🚀 Freedom to Pay, Anywhere.
cross icon

Privacy Policy

last updated
Last updated: 2 November 2025

1. Who we are

NexPay (“NexPay”, “we”, “our”, “us”) provides payment and digital asset–related services to consumers and businesses. This Privacy Policy explains how we collect, use, disclose, and protect personal data when you use our websites, mobile apps, products, and services (the “Services”). We operate in Hong Kong and serve customers subject to applicable laws in the regions where we offer Services.

2. Personal data we collect

We may collect the following categories of personal data:

  • Identification data: full name, date of birth, nationality, government ID numbers, ID document images, photos or videos for verification.
  • Contact data: email address, phone number, postal address.
  • Account data: username, passwords, security questions, settings, preferences.
  • Financial data: bank account details, card details (tokenized where applicable), wallet identifiers.
  • Transaction data: payments sent/received, amounts, timestamps, counterparties, merchant info, currency, exchange rates, fees.
  • Compliance data: sanctions screening results, PEP screening, adverse media flags, risk ratings.
  • Technical and usage data: IP, device identifiers, OS/browser info, app version, referral source, pages viewed, clickstream, crash logs.
  • Location data: approximate (IP) and, if enabled, precise device location.
  • Communications data: support chats, emails and, where permitted, call recordings.
  • Marketing data: opt-in preferences, campaign interactions, survey responses.

3. How we collect data

  • Directly from you: when you register, complete KYC, initiate transactions, or contact support.
  • Automatically: via cookies, SDKs, and similar technologies.
  • From third parties: identity/KYC vendors, banks, payment networks, fraud-prevention partners, public sources.

4. How we use personal data

We use personal data to:

  • provide and operate the Services (onboarding, payments, notifications);
  • verify identity and meet KYC/AML/CTF and sanctions obligations;
  • prevent fraud and secure the Services;
  • improve and personalize the experience (analytics, A/B testing);
  • communicate with you (service messages, changes to terms, and—where allowed—marketing);
  • comply with law and enforce our terms.

5. Legal bases for processing (where applicable)

  • Contract performance
  • Legitimate interests (e.g. fraud prevention, service improvement)
  • Legal obligation (e.g. AML/CTF)
  • Consent (e.g. certain marketing, cookies)

6. Sharing your data

We may share personal data with:

  • Payment partners: acquiring banks, card schemes, networks, correspondent banks.
  • Service providers: hosting, analytics, communications, KYC/AML, fraud tools, support.
  • Professional advisors: auditors, lawyers, insurers.
  • Corporate transactions: in case of merger, acquisition, restructuring.
  • Authorities: to comply with laws and lawful requests.
    Recipients are required to protect the data and process it only under our instructions or as independent controllers where the law requires (e.g. banks).

7. International transfers

We may transfer data across borders and use safeguards such as adequacy decisions and SCCs. Details are available on request.

8. Data retention

We keep data as long as needed for services and to meet legal/AML bookkeeping (typically 5–10 years), then delete or anonymize.

9. Your rights

Depending on your location, you may request access, correction, deletion, restriction, data portability, or withdrawal of consent, and you may lodge a complaint with a supervisory authority. We may need to verify your identity.

10. Cookies and similar technologies

We use cookies/SDKs to run the site, remember preferences, analyze traffic, prevent fraud, and deliver marketing. Essential cookies can’t be disabled.

11. Children’s privacy

We don’t target individuals under 18 and don’t knowingly collect their data. Contact us if a child submitted data.

12. Security

We use technical and organizational measures (encryption, access controls, monitoring, vendor due diligence). No system is 100% secure; keep your credentials safe.

13. Third-party links

Third-party sites have their own privacy practices. Review them before sharing data.

14. Changes to this policy

We may update this policy and show a new “Last updated” date; we’ll notify you of material changes where required.

15. Contact us

Nexpay is a global digital payment platform that simplifies the way you use crypto and traditional money. Fast, secure, and borderless — built for the future of finance.
Personal
Deposit & Withdraw Swap Issue Cards Send & Receive Buy & Sell Loyalty
Business
Corporate Cards Wallet Management Expense Management Card As A Service Software As A Service Operations As A Service Buy & Sell
Others
About Us Contact Privacy Policy Terms & Conditions Data Protection
Support
hello@nexpay.co
Copyright © Nexpay
Registered Entity: Nex Pay SRL (Reg. No. 3-102-944491), Costa Rica
‍Registered Address: Calle 37, Avenida 3era, Edificio esquinero, 4th Floor, San Pedro, Montes de Oca, San José, Costa Rica

‍
The promotion and/or distribution of our products and services outside Hong Kong may be subject to legal and regulatory requirements, including the need for a valid license. The content on this website is intended exclusively for individuals who are residents of Hong Kong and domiciled in Hong Kong. If you are a resident living outside Hong Kong and do not wish to proceed, please close this page. By choosing to continue, you acknowledge that you have read and understood this information and are accessing this website on your own initiative, without any active promotion or solicitation from Nexpay.