Loading content...
Loading...
Legal Document
Last Updated: January 25th, 2026
BIEASES INC. is incorporated in the California with a registered address of 2603 Camino Ramon Suite 200, San Ramon, California 94583. BIEASES INC also has the trading name of "BIEASES".
BIEASES Wallet is a payment platform which serves both Private and Merchant customers by offering the functions of Recharge, Withdrawal, P2P transfer, P2B Transfer, International remittance as well as the online Payment. BIEASES Wallet provides a broad network of international transfers, and it brings our customers fast, secure, and simple payment solutions.
BIEASES is committed to protecting Personal Data and hold ISO27001 Global Information Security Certification.
This document outlines BIEASES's approach to privacy notice in regarding to all the personal data BIEASES processed in accordance with the ISO27001, SOC2, and CCPA. In this Privacy Policy, we provide customers with explanation on what kind of personal data we collect when customers use our services (Services).
This document shall be subject to periodic reviews in accordance with changes in:
When writing 'you', we mean you as -- a potential, existing or former client, our client's employee or other parties, such as beneficial owners, authorised representatives, business partners, other associated parties or a person contacting us by e-mail or using other communication means.
Senior Management must approve all changes before they are put into effect. Minor changes shall be reflected by incrementing the version number as 1.1, 1.2, 1.3, etc. Where significant changes to the document are made, these shall be reflected in a new version number as 1.0, 2.0, 3.0, etc.
We are responsible for ensuring security of your personal data made available to us, in particular to prevent unauthorized access to your data. We are also responsible for ensuring all users with the opportunity to benefit their rights regarding their own personal data.
When processing personal data, we follow the principles of:
As a registered data controller determining the purposes and means of processing personal data, BIEASES takes the confidentiality and integrity of its customer data very seriously. As stewards of customer information, BIEASES strive to assure all data is protected from unauthorized access whilst also ensuring that relevant data is available when needed.
BIEASES are also committed to ensuring that all personal data is handled in accordance with the Data Protection Laws, its principles, and any additional regulations and/or guidance laid out by the United States government or the other States law.
As part of its business operations, BIEASES ensures the safe, secure, ethical, and fair use of all personal data and always upholds the highest standards of data handling. BIEASES ensures that all employees understand, have access to, and can easily interpret this Data Protection Policy and its procedures.
The ISO27001, SOC2 and CCPA regulates the processing of personal data, which includes organisation, altering, adapting, retrieving, consulting on, storing, using, disclosing, transmitting, disseminating, or destroying any such data. As such BIEASES have put into place robust measures, policies, procedures, and controls concerning all aspects of personal data handling.
Data Protection Officer (DPO) is responsible for ensuring customer information is processed and protected correctly.
BIEASES has applied all relevant due diligence and screening procedures, to ensure that the DPO is suitably qualified and competent to carry out all obligations imposed upon the DPO by BIEASES.
BIEASES's Senior Management are responsible for ensuring that the DPO has sufficient autonomy, support, and resources to effectively carry out their responsibilities. The DPO is reassessed annually to ensure that they are aware and fully understand the responsibilities of their function and are sufficiently competent to meet such responsibilities.
The DPO reports directly to BIEASES's Senior Management during monthly meetings, the DPO seeks guidance and approval from Senior Management during such meetings. The DPO carries out an annual risk assessment to assess all risks related to data protection within BIEASES.
The DPO operates alongside the Money Laundering Reporting Officer (MLRO), the Chief Technology Officer (CTO), and any other relevant member of BIEASES's Senior Management. This is to ensure that all processes, systems, and employees comply with the requirements of the relevant data protection legislation, financial regulations, the prevention of financial crime, and industry best practice.
In the performance of their duties the DPO has the following responsibilities:
The personal data we collect can be grouped into the following categories:
| Type of information | Personal data |
|---|---|
| a) Basic personal data | First, last, middle, maiden names, job title, etc. |
| b) Identification information and other background verification data | Name, surname, personal identity code, date of birth, any other unique sequence of symbols granted to you, intended for personal identification, country of birth, address, nationality (in the case of a stateless person – the state which issued the identity document), citizenship, gender, copy of passport or ID card and its details (e.g., type, number, place and date of issuance, expiry date, MRZ code, signature), evidence of beneficial ownership or the source of funds (funds for account opening or transactions, occupation/employment information), source of wealth (information on how wealth was obtained), tax information (tax residence, tax identification number), number of shares held, voting rights or part of share capital, title, visually scanned or photographed image of your face or image that you provide through a mobile or desktop camera while using our identification application, video and audio recordings for identification. |
| c) Transaction Data | Such as currency, amount, location, date, time, IP address, payer's and payee's name and registration information, messages and documents sent or received with the payment. |
| d) Details of your activities in your website account or mobile application | History of the actions performed in your website account, mobile application, technical information, including the internet protocol (IP) address used to connect your computer to the internet, your log-in information (e.g., login time), browser type and version, time-zone setting, operating system and platform, type of device you use, unique device identifier. |
| e) Details of your activities in our website | History of the actions performed in our website, technical information, including the internet protocol (IP) address used to connect your computer to the internet, browser type and version, time zone setting, operating system and platform, type of device you use. |
| f) Details of your existing bank accounts | Financial institution account number, Routing number, Bank Account number, payment card number. |
| g) Information related to legal requirements | Data that enables us to perform anti-money laundering requirements and ensure the compliance with international sanctions, including the purpose of the business relationship and whether you are a politically exposed person / an immediate family member of a politically exposed person / a known associate of a politically exposed person, if at any time in the preceding year you have been entrusted with a prominent public function / are an immediate family member of a person who has been entrusted with a prominent public function / are a known associate of a person who has been entrusted with a prominent public function, and other data that is required to be processed by us in order to comply with the legal obligation to "know your client" (collected data will differ depending on the client's risk score). (KYC) |
| h) Information obtained and/or created to fulfil the requirements of applicable legislation | Data that the Company is required to provide to public authorities, such as tax administrators, courts, including data on income, payments and other information held by the Company. |
| i) Contact details | Phone number, e-mail, residential address. |
| j) Communication details | Content of email correspondence or any other form of communication with us (i.e., live chat, blogs, posts). |
| k) Information about your behavior | Social media account details, interests, product or service preferences, other information about your behavior and your activity on our website, mobile application. |
| l) Special category data | Biometric data. |
We will only use your personal data for the purpose for which we collected it which include the following:
We collect information you provide directly to us when you:
We may also receive your personal data from third parties. In particular:
There are several purposes of processing our customers' personal data.
| Purpose | Legal basis | Categories of personal data |
|---|---|---|
| a) To register an account | Data subject's consent. | • Basic personal data; • Contact details; • Other personal data needed. |
| b) To conclude the contract with you, or to take steps at your request prior to entering into a contract | Taking necessary steps before conclusion of the contract and/or conclusion of the contract; Legal obligations. | • Basic personal data; • Identification and other background verification data; • Contact details; • Other personal data needed (in order to evaluate the possibility of providing services). |
| c) To perform the contract concluded with you, including (but not limited to) provision of the Services | Performance of the contract; Legal obligations. | • Basic personal data; • Identification and other background verification data; • Monetary operation details; • Details of your activities in your website account or mobile application; • Details of your existing bank accounts; • Information related to legal requirements; • Contact details; • Communication details; • Other personal data needed (in order to evaluate the possibility of providing services). |
| d) To carry out ongoing Client Due Diligence (CDD) and manage ML/TF risk, identify, investigate and report suspicious activities and potential market abuse | Legal obligations. | • Basic personal data; • Identification and other background verification data; • Monetary operation details; • Details of your existing bank accounts; • Information related to legal requirements; • Contact details. • (the scope of processed personal data depends on the client's risk category, specific situation and may include all of the above categories of personal data or a part of this personal data) |
| e) To enable us to comply with anti-money laundering and anti-terrorist financing requirements and to enforce compliance with the requirements relating to sanctions (including Know Your Customer ("KYC") obligations, such as to determine the purpose of the business relationship and whether you are a politically exposed person, as well as the source of funds) | Legal obligations. | • Basic personal data; • Identification and other background verification data; • Monetary operation details; • Details of your existing bank accounts; • Information related to legal requirements; • Contact details; • Other personal data needed. |
| f) To comply with other legal requirements under applicable legislation in areas such as the provision of payment services, financial markets and financial services, market abuse, personal data protection, accounting and taxation | Legal obligations. | • Basic personal data; • Identification and other background verification data; • Information obtained and/or created in order to fulfil the requirements of applicable legislation; • Contact details; • Other personal data needed. |
| g) To identify you remotely | Your consent. | • Special category data. |
| h) To prevent, limit and investigate any misuse or unlawful use or disturbance of the Services or to establish, exercising and defend legal claims | Performance of the contract; Legitimate interest; Legal obligations. | • Basic personal data; • Identification and other background verification data; • Monetary operation details; • Details of your activities in your website account or mobile application; • Details of your activities in our website; • Details of your existing bank accounts; • Information related to legal requirements; • Contact details; • Communication details; • Other personal data needed (in order to evaluate the possibility of providing services). |
| i) To ensure adequate provisions of the Services, the safety of information within the Services, as well as to improve, develop and maintain applications, technical systems and IT-infrastructure | Legitimate interest. | • Basic personal data; • Contact details; • Details of your activities in our website; • Communication details; • Other personal data needed (in order to evaluate the possibility of providing services). |
| j) To assess the quality of our Services and improve and deliver a more personalized experience | Legitimate interest. | • Information about your behavior; • Communication details; • Details of your activities in your website account or mobile application; • Details of your activities in our website; • Contact details. |
| k) To provide an answer when you contact us via our website or other communication means | Your consent. | • Basic personal data; • Contact details; • Communication details; • Other personal data needed (in order to evaluate the possibility of providing services). |
We do not process special category data related to your health, ethnicity, or religious or political beliefs unless required by law or in specific circumstances where, for example, you reveal such data while using the Services (e.g., in payments details).
If you provide us personal data about other people (such as your spouse or family) or you ask us to share their personal data with third parties, you confirm that you have brought this Privacy Policy to their attention beforehand.
In order to perform your identity verification, we use the services provided by our partner (hereinafter -- "verification partners"). The Service Provider takes the photo images or video recordings of your face and your ID document that you provide through a mobile application or a dedicated website using the camera. For more information on our verification partners, please read their Privacy Policy.
Our verification partners' solutions are used for comparing live photographic data or video record of you and your ID document, to comply with legal obligations (e.g., implementation of the obligations under the Law on of the US Treasury's Financial Crimes Enforcement Network and other fraud and crime prevention purposes) and risk management obligations.
The result of the face similarity (match or mismatch) will be retained for as long as it is necessary to carry out verification and for the period required by anti-money laundering laws.
We ensure that your face similarity check is a process of comparing data acquired at the time of verification, i.e., this is a one-time user authorization by comparing person's photos to each other. Your facial template is not created, recorded or stored. It is not possible to regenerate the raw data from retained information.
Using our verification partners' services, personal data is used for your identification, since they verify the identity of the person in the identity document and the person captured in the photo. This process shall allow us to verify your identity more precisely and make the process quicker and easier to execute. If you do not feel comfortable with this identification method, you may contact us by e-mail at support@bieases.com for an alternative way to identify you if we can support by chance.
The following is a list of key recipients, to whom your personal data might be disclosed to:
Please note that, although no system of technology is completely secure, we have to implement appropriate security measures in order to minimize the risks of unauthorized access to or improper use of your personal information.
We and our third-party service providers that may be engaged in the processing of personal data on our behalf (for the purposes indicated above) are contractually obligated to respect the confidentiality of the personal data.
A variety of logical and physical security measures are used to keep your personal data safe and prevent unauthorized access, usage, or disclosure of it (the list indicated below is not exhaustive): we use antivirus software, information security policies, access restriction, we regularly review our information collection, storage, and processing practices to prevent unauthorized access to our systems, we use mandatory data encryption and password protection, carry out regular penetration tests and backup of data, etc.
We will keep your personal data for as long as it is needed for the purposes for which your data was collected and processed, including for the purposes to comply with any legal, regulatory, tax, accounting or reporting obligations. This means that we store your data for as long as it is necessary for provision of the Services and as required by the retention requirements in laws and regulations. It shall be determined by us, taking into account the legitimate purpose of the data retention, the legal basis and the principles of lawful processing of personal data.
The terms of data retention of the personal data for the purposes of the processing of the personal data as specified in this Privacy Policy are as follows:
In the cases when the terms of data keeping are indicated in the legislative regulations, the legislative regulations are applied.
We may retain your personal data for a longer period when:
Upon expiration of the retention period, we will delete and/or reliably and irrevocably depersonalize your data as soon as possible, within a reasonable time required to perform such action.
In case you are existing clients (i.e., you already use our Services), we may use your e-mail address for direct marketing purposes, but only with regard to products and/or services that are similar or related to the Services, and only if you do not object to such use of your e-mail address. You are also granted with a clear, free of charge and easily enforceable possibility to object or withdraw from such use of your contact details.
In other cases, we may use your personal data for the purpose of direct marketing, only if you give us your prior consent regarding such use of the data.
We are entitled to offer the services provided by our business partners or other third parties to you or find out your opinion on different matters in relation to our business partners or other third parties taking account of the legal basis for this, i.e., your prior consent.
In case you do not agree to receive these marketing messages offered by us, our business partners or third parties, this will not have any impact on the provision of Services to you as the client.
We provide a clear, free-of-charge and easily enforceable possibility not to give your consent or, at any time, to withdraw your consent to receive our marketing messages. We shall state in each notification sent by e-mail that you are entitled to object to the processing of the personal data, and to refuse receiving messages from us. You shall be able to refuse receiving our marketing messages by clicking on the respective link in each marketing e-mail received from us.
In some cases, we may use automated decision-making which refers to a decision taken solely on the basis of automated processing of your personal data.
Automated decision-making refers to the processing using, for example, a software code or an algorithm, which does not require human intervention.
We may use forms of automated decision making on processing your personal data for some services and products. You can request a manual review of the accuracy of an automated decision in case you are not satisfied with it.
For more information about your rights please see the section Your legal rights.
The data we collect from you may be transferred to, and stored at, a destination outside the United States of America. It may also be processed by staff operating outside the US who work for us or one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy. This can be done in a number of different ways, for example:
We may transfer personal data to a third country by taking other measures if it ensures appropriate safeguards as indicated in the SOC2, ISO27001, CCPA, or on the basis of derogations.
Under certain circumstances, you have rights under data protection laws in relation to your personal data including the right to receive a copy of the personal data we hold about you, the right to rectification if we hold incorrect data about you and the right to make a complaint at any time to the Office of Privacy and Civil Liberties, https://www.justice.gov/opcl.
If you access our information or Services through our website, you should be aware that we use cookies.
For more information on how to control your cookie settings and browser settings or how to delete cookies from your device, please read the Cookie Policy available on our website www.bieases.com .
Our website may contain links to other websites which are not operated by the Company. When you decide to click on these links and be led to such websites, we recommend familiarising yourself with their privacy policies or notices, cookie policies and/or other documents. BIEASES assumes no responsibility for the content, policies or practices of such third-party websites or services.
You may contact us by writing an e-mail to support@bieases.com