Privacy Policy

Effective date: 2026-02-27

This Privacy Policy explains how Datalink Analytix, Inc. ("Provider", "we", "us", or "our") collects, uses, stores, shares, and protects personal data when you register for or use our services (the "Service").

1. Data Controller / Contact

Controller: Datalink Analytix, Inc. Email: support@datalinkanalytix.com

2. Personal Data Collected

We may collect the following categories of personal data:

• Account registration: full name, email address, password (stored as a salted scrypt hash), source country, source currency.
• Transaction data: receiver full name, destination country, destination currency, send amount (USD equivalent), exchange rate, fees, destination amount, transfer purpose, transfer ID, status, timestamps.
• Session data: session cookies (server-side sessions using APP_SESSION_SECRET) and session-stored pending transfer details while in-process.
• Technical data: IP address, browser/user agent string, request timestamps, and server logs.

3. How We Use Your Data

We use personal data to:

• Provide and maintain the Service (account creation, authentication, quoting, transaction recording).
• Process transfer quotes and record confirmed transfers.
• Ensure security and prevent fraud (account protection, verification processes, and compliance checks where required).
• Communicate with users (e.g., transactional emails or notifications related to account activity).

4. Data Sharing and Third Parties

We may share data with trusted third parties as necessary to operate the Service:

• Payment / FX / KYC Providers: to facilitate transactions and comply with regulatory obligations.
• Rate Providers: to retrieve foreign exchange rates (e.g., external rate APIs).
• Email / Notification Providers: to send transactional communications (e.g., email providers).
• Legal Authorities: when required by law, regulation, or legal process.

We only share the minimum data necessary for these purposes.

5. Data Retention

We retain personal data only as long as necessary to provide the Service and comply with legal obligations.

• Account and transaction data may be retained for a minimum of 5 years to comply with financial regulations, anti-money laundering (AML), and audit requirements.
• Session and technical data are retained for shorter periods as needed for security and operational purposes.

6. Security Measures

We implement appropriate technical and organizational safeguards, including:

• Passwords stored as salted hashes using hashlib.scrypt.
• Secure session management using starlette SessionMiddleware and APP_SESSION_SECRET.
• Use of HTTPS and secure infrastructure in production environments.
• Protection of secrets and credentials outside of source code.

7. SMS Communications and Consent

By providing your phone number within the Datalink Analytix application, you consent to receive SMS messages for authentication and account verification purposes.

• Messages include one-time passcodes (OTP) required to securely access your account.
• Messages are sent only in response to user-initiated actions such as login or verification requests.
• No marketing or promotional messages are sent.
• Message frequency varies based on user activity.
• Standard message and data rates may apply.

You may opt out of SMS communications by contacting support. However, opting out may prevent you from using certain authentication features of the Service.

8. Your Rights

Depending on your jurisdiction, you may have rights to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Request data portability

To exercise these rights, please contact us at support@datalinkanalytix.com.

9. International Data Transfers

Your data may be processed or stored in countries outside your jurisdiction, including the United States and other locations where our service providers operate.

We implement appropriate safeguards as required by applicable law.

10. Children

The Service is not intended for individuals under the age of 13. We do not knowingly collect personal data from children.

11. Breach Notification

In the event of a data breach, we will notify affected users and relevant authorities as required by applicable law.

12. Legal Basis for Processing

We process personal data based on the following legal grounds:

• Consent: where users explicitly provide consent (e.g., SMS verification).
• Contractual necessity: to provide the Service and fulfill transactions.
• Legal obligations: to comply with financial and regulatory requirements.
• Legitimate interests: to improve security, prevent fraud, and maintain service functionality.

13. No Sale of Personal Data

Datalink Analytix, Inc. does not sell, rent, or trade personal data to third parties for marketing purposes.

14. Changes to this Policy

We may update this Privacy Policy from time to time. The updated version will be posted with a revised Effective Date.