Entity: Moneyr Limited (Company No. 79829784), incorporated in Hong Kong SAR
Registered Address: Unit P25, 13/F, Kaiser Estate 3rd Phase, No. 11 Hok Yuen Street, Hung Hom, Kowloon, Hong Kong SAR
Contact: support@moneyr.app | legal@moneyr.app
Moneyr Limited, together with its affiliates and subsidiaries (collectively “Moneyr,” “we,” “us,” or “our”), has prepared this Privacy Policy to explain how we collect, use, store, share, and protect your personal data when you interact with our services, including:
This Privacy Policy is governed by the Personal Data (Privacy) Ordinance (Cap. 486 of the Laws of Hong Kong) (“PDPO”) and is structured around the six Data Protection Principles set out in Schedule 1 of the PDPO.
Please read this policy carefully. If you have any questions, contact us at support@moneyr.app. By using our services, you acknowledge and accept the practices described herein. If you do not agree with any part of this policy, please discontinue use of our services.
“Personal data” means any data relating directly or indirectly to a living individual, from which it is practicable for the identity of the individual to be directly or indirectly ascertained, and which is in a form in which access to or processing of the data is practicable. This definition is aligned with Section 2(1) of the PDPO.
We collect personal data necessary to provide our services, comply with legal and regulatory requirements, and as further described below. Data fields marked with an asterisk (*) are mandatory for service provision.
| Data Collected | Purpose |
|---|---|
| Email address* | Account creation, login, communications, account recovery |
| Password (stored as hash only)* | Authentication — we never store your plaintext password |
| Date of birth* | Age verification (you must be at least 18 years old) |
| Name | Display in the user interface |
| Username (auto-generated) | Unique account identifier |
You may also register or sign in using Google Sign-In or Apple Sign-In. When you do so, we receive your email address, name, and a unique provider identifier to link the social sign-in to your Moneyr account.
| Data Collected | Purpose |
|---|---|
| First name, last name | Profile display, identity verification |
| Bio | Public profile description |
| Nationality | Regulatory compliance, profile information |
| Avatar image | Profile display |
To comply with anti-money laundering (AML) and know-your-customer (KYC) regulatory requirements, we collect:
| Data Collected | Purpose |
|---|---|
| Identity document type (passport, driver's license, or ID card) | KYC processing |
| Identity document images (front and back)* | Identity verification |
| Selfie image* | Face matching against the document photo |
| KYC verification status | Tracking verification progress |
Your identity document images may be processed using automated tools to extract information such as your name, document number, nationality, date of birth, and document expiry date. This extracted data is used to populate your profile and verify your identity.
Moneyr offers cryptocurrency wallet services through a custodian partner. The following data is collected and processed:
| Data Collected | Purpose |
|---|---|
| Wallet account identifiers | Linking your Moneyr account to your custodial wallet |
| Crypto asset balances | Displaying your wallet balances |
| Deposit addresses | Receiving cryptocurrency deposits |
| Transaction history (deposits, swaps, withdrawals, transfers) | Transaction records and account statements |
When you send or receive cryptocurrency via Moneyr Pay, the recipient's username, asset type, and transfer amount are processed by our custodian partner.
The following data is stored locally on your device and is not transmitted to our servers:
| Data Stored | Purpose |
|---|---|
| Session tokens | Authentication and session management |
| PIN hash | App lock authentication — we never store your plaintext PIN |
| Notification preferences | User preferences |
| Theme and language preferences | Display customization and localization |
| App lock and biometric unlock settings | Security preferences |
If you enable biometric unlock (Face ID or fingerprint), the authentication is handled entirely by your device's operating system. Moneyr does not receive, access, or store the biometric templates used by your device's Face ID or fingerprint sensor.
When you use our services, we may automatically collect:
| Data | Purpose |
|---|---|
| IP address | Security, fraud prevention, approximate location |
| Device information and identifiers | App functionality, usage analytics |
| Operating system and version | Compatibility, troubleshooting |
| App or browser version | Version management, feature compatibility |
| Platform (iOS or Android) | Service delivery |
| Pages visited and interaction data (web) | Improving service design and user experience |
| Date and time of access | Security logging, analytics |
We use your personal data for the following purposes:
Service Provision:
Security and Fraud Prevention:
Regulatory Compliance:
Service Improvement:
Communications:
We may share your information with affiliates, service providers, government bodies, or other third parties under certain conditions, including but not limited to when third parties perform part of our services on our behalf (e.g., for data processing, analytics, delivery of services, and verification), when complying with legal obligations, or to protect the rights, property, or safety of our company, users, or others.
Some third parties processing your personal data on Moneyr's behalf may be located in a different country from the point of collection of your personal data, including but not limited to the location of servers or cloud-based services. Despite the international nature of our data processing, we are committed to enforcing robust data and privacy protection standards.
We do not sell your personal data to any third party.
Where your personal data must be shared with a third party in circumstances outside our standard relationship with you, we will request your consent unless the disclosure is: (a) requested by an authority or law enforcement agency; (b) clearly in your interests and consent cannot be obtained in a timely manner; (c) necessary to respond to an emergency threatening life, health, or safety; or (d) required, permitted, or authorized under applicable laws and regulations.
We are committed to protecting the security of your personal data. We implement the following technical and organizational measures:
Despite these measures, no method of electronic transmission or storage is completely secure. While we strive to protect your personal data, we cannot guarantee absolute security. In the event of a data breach, we will follow the procedures outlined in Section 8 of this policy.
We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable laws. The following retention periods apply:
| Data Category | Retention Period | Basis |
|---|---|---|
| Account data (email, name, username, DOB) | Duration of active account + 7 years after account closure | AML/regulatory record-keeping requirements |
| KYC documents and selfie images | Duration of active account + 7 years after account closure | AML/regulatory requirements |
| Wallet data | Duration of active account + 7 years after account closure | Financial record-keeping |
| Session tokens | Access token: 30 minutes; Refresh token: 7 days | Technical necessity (auto-expire) |
| Local device storage (preferences, PIN hash) | Cleared upon sign-out or app uninstall | Device-local |
| Automatically collected data (IP, device info) | Up to 2 years | Security and analytics purposes |
Account Deletion:
You may delete your account through the app (Settings > Privacy > Delete Account). Upon deletion, your account is deactivated. To request full erasure of your personal data, please contact legal@moneyr.app. We will process erasure requests subject to any overriding legal obligations to retain certain data (e.g., AML record-keeping requirements).
In the event of a personal data breach that is likely to result in a real risk of significant harm to affected individuals, Moneyr will:
Moneyr maintains incident response procedures including containment, investigation, remediation, and notification protocols.
As a user of Moneyr services, you have the following rights under the PDPO:
Data Access Request (DAR): You may request a copy of the personal data we hold about you, in accordance with Section 18 of the PDPO. Submit your request in writing (in Chinese or English) to support@moneyr.app.
Data Correction Request (DCR): You may request correction of any inaccurate personal data we hold about you, in accordance with Section 22 of the PDPO. Submit your request in writing (in Chinese or English) to support@moneyr.app.
Response Timeline: We will respond to DARs and DCRs within 40 calendar days of receiving your request.
Objecting to Data Use: You may object to our use of your personal data by contacting support@moneyr.app. Please note that this may impact your ability to use some or all of our services.
Withdrawal of Consent: If you wish to withdraw your consent for the use of your personal data, please discontinue using our services and notify us at legal@moneyr.app. Upon receiving your request, we will process it promptly. Withdrawal of consent may result in the termination of your access to our services and may have legal implications for our ongoing relationship.
Grounds for Declining Requests:
We may decline to comply with a DAR or DCR in the following circumstances:
Right to Erasure: You have the right to request erasure of your personal data. We will comply with erasure requests where the data is no longer needed for its original purpose, except where law, regulatory requirements, or public interest prevent such erasure. When you submit an erasure request, we may ask for identification to verify your identity.
Right to Complain: If you are not satisfied with our handling of your personal data, you have the right to lodge a complaint with the Privacy Commissioner for Personal Data, Hong Kong (www.pcpd.org.hk).
Moneyr services are not available to individuals under the age of 18. Age verification is enforced at registration: you must provide a date of birth confirming you are at least 18 years of age to create an account.
Moneyr does not knowingly collect personal data from individuals under 18. If we become aware that we have collected personal data from a person under 18, we will take steps to delete that data promptly.
If you believe that a person under 18 has provided personal data to Moneyr, please contact us at support@moneyr.app.
Our app and website may contain links to external websites or applications not operated by Moneyr. When you follow these links, this Privacy Policy no longer applies. We encourage you to review the privacy policies of any external platforms you visit. Moneyr is not responsible for the privacy practices of third-party websites or applications.
Website: Our website (moneyr.app) may use cookies — small data files stored on your device — for the following purposes:
Mobile Application: Our mobile application does not use browser cookies. Instead, it uses secure on-device storage for authentication tokens and local preferences storage for settings and user preferences.
Third-Party Tracking: Moneyr does not use third-party advertising trackers in our mobile application.
Managing Cookies: Most browsers accept cookies automatically. You can adjust your browser settings to reject cookies or to notify you when cookies are placed. Disabling cookies may affect your ability to use some features of our website.
Do Not Track (DNT): We acknowledge DNT signals from your browser. However, third-party services accessed through our platforms may not honor DNT requests. This Privacy Policy does not cover third-party tracking practices.
We may update this Privacy Policy from time to time. When we do, we will revise the “Last Updated” date at the top of this policy. If the changes are material, we will notify you by email (to the address associated with your account) or by providing notice through our services.
We encourage you to review this Privacy Policy whenever you access our services to stay informed about our data practices.
By continuing to use our services after changes to this Privacy Policy take effect, you agree to be bound by the revised policy.
If you have questions about this Privacy Policy, wish to exercise your rights, or need to make a Data Access Request or Data Correction Request, please contact us:
General Queries and Support:
support@moneyr.app
Legal and Privacy Matters (including DAR, DCR, erasure, and consent withdrawal):
legal@moneyr.app
Moneyr Limited
Company No. 79829784
Unit P25, 13/F, Kaiser Estate 3rd Phase
No. 11 Hok Yuen Street, Hung Hom
Kowloon, Hong Kong SAR
Privacy Commissioner:
If you wish to lodge a complaint regarding our handling of your personal data, you may contact the Privacy Commissioner for Personal Data, Hong Kong at www.pcpd.org.hk.