Northvest

Privacy Policy

Last updated [insert date before publishing]

This is a draft template describing what Northvest actually collects today. Replace the bracketed placeholders with your real entity/contact details and have it reviewed against the privacy laws that apply to your users (for example GDPR if you have EU users, or CCPA for California residents) before publishing.

1. What we collect

  • Account information: name, email, and authentication data when you register.
  • Identity verification (KYC): legal name, date of birth, country, address, and the identity document you upload.
  • Financial activity: deposit and withdrawal requests, amounts, status, and the destination/source crypto address or bank details you provide.
  • Security data: sign-in and security events, used to protect your account.
  • Support communications: anything you send us via [insert your actual support channel(s)].

2. How we use it

  • To operate your account, including crediting deposits and processing withdrawal requests.
  • To verify your identity and meet [insert applicable] regulatory obligations.
  • To detect and prevent fraud or unauthorized account access.
  • To send you account and security notifications.

3. Identity documents

Identity documents you upload are stored in a private file store that only you and authorized administrators can access; administrators access them only to review your verification request.

4. Who we share it with

[Insert any actual third parties here — e.g. a KYC verification provider, hosting/infrastructure provider, email provider. Do not leave this section implying no sharing occurs if any does.] We do not sell your personal information.

5. Data retention

[Insert your actual retention periods — for example, how long KYC documents and transaction records are kept, and whether that's driven by a specific regulatory requirement.]

6. Your rights

Depending on where you live, you may have the right to access, correct, export, or request deletion of your personal data. Contact [insert privacy contact email] to exercise these rights.

7. Security

We use industry-standard safeguards, including encryption in transit and role-based access controls for administrative actions, which are themselves logged. No system is perfectly secure, and we can't guarantee absolute security.

8. Contact

Questions about this policy: [insert privacy contact email].