LegalPrivacy & DataIndex

Privacy Policy

Last Updated: 2025

This Privacy Policy explains how SUZAA (“we”, “our”, “the Software”) collects, uses, stores, and protects personal information. SUZAA is a non-custodial, open-source crypto payment platform delivered as both self-hosted software and a hosted SaaS service. SUZAA is not a financial institution, not a custodian, and does not process, hold, or transmit customer funds.

SUZAA is software. Payments occur directly between wallets, and blockchain activity is public by design.

1. What Information We Collect

1.1. Information You Provide

We intentionally collect as little personal data as possible.

For the hosted version of SUZAA (“SUZAA SaaS”), we collect only:

  • Email address (required to create an account)
  • Optional display name
  • Authentication metadata (e.g., login timestamps)

You may use a pseudonym or generic email.

1.2. Information Automatically Collected

To operate the service securely, we may collect:

  • Basic device and browser metadata
  • IP address (security + abuse prevention)
  • Logs relating to API requests
  • System-level error logs
  • Rate limit activity

We do not perform behavioral analytics, ad tracking, or profiling.

1.3. Blockchain Data

Blockchain transactions are public and not controlled by SUZAA.

We do not collect private keys or seed phrases.

2. What We Do NOT Collect

SUZAA never collects:

  • Private keys
  • Seed phrases
  • Wallet balances
  • Personal identity documents
  • KYC information
  • Financial information
  • Card details
  • Customer transaction details beyond technical logs

3. How We Use Your Information

We use your limited information for:

  • Providing account access
  • Ensuring platform security
  • Sending essential service notifications
  • Abuse prevention / anti-fraud protection
  • Legal compliance where required

We do not sell, market, or share your data with third parties.

4. Data Retention

  • Account email + metadata: kept while your account exists
  • Security logs: short retention window (typically 14–30 days)
  • Self-hosted deployments: you control all data
  • Blockchain data: public and permanent by nature

You may delete your account at any time.

5. Cookies

SUZAA uses minimal, strictly necessary cookies only:

  • Session authentication cookie
  • CSRF protection cookie

No tracking cookies.
No advertising cookies.
No analytics cookies.

6. Data Security

We implement industry-standard measures:

  • Encrypted transport (HTTPS/TLS)
  • Salted + hashed authentication credentials
  • Firewall + DDoS protection on SaaS
  • Strict access control
  • Zero custody by design

Self-hosted deployments depend on your server security configuration.

7. Self-Hosted Deployments

If you self-host SUZAA:

  • We receive no analytics, logs, or telemetry
  • You store and control all data
  • You are responsible for compliance, security, and retention

The open-source version includes no hidden data collection.

8. Sharing of Data

We only share information when required:

  • To comply with lawful requests
  • To enforce our Terms of Use
  • To prevent abuse, fraud, or security threats

We never sell or commercialize personal data.

9. International Data Transfers

Hosted SUZAA servers may operate globally.
Where applicable, we follow standard protections such as:

  • Lawful basis for processing
  • Data minimization
  • International transfer safeguards

10. Your Rights

You can request:

  • Access to your personal data
  • Correction of inaccurate data
  • Deletion of your account
  • Export of your account information

To request: privacy@suzaa.com

11. Children’s Privacy

SUZAA is not intended for individuals under 18 years old.
We do not knowingly collect information from minors.

12. Changes to This Policy

We may update this Privacy Policy periodically.
Significant changes will be communicated via email or dashboard notification.

13. Contact Us

For questions or privacy-related requests:
privacy@suzaa.com

IndexIndex