1. No Collection of Personally Identifiable Information (PII)
Our website and applications provide content and services implementing a Points Banking system.
We do not collect, store, or process any remotely-identifiable personal information (such as full names, government IDs, home addresses, personal phone numbers, or personal email addresses tied to real-world identity).
Our Know-Your-Customer (KYC) process is conducted manually through in-person meetups. During this process, user identity is verified via:
- A unique Codename (chosen by the user)
- A manual Personal Identification Number (PIN)
- A Palm Print or a User Avatar/Photo
- An optional date of birth
Crucially, our system does not store a master list linking these identifiers (Codename, PIN, Palm Print, Avatar) to your real-world legal name or physical address.
In the event of a data breach or stolen database, the data contained would be non-attributable to any specific natural person.
2. How We Use Your Palm Prints, Avatar, Date of Birth
We use your Palm Print and/or Avatar and/or Date of Birth exclusively for the purpose of physical, in-person verification of your identity during Points Banking transactions.
This data is not used for any other commercial purpose.
3. Security of Your Palm Prints and Avatar
By using our service, you acknowledge and agree to the following terms:
You agree to treat your Palm Print and Avatar as pseudonymous identifiers that are not intended to be directly associated with your off-platform legal identity.
You accept that your Palm Print and Avatar are considered, under this agreement, to be information you are willing to make available for verification within the closed system of the Points Bank, but they do not constitute verifiable personal data under standard data protection frameworks.
For users requiring complete anonymity, we strongly recommend uploading a Palm Print only and refraining from uploading any avatar or photo that could potentially be linked to your likeness.
4. Security of Transaction Data and Messages
Your messages and transaction data are not stored in a manner that is immediately associable with your real-world person. Association exists only transiently during real transactions and the points-banking process.
Users are strictly discouraged from imparting any real personal information (name, address, financial account numbers) in uploaded data or chat messages. Doing so is a violation of the safe-use terms and is at the user’s own risk.
We do not proactively input or link information that could associate your transaction data with your physical person.
For secure communications, we encourage users to link their own external messaging applications such as Telegram or Messenger (which may have independent security features) to send and receive messages, rather than relying on in-app chat.
5. Limitation of Liability (Database Breach)
Because our system is architected to avoid the storage of PII (real names, addresses, government numbers), in the event of a security breach, database theft, or unauthorized access, our liability is strictly limited.
The stolen data (codenames, palm prints, avatars, transaction history) cannot be directly traced to specific individuals without external, off-platform information.
Therefore, we cannot be held responsible for the de-anonymization of data that was not designed or intended to identify you in the first place.
6. Contact
If you have any questions about this policy or the specific technical measures in place, you can contact us at: [email protected]