Effective Date: January 11, 2025
Last Updated: January 11, 2025
CycleFund Inc., a Delaware corporation ("CycleFund," "we," "us," or "our"), operates as a licensed financial technology platform providing digital savings circle services globally. This Privacy Policy describes how we collect, use, protect, and share your personal information when you use our services across our platforms, including our website, mobile applications, and related services (collectively, the "Services"), in compliance with applicable data protection laws worldwide including GDPR, CCPA, and other regional privacy regulations.
Personal Information
- Identity Information: Full name, date of birth, nationality, government-issued ID numbers
- Contact Information: Email address, phone number, physical address
- Financial Information: Bank account details, payment method information, transaction history
- KYC Information: Identity verification documents, proof of address, employment information
- Biometric Data: Facial recognition data for identity verification (with explicit consent)
Technical Information
- Device Information: Device type, operating system, browser type, IP address
- Usage Data: Pages visited, features used, time spent on platform
- Location Data: Approximate location based on IP address (with consent for precise location)
- Cookies and Tracking: Session cookies, analytics cookies, preference cookies
Third-Party Information
- Credit Agencies: Credit history and financial behavior data (Ghana only)
- Social Media: Profile information when you connect social accounts
- Referral Sources: Information from users who refer you to our platform
Service Provision
- Create and manage your CycleFund account
- Process savings circle contributions and payouts
- Verify your identity and prevent fraud
- Provide customer support and communications
- Send transactional notifications and updates
Legal Compliance
US Compliance
- Anti-Money Laundering (AML) - Bank Secrecy Act
- Know Your Customer (KYC) - USA PATRIOT Act
- CCPA - California Consumer Privacy Act
- State privacy laws and financial regulations
- IRS reporting requirements and tax compliance
International Compliance
- GDPR - EU General Data Protection Regulation
- UK GDPR and Data Protection Act 2018
- Ghana Data Protection Act 2012
- Nigeria Data Protection Regulation 2019
- PIPEDA - Canada Personal Information Protection
Financial Services Compliance
- Multi-jurisdictional AML/CFT requirements and suspicious transaction reporting
- Cross-border payment compliance and currency exchange reporting
- Tax authority reporting in US, Ghana, Nigeria, UK, and other operating jurisdictions
- International sanctions compliance (OFAC, UN, EU, HMT)
Business Operations
- Improve our services and develop new features
- Conduct risk assessment and fraud prevention
- Analyze usage patterns and platform performance
- Marketing and promotional communications (with consent)
United States
- Contractual necessity for service provision
- Legal obligations under federal and state law
- Legitimate business interests
- Explicit consent where required
Ghana
- Performance of contract
- Compliance with legal obligations
- Legitimate interests
- Consent (where applicable)
Authorized Third Parties
- Payment Processors: Stripe, Paystack, and authorized payment partners
- Banking Partners: Licensed financial institutions for escrow services
- KYC Providers: SmileID, Veriff for identity verification
- Cloud Services: AWS, Vercel for secure data hosting
- Analytics: Anonymized data to improve services
Legal Requirements
- Government agencies for regulatory compliance
- Law enforcement with valid legal requests
- Tax authorities in US and Ghana
- Court orders and legal proceedings
We Never Sell Your Data: CycleFund does not sell, rent, or trade your personal information to third parties for marketing purposes.
Technical Safeguards
- 256-bit SSL/TLS encryption
- End-to-end data encryption
- Multi-factor authentication
- Regular security audits
- Intrusion detection systems
Administrative Safeguards
- Access controls and permissions
- Employee background checks
- Privacy training programs
- Incident response procedures
- Data breach notification protocols
US Residents
- Access your personal information
- Correct inaccurate data
- Request deletion (subject to legal requirements)
- Opt-out of marketing communications
- Data portability rights
- File complaints with state attorneys general
EU/UK Residents
- Right of access to personal data
- Right to rectification
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
- Right to lodge complaints with supervisory authorities
African Residents
- Right to access personal data
- Right to correction and rectification
- Right to object to processing
- Right to data portability
- Right to withdraw consent
- Right to lodge complaints with Data Protection Authorities
- Right to compensation for damages
How to Exercise Your Rights
- Online Portal: Access your privacy dashboard through your CycleFund account
- Email Requests: Send detailed requests to privacy@cyclefund.com
- Phone Support: Contact our privacy team at +1 (302) 555-0123
- Written Requests: Mail to CycleFund Privacy Team, 251 Little Falls Drive, Wilmington, DE 19808
- Response Time: We respond to privacy requests within 30 days (or as required by local law)
- Identity Verification: We may require identity verification for security purposes
As a global platform, your data may be transferred to and processed in countries other than your country of residence, including the United States (our primary data processing location), Ghana, Nigeria, the United Kingdom, and other jurisdictions where we operate. We ensure appropriate safeguards are in place for all international transfers:
Legal Transfer Mechanisms
- Adequacy Decisions: Transfers to countries deemed adequate by EU Commission, UK ICO
- Standard Contractual Clauses: EU-approved contracts for data protection
- Binding Corporate Rules: Internal global data protection standards
- Certification Programs: ISO 27001, SOC 2 Type II compliance
- APEC CBPR: Cross-Border Privacy Rules certification
Data Localization Compliance
- Nigeria: Local data processing servers for Nigerian residents
- Ghana: In-country data hosting partnerships
- EU: European data residency options available
- UK: Post-Brexit data protection arrangements
- Canada: PIPEDA-compliant data handling
Data Protection Officer: We have appointed Data Protection Officers in the EU, UK, and other jurisdictions as required by local law. Contact dpo@cyclefund.com for privacy-related inquiries.
Global Privacy Officer
CycleFund Inc. - Privacy Department
251 Little Falls Drive
Wilmington, DE 19808, United States
Email: privacy@cyclefund.com
Phone: +1 (302) 555-0123
Data Protection Officer: dpo@cyclefund.com
Ghana Operations
Ridge Towers, Suite 15
West Ridge, Accra
Ghana
Email: privacy.gh@cyclefund.com
Phone: +233 30 555 0123
UK/EU Operations
25 Canada Square
London E14 5LQ
United Kingdom
Email: privacy.uk@cyclefund.com
Phone: +44 20 7946 0958
Nigeria Operations
Plot 1391 Tiamiyu Savage
Victoria Island, Lagos
Nigeria
Email: privacy.ng@cyclefund.com
Phone: +234 1 460 5555
Regulatory Contacts
EU Data Protection Authorities
- • Ireland: Data Protection Commission (lead supervisory authority)
- • Germany: Federal Commissioner for Data Protection
- • France: Commission Nationale de l'Informatique et des Libertés
Other Regulatory Bodies
- • UK: Information Commissioner's Office (ICO)
- • Ghana: Data Protection Commission
- • Nigeria: Nigeria Data Protection Bureau
- • Canada: Privacy Commissioner of Canada
Policy Updates
We may update this Privacy Policy from time to time. We will notify you of material changes by:
- Email notification to your registered email address
- In-app notifications when you next access our services
- Prominent notice on our website
Your continued use of our services after such modifications will constitute acknowledgment and agreement to the modified Privacy Policy.