Create account Sign in
PentrraWallet — Privacy Policy | Data Protection & KYC

Privacy
policy.

Your data belongs to you — not to us. Here is exactly how we use it, why, and for how long.

01

Data collected

PentrraWallet collects only the data necessary to provide its services. Depending on your profile:

  • Identity: first name, last name, email address, phone number
  • KYC: ID document, proof of address, verification selfie — required to activate cards
  • Financial: transaction history, USDT TRC20 addresses, balances and account movements
  • API (developers): generated API keys, call logs, configured webhooks
  • Business: company name, business registration, admin contacts, sub-accounts
  • Licensed agents: point of sale information, operating area, operation and commission history
  • Technical: IP address, browser, OS, connection and activity logs
02

Data usage

Your data is used exclusively to operate the services you use:

  • Create, activate and manage your prepaid virtual Visa cards
  • Process USDT TRC20 top-ups and associated transactions
  • Verify your identity (KYC/AML) as required by financial regulations
  • Enable API integration for developers and businesses
  • Calculate and pay commissions to licensed agents at month end
  • Detect and prevent fraud, abuse and illegal activities
  • Notify you of important events related to your account
We never sell, rent or use your data for advertising purposes. Your financial data is only accessible to you.
03

Storage and security

We apply rigorous technical measures to protect your data:

  • SSL/TLS encryption for all communications
  • Irreversible password hashing (bcrypt)
  • Data access restricted to authorized personnel only
  • Servers hosted in secure data centers
  • Regular encrypted backups
Despite our efforts, no system is infallible. In case of a data breach, you will be notified within 72 hours.
04

Sharing with third parties

Your data may be shared only in these specific cases:

  • Visa network: data necessary for the issuance and processing of your virtual cards
  • Payment providers: for processing USDT top-ups and balance management
  • Legal obligations: in response to a court order or AML/CTF regulatory requirement
  • Platform protection: in case of proven fraud or security threat

No data is sold, rented or shared for commercial purposes.

05

KYC & Identity verification

Identity verification is mandatory to access full features. Submitted documents:

  • Are transmitted in encrypted form to our KYC verification provider
  • Are only accessible to authorized KYC staff
  • Are retained in accordance with anti-money laundering (AML) legal obligations
  • Are never shared for purposes other than mandatory legal verification
Your identity documents are protected by the same standards as banking data.
06

Licensed agent data

Licensed agents are subject to specific data processing related to their local financial service activity.

Data collected for agents
  • Professional identity: name, contact, point of sale photos and operating area
  • Operations performed: complete transaction history (card creation, top-ups, cash in/out) with timestamps
  • Commissions: monthly calculation, pending/paid status, payment history to agent balance
  • Agent KYC: identity documents submitted during agent program registration
What agents cannot see
  • Full Visa card numbers created for clients
  • CVV and card authentication data
  • Detailed financial information of clients beyond what is necessary for the operation
Retention period
  • Agent operation data: 5 years after the last operation
  • Agent KYC documents: according to AML regulatory obligations
  • Commission history: 5 years for accounting obligations
Client confidentiality is guaranteed even from agents. An agent can never access the complete data of cards they created.
07

Cookies

We only use cookies essential to the operation of the platform:

  • Session: keep your connection active
  • Security: CSRF protection and fraud detection
  • Preferences: remember your settings (theme, language)

We do not use any advertising cookies or third-party tracking tools.

08

Your rights

You have rights over your data — and we respect them:

  • Access: obtain a copy of all your personal data
  • Rectification: correct inaccurate information
  • Erasure: request deletion of your data (subject to legal obligations)
  • Portability: receive your data in a structured, readable format
  • Objection: object to certain processing

To exercise these rights, contact us via the contact form.

09

Data retention

We keep your data as long as necessary — no longer:

  • Active account + 5 years after closure (legal obligations)
  • KYC documents: according to applicable AML regulations
  • Technical logs: 12 months
  • Agent data: 5 years after the last operation
10

Updates

This policy may change. If we change something important, you will be notified by email or via a message on the platform — before the change takes effect.

11

Contact

A question about your data? We respond within 72 business hours.

We prefer to resolve things amicably. Write to us before any formal process.