BPN Privacy Notice

Last updated: 9 September 2025

This Privacy Notice (“Notice”) describes how Better Payment Network (“Better Payment Network”, “BPN”, “we”, “us”, “our”, “ourselves”) collects and processes your Personal Data (“you”, “your”) through our websites and applications or other services (collectively, together with the Website and the Apps, our “Service”). By using the Services provided by us, you are consenting to the collection, storage, processing, and transfer of your Personal Data as described in this Privacy Notice.

This Privacy Notice applies together with any terms of business and other contractual documents, including but not limited to any agreements we may have with you and the Terms of Use available here. For any questions or concerns, contact us at dpo@bpn.finance or through our online form.

This Notice covers:

Our Relationship with You
Collection and Use of Your Personal Data
- If you are visitor on our website
- Safeguarding Your Special Category Data
- Marketing and Promotional Communications
- Personal Data collected automatically from you:
- Aggregated and Anonymized Data
Use of Cookies
How We Share Your Data
International Transfers of Personal Data
Data Security
Data Retention
What Privacy Rights Do You Have?
- Accessing Your Information
- Submit Request via Email or Online form
Children
Contact Information
Conditions of Use, Notices and Revisions

1. Our Relationship with You

Your right to privacy and the protection of your personal data is important to us. Better Payment Network is committed to the best practices in privacy, and we will only collect data when it’s strictly necessary to provide our services. Better Payment Network delivers cutting-edge payment technology solutions worldwide and we offer effective crypto onramps aiming to ensure a good user experience crucial for business scalability and profit maximization.

By using Better Payment Network’s Services, including visiting our website, downloading and using one of our mobile applications, using our ramp and fiat-related services, interacting on social media, participating in our surveys or user interviews, you acknowledge the use, disclosure, and procedures outlined in this Privacy Notice. Your business relationship with us as a customer also begins the moment you register an account with us.

At Better Payment Network, we are committed to protecting your privacy and ensuring transparency in how we handle your personal data. The legal entity that determines the "means" and "purposes" of processing your personal data acts as the data controller. As part of our continuous efforts to enhance our operations, Better Payment Network consists of multiple legal entities:

Paymonade sp. z o.o – a private limited liability company incorporated in Poland, with its registered address at Rondo ONZ 1, 00-124 Warsaw. It is registered as a Virtual Asset Service Provider. Paymonade sp. z o.o is your data controller if you signed up and registered with us before 14 April 2025,
Damoon Technology (Europe) AG – a private limited liability company incorporated in Liechtenstein, with its registered address at Dr. Grass-Strasse 12, 9490 Vaduz, Liechtenstein. It is also registered as a TT Exchange Service Provider. Damoon Technology (Europe) AG is your data controller if you registered with us on or after 14 April 2025.
STABLE CONNECT CA INC. is a Canadian Limited company incorporated under number 2027196621, with its registered address at 200-1001, 1 ST SE, Calgary, Alberta, Canada. STABLE CONNECT CA INC. is registered as a MSB (Money Service Business) with the FINTRAC for the provision of the following services: Remittance / Money Transferring, Foreign Exchange, Payment Service Provider and Virtual Currency Exchange services.

The following sections outline how Better Payment Network, as the Data Controller, processes your personal data. This Privacy Notice does not apply to the Personal Data we process as a 'Data Processor' on behalf of our customers. In those situations, the customer that we provide services to and with whom we have entered into a data processing agreement is the 'Data Controller' responsible for your Personal Data, and we merely process your information on their behalf in accordance with our customer’s instructions. If you want to know more about our customers' privacy practices, you should read their privacy policies and direct any questions you have to them.

2. Collection and Use of Your Personal Data

“Personal Data” is information that may identify an individual or relates to an identifiable individual. This includes information you provide voluntarily to us, information which is collected or created automatically in the natural course of provision of our services, or otherwise when you contact us. Following best practices in privacy such as data minimisation, we endeavour to collect only the amount of Personal Data that is necessary to provide our services to our users.

As a user of our ramp and fiat-related services, we’ll ask you to provide us with some additional information about yourself. This information is either required by law to verify your identity and comply with Know Your Customer (“KYC’) obligations, necessary to provide the requested ramp and fiat-related services. Failure in providing the data required implies that Better Payment Network will not be able to offer our Services to you.

Below, we present a table that outlines the Personal Data our Services uses and the purposes for processing that information.

Category & Types of Personal Data	Purpose of Processing	Legal Basis
Account information processed includes your name, email address, mobile number, profile photo, username, password, and social login (OAuth 2.0).	To facilitate account creation and authentication and otherwise manage user accounts. We may process your information so you can create and log in to your account, as well as keep your account in working order.	This information is essential for the performance of a contract of which you are a party.
Contact Information processed includes your name, email, country/region that you choose to provide	We process your contact information to communicate with you on customer support and assistance purposes. We may also process your information when necessary to request feedback and to contact you about your use of our Services.	This information is essential for the performance of a contract of which you are a party.
Personal Details processed includes your full name, physical address, date of birth, picture of you, video recording of yourself, your citizenship and copy of your local identification documents (such as Passport, National ID), tax and bank information, copy of utility bill and bank statement.	To manage and verify your identity and perform KYC due diligence checks or travel rule requirements for compliance with applicable laws and regulations. Our verification processes may involve electronic automated verification through comparison of your “selfie” picture against provided information.	Processing is necessary to comply with our legal obligations under applicable laws and regulations, including Anti-Money Laundering laws or sanctions regulations.
Wallet Information processed includes public wallet address or recipient’s wallet ID.	To facilitate and execute the payment or transactions processing you request.	This information is essential for the performance of a contract of which you are a party.
Financial Information processed includes payment card information, bank account information, source of fund, merchant information.	To facilitate and execute the payment or transactions processing you request. We record details such as the date, time, the amount, currencies, and digital assets used, payer/beneficiary and wallet details. We also process this information to prevent and detect fraud and abuse to protect the security of our users, Services and others. We may also use scoring methods to assess and manage credit risks.	This information is essential for the performance of a contract of which you are a party. We also process Personal Data based on the legal basis that it is necessary to fulfill our legitimate interests in preventing fraud and/or abuse and avoiding non-compliance to keep our Services safe and secure.
Transaction and Payment Information processed includes Information of historical transaction you made on the public blockchain such as timestamps, amount of transaction, currencies, and virtual assets used, payer/beneficiary and wallet details and transaction amounts.	To facilitate and execute the payment or transactions processing you request.	This information is essential for the performance of a contract of which you are a party.

If you are visitor on our website

When you use our website, read our information center, request customer support, participate in our community forum or campaigns, you may provide your Personal Data. Below, we present a table that outlines the Personal Data that our website uses and the purposes for processing that information.

Category & Types of personal Data	Purpose of Processing	Legal Basis
Contact Information processed includes your name, email, country/region that you choose to provide	We use your contact information for responding to and communicating with you regarding your inquiry.	We rely on your consent to process your Personal Data for responding to your inquiry. You may withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
Social Media information processed includes Information you choose to provide during your interaction with us via social media channels.	We use your social media information to interact with you in our community and keep you updated on the latest announcement on social media channels.	We rely on your consent to process your Personal Data for marketing purposes. You may withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Safeguarding Your Special Category Data

Some types of special category personal data require extra protection because they are particularly sensitive. These special categories include data about your race, ethnic origin, political beliefs, religious or philosophical convictions, trade union membership, health, biometric or genetic data, sexual life or orientation, and criminal convictions and offences (even if they are just suspected).

We might need to handle these types of sensitive data in the course of providing our Services, but we only do this in line with data privacy laws and regulations or if you give us explicit permission to do so. It is worth noting that this information could pose a greater risk to your fundamental rights and freedoms, as it could lead to unlawful discrimination. If we do hold this type of data because you’ve included it in the documents you have given us, we rely on the substantial public interest condition as outlined in the data protection regulations.

Marketing and Promotional Communications

We may use your email address to send you marketing and promotional newsletters, updates, and offers. This processing is based on your consent, which you can withdraw at any time. Please note that withdrawing your consent does not affect the lawfulness of any processing based on consent prior to its withdrawal.

Additionally, you may still receive essential transactional service-related communications, such as those related to your account or necessary administrative messages even if you opt-out from marketing communications.

Personal Data collected automatically from you:

In certain circumstances, we may collect personal data automatically from you when you use our Services, in accordance with applicable laws. This may include device, log, and usage data, which helps us enhance your experience, provide customer support, improve the performance of our sites and services, and safeguard your account by detecting unauthorized access and preventing fraud.

Location Data. We may collect location data, which includes information about your device's location. This data can be either precise or imprecise, depending on your preferences and the settings of your device. The types of location data we collect vary based on the device you use to access our services. For example, we may collect and use geolocation data that helps us determine your current location (such as your IP address).

Device Data. Depending on the device you use, this may include information such as your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model, Internet service provider, mobile carrier, operating system, and system configuration details, language preferences.

Log and Usage Data. When you access or use our services, our servers automatically collect service-related, diagnostic, usage, and performance data, which is recorded in log files. This log data may include your IP address, device information, browser type, settings, and details about your activity within the services (such as timestamps, pages and files viewed, searches performed, and features used). It may also include device event data like system activity, error reports (such as "crash dumps"), and hardware settings.

Our legal basis for processing this data is our legitimate interest in improving our services, ensuring the security of our services, and maintaining a safe environment for our users, including fraud monitoring and prevention.

Aggregated and Anonymized Data

We also use aggregated or anonymized data to improve our Services. This involves analyzing general usage trends, gathering feedback, and conducting research without identifying individual users. For example, we may create overall usage reports for specific regions without containing Personal Data.

We will not use your Personal Data for purposes that are incompatible with the purposes of which you have been informed, unless it is required or authorized by law, or it is in your own vital interest to do so.

3. Use of Cookies

We use cookies and similar tools to enhance your user experience, provide our services, enhance our marketing efforts and understand how customers use our services so we can make improvements. Depending on applicable laws in the region you are in, the cookie banner on your browser will tell you how to accept or refuse cookies. Please read our Cookies Notice here.

Information about our customer is an important part of our business and we are not in the business of selling our customer’s Personal Data to others. We may transfer personal data to our service providers or third parties in connection with Better Payment Network’s operation of its business, as certain features on Better Payment Network rely on various third-party products and services (collectively “Third Party Services”), such as fraud monitoring and KYC identity verification service providers, payment processing, cloud storage, IT and cybersecurity service providers, analytics and improvement of website-related services and features, and performance of maintenance services.

Third-party service providers only must process the Personal Data in accordance with our contractual agreements and only as permitted by applicable data protections laws.

We may also share Personal Data with the following persons or in the following circumstances:

Affiliates: Personal data that we process and collect may be transferred between companies, Services, and employees affiliated with us (collectively, our “Affiliates”) as a normal part of conducting business and offering our Services.

Business transfers: As we continue to develop our business, we might sell or buy other businesses or services. In such transactions, user information generally is one of the transferred business assets but remains subject to the promises made in any pre-existing Privacy Notice (unless, of course, the user consents otherwise). Also, in the unlikely event that Better Payment Network or substantially all of its assets are acquired, users' information will be one of the transferred assets.

Legal Authorities: We may be required by law or by Court to disclose certain information which might cover Personal Data or any engagement we may have to relevant regulatory, law enforcement and/or other competent authorities. We will disclose Personal Data to legal authorities to the extent we are obliged to do so according to the law. We may also need to disclose Personal Data in order to enforce or apply our legal rights or to prevent fraud.

Protection of Us and Others: We will share Personal Data outside of Better Payment Network if we have a reasonable belief that access, use, preservation, or disclosure of the information is reasonably necessary to comply with any applicable law, regulation, legal process, or enforceable governmental request; to cooperate with law enforcement; to enforce or apply our Terms of Use and other agreements; or to protect the rights, property, or safety of Better Payment Network, our employees, our users, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction, and with regulatory agencies and law enforcement to comply with lawful requests.

Our services may enable you to connect with various third-party services, decentralized applications, and other external platforms (referred to as "Third Party Platforms"). These Third Party Platforms act as independent data controllers and processing of your personal data will be subject to their privacy notice and policy. If you choose to interact with these Third Party Platforms, your Personal Data including your wallet address or payment card information may be disclosed to those Third Party Platforms. This Privacy Notice does not cover the privacy practices of these Third Party Platforms, including any websites linked through our services. A link to a third-party site does not imply endorsement by us or our affiliates. Your use of these Third Party Platforms and their handling of your Personal Data will be governed by their respective terms and privacy policies, and not by this Privacy Notice.

5. International Transfers of Personal Data

We maintain servers in the EU region, and your information may be processed on servers located outside of your country of residence. Additionally, we may transfer your personal data to our Affiliates, third-party partners, and service providers located outside the European Economic Area (EEA).

In instances where we process your personal data on servers outside your country or transfer it to third countries or international organizations outside the European Economic Area (EEA), we implement appropriate technical, organizational, and contractual safeguards to ensure that your personal data remains protected. This includes, but is not limited to, the use of Standard Contractual Clauses. These measures ensure that any such transfers comply with applicable data protection laws and maintain an adequate level of protection for your personal data as outlined in this Notice.

6. Data Security

We recognize that information security is a crucial component of data privacy. We are committed to making sure your information is protected in accordance with applicable laws and our data privacy policies. Although no data transmission, including over the Internet or through any website, can be guaranteed to be entirely secure, we employ a range of commercially reasonable physical, technical, and procedural measures to protect personal data from unauthorized access, use, disclosure, alteration, or destruction.

The information you provide to us is stored on secure servers managed by us or our trusted service providers. Access to and use of this information are governed by our internal security policies and standards, or those agreed upon with our service providers, all in alignment with industry best practices.

To further protect your information, it is important that you safeguard your account password. We recommend using a unique password for your account that is not used for other online accounts and ensuring that you sign off when you have finished using our services.

7. Data Retention

We retain your personal data to support your continued use of our services while ensuring compliance with legal and regulatory obligations. We maintain internal retention policies and schedules on the basis of how information needs to be used. The retention period depends on the purpose of processing, such as fulfilling tax and accounting requirements, complying with anti-money laundering laws, resolving disputes, or meeting other legal obligations.

For example, to comply with regulatory requirements, we must retain your KYC identity verification details for 5 years after our business relationship ends. If required by our regulator, this period may be extended to 10 years, even if your verification was incomplete or unsuccessful. If you sign up but do not complete the verification process and choose to close your account, we will still retain your data in accordance with our retention policy and legal obligations. Similarly, other types of personal data may be retained for different periods based on applicable legal or operational requirements.

When we have no ongoing legitimate business or legal requirement to retain your Personal Data, we will either delete or anonymise such information, or, if this is not possible (for example, because your Personal Data has been stored in backup archives), then we will securely store your Personal Data and isolate it from any further processing until deletion is possible.

8.What Privacy Rights Do You Have?

Subject to applicable law, as outlined below, you have a number of rights in relation to your privacy and the protection of your Personal Data. These rights may be limited in some situations - for example, where we can demonstrate we have a legal requirement to process your Personal Data.

Right to access: you have the right to obtain a copy of the Personal Data that we hold about you as well as certain information related to its processing.
Right to correct: you can request the rectification of your Personal Data which are inaccurate, and also add to it. You can also change your Personal Data in your account at any time.
Request to erase your personal data: you may request the erasure of your personal data, including where such personal data would no longer be necessary to achieve the purposes for which it was collected. Please note that personal data may still need to be retained for compliance with applicable legal obligations.
Right to object: you can object, for reasons relating to your situation, to the processing of your personal data. For instance, you have the right to object where we rely on legitimate interest or where we process your data for direct marketing purposes.
Right to restrict processing: You have the right, in certain cases, to temporarily restrict the processing of your personal data by us, provided there are valid grounds for doing so. We may continue to process your personal data if it is necessary for the defense of legal claims, or for any other exceptions permitted by applicable law.
Right to withdraw your consent: You have the right to withdraw your consent and request us to stop collecting, using or and/or disclosing your personal data for any or all of the purposes listed above at any time. Exercising this right does not affect the lawfulness of the processing based on the consent given before the withdrawal of the latter. Please note that we will respond to such withdrawal request within ten (10) business days;
Right to portability: You can also request us to provide your information in a structured way so you can send it to another service provider.

Accessing Your Information

You are in control. You can access and change some of your personal details in your user account. You can also retrieve your historical transaction records within your user account.

Submit Request via Email or Online form

To exercise your rights, you can contact us via email at dpo@bpn.finance or submit a request using our online form.

We will respond as quickly as possible. If we are unable to respond within 30 days, we will inform you in writing of the timeline for our response. If we cannot fulfill your request, we will explain the reasons (unless prohibited by applicable laws).

If you have any questions or concerns about how we collect and process your Personal Data, or if you wish to withdraw your consent for any processing, please contact us. Where we act as a processor, you should contact the data controller, your service provider, to exercise any of your rights.directly to exercise your rights.

9. Children

We do not knowingly solicit data from or market to children (or minors, as defined in your jurisdiction) under 18 years of age. By using the Services, you represent that you are at least 18. If we learn that Personal Data from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any Personal Data we may have collected from children under age 18, please contact us using the contact information below.

10. Contact Information

Our support team is available to direct any questions related to your Personal Data. You can contact us at dpo@bpn.finance or through our online form, and we will ensure your inquiry reaches the appropriate team to address any concerns regarding the collection and processing of your Personal Data.

For any requests from government or law enforcement agencies regarding personal data or investigation matters, please submit your inquiries to support@bpn.finance. We will ensure that all requests are handled in accordance with applicable laws and regulations.

11. Conditions of Use, Notices and Revisions

If you choose to use our Services, your use and any dispute over privacy is subject to this Privacy Notice and our Terms of Use. If you have any concerns about privacy at Better Payment Network, please contact us with a thorough description, and we will try to resolve it. You also have the right to contact your local Data Protection Authority.

We reserve the right to update and revise this Notice at any time. We occasionally review this Privacy Notice to make sure it complies with applicable laws and conforms to changes in our business. If we do revise this Privacy Notice, we will update the “Last Updated” date at the beginning of this Notice so that you can tell if it has changed since your last visit and will do our best to notify you.

Please review this Privacy Notice regularly to ensure that you are aware of its terms. Your continued use of our Services after an amendment to our Privacy Notice constitutes your acceptance to the revised or amended terms.