Privacy Policy

Identification: Name, email, date of birth, phone, address, government-issued ID.
Commercial: Trading history, order activity, deposits, withdrawals, balances.
Financial: Bank account number, routing details.
Correspondence: Customer support interactions.
Media/Visual: Photos, videos, voicemail recordings.
Biometric: Facial scans from ID documents.
Professional: Job title, source of wealth.
Institutional (if applicable): Legal name, EIN, incorporation/legal documents.
Sensitive: SSN or equivalent, passport/driver’s license numbers.
Preferences: App settings and interface choices.
Communications: Chatbot use, surveys, support messages.
Referrals: Contacts’ emails or numbers if you invite them.

B. Information Collected Automatically

Includes:

Online Identifiers: IP address, domain name, general location.
Device Info: Operating system, hardware, browser type, screen size.
Usage Data: Page views, clicks, keystrokes, chat logs, AI tool inputs.
Tracking Technologies: Cookies and similar tools (see Section 4).

C. Information from Third Parties

We may collect or verify:

Identification & Contact Info: Name, address, phone, email.
Financial Info: Bank details from linked accounts.
Transaction Info: Public blockchain activity may link to your identity.
Credit/Fraud Checks: Identity verification, fraud screening.
Legal Compliance Info: Criminal or financial background checks.

D. Combined Data

We may combine personal information from multiple sources.
Data may be de-identified or aggregated and used lawfully.

2. Purpose for Collecting Personal Information

We use your data to:

Provide Services: Enable transactions, manage accounts.
Comply with Laws: Fulfill AML, KYC, tax obligations.
Prevent Fraud: Detect suspicious or unauthorized activity.
Ensure Security: Protect systems and accounts.
Support You: Respond to inquiries and resolve issues.
Improve Products: Analyze usage and optimize features.
Marketing: Send offers, updates, and promotions (opt-out available).
Other Uses: With your consent or as permitted by law.

3. Sharing Your Information

We share your information with:

Service Providers: For fraud checks, identity verification, analytics, customer support, tax reporting, etc.
Affiliates: To offer you consistent services.
Business Partners: For co-branded services or joint offerings.
Analytics & Ad Partners: To measure and optimize marketing.
Marketing Platforms: Social media, ad networks (see Section 4).
Regulators & Law Enforcement: As required by law.
Corporate Events: Mergers, acquisitions, bankruptcy.
Professional Advisors: Legal and audit-related services.
With Consent: When you agree to share for other reasons.
Other Legal Uses: As required or allowed by law.

4. Cookies & Tracking Technologies

We use cookies and similar tools to:

Recognize users.
Detect fraud and unauthorized activity.
Meet compliance requirements (e.g., AML/BSA).
Analyze traffic and improve services.

Third-party cookies (e.g., Google Analytics):

May collect info for advertising or usage insights.
Opt-out tools available:

Managing Cookies:

Block or delete cookies via browser/device settings.
Essential cookies (security, fraud detection) cannot be disabled.

5. Direct Marketing

We may send promotional messages about our services.
Opt out at any time via account settings or message links.
Transactional emails (e.g., account activity) will still be sent.
We do not sell your data to third parties for their own marketing.

6. Children’s Information

Exiopay is not intended for users under 18.
We do not knowingly collect their data.
Any data found will be deleted.

7. Information Security

We use safeguards to protect your data, including:

SSL encryption
Two-factor authentication (2FA)
Access controls
Staff confidentiality obligations

Note: No system is 100% secure, but we take strong precautions.

8. Data Retention

We retain your data:

As long as needed for services or legal compliance.
Even after account closure, for fraud prevention, tax, and regulatory reasons.

9. International Data Transfers

Exiopay may store/process data outside your country.
Safeguards comply with applicable privacy laws.
Data transfers are governed by legal agreements (e.g., SCCs for EU/UK users).

10. The EU & UK General Data Protection Regulation (GDPR) Rights

We process data on these legal bases:

Legal Obligation
Contract
Legitimate Interest
Consent

Your rights:

Access/Correct/Delete personal data.
Restrict or Object to processing.
Data Portability.
Human Review for automated decisions.

We verify your identity before fulfilling rights requests. Excessive or repetitive requests may incur a fee.

11. Policy Updates

We may update this Privacy Policy as needed.
Material changes will be communicated clearly.
Continued use of Exiopay indicates acceptance of any changes.

12. Contact Us

If you have questions or concerns about this Privacy Policy or how we handle your Personal Information:

General Inquiries:
Email us at support@exiopay.xyz
Data Protection Officer:
For matters related to your personal data, contact our DPO at DPO@exiopay.com
UK Residents – Complaints:
Contact the Information Commissioner’s Office (ICO):
https://ico.org.uk/make-a-complaint
EU/EEA Residents – Complaints:
Contact your national Data Protection Authority:
https://edpb.europa.eu/about-edpb/board/members_en
Residents Outside the UK/EU:
If your country has a national data protection authority, you may contact them with your concerns.
We are committed to addressing privacy issues for all users, regardless of location. Please email DPO@exiopay.com with your inquiry, and we will respond in accordance with applicable laws.

Cookie Policy

1. Use of Cookies

Our website uses cookies and similar technologies (e.g. tracking pixels, web beacons, tags) to:
- Distinguish you from other users
- Provide a consistent, user-friendly experience
- Improve performance, functionality, and security
- Analyse user behaviour to enhance content and layout
Cookies help us remember your preferences (e.g. language settings) and measure how you interact with our site.

2. What Are Cookies?

Cookies are small text files containing letters and numbers stored on your browser or hard drive.
They store information such as:
- Session identifiers
- Login preferences
- User activity data (e.g. page views, clicks)
Cookies are either:
- First-party cookies: set by our website
- Third-party cookies: set by external services we use

3. Types of Cookies We Use

Necessary

Essential for core website functions (e.g. page navigation, access to secure areas). Without these, the website may not work properly.

Analytics

Help us understand how users interact with the website (e.g. page views, bounce rates, user flow) using tools like Google Analytics.

Functional

Enable enhanced features, such as social media sharing, feedback forms, and embedded content (e.g. videos).

Deliver relevant ads and marketing content. These cookies track browsing habits and may be set by advertising partners.

4. Third-Party Cookies

We may allow trusted third parties to place cookies on your device.
These may include:
- Ad networks
- Traffic analysis providers
- Social media platforms
These cookies are often analytical, functional, or targeting cookies.
We do not have control over these third-party cookies or how they are used.

5. Managing Cookies

You can control or disable cookies through your browser settings:
- Accept or reject all cookies
- Block third-party cookies
- Set alerts for cookie placement
Please note:
- Disabling cookies may impact your experience
- Some parts of the website may not function correctly

6. Cookie Duration

Cookies may be:
- Session cookies: deleted when you close your browser
- Persistent cookies: remain on your device for a set time
Non-essential cookies have varying expiry dates, listed in our detailed cookie table

7. Updates to This Policy

We may update this policy from time to time to reflect:
- Legal requirements
- Changes in technology
- Modifications to our use of cookies
Check this page regularly for the most current information

Complaints Policy

Complaint Handling

ExioPay (“ExioPay”, “we”) is committed to delivering excellent customer service and resolving complaints fairly, promptly, and transparently. This policy outlines how we manage complaints in accordance with applicable regulatory standards, including those set by the UK Financial Conduct Authority (FCA) and European Financial Ombudsman frameworks.

What Is a Complaint?

A complaint is any expression of dissatisfaction—spoken or written—from a client or potential client regarding our services, staff conduct, or platform.

Our Principles

We adhere to the following core values in our complaints process:

Accessible: Clients can easily submit complaints
Fair: All complaints are reviewed impartially
Efficient: We aim for quick, streamlined resolution
Transparent: Clear communication at every step
Accountable: We log and track all complaints
Continuous Improvement: We use complaints to enhance our services

✉️ How to Complain

To submit a complaint:

Email: support@exiopay.xyz
Subject: "Complaint – Attn: Compliance Department"
Please include:
- Your full name
- Account information
- Detailed description of the issue

Complaint Process

Acknowledgment:
We will confirm receipt within 5 business days, including the next steps and reference number.
Investigation:
Our Compliance Team will investigate your complaint independently and may request further information.
Resolution:
We aim to respond within 15 business days. If more time is required, we will keep you informed. A final response will be provided no later than 8 weeks after the complaint was received.

Escalation Options

If you're not satisfied with our final response—or if 8 weeks have passed without resolution—you may escalate your complaint to:

🇬🇧 UK Clients:

Financial Ombudsman Service
Website: www.financial-ombudsman.org.uk

🇪🇺 EU/EEA Clients:

FIN-NET (European Financial Dispute Resolution Network)
Website: FIN-NET – European Commission
You can contact your local financial ombudsman or resolution body within the FIN-NET network.

👥 Staff Training & Compliance Reporting

All relevant ExioPay team members are trained to handle complaints professionally. We log, monitor, and report all complaints to senior management for transparency, compliance, and ongoing service improvement.

Anti-Money Laundering (AML) Policy

1. Introduction

This Anti-Money Laundering (AML) Policy outlines the procedures and internal controls implemented by [exiopay.xyz] (“we”, “our”, “us”) to detect and prevent money laundering and terrorist financing. As a provider of cross-border payments and cryptocurrency services, we are committed to operating in full compliance with applicable laws in the United Kingdom and the European Union and globally.

We adopt a risk-based approach to AML compliance and strive to uphold the highest standards of transparency and accountability.

2. Legal and Regulatory Framework

This policy aligns with current UK and EU anti-money laundering and counter-terrorist financing laws, including:

United Kingdom

Proceeds of Crime Act 2002 (POCA)
Terrorism Act 2000
The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (as amended)
FCA Guidance for Cryptoasset Businesses

European Union

5th and 6th Anti-Money Laundering Directives (AMLD)
EU Regulation (EU) 2015/847 on transfer of funds
EU Markets in Crypto-Assets (MiCA) Regulation (2023)

Global Standards

FATF Recommendations (Financial Action Task Force)
UN Conventions against transnational organized crime and corruption

3. Know Your Customer (KYC) Requirements

At Exiopay, all Know Your Customer (KYC) and Customer Due Diligence (CDD) procedures are conducted exclusively by our regulated third-party partners, who are licensed and authorised under relevant UK and EU financial regulations.

We do not perform direct KYC onboarding ourselves, but instead rely on our partners—who are subject to stringent AML/CTF obligations under the Money Laundering Regulations 2017 (UK) and the EU Anti-Money Laundering Directives—to verify the identity of all users transacting on our platform.

Prior to providing services, we verify the identity of all customers using the following documentation:

For individuals:

Full legal name
Government-issued photo ID (passport, driving licence)
Proof of address (e.g. utility bill, bank statement, dated within the last 3 months)
Date of birth

For corporate entities:

Certificate of incorporation
Company address
Identity of directors and beneficial owners (UBOs)
Business registration and tax information

4. Customer Due Diligence (CDD) & Enhanced Due Diligence (EDD)

CDD is applied to all new customers before account activation.
EDD is triggered for:
- Politically Exposed Persons (PEPs)
- High-risk jurisdictions as designated by the UK or EU
- Large or complex transactions
- Suspicious or unusual behavior

EDD may include additional documentation and approval by senior compliance staff.

5. Transaction Monitoring

We conduct real-time and post-transaction monitoring to detect:

Unusual or inconsistent transaction patterns
Structuring or layering activity
Use of mixing or anonymization services
Sudden spikes in activity inconsistent with known profile

6. Reporting Suspicious Activity

We are legally obligated to report suspicious transactions to the relevant authority:

In the UK: Reports are filed with the National Crime Agency (NCA)
In the EU: Reports are filed with the national Financial Intelligence Unit (FIU) of the applicable member state
Globally: We cooperate with relevant law enforcement and regulatory agencies upon request

No notice is given to the client when a report is submitted, in compliance with anti-tipping-off laws.

7. Record Keeping

We retain KYC records, transaction logs, and related documentation for a minimum of 5 years after the end of a customer relationship, in accordance with regulatory requirements.

8. Staff Training

All employees receive regular AML training covering:

KYC/CDD procedures
Identifying and reporting suspicious activity
Compliance with UK and EU regulatory frameworks

9. Sanctions Compliance

We do not engage with individuals or entities listed under:

UK Sanctions List
EU Restrictive Measures

All customers and transactions are screened against these lists during onboarding and continuously thereafter.

10. Governance and Oversight

Our AML framework is overseen by a Designated Compliance Officer, who is responsible for:

Ensuring effective implementation of AML policies
Overseeing customer onboarding and transaction monitoring
Liaising with law enforcement and regulatory agencies
Conducting internal audits and periodic risk assessments

11. Do We Have an AML Program in Place?

Yes. While customer identification and verification are fully delegated to our regulated partners, we maintain an internal AML and risk oversight framework to:

Monitor transaction activity on our platform for suspicious or unusual patterns
Enforce restrictions based on sanctions or high-risk jurisdictions
Ensure our services are not misused for illicit purposes
Cooperate with authorities and fulfill any reporting obligations if required

Our internal compliance team works closely with our partners to uphold the integrity of our platform and to ensure compliance with all applicable laws.

Contact and Reporting

For questions regarding this policy or to report suspicious activity, please contact:

📧 Compliance Department
✉️ [support@exiopay.xyz]
📍 [DPO@exiopay.xyz]

Effective Date: [March 2025]
Reviewed: [March 2025]
Next Review: [March 2026]

Google Sites

Report abuse