Privacy Policy
Welcome to Prime Ledger. Prime Ledger Inc. ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, primeledger.io (the "Site"), and use our services (the "Services"). It also describes the privacy rights available to you under United States state privacy laws and, for individuals in the European Economic Area ("EEA") and the United Kingdom ("UK"), under the GDPR and UK GDPR. Please read this policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access the Site or use the Services.
1. Information We Collect
We may collect information about you in a variety of ways, including:
Personal Data
Personally identifiable information, such as your name, mailing address, email address, and telephone number, and demographic information, such as your age, gender, and interests, that you voluntarily provide when you register with the Site, request the Services, or participate in activities on the Site.
Financial and Identity Verification Data
Financial information, such as data related to your payment method (e.g., payment card number, card brand, expiration date), collected when you purchase or request the Services. We also collect information required for Know Your Customer ("KYC") and Anti-Money Laundering ("AML") compliance, which may include government-issued identification, date of birth, Social Security or other tax identification number, proof of address, and information about your source of funds. Some of this information is considered "sensitive data" under certain state privacy laws; we collect and process it only as necessary to provide the Services and to comply with our legal obligations, and, where required by applicable law, with your consent.
Automatically Collected Data
Information our servers automatically collect when you access the Site, such as your IP address, browser type, operating system, device identifiers, access times, and the pages you viewed directly before and after accessing the Site. Some of this information is collected through cookies and similar technologies and may constitute personal information under applicable law. For details on the tracking technologies we use and your choices, please see our Cookie Policy at primeledger.io/cookie-policy.
2. How We Use Your Information
We use information collected about you to:
- Create and manage your account.
- Process your transactions and deliver the Services you request.
- Fulfill our legal and regulatory obligations, including KYC/AML verification, sanctions screening, fraud prevention, and recordkeeping.
- Communicate with you regarding your account, transactions, and inquiries.
- Improve, monitor, and analyze usage of the Site and Services.
- Notify you of updates to the Site, the Services, and our policies.
- Protect the security and integrity of the Site, the Services, and our users.
Legal bases (EEA/UK). Where the GDPR or UK GDPR applies, we process your personal data on the following legal bases: performance of a contract (providing the Services); compliance with legal obligations (KYC/AML and regulatory requirements); our legitimate interests (securing and improving the Services, preventing fraud); and your consent (non-essential cookies and marketing communications, which you may withdraw at any time).
Artificial intelligence. We do not sell your personal information for the purpose of training large language models, and we do not use your personal information to train large language models. [Confirm with engineering; Connecticut requires this disclosure effective July 1, 2026 — revise if any AI/ML training use exists.]
3. How We Share Your Information
We may share information we have collected about you in the following situations:
By Law or to Protect Rights
If we believe the release of information about you is necessary to respond to legal process, to investigate or remedy potential violations of our policies, or to protect the rights, property, and safety of others, we may share your information as permitted or required by applicable law, rule, or regulation, including with financial regulators and law enforcement.
Third-Party Service Providers
We may share your information with third parties that perform services for us or on our behalf, including payment processing, identity verification and KYC/AML screening, data analysis, email delivery, hosting, customer service, and marketing assistance. These service providers are contractually obligated to protect your data and may use it only to perform services for us.
Business Transfers
We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.
Sale and Targeted Advertising
We do not sell your personal information in exchange for money. However, our use of third-party analytics and advertising cookies may be considered a "sale" or "sharing" of personal information, or "targeted advertising," under certain state privacy laws. You can opt out as described in Section 7 and in our Cookie Policy.
4. Cookies and Tracking Technologies
We use cookies, web beacons, pixels, and similar technologies on the Site to operate the Site, analyze usage, and improve your experience. Information collected through these technologies may include personal information under applicable law. Our use of these technologies, and the controls available to you — including our cookie preference center and our recognition of the Global Privacy Control browser signal — are described in our Cookie Policy at primeledger.io/cookie-policy.
5. Data Security
We use administrative, technical, and physical security measures to help protect your personal information, including encryption in transit, access controls, and monitoring. While we have taken reasonable steps to secure the personal information you provide to us, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against interception or misuse. In the event of a data breach affecting your personal information, we will notify you and applicable regulators as required by law.
6. Data Retention
We retain your personal information only for as long as necessary for the purposes set out in this Privacy Policy, including to satisfy legal, accounting, regulatory, and reporting requirements. KYC/AML records are retained for the period required by applicable financial regulations. When personal information is no longer required, we delete or de-identify it.
7. Your United States State Privacy Rights
Depending on your state of residence, you may have some or all of the following rights under applicable state privacy laws (including laws in California, Colorado, Connecticut, Texas, Virginia, and other states):
- Right to know / access. Request confirmation of whether we process your personal information and access a copy of it.
- Right to correct. Request correction of inaccurate personal information.
- Right to delete. Request deletion of your personal information, subject to legal retention obligations (including KYC/AML requirements).
- Right to data portability. Receive a copy of your personal information in a portable format.
- Right to opt out. Opt out of the sale of personal information, sharing/processing for targeted advertising, and certain profiling.
- Right to limit or consent to sensitive data processing. Depending on your state, sensitive data may be processed only with your consent or subject to a right to limit its use.
- Right to non-discrimination. We will not discriminate against you for exercising your rights.
How to exercise your rights. Submit a request by emailing privacy@primeledger.io or via the "Your Privacy Choices" link in the footer of the Site. We may need to verify your identity before responding. You may use an authorized agent to submit requests on your behalf. We will respond within the timeframe required by applicable law (generally 45 days).
Right to appeal. If we decline to act on your request, you may appeal our decision by replying to our response with the subject line "Privacy Appeal." If your appeal is denied, you may contact your state Attorney General.
Global Privacy Control. We recognize and honor the Global Privacy Control browser signal as a valid opt-out of the sale or sharing of personal information in states where recognition is required.
Financial data exemptions. Personal information we collect and process subject to the Gramm-Leach-Bliley Act or other federal financial privacy laws may be exempt from certain state privacy law rights. [Confirm GLBA applicability with counsel.]
8. Individuals in the EEA and the United Kingdom
If you are located in the EEA or the UK, you have the following rights under the GDPR or UK GDPR: the right of access; the right to rectification; the right to erasure; the right to restrict processing; the right to object to processing (including processing based on legitimate interests and for direct marketing); the right to data portability; and the right to withdraw consent at any time where processing is based on consent, without affecting the lawfulness of prior processing. You also have the right to lodge a complaint with your local supervisory authority.
International transfers. We are based in the United States, and your personal data will be transferred to and processed in the United States. Where we transfer personal data from the EEA or the UK, we rely on appropriate safeguards, such as the EU-U.S. Data Privacy Framework, the UK Extension to the Data Privacy Framework, and/or Standard Contractual Clauses. [Confirm current transfer mechanisms and any EU/UK representative appointments with counsel.]
9. Children’s Privacy
The Site and Services are not directed to children under 18, and we do not knowingly collect personal information from children under 13 (or under 16 in certain jurisdictions). If we learn that we have collected personal information from a child, we will delete it promptly. If you believe a child has provided us with personal information, please contact us at privacy@primeledger.io.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes to our practices or for other operational, legal, or regulatory reasons. We will notify you of material changes by updating the "Last Updated" date of this Privacy Policy and, where required by law, by providing additional notice (such as by email or a prominent notice on the Site).
11. Contact Us
If you have questions or comments about this Privacy Policy, or wish to exercise your privacy rights, please contact us at:
Prime Ledger Inc.
Attn: Privacy / Legal Department
144 W Jackson Blvd., Suite 4236
Chicago, IL 60604
Email: privacy@primeledger.io