Privacy Notice

1. THE INFORMATION WE COLLECT

When you visit our website, use our mobile applications or any other Services, we collect personal information in connection with your visits to and use of the Services. This collection includes information that you provide in connection with the Services, information from third parties, and information that is collected automatically such as through the use of cookies and other technologies.

Account Information. When you create or maintain a Flyra account, we may collect your full legal name, email address, phone number, date of birth, country of residence, residential address, and preferred language. We use this information to register and administer your account, provide the Services, communicate with you, and deliver customer support.

Identification (KYC) Information. To comply with legal and regulatory requirements, we may collect government-issued identification (e.g., passport, driver's license, national ID), identification images or verification selfies/biometrics (where permitted by law), Social Security numbers or similar governmental issued identification numbers. We use this information to satisfy AML, KYC, sanctions, and fraud-prevention obligations and to verify your eligibility to use the Services. We may also collect supporting documentation such as proof of address (for example, utility bills or bank statements), or information related to your occupation or source of funds as required per our internal policies or where required by law. This information may also be used for ongoing customer due diligence, risk scoring, periodic reviews, and transaction monitoring. We retain certain categories of information for the periods required by applicable laws and regulations, including those governing anti-money-laundering, sanctions compliance, and financial-crime prevention.

Custodial Wallet and Digital Asset Information. Flyra does not custody digital assets or fiat currency. Custodial and financial services made available through Flyra are provided by our custody partner and its regulated financial-institution partners ("Custody Partner"). In order to display account information and support your use of the Services, Flyra may receive from the Custody Partner certain information associated with your custodial accounts, such as wallet or account identifiers issued by the Custody Partner, digital-asset or fiat balances, transaction history, deposit and withdrawal status, conversion activity, and related metadata (such as timestamps, amounts, and transaction descriptors). Flyra uses this information solely to display your account information, transmit your instructions to the Custody Partner, provide customer support, and assist with fraud detection and security monitoring. Flyra does not create, maintain, or control any custodial accounts or wallet infrastructure.

Payment and Banking Information. To facilitate the Services through our partners, we may collect or store bank-account details (such as account and routing numbers), tokenized card information, and other information similar in nature. We use this information to process transactions, verify ownership of linked accounts, comply with regulatory obligations, and manage risk.

Communications Information. When you contact us, including through email, support channels, web forms, or similar means, we may collect your name, contact information, the content of your communications, attachments you provide, and related metadata (e.g., timestamps, device information). We use this information to respond to inquiries, provide customer support, improve the Services, and maintain records for compliance and operational purposes.

Contacts Stored on Device. If you grant permission through our Services, we may use the permission to help you locate and select recipients for transactions from contacts stored on device. We use this information solely to enable recipient selection and to facilitate transactions you initiate. Flyra does not store your contact information.

Marketing Information. If you subscribe to marketing communications, we may collect your email address, marketing preferences, and interaction data related to such communications. We use this information to send updates about Flyra products and services. You may opt out of marketing emails at any time, but you cannot opt out of service-related communications.

User Content. When you upload or transmit content, including text, images, documents, audio, video, data, or other materials through the Services or support channels, we may collect that User Content and associated metadata (including but not limited to creation time and file information). We use this information to provide the Services, enforce our Terms, assist with investigations, support security and compliance efforts, and protect our rights and users.

We use cookies and similar technologies for analytics, security, and to personalize your experience.

2. OUR USE OF PERSONAL INFORMATION

We may use personal information we collect to:

• Deliver and maintain the Services;

• Authenticate your account credentials and verify your identity;

• Communicate with users, and enable users to communicate with each other;

• Engage in marketing and advertising;

• Provide customer support;

• Conduct research and analytics;

• Improve and customize our Services;

• Detect and mitigate safety, fraud, and security threats;

• Assess eligibility for credit or other financial products offered by us or our regulated financial-institution partners, where permitted by law and subject to appropriate disclosures. For this purpose, we may use information provided through linked bank-account services such as Plaid, including balance or transaction-history information;

• Enforce terms (including our Terms of Service), protect rights, and support compliance;

• For any other lawful purpose, or other purpose that you consent to or for which you provide your information.

Where you choose to contact us, we may need additional information to fulfill the request or respond to inquiries. We may provide you with additional privacy-related information where the scope of the inquiry/request and/or personal information we require fall outside the scope of this Privacy Notice. In that case, the additional privacy notice will govern how we may process the information provided at that time.

3. OUR DISCLOSURE OF PERSONAL INFORMATION

We disclose personal information in the following ways:

Affiliates. We may share personal information with Flyra's corporate affiliates. We use this information to support internal operations, regulatory compliance, auditing, security, and the coordinated provision of the Services.

Financial and Identity-Verification Providers. We disclose personal information to third-party financial institutions, payment-service providers, banking partners, compliance vendors that assist with identity verification, fraud-detection, and other regulatory obligations.

Credit and Financial-Product Partners. If you apply for or use credit or other financial products offered in partnership with a regulated financial institution, we may disclose relevant information—including linked-bank-account data, transaction information, and identity-verification results—to that partner for underwriting, compliance, servicing, and operational purposes.

Service Providers. We share personal information with service providers that host our systems, store data, secure our infrastructure, provide authentication tools, operate logging or monitoring systems, support incident-response workflows, provide analytics, provide marketing services, document-processing vendors, cloud-based productivity tools, audit and accounting partners, and employment-application processing systems, and enable customer support and user communication. These providers process such information solely on our behalf, and we do not permit these providers to use personal information for their own independent commercial purposes, and Flyra does not "sell" personal information. For card-program and payment-card transactions, we rely on PCI-DSS-compliant payment processors who receive your card information directly and provide us only with a token. We do not store full payment-card numbers on our systems.

Business Transactions or Corporate Events. We may disclose or transfer personal information to third parties in connection with contemplated or actual mergers, acquisitions, financings, divestitures, reorganizations, or sales of company assets. Personal information may also be disclosed or transferred in the event of insolvency, bankruptcy, or receivership.

Legal Obligations, Compliance, and Protection of Rights. We may disclose personal information to legal advisors, regulators, law enforcement, or other governmental authorities as required to: comply with laws or lawful processes; satisfy reporting obligations under financial-crime and sanctions laws; detect, prevent, or respond to fraud or unauthorized activity; protect Flyra's rights or property; protect the rights, safety, and security of users or others; or enforce our agreements and policies.

With Your Consent or Direction. We may disclose personal information to third parties where you direct or consent to such disclosure. For example, if you authorize a connection between Flyra and another service provider, or if you provide consent to publish testimonials or user-submitted content.

4. CONTROL OVER YOUR INFORMATION

You may control your information in the following ways:

Email Communications Preferences. You can stop receiving promotional email communications from us by clicking on the "unsubscribe" link provided in such communications. You may not opt-out of service-related communications (e.g., account verification, transactional communications, changes/updates to features of the Services, technical and security notices).

Modifying or Deleting Your Information. If you have any questions about reviewing, modifying, or deleting your information, you can contact us directly at support@flyra.com. We may not be able to modify or delete your information in all circumstances, especially in relation to information on the blockchain.

5. CHILDREN'S PERSONAL INFORMATION

Our Services are not directed to, and we do not intend to, or knowingly, collect or solicit personal information from children under the age of 18. If an individual is under the age of 18, they should not use our Services or otherwise provide us with any personal information either directly or by other means. If a child under the age of 18 has provided personal information to us, we encourage the child's parent or guardian to contact us to request that we remove the personal information from our systems. If we learn that any personal information we collect has been provided by a child under the age of 18, we will promptly delete that personal information.

6. LINKS TO THIRD-PARTY WEBSITES OR SERVICES

Our Services may include links to third-party websites, plug-ins and applications. Except where we post, link to or expressly adopt or refer to this Privacy Notice, this Privacy Notice does not apply to, and we are not responsible for, any personal information practices of third-party websites and online services or the practices of other third parties. To learn about the personal information practices of third parties, please visit their respective privacy notices.

7. REGION-SPECIFIC DISCLOSURES

Additional Notice to California Residents ("CCPA Notice"):

The California Consumer Privacy Act of 2018 ("CCPA") requires certain businesses to provide a CCPA Notice to California residents to explain how we collect, use, and share their personal information, and the rights and choices we offer California residents regarding our handling of their information.

Privacy Practices. We do not "sell" personal information as defined under the CCPA. Please review Section 3 above for further details about the categories of parties with whom we share information.

Privacy Rights. The CCPA gives individuals the right to request information about how we have collected, used, and shared your personal information. It also gives you the right to request a copy of any information we may maintain about you. You may also ask us to delete any personal information that we may have received about you. Please note that the CCPA limits these rights, for example, by prohibiting us from providing certain sensitive information in response to access requests and limiting the circumstances under which we must comply with a deletion request. We will respond to requests for information, access, and deletion only to the extent we are able to associate, with a reasonable effort, the information we maintain with the identifying details you provide in your request. If we deny the request, we will communicate the decision to you. You are entitled to exercise the rights described above free from discrimination.

Submitting a Request. You can submit a request for information, access, or deletion to support@flyra.com.

Identity Verification. The CCPA requires us to collect and verify the identity of any individual submitting a request to access or delete personal information before providing a substantive response.

Authorized Agents. California residents can designate an "authorized agent" to submit requests on their behalf. We will require the authorized agent to have a written authorization confirming their authority.

8. UPDATES TO THIS PRIVACY NOTICE

We will update this Privacy Notice from time to time. When we make changes to this Privacy Notice, we will change the date at the beginning of this Privacy Notice. If we make material changes to this Privacy Notice, we will notify individuals by email to their registered email address, by prominent posting on our Services, or through other appropriate communication channels. All changes shall be effective from the date of publication unless otherwise provided.

9. CONTACT US

If you have any questions or requests in connection with this Privacy Notice or other privacy-related matters, please send an email to support@flyra.com.