Privacy Policy

1. Information We Collect

We collect information you provide directly, information we collect automatically, and information from third parties.

Information You Provide

• Identity information: full name, date of birth, government-issued ID number, Social Security number (or equivalent), nationality.
• Contact information: postal address, email address, phone number.
• Financial information: bank account numbers, routing numbers, income, tax identification, credit history.
• Account credentials: username, password, security questions.
• Communications: messages sent through our support channels, survey responses.

Information We Collect Automatically

• Device and browser information: IP address, browser type, operating system, device identifiers.
• Usage data: pages visited, features used, transaction history, session duration.
• Location data: general geographic location derived from IP address; precise location only if you grant permission.
• Cookies and similar tracking technologies (see Section 4).

2. How We Use Your Information

We use your information to:

• Open, maintain, and service your accounts;
• Verify your identity and comply with Know Your Customer (KYC) obligations;
• Process transactions and send related notices;
• Detect, investigate, and prevent fraud, money laundering, and other illegal activities;
• Communicate with you about your account, products, and services;
• Personalise your experience and improve our products;
• Comply with legal and regulatory requirements;
• Enforce our Terms and Conditions.

We do not use your information for automated decision-making (including profiling) that produces legal or similarly significant effects without providing you the opportunity to contest the decision.

3. Sharing Your Information

We may share your information with:

• Service providers who process data on our behalf (e.g., cloud hosting, payment processors, fraud detection vendors), under strict data processing agreements;
• Financial institution partners as necessary to execute transactions;
• Regulators and law enforcement when required by law, court order, or regulatory guidance;
• Successor entities in the event of a merger, acquisition, or sale of assets;
• With your consent for any other purpose disclosed at the time of collection.

We never sell your personal information to data brokers or advertisers.

4. Cookies & Tracking

We use cookies, pixel tags, and similar technologies to recognise you, remember your preferences, and improve our services. The categories we use are:

You may control cookie preferences via the Cookie Preferences link in the footer of any page. Disabling essential cookies may impair core functionality.

5. Data Security

We implement industry-leading security measures including 256-bit AES encryption at rest, TLS 1.3 in transit, multi-factor authentication, biometric access controls, and continuous threat monitoring. Our platform maintains SOC 2 Type II and ISO 27001 certifications. Despite these measures, no security system is impenetrable and we cannot guarantee absolute security of your data.

6. Data Retention

We retain your personal information for as long as your account is active and for a period thereafter as required to comply with our legal obligations (typically 7 years for financial records under applicable law), resolve disputes, enforce our agreements, and for other legitimate business purposes. When retention is no longer necessary, we securely destroy or anonymise your data.

7. Your Rights

Depending on your jurisdiction, you may have the following rights in relation to your personal data:

• Access: obtain a copy of the personal data we hold about you.
• Correction: request correction of inaccurate or incomplete data.
• Deletion: request erasure of your data, subject to legal retention obligations.
• Restriction: request that we restrict processing of your data in certain circumstances.
• Portability: receive your data in a structured, machine-readable format.
• Objection: object to processing based on legitimate interests.
• Opt-out of marketing: unsubscribe from marketing communications at any time.

To exercise these rights, contact us. We will respond within 30 days.

8. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected such information, we will promptly delete it. Parents or guardians who believe a child has provided us with personal information should contact us immediately.

9. International Transfers

WestFinanceBank operates globally. Your data may be transferred to and processed in countries other than the one in which you reside, including the United States. We ensure that such transfers comply with applicable data protection laws by relying on Standard Contractual Clauses, adequacy decisions, or other approved transfer mechanisms.

10. Policy Updates

We may update this Privacy Policy from time to time. We will notify you of material changes by email to your registered address or by posting a prominent notice on our website. Your continued use of our services after the effective date of a revised policy constitutes your acceptance of the changes.

11. Contact Us

For privacy-related enquiries or to exercise your rights, please contact our Data Protection Officer: