve our Platform, maintain security, or prevent illegal activities, provided these interests align with our Services.

We collect, use, and share your data based on lawful grounds, depending on the context:

Purpose	Description	Lawful Basis
Providing and Maintaining Services	Ensuring the functionality and availability of our Services and Platform	Performance of a contract
Payment Processing and Order Execution	Processing payments and orders in compliance with market fairness rules	Performance of a contract
Fraud Prevention	Detecting and preventing fraud or misuse of our Services	Legitimate interest
Compliance with Laws	Meeting anti-money laundering, terrorism financing, and other legal requirements	Legal obligation, Performance of a contract, Legitimate interest
User Communication and Support	Communicating for customer support, notifications, or marketing	Performance of a contract
Service Improvement	Enhancing the quality, performance, and features of our Services	Legitimate interest
Research and Development	Conducting research to improve our Services	Legitimate interest
Analytics	Measuring user interactions with our Services	Legitimate interest, Consent (if required)
Safety and Security	Ensuring the safety, security, and integrity of your funds and our Services	Legitimate interest, Performance of a contract
User Account Management	Managing account setup, recovery, and termination	Performance of a contract
Personalization	Tailoring user experiences based on preferences and behaviors	Legitimate interest, Consent (if required)
Third-Party Service Providers	Engaging providers for tasks like payment processing	Legitimate interest, Consent (if required)
User Feedback	Collecting feedback to improve our Services	Performance of a contract, Legitimate interest, Consent (if required)
Record Keeping	Maintaining records for auditing, accounting, and compliance	Legal obligation
Partnerships and Collaborations	Sharing data for joint initiatives or integrated services	Legitimate interest
User Education	Providing resources to enhance user knowledge	Legitimate interest
Social Media Advertising	Using social media for advertising and customer support	Consent, Performance of a contract

How We Share Your Data

We may share your data with third parties to support our operations. Some providers operate outside Singapore; see the Data Transfers Outside Singapore section for details.

Vendors and Service Providers: We work with providers for analytics, IT, hosting, software, and marketing services.

Payment Service Providers: We share data with providers to process transactions and complete orders.

Identity Verification Services: We use third-party services to verify identities for compliance and security.

Advertisers: We may share data to deliver relevant promotions and content.

Business Partners: We share data for integrated services or joint initiatives.

Law Enforcement: We share data with authorities when required by law to support investigations or ensure compliance.

Business Transfers: In cases of insolvency, acquisition, or merger, your data may be shared with the new owner or relevant parties.

How Your Data is Secured

Anzo prioritizes the security of your personal data, employing technical, organizational, and administrative measures, including:

Data encryption

Access controls

Employee training

Data backups

Incident response protocols

Blockchain technology

User-controlled data options

Smart contracts

Cryptography

Data minimization

User education

We encourage you to:

Use strong, unique passwords

Enable multi-factor authentication

Keep login credentials confidential

Regularly update account information and review permissions

For concerns about data security or to learn about specific measures, contact us via Facebook, X, or support@anzo.app.

Data Retention

We retain your personal data only as long as necessary for the purposes for which it was collected. Retention periods vary by data type and purpose:

Category	Retention Period
Legal obligations	As long as required by law
Marketing contact information	Retained with your consent
Correspondence	Up to five years
Technical information	Up to one year
Transaction history	Up to five years
Smart contract data	Indefinitely on the blockchain
User preferences	As needed for personalized experiences
Error and debug logs	Up to three years
Consent records	Valid consent duration plus five years after withdrawal
Blockchain metadata	Permanent part of the blockchain ledger
Security and access logs	Up to five years

Your Rights as a Data Subject

As a user, you have rights over your personal data, including:

Right to Access: View the data we hold about you.

Right to Rectification: Correct inaccurate or incomplete data.

Right to Erasure: Request deletion of your data (subject to legal obligations).

Right to Restriction of Processing: Limit how your data is processed.

Right to Data Portability: Receive your data in a portable format.

Right to Object: Object to certain data processing activities.

Rights Related to Automated Decision-Making and Profiling: Opt out of automated decisions.

Exercising Your Rights

To exercise these rights or raise concerns, contact our DPO at support@anzo.app. We respond to legitimate requests within 30 days, though complex or high-volume requests may require more time. Accessing your data or exercising these rights is free unless the request is manifestly unfounded or excessive, in which case a reasonable administrative fee may apply.

Data Transfers Outside Singapore

As some of our partners and providers operate outside Singapore, your data may be transferred internationally. We ensure compliance with data protection laws using safeguards like standard contractual clauses or binding corporate rules. For questions about international transfers, contact our DPO at support@anzo.app.

Policy Changes

We may update this Privacy Policy to reflect changes in practices or legal requirements. Significant updates will be communicated via our Platform, Facebook, and X.