Policy & privacy

smbaiclub.gold > Policy & privacy

SMBAI – PRIVACY POLICY

 

Last Updated: 1 April 2025

 

1. PREAMBLE AND INTRODUCTION

 

1.1. Our Commitment to Privacy: This Privacy Policy (“Policy”) describes the policies and procedures of SMBAI (“Company,” “we,” “us,” “our”) regarding the collection, use, processing, storage, disclosure, and protection of personal and non-personal information we receive from users of our AI trading platform, website (smbaifarm.ai), and any associated services (collectively, the “Services”). We are committed to protecting the privacy and security of your information.

1.2. Scope and Applicability: This Policy applies to all information we collect through our Services, as well as information we collect from you through email (e.g., support@Smbaifarm.ai), interactions with third-party agents, and other ancillary channels.

1.3. Binding Agreement: This Policy is an integral part of our Terms and Conditions. By accessing the Platform, creating an Account, or using any of our Services, you signify that you have read, understood, and unconditionally agree to our collection, storage, use, and disclosure of your personal information as described in this Policy and our Terms and Conditions. If you do not agree with any part of this Policy, you are prohibited from using the Services.

1.4. Data Controller: For the purpose of applicable data protection legislation (such as the EU General Data Protection Regulation – GDPR), the “Data Controller” of your Personal Data is SMBAI. Our contact information is provided in Section 15.

 

2. COMPREHENSIVE DEFINITIONS

 

2.1. “Personal Data”: Any information relating to an identified or identifiable natural person (“Data Subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g., IP address), or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

2.2. “Non-Personal Data”: Information that does not, on its own, permit direct association with any specific individual. This includes aggregated, anonymized, or pseudonymized data.

2.3. “Processing”: Any operation or set of operations which is performed on Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, combination, restriction, erasure, or destruction.

2.4. “Data Controller”: The natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.

2.5. “Data Processor”: A natural or legal person, public authority, agency, or other body which processes Personal Data on behalf of the Data Controller.

2.6. “Anonymization”: The irreversible process of transforming Personal Data in such a way that the Data Subject is not or is no longer identifiable.

2.7. “Pseudonymization”: The processing of Personal Data in such a way that the Personal Data can no longer be attributed to a specific Data Subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the Personal Data is not attributed to an identified or identifiable natural person.

2.8. “Consent”: Any freely given, specific, informed, and unambiguous indication of the Data Subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the Processing of Personal Data relating to him or her.

2.9. “Platform”: The Company’s website (smbaifarm.ai), any associated mobile applications, APIs, and all related technology and software.

2.10. “KYC/AML”: “Know Your Customer” and “Anti-Money Laundering,” the regulatory processes for identity verification and due diligence.

 

3. INFORMATION WE COLLECT AND METHODS OF COLLECTION

 

We collect Personal Data to provide and improve our Services, to administer your use of the Services, and to comply with our extensive legal and regulatory obligations. We may collect the following categories of information:

3.1. Information You Provide Directly to Us:

  • (a) Personal Identification Information: As part of our mandatory KYC/AML procedures, we collect:
    • (i) Full legal name;
    • (ii) Date of birth;
    • (iii) Residential address;
    • (iv) Proof of address (e.g., utility bill, bank statement, dated within 3-6 months);
    • (v) Government-issued identification document (e.g., passport, national ID card, driver’s license);
    • (vi) Scans or photographs of the aforementioned identification documents;
    • (vii) A “selfie” photograph or short video for liveness detection and identity verification;
    • (viii) Nationality and/or country of residence;
    • (ix) Tax Identification Number (TIN) or equivalent.
  • (b) Contact Information:
    • (i) Email address (for account registration and communication);
    • (ii) Phone number (for two-factor authentication and communication).
  • (c) Financial Information (Provided by You):
    • (i) Bank account details and/or UPI ID (if you request a UPI withdrawal);
    • (ii) Cryptocurrency wallet addresses (e.g., BSC, Solana) that you provide for withdrawals;
    • (iii) Declarations or evidence regarding your source of funds or source of wealth, as may be required for enhanced due diligence.
  • (d) Communications:
    • (i) Records and copies of your correspondence (including email addresses and all content) if you contact us at Support@Smbaifarm.ai or through other channels.
    • (ii) Responses to surveys or feedback requests.

3.2. Information We Collect Automatically (Technical Data):

  • (a) Log and Usage Data: Information automatically collected by our servers when you access the Platform, including:
    • (i) Internet Protocol (IP) address;
    • (ii) Geolocation data (approximate location derived from IP);
    • (iii) Browser type, version, and language settings;
    • (iv) Operating system and device type;
    • (v) Referring URLs and exit pages;
    • (vi) Date and time stamps of access;
    • (vii) Page views, clickstream data, and time spent on pages.
  • (b) Device Information:
    • (i) Unique device identifiers (e.g., MAC address, IDFA, AAID);
    • (ii) Hardware model and screen resolution.
  • (c) Cookies and Tracking Technologies: We use cookies, web beacons, pixels, and similar technologies to collect information about your browsing activities. (See Section 6 for full details).

3.3. Information We Collect from Third-Party Sources:

  • (a) Identity Verification Partners: We use third-party KYC/AML service providers to verify your identity, check your information against sanctions lists (e.g., OFAC), and perform background checks as required by law.
  • (b) Third-Party Agents: If you elect to deposit funds via a Third-Party Agent (e.g., using UPI), the agent will provide us with information confirming your transaction, such as your username and the amount of the crypto deposit.
  • (c) Blockchain Data (Public Information): We analyze public blockchain data associated with your deposit and withdrawal addresses to comply with AML regulations, assess risk, and detect fraudulent or illicit activity. We may use third-party blockchain analytics firms (e.g., Chainalysis, Elliptic) for this purpose.
  • (d) Financial Institutions: We may receive information from banks or payment processors involved in your transactions (e.g., transaction confirmations or fraud alerts).

3.4. Information We Generate Internally (Inferred Data):

  • (a) Transactional History: We maintain a comprehensive log of all your activities on our Platform, including deposit records, withdrawal records, and internal performance metrics.
  • (b) AI Trading Data: We generate and store all data related to the AI’s trading activities on your behalf, including trade types, volumes, execution times, and performance analytics. Note: As stated in our Terms, this granular, real-time data is used for internal system management and analysis and is not provided to you as a live portfolio feed.
  • (c) Risk Profile: We may generate a risk score for your account based on your KYC data, transaction patterns, and blockchain analysis.

 

4. HOW WE USE YOUR INFORMATION (LEGAL BASIS FOR PROCESSING)

 

We Process your Personal Data based on one or more of the following legal bases:

4.1. To Perform Our Contract with You (Terms and Conditions):

  • (a) To create, maintain, and secure your Account.
  • (b) To process your deposits (via crypto or agents) and withdrawals (via crypto or UPI) and execute transactions.
  • (c) To provide the core AI Trading Services, including managing and executing trades on your behalf.
  • (d) To provide customer support and respond to your inquiries (e.g., at Support@Smbaifarm.ai).
  • (e) To send you critical administrative and service-related communications (e.g., security alerts, transaction confirmations, policy updates).

4.2. To Comply with Our Legal and Regulatory Obligations:

  • (a) To conduct mandatory KYC/AML checks to verify your identity.
  • (b) To perform continuous monitoring for fraud, money laundering, and terrorist financing.
  • (c) To comply with sanctions lists and screen for Politically Exposed Persons (PEPs).
  • (d) To respond to legal requests, such as subpoenas, court orders, or demands from law enforcement and government regulators.
  • (e) To maintain financial and regulatory records as required by law (see Section 8 on Data Retention).

4.3. For Our Legitimate Interests (while respecting your rights):

  • (a) Platform Security and Integrity:
    • (i) To detect and prevent fraud, security breaches, and Prohibited Conduct.
    • (ii) To monitor and log network activity to identify threats.
    • (iii) To perform risk assessments and manage our own operational and financial risk.
  • (b) Service Improvement and Analytics:
    • (i) To analyze how our Services are used (e.g., user flow, feature popularity) to improve the user experience.
    • (ii) To test new features and products.
    • (iii) To monitor and analyze the performance of our AI trading algorithms, debug issues, and conduct internal research and development.
  • (c) Marketing and Communications:
    • (i) To send you communications about our products, services, and promotions that may interest you (subject to your opt-out rights).
    • (ii) To inform you about our upcoming roadmap (e.g., SAI Wallet, $SMBAI Coin), insofar as permitted.

4.4. With Your Explicit Consent:

  • (a) For certain marketing activities where “legitimate interest” is not a sufficient basis.
  • (b) For the use of certain non-essential cookies (see Section 6).
  • (c) For any other purpose for which we will ask for your consent at the time of collection.
  • (d) Right to Withdraw Consent: Where we rely on your consent, you have the right to withdraw it at any time.

 

5. HOW AND WHY WE SHARE YOUR INFORMATION

 

We do not sell your Personal Data. We only share your information in the limited circumstances described below:

5.1. With Third-Party Service Providers and Data Processors: We share information with third-party vendors, consultants, and service providers who perform services on our behalf and require access to such information to do that work. These include:

  • (a) Cloud Hosting Providers: (e.g., AWS, Google Cloud) for data storage and processing.
  • (b) KYC/AML Verification Services: To verify your identity.
  • (c) Blockchain Analytics Firms: To analyze blockchain transactions for AML/CFT compliance.
  • (d) Data Analytics Providers: To help us analyze platform usage.
  • (e) Email Service Providers: To send administrative and marketing communications.
  • (f) Payment Processors: To facilitate UPI withdrawals or other fiat transactions. These processors are contractually bound to protect your data and may not use it for any purpose other than providing the service to us.

5.2. With Third-Party Agents (At Your Request):

  • (a) If you choose to deposit via a Third-Party Agent, we may need to share your Account identifier or username with the agent to confirm your transaction. This sharing is initiated by your request to use that deposit method.

5.3. With Legal and Regulatory Authorities:

  • (a) We will disclose your Personal Data if we are required to do so by law, regulation, court order, subpoena, or other valid legal process.
  • (b) We may disclose information to law enforcement, financial regulators, or other government officials if we believe it is necessary to report suspected illegal activity or to investigate violations of our Terms and Conditions.

5.4. With Affiliates and in Business Transfers:

  • (a) We may share your information with our parent companies, subsidiaries, or other affiliates within our corporate group, especially in preparation for our future roadmap (e.g., to integrate the AI Trading service with the future SAI Wallet).
  • (b) In the event of a merger, acquisition, financing, reorganization, bankruptcy, or sale of all or a portion of our assets, your Personal Data may be transferred as part of that transaction. We will notify you of any such change in control.

5.5. Aggregated or Anonymized Data:

  • (a) We may share Non-Personal Data (which has been aggregated or anonymized) publicly or with third parties for research, marketing, or industry analysis purposes. This data cannot be used to identify you.

 

6. COOKIES AND TRACKING TECHNOLOGIES

 

6.1. What are Cookies? Cookies are small text files placed on your device when you visit a website. We use cookies, web beacons, pixel tags, and similar technologies to collect information and improve our Services.

6.2. Types of Cookies We Use:

  • (a) Strictly Necessary Cookies: Essential for the Platform to function. They are usually set in response to actions made by you, such as setting your privacy preferences, logging in, or filling in forms. You cannot opt out of these.
  • (b) Performance and Analytics Cookies: Allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.
  • (c) Functional Cookies: Enable the website to provide enhanced functionality and personalization (e.g., remembering your language preference or region).
  • (d) Targeting/Marketing Cookies: May be set through our site by our advertising partners to build a profile of your interests and show you relevant adverts on other sites.

6.3. Your Choices: Most web browsers are set to accept cookies by default. You can usually choose to set your browser to remove or reject browser cookies. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our Services (especially Strictly Necessary and Functional cookies).

 

7. DATA SECURITY MEASURES

 

7.1. Our Commitment: We implement and maintain a robust information security program with administrative, physical, and technical safeguards designed to protect your Personal Data from loss, theft, misuse, unauthorized access, disclosure, alteration, and destruction.

7.2. Technical Measures:

  • (a) Encryption: We use SSL/TLS encryption for data in transit. We also employ encryption for sensitive data at rest (e.g., KYC documents).
  • (b) Access Controls: Access to Personal Data is strictly limited to employees, contractors, and agents who have a “need-to-know” and are subject to strict contractual confidentiality obligations.
  • (c) Network Security: We use firewalls, network segmentation, and intrusion detection systems to protect our infrastructure.

7.3. Organizational Measures:

  • (a) Policies and Training: We maintain internal data protection policies and provide regular data security training to our staff.
  • (b) Data Minimization: We strive to collect only the Personal Data that is strictly necessary for the purposes for which it is processed.

7.4. Security Disclaimer: You acknowledge that no method of transmission over the Internet or method of electronic storage is 100% secure. While we use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security. Any transmission of Personal Data is at your own risk.

 

8. DATA RETENTION POLICY

 

8.1. Retention Period: We will retain your Personal Data only for as long as is necessary for the purposes set out in this Policy. The retention period will vary depending on the type of data and our legal obligations.

8.2. Specific Retention Schedules:

  • (a) Account and KYC/AML Data: We are legally required by financial regulations to retain your Personal Identification Information and full transaction history for a minimum period (often 5 to 7 years) after your Account is closed or your business relationship with us has ended.
  • (b) Transactional Data: Retained for the same period as KYC/AML data.
  • (c) Customer Support Communications: Retained for a shorter period (e.g., 3 years) after the query is resolved, unless it relates to a financial transaction or legal dispute.
  • (d) Technical and Log Data: Retained for a shorter, rolling period (e.g., 6-12 months) for security and debugging purposes, unless a security incident requires a longer hold.
  • (e) Marketing Data: Retained for as long as you are subscribed to our communications. We will delete this data upon your request to unsubscribe.

8.3. Deletion: Upon expiry of the retention period, we will securely delete or anonymize your Personal Data.

 

9. INTERNATIONAL DATA TRANSFERS

 

9.1. Global Operations: We are a global company, and your Personal Data may be transferred to, stored in, and processed in countries other than your own (e.g., our servers, support centers, or service providers may be located in Singapore, India, Europe, or other jurisdictions).

9.2. Legal Basis for Transfers: These jurisdictions may have data protection laws that are different from the laws of your country. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy. For transfers of data from the European Economic Area (EEA), we may rely on mechanisms such as:

  • (a) Adequacy Decisions: Transferring data to countries deemed to provide an adequate level of protection by the European Commission.
  • (b) Standard Contractual Clauses (SCCs): Using specific contract templates approved by the European Commission which give Personal Data the same protection it has in Europe.

 

10. YOUR DATA PROTECTION RIGHTS

 

Depending on your jurisdiction (e.g., EEA residents), you may have the following rights regarding your Personal Data:

10.1. Right of Access: You may have the right to request copies of the Personal Data we hold about you.

10.2. Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete any information you believe is incomplete.

10.3. Right to Erasure (“Right to be Forgotten”): You have the right to request that we erase your Personal Data, under certain conditions. Note: We cannot honor this request if we are legally obligated to retain your data (e.g., for AML/KYC retention periods).

10.4. Right to Restrict Processing: You have the right to request that we restrict the processing of your Personal Data, under certain conditions.

10.5. Right to Object to Processing: You have the right to object to our processing of your Personal Data (e.g., for direct marketing purposes).

10.6. Right to Data Portability: You have the right to request that we transfer the data we have collected to another organization, or directly to you, in a structured, commonly used, and machine-readable format, under certain conditions.

10.7. Exercising Your Rights: To exercise any of these rights, please contact us at Support@Smbaifarm.ai. We will require you to verify your identity before responding to such requests.

 

11. JURISDICTION-SPECIFIC PROVISIONS (ADDENDUM)

 

11.1. For Residents of the European Economic Area (EEA):

  • (a) The legal bases for processing your data are detailed in Section 4.
  • (b) If you are in the EEA, you have the rights as described in Section 10.
  • (c) You have the right to lodge a complaint with a supervisory authority (Data Protection Authority) in your member state.

11.2. For Residents of California (CCPA/CPRA):

  • (a) We do not “sell” your personal information as that term is traditionally defined.
  • (b) You have the right to know what personal information is collected, used, and disclosed.
  • (c) You have the right to delete personal information.
  • (d) You have the right to opt-out of the “sale” or “sharing” of personal information (e.g., for cross-context behavioral advertising).
  • (e) You have the right to non-discrimination for exercising your CCPA rights.
  • (f) We will not discriminate against you for exercising any of your CCPA rights.

11.3. For Residents of South East Asia (e.g., Singapore – PDPA):

  • (a) We will only collect, use, or disclose your personal data for purposes that a reasonable person would consider appropriate and for which you have given consent.
  • (b) We will notify you of the purposes for which we are collecting, using, or disclosing your personal data.
  • (c) You have the right to access and correct your personal data.

 

12. CHILDREN’S PRIVACY

 

12.1. Age Limitation: Our Services are not directed to, intended for, or knowingly offered to individuals under the age of 18 (or the age of legal majority in their jurisdiction).

12.2. No Knowing Collection: We do not knowingly collect Personal Data from individuals under 18. If we become aware that we have inadvertently collected Personal Data from a child under 18, we will take immediate steps to delete such information from our records.

 

13. CHANGES TO THIS PRIVACY POLICY

 

13.1. Policy Updates: We reserve the right, in our sole discretion, to modify or replace this Privacy Policy at any time. We will indicate any changes by updating the “Last Updated” date at the top of this document.

13.2. Notification: For material changes, we may notify you by email to your registered email address or by posting a prominent notice on our Platform.

13.3. Acceptance of Changes: Your continued use of the Platform after any such change constitutes your unconditional acceptance of the new Privacy Policy. It is your sole responsibility to review this Policy periodically for changes.

 

14. GOVERNING LAW

 

14.1. This Privacy Policy, and any disputes arising from it, shall be governed by and construed in accordance with the laws stipulated in our Terms and Conditions, without regard to its conflict of law principles.

 

15. CONTACT US

 

15.1. Questions: If you have any questions, complaints, or concerns about this Privacy Policy or our data practices, please contact our support team: Email: Support@Smbaifarm.ai

Contact with SmbAi Support