Legal
How CoreTech collects, uses, discloses, and safeguards personal information across our products, platforms, and services.
Identity, financial, transaction, and verification data needed to deliver our Services.
Service delivery, account administration, security, and regulatory compliance.
Only to trusted partners, regulators, and providers when necessary to operate our Services.
Access, correction, portability, erasure, and the right to object or complain.
For any questions, concerns, or requests relating to this Privacy Policy or the handling of your personal information, please contact us at:
At CORETECH, protecting personal information is a fundamental part of our business operations. This Privacy Policy explains how CORETECH and its affiliated entities collect, process, store, share, and safeguard personal information obtained through our products, platforms, websites, applications, APIs, and related services.
This Policy applies whenever you access or use any service provided by CORETECH, including our online platforms, payment solutions, payout services, collection services, virtual asset-related products, APIs, widgets, integrations, and any other services operated by us (collectively referred to as the "Services").
Depending on the circumstances and applicable data protection laws, CORETECH may act as a data controller, data processor, or perform both roles in relation to your personal information.
This Privacy Policy outlines:
By accessing our websites or using any of our Services, you acknowledge that you have read and understood this Privacy Policy and agree to the practices described herein. If you do not agree with the terms of this Policy, you should discontinue use of the Services.
CORETECH may share personal information within its corporate group, including subsidiaries and affiliated entities, where such sharing is necessary for operational, compliance, administrative, security, or service delivery purposes.
For the purposes of this Policy, "personal information" refers to any information relating to an identified or identifiable natural person. This may include information that directly identifies an individual, as well as information that can reasonably be linked to an individual when combined with other available data.
The definition and scope of personal information may vary depending on the laws applicable in your jurisdiction.
Information may be collected directly from you, automatically through your interaction with our Services, or from third-party sources.
Depending on your relationship with CORETECH, you may fall into one or more of the following categories:
Where you interact with CORETECH through a merchant or client relationship, the governing contractual arrangements between the relevant parties may also apply.
To establish and maintain a business relationship, comply with legal obligations, or deliver requested Services, CORETECH may request information directly from you.
The specific information collected depends on the nature of the Services being used and may include:
Identity Information
Official Documentation
We may request copies of official documents for verification and compliance purposes, including:
Financial Information
To facilitate transactions and comply with regulatory requirements, we may collect:
Certain payment information may be securely processed and stored in accordance with Payment Card Industry Data Security Standard (PCI DSS) requirements and other applicable security standards.
Transaction Information
When you use our Services, we may collect details relating to transactions, including:
Verification and Due Diligence Information
To meet compliance obligations and mitigate fraud risks, we may collect additional information such as:
Employment and Business Information
Where relevant, we may collect:
Communications and Feedback
Any information voluntarily provided through customer support channels, surveys, correspondence, complaints, or user research activities may also be retained and processed.
For corporate customers, additional documentation may be required to satisfy Know Your Business (KYB), anti-money laundering (AML), counter-terrorist financing (CTF), sanctions screening, and regulatory obligations.
Failure to provide information that is required by law or necessary for service delivery may prevent CORETECH from establishing or maintaining a business relationship with you.
When you access our websites, platforms, or Services, certain information may be collected automatically through technological means. This information may include:
Technical and Device Information
Usage Information
We may monitor and record information relating to your interaction with our Services, including:
Transaction Monitoring Information
Information relating to transaction activity, including originating location, device usage patterns, and operational data, may be collected to support security, compliance, and fraud prevention activities.
Cookies and Similar Technologies
CORETECH uses cookies, web beacons, location-based technologies, and similar tracking tools to improve functionality, enhance user experience, maintain security, and analyze website performance.
Additional details regarding these technologies are available in our Cookie Policy.
In certain situations, CORETECH may obtain personal information from independent third-party sources. These sources may include:
Identity Verification Providers
Third-party verification providers may supply information used to confirm identity, conduct due diligence reviews, and satisfy legal obligations.
Publicly Available Sources
Information may be obtained from government databases, public registries, sanctions lists, regulatory publications, and other publicly accessible records.
Financial Institutions and Payment Partners
Banks, payment service providers, and financial intermediaries may provide information necessary to process payments, settlements, collections, or other financial transactions.
Blockchain Analytics Providers
Where digital asset services are involved, blockchain intelligence and analytics providers may supply information relating to wallet activity, transaction monitoring, sanctions exposure, and financial crime risk assessments.
Business Partners and Referral Sources
Marketing partners, resellers, merchants, and strategic partners may provide information that assists CORETECH in delivering Services or identifying products that may be relevant to users.
Analytics and Advertising Providers
Third-party analytics and advertising service providers may provide aggregated or pseudonymised information concerning website traffic, visitor behaviour, campaign performance, and service usage patterns.
CORETECH processes personal information only where there is a lawful basis to do so and where such processing is necessary for legitimate business, regulatory, operational, or contractual purposes.
The primary purposes for which personal information may be used include:
Service Delivery and Account Administration
Personal information is used to:
Security, Risk Management and Fraud Prevention
We process information to protect our platforms, customers, and business operations from fraud, unauthorized activity, cyber threats, money laundering, terrorist financing, and other forms of financial crime. This may include identity verification, transaction monitoring, sanctions screening, security investigations, and risk assessments.
Communications
CORETECH may use personal information to communicate with you regarding:
Where permitted by law and subject to your communication preferences, we may also provide information about products, promotions, events, or other business developments that may be of interest to you.
CORETECH treats personal information as confidential and restricts access to individuals who require such information to perform their professional responsibilities. We do not sell, lease, or otherwise commercialize personal information without the individual's consent, except where permitted or required by law.
Personal information may be disclosed to the following categories of recipients when necessary for business operations, regulatory compliance, or service delivery:
Identity Verification and Compliance Providers
To satisfy customer due diligence, fraud prevention, sanctions screening, and regulatory obligations, CORETECH may share information with identity verification vendors, compliance service providers, and risk management partners.
Banking and Financial Institutions
Information may be shared with banks, payment service providers, settlement partners, card schemes, and other financial institutions involved in processing transactions or delivering financial services.
Group Companies and Affiliates
Where operationally necessary, personal information may be exchanged among CORETECH's subsidiaries, affiliates, and related entities to support service delivery, compliance management, internal administration, and risk monitoring.
Service Providers and Contractors
CORETECH may engage third-party vendors to perform functions on its behalf, including technology support, cloud hosting, cybersecurity, customer service, data analytics, auditing, legal advisory, and operational support. Such providers are contractually required to maintain appropriate confidentiality and security standards.
Corporate Transactions
In the event of a merger, acquisition, restructuring, asset sale, financing transaction, insolvency proceeding, or similar corporate event, personal information may be disclosed as part of the due diligence process or transferred as a business asset, subject to applicable legal requirements.
Legal and Regulatory Authorities
We may disclose information where required by law, regulation, court order, subpoena, regulatory request, law enforcement inquiry, or other legally binding process.
Disclosure may also occur where reasonably necessary to:
Authorized Third-Party Integrations
Where you authorize a third-party platform, application, or service to connect with your CORETECH account, information necessary to facilitate that connection may be shared with the authorized provider.
Any use of information by such third parties will be governed by their own privacy policies and terms of service.
Examples of Authorized Connections
Examples may include:
Post-Termination Use of Information
Following the conclusion of a business relationship, CORETECH may continue to retain and process personal information where necessary to:
Our websites, applications, and Services may contain links to third-party websites, platforms, or services that operate independently from CORETECH.
CORETECH does not control, monitor, or endorse the privacy practices of external websites. As a result, we cannot accept responsibility for the content, security measures, or personal data handling practices of such third parties.
Users are encouraged to review the privacy notices and terms of use of any external websites before providing personal information or engaging with those services.
Information Security
CORETECH maintains administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, misuse, loss, alteration, disclosure, or destruction.
Security measures may include:
Access to personal information is limited to authorized personnel whose responsibilities require such access. Employees and contractors are expected to comply with applicable confidentiality requirements and data protection obligations at all times.
International Transfers
As an international organization, CORETECH may process or store personal information in multiple jurisdictions. Where personal information is transferred across borders, CORETECH will implement appropriate safeguards and comply with applicable legal requirements governing international data transfers.
Third-Party Infrastructure Providers
Certain systems and data storage facilities may be operated by reputable third-party technology providers. CORETECH requires such providers to maintain security controls that are appropriate for the nature of the information being processed.
Although CORETECH implements industry-standard security measures, no transmission method or electronic storage system can be guaranteed to be completely secure. Users should therefore take reasonable precautions to protect their own account credentials and security settings.
Anonymized Information
Where personal information has been irreversibly anonymized so that individuals can no longer be identified, such information may be used for business, research, statistical, analytical, or operational purposes without further notice.
Minors
CORETECH's Services are not intended for individuals under eighteen (18) years of age. If we become aware that personal information relating to a minor has been collected without appropriate authorization, we will take reasonable steps to remove such information and restrict further access to the Services.
Data Retention
Personal information will be retained only for as long as necessary to fulfill the purposes described in this Privacy Policy or to satisfy legal, regulatory, accounting, contractual, or operational requirements.
Retention periods may vary depending on:
Where information is no longer required, CORETECH will securely delete, destroy, anonymize, or de-identify the information in accordance with applicable laws and internal retention policies.
CORETECH may use automated systems, analytical tools, and profiling techniques to improve service delivery, enhance user experience, strengthen security controls, and support risk management activities.
Examples may include:
Where profiling activities occur, CORETECH will implement reasonable safeguards to protect individual rights and interests.
Such activities are generally designed to support operational and compliance functions and are not intended to produce decisions with significant legal effects without appropriate human oversight where required by applicable law.
Depending on the jurisdiction in which you reside and the laws applicable to your personal information, you may have certain rights regarding the collection and processing of your data. These rights may include:
Right of Access
You may request confirmation of whether CORETECH processes your personal information and obtain access to the information we hold about you.
Right to Rectification
You may request correction of inaccurate, incomplete, or outdated personal information.
Right to Withdraw Consent
Where processing is based upon consent, you may withdraw that consent at any time, subject to legal or contractual limitations.
Right to Data Portability
Where applicable, you may request that certain personal information be provided in a structured, commonly used, and machine-readable format.
Right to Erasure
You may request deletion of personal information in circumstances where retention is no longer necessary or legally justified. However, CORETECH may retain information where required by law or where legitimate business grounds continue to exist.
Right to Restrict or Object
In certain circumstances, you may request restrictions on processing or object to specific processing activities.
Right to Lodge a Complaint
You may submit a complaint to the relevant supervisory authority or data protection regulator if you believe your privacy rights have been violated.
Requests relating to privacy rights may be submitted using the contact information provided in this Privacy Policy.
CORETECH reserves the right to revise, amend, or update this Privacy Policy from time to time to reflect changes in:
Any updated version will become effective upon publication unless otherwise specified.
Continued use of the Services after an updated version is published constitutes acceptance of the revised Privacy Policy.
Users are encouraged to review this Privacy Policy periodically to remain informed of any changes. Where required by law, CORETECH will provide additional notice regarding material amendments.
Questions, requests, concerns, or complaints relating to this Privacy Policy or the processing of personal information may be directed to:
Email: compliance@coretech-global.com
CORETECH will make reasonable efforts to respond to privacy-related inquiries in accordance with applicable legal and regulatory requirements.
© 2026 CoreTech Global Payment Inc. All rights reserved.
