Privacy Policy

Effective Date: January 5th, 2026

Equalize Technologies, Inc. ("Equalize," "we," "our," or "us") respects your privacy and is committed to protecting personal information. This Privacy Policy explains how we collect, use, disclose, and protect information when you use our website and self-custodial crypto wallet application (the "Services").

1. Scope and Availability

This Privacy Policy applies to users worldwide. Our Services may not be available in certain jurisdictions, and we may restrict or deny access to users based on location, applicable law, or the requirements of third-party service providers.

2. Data Minimization Principle

We collect and process only the minimum personal data necessary to enable users to access and interact with third-party regulated services integrated into our Services.

The specific categories of data required are determined by applicable laws and the requirements of third-party regulated service providers, not by Equalize. We do not collect personal data unless it is required to provide access to a requested feature or service.

3. Information We Collect

Identity Verification and Regulated Services

Certain features of the Services require interaction with third-party regulated service providers, which impose legal and regulatory requirements such as identity verification and compliance checks.

When required, identity verification is performed by third-party providers, including Sumsub, which collect and process personal data such as:

  • Government-issued identification documents
  • Biometric information (e.g., facial images or selfies)
  • Related verification and compliance information

Users are informed of these requirements and must explicitly approve the sharing of their data with the applicable third-party provider before verification occurs. Users are also provided access to the relevant third party's privacy policies, data processing terms, and legal documentation prior to submitting any information.

Equalize does not store raw identity documents or biometric data in its internal systems. We may access verification results and limited metadata (such as verification status, identifiers, and timestamps) solely for compliance, fraud prevention, and eligibility determination purposes.

Information We Collect Directly

We may collect limited information directly, including:

  • Account or wallet identifiers
  • Device or usage information
  • Communications sent to us (e.g., support requests)
  • Operational and security metadata

4. How We Use Information

We use information solely to:

  • Provide, operate, and maintain the Services
  • Enable access to third-party regulated services
  • Comply with legal and regulatory obligations
  • Prevent fraud, abuse, and security incidents
  • Respond to user inquiries and legal requests

5. Legal Basis for Processing

Depending on the user's location and the nature of the processing, we rely on one or more of the following legal bases:

  • compliance with legal obligations
  • legitimate interests (such as fraud prevention and platform integrity)
  • user consent, where required

6. Access Controls

Access to personal data, including identity verification results, is restricted to authorized personnel only and granted strictly on a need-to-know basis.

We maintain administrative, technical, and organizational safeguards designed to prevent unauthorized access, misuse, or disclosure.

7. Data Retention

Unless a longer period is required by applicable law:

  • Identity verification data for approved users is retained for up to five (5) years after account closure
  • Data relating to rejected or unsuccessful verification attempts is retained for up to ninety (90) days
  • Equalize's internal systems retain only limited verification metadata and do not store raw verification artifacts

8. Data Sharing

We do not sell personal data.

We may share information with:

  • third-party service providers acting on our behalf (including regulated identity verification providers)
  • law enforcement, regulators, or courts where required by law
  • successors or acquirers in connection with a corporate transaction

Third-party service providers process personal data in accordance with their own privacy policies and legal obligations, and we are not responsible for their independent data practices.

9. International Data Transfers

Your information may be processed and stored in countries other than your country of residence. Where required, we rely on appropriate safeguards to support international data transfers.

10. Your Rights

Depending on your location, you may have rights to:

  • request access to personal data
  • request correction or deletion
  • object to or restrict certain processing activities

Requests may be submitted to: requests@getgrowapp.co

11. Security

We implement reasonable technical and organizational measures designed to protect personal data. However, no system can be guaranteed to be completely secure, and we cannot guarantee absolute security.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on our website with an updated effective date.