Contro Privacy Policy

Effective Date: 01 May 2025

Contro (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard your personal information when you use our website, mobile application, and services.

By using Contro, you agree to the terms of this Privacy Policy.

1. Information We Collect

We collect personal information only as necessary to provide our services and comply with regulatory requirements. This includes:

  • Identity Verification Data: Full name, date of birth, national ID/passport, address, and selfie — collected and processed by our third-party KYC provider, Didit.

  • Financial Information: Collateral, wallet, and transaction details.

  • Card Usage Data: If you use our crypto card, we collect usage data as required by our card program partners.

2. How We Use Your Information

We use your data to:

  • Verify your identity and comply with regulatory requirements.

  • Provide access to Contro’s features and services.

  • Monitor for fraud and suspicious activity.

  • Fulfill our obligations to our payment and card program partners.

  • Communicate updates and support you when needed.

3. How We Share Your Information

We do not sell, rent, or trade your personal data.

We share data only when necessary and only with the following trusted partners:

  • Didit – for KYC verification and regulatory compliance.

  • Visa – to enable the issuance and usage of the Contro Visa card.

  • Reap Technologies and Interlace – card program managers and infrastructure providers.

These partners are bound by strict data protection obligations and process your information only as required to deliver Contro’s services.

4. Data Retention

We retain your personal information as long as necessary to fulfill the purposes described in this policy, including legal, regulatory, and fraud prevention requirements.

5. Data Security

We implement industry-standard technical and organizational measures to protect your data, including encryption, access control, and audit logging.

6. Your Rights

Depending on your location, you may have rights to:

  • Access or receive a copy of your data.

  • Request correction or deletion of your data.

  • Object to or restrict processing.

  • Withdraw consent where processing is based on consent.

Please contact us at [email protected] to exercise your rights.

7. Children’s Privacy

Contro is not intended for use by individuals under the age of 18. We do not knowingly collect data from minors.

8. International Transfers

Your data may be transferred and processed outside your country of residence, including jurisdictions where data protection laws may differ. We ensure appropriate safeguards are in place.

9. Changes to This Policy

We may update this Privacy Policy to reflect legal, technical, or business changes. We encourage you to review this page regularly. Changes are effective when posted.

10. Contact Us

If you have questions or concerns about this Privacy Policy or your data, contact us at:

Email: [email protected]
Address: M1-07-05, Menara 8Trium, Jalan Cempaka SD 12/5, Bandar Sri Damansara, 52200, Kuala Lumpur, Malaysia.