Privacy Policy

1. Introduction

VeritasExchange ("we," "us," "our," or "Company") is a licensed Money Services Business ("MSB") operating in the United States and operated by JarMetals LLC, with its principal place of business in Delaware. This Privacy Policy describes how we collect, use, disclose, and protect your personal information when you use our cryptocurrency exchange platform and related services (collectively, the "Services").

By using our Services, you acknowledge that you have read, understood, and agree to this Privacy Policy. If you do not agree with this Privacy Policy, you must not use our Services.

This Privacy Policy complies with applicable federal and state privacy laws, including the Gramm-Leach-Bliley Act ("GLBA"), Regulation P, and other applicable data protection regulations. JarMetals LLC is registered with the Financial Crimes Enforcement Network ("FinCEN") as a Money Services Business (MSB Registration Number: 31000292749235).

2. Information We Collect

2.1 Information You Provide Directly

We collect information that you provide directly to us, including:

• Identity Information: Full name, date of birth, Social Security Number (SSN), Tax Identification Number (TIN), nationality, country of residence, country of birth, government-issued identification documents (passport, driver's license, national ID), and photographs
• Contact Information: Email address, phone number, mailing address, physical address
• Business Information: Business name, business type, Employer Identification Number (EIN), incorporation details, business address, authorized signers, and business registration documents
• Financial Information: Bank account details, wire transfer instructions, transaction history, account balances, source of funds, source of wealth, expected transaction volumes
• KYC/AML Information: Purpose of account, occupation, employer information, Politically Exposed Person (PEP) status, associated persons, funding sources, tax residency information, previous legal names
• Account Credentials: Username, password, security questions and answers
• Communications: Messages, support requests, and other communications you send to us

2.2 Information Collected Automatically

When you use our Services, we automatically collect certain information, including:

• Device Information: IP address, browser type and version, operating system, device identifiers, mobile network information
• Usage Information: Pages visited, features used, time spent on pages, clickstream data, search queries
• Location Information: General geographic location based on IP address
• Cookies and Tracking Technologies: We use cookies, web beacons, and similar technologies to collect information about your interactions with our Services

2.3 Information from Third Parties

We may receive information about you from third parties, including:

• Identity verification and KYC service providers
• Credit bureaus and credit reporting agencies
• Sanctions lists, watchlists, and government databases
• Financial institutions and payment processors
• Public records and government sources
• Service providers and business partners

3. How We Use Your Information

We use the information we collect for the following purposes:

• Service Provision: To provide, maintain, and improve our Services, including processing transactions, managing accounts, and facilitating cryptocurrency exchanges
• Identity Verification and KYC/AML Compliance: To verify your identity, conduct Know Your Customer ("KYC") checks, comply with Anti-Money Laundering ("AML") requirements, and screen against sanctions lists and watchlists
• Regulatory Compliance: To comply with applicable laws, regulations, and legal obligations, including reporting requirements under the Bank Secrecy Act ("BSA"), FinCEN regulations, and other federal and state laws
• Risk Management: To assess and manage risks, detect and prevent fraud, money laundering, terrorist financing, and other illegal activities
• Transaction Processing: To process deposits, withdrawals, and cryptocurrency transactions, including communicating with third-party service providers
• Customer Support: To respond to your inquiries, provide customer support, and communicate with you about your account and transactions
• Legal and Regulatory Reporting: To file required reports with regulatory authorities, including Currency Transaction Reports ("CTRs"), Suspicious Activity Reports ("SARs"), and other mandatory disclosures
• Business Operations: To operate our business, including accounting, auditing, and internal record-keeping
• Marketing: To send you marketing communications (only with your consent and where permitted by law)
• Legal Proceedings: To protect our rights, property, and safety, and that of our users and others, and to comply with court orders and legal processes

4. Sharing and Disclosure of Information

We may share your information in the following circumstances:

4.1 Regulatory and Legal Disclosures

As a licensed MSB, we are required by law to share information with:

• Financial Crimes Enforcement Network ("FinCEN")
• Internal Revenue Service ("IRS")
• State and federal law enforcement agencies
• Regulatory authorities and government agencies
• Courts and legal processes

We may disclose information without your consent when required by law, regulation, court order, or government request, including but not limited to CTRs, SARs, and responses to subpoenas and warrants.

SAR Confidentiality Notice: If we file, consider filing, or are required to file a Suspicious Activity Report (SAR) or similar report, we may be legally prohibited from disclosing that fact, or any related information, to you or any third party.

4.2 Service Providers and Business Partners

We may share information with third-party service providers who perform services on our behalf, including:

• Identity verification and KYC service providers
• Cryptocurrency exchange and trading platforms
• Payment processors and financial institutions
• Cloud storage and hosting providers
• Analytics and data analytics providers
• Customer support and communication services
• Legal, accounting, and auditing services

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.3 Business Transfers

In the event of a merger, acquisition, sale of assets, or other business transfer, we may transfer your information to the acquiring entity, subject to the same privacy protections.

4.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

4.5 Affiliates

We may share information with our affiliates, subsidiaries, and related companies for business purposes consistent with this Privacy Policy.

5. Your Privacy Rights and Choices

5.1 Access and Correction

You have the right to access and correct your personal information. You may update certain information through your account settings or by contacting us. However, we may retain certain information as required by law or for legitimate business purposes.

5.2 Opt-Out Rights

Under Regulation P and GLBA, you may have the right to opt-out of certain information sharing with nonaffiliated third parties in some circumstances. However, you may not opt-out of:

• Sharing necessary for service providers to perform services on our behalf
• Sharing required by law or regulation
• Sharing necessary to prevent fraud or comply with legal obligations

To exercise applicable opt-out rights, contact us using the information provided in Section 12 with the subject line "Privacy Opt-Out Request" and include your name, account email, and the specific request. We may need to verify your identity before processing your request.

5.3 GLBA Privacy Notice

If GLBA applies to our relationship with you, we will provide privacy notices as required by law, including an initial notice when you establish a customer relationship with us and additional notices as required by applicable regulations (including upon material changes to our privacy practices).

5.4 California Privacy Rights

If you are a California resident, you may have additional rights under the California Consumer Privacy Act ("CCPA") and California Privacy Rights Act ("CPRA"), including the right to know what personal information we collect, the right to delete personal information, and the right to opt-out of the sale or sharing of personal information. We do not sell personal information for monetary consideration.

5.5 Account Closure

You may close your account at any time by contacting us. However, we will retain your information as required by law and for legitimate business purposes, including regulatory compliance and dispute resolution.

6. Data Security

We implement reasonable administrative, technical, and physical safeguards to protect your personal information, including:

• Encryption of sensitive data in transit and at rest
• Secure storage and access controls
• Regular security assessments and audits
• Employee training on data protection
• Incident response procedures

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.

7. Data Retention

We retain your personal information for as long as necessary to:

• Provide our Services to you
• Comply with legal and regulatory obligations (including BSA recordkeeping requirements, which typically require retention for at least 5 years)
• Resolve disputes and enforce our agreements
• Protect our legal rights and interests

After the retention period, we will securely delete or anonymize your information, except where we are required by law to retain it longer.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Remember your preferences and settings
• Authenticate your identity
• Analyze how you use our Services
• Improve security and prevent fraud

You can control cookies through your browser settings. However, disabling cookies may limit your ability to use certain features of our Services.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. By using our Services, you consent to the transfer of your information to these countries. We take appropriate safeguards to protect your information in accordance with this Privacy Policy.

10. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child under 18, we will take steps to delete such information promptly.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the updated Privacy Policy on our website
• Sending you an email notification (if you have an account)
• Providing notice through our Services

Your continued use of our Services after the effective date of the updated Privacy Policy constitutes your acceptance of the changes. We encourage you to review this Privacy Policy periodically.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us: