Privacy Policy

Last Modified: [April 9, 2026]

Introduction

Meld Universal Inc. ("Company", "We", or "Us") owner of http://www.meld.io, http://www.meldcrypto.com, and other websites as updated from time to time (the “Website”) respects your privacy and is committed to protecting it through our compliance with this policy

This policy describes the types of information we may collect from you or that you may provide to us or certain third parties when you visit our website or use our software and platform (“Services”) and our practices for collecting, using, maintaining, protecting, and disclosing that information.

This policy applies to information we collect when you access our Services via email, text, API, or other electronic formats. Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Services. By accessing or using these Services, you agree to this privacy policy. This policy may change from time to time, and your continued use of the Services after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

Children Under the Age of 16

Our Services are not intended for children under 16 years of age. No one under age 16 may provide any information to our Services. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information to our Services or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or username you may use. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at [contact@meld.io].

California residents under 16 years of age may have additional rights regarding the collection and sale of their personal information.

Information We Collect About You and How We Collect It

We collect several types of information from and about users of through our Services, including information by which you may be personally identified, such as name, e-mail address, telephone number, or any other identifier by which you may be contacted online or offline (“personal information”); and about your internet connection, the equipment you use to access our Services, and usage details.

We collect this information: directly from you when you provide it to us and automatically as you navigate through the site. Information collected automatically may include usage details, IP addresses, and information collected through cookies, web beacons, and other tracking technologies.

Identity Verification and Biometric Data Processing

To access certain features of our Services, you may be required to complete an identity verification process. As part of this process, we may collect (either directly or through a third-party service provider) personal information, including government identification data, photographs, and biometric information (such as facial images and facial scans).

We use third-party identity verification providers to assist with these services. These providers may process your personal information:

(i) on our behalf to verify your identity and prevent fraud; and

(ii) for their own independent purposes, such as fraud prevention, security, analytics, and improvement of their services.

These providers may compare your information against external databases and use it as part of broader fraud detection and prevention systems.

Where required by applicable law, we obtain your explicit consent for the collection and processing of biometric information.

In limited circumstances, we may also collect and retain your name, email address, or phone number from our payment application partners (“Reusable Identity Data”) to support a portability feature across participating applications that use Meld. This feature is separate from the broader identity-verification information that may be collected in connection with KYC, fraud prevention, or compliance processes. Any Reusable Identity Data functionality described in this Policy is limited to name and email address only and operates separately from any biometric or broader identity-verification processing performed by us or our third-party identity verification providers.

Your personal information may be transferred to and processed in countries outside your place of residence, like the United States, which may have different data protection laws. For more information about how our identity verification providers process your data, please refer to their privacy notices, which can be found at or near the point of data collection.

Information We Collect Through Automatic Data Collection Technologies

As you navigate through and interact with our Services, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including: details of your visits to our websites and usage of our Services, including traffic data, location data, logs, and other communication data and the resources that you use for access including your IP address, operating system, and browser type.

The technologies we use for this automatic data collection may include:

• Cookies (or browser cookies). A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our Website.

• Web Beacons. Pages of our Website and our e-mails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

How We Use Your Information

We use information that we collect about you or that you provide to us, including any personal information: to present our Services to you; to provide you with information, products, or services that you request from us; to fulfill any other purpose for which you provide it; to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection; to notify you about changes to our Services we offer or provide though it; in any other way we may describe when you provide the information; for any other purpose with your consent. We may also use your personal information for identity verification, fraud prevention, security monitoring, and to improve our Services, including through analytics and model development. We retain personal information for as long as necessary to fulfill the purposes described in this Policy, including to comply with legal, regulatory, and contractual obligations. Retention periods may vary depending on the nature of the data and applicable legal requirements. We may use Reusable Identity Data to streamline your later onboarding to, or transaction-enablement within, another participating platform that uses Meld, but only where we have obtained consent required by applicable law. For clarity, this functionality is limited to your name and email address and does not authorize sharing of your broader identity-verification file, government identification data, biometric data, address data, or other verification information unless separately disclosed and authorized.

Legal Basis for Processing (for EEA/UK users): Where applicable, we process your personal information on one or more of the following legal bases: (i) to perform our contract with you or take steps at your request prior to entering into a contract; (ii) to comply with our legal obligations; (iii) for our legitimate interests, such as fraud prevention, security, and improving our Services, where those interests are not overridden by your rights; and (iv) where required, based on your consent, including for the processing of biometric information and certain types of data sharing.

Disclosure of Your Information

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction. We may disclose personal information that we collect or you provide as described in this privacy policy: to our subsidiaries and affiliates; to contractors, service providers, and other third parties we use to support our business—some of these third parties may act as processors on our behalf, while others may act as independent controllers of your personal information and use it for their own purposes, as described in this privacy policy and their respective privacy notices; to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Company’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by Company. We may also disclose your personal information to comply with any court order, law, or legal process, including to respond to any government or regulatory request; to enforce or apply our terms of use and other agreements, including for billing and collection purposes; if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Company, our customers, or others. We may share your personal information with third parties that provide identity verification, fraud prevention, and compliance services. Some of these third parties may act as independent controllers of your personal information and may use it for their own purposes as described in their respective privacy notices. If you have enabled the Reusable Identity Data functionality, we may disclose your name and email address to platforms that use Meld, solely to streamline your later onboarding to, or transaction-enablement within, that platform if you choose to use it. We do not disclose broader identity-verification information under this functionality. Any participating platform that receives your Reusable Identity Data may use it only for that limited purpose, as further described in its own privacy notice and applicable terms. Where required by applicable law, including in connection with certain cross-application sharing of Reusable Identity Data, we rely on your consent. You may withdraw that consent at any time by contacting us at contact@meld.io or by using any in-product withdrawal mechanism we make available. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

Your Privacy Rights

We provide you with choices regarding the personal information you provide to us.

Tracking Technologies and Advertising. You can set your browser to refuse all or some browser cookies, or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of this site may then be inaccessible or not function properly.

We do not control third parties' collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative "NAI" on the NAI's website.

California Privacy Rights. If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our App that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to contact@meld.io

Additional Privacy Rights. Depending on your location, you may have certain additional rights regarding your personal information. These may include:

• Access: The right to request access to the personal information we hold about you.

• Correction: The right to request correction of inaccurate or incomplete information.

• Deletion: The right to request deletion of your personal information, subject to certain legal limitations.

• Data Portability: The right to request a copy of your personal information in a portable format.

• Objection or Restriction: The right to object to or request restriction of certain processing activities.

• Withdrawal of Consent: Where processing is based on consent (including biometric processing), the right to withdraw that consent at any time.

To exercise any of these rights, please contact us at contact@meld.io

In some cases, your personal information may be processed by third-party providers acting independently (such as identity verification providers). Where appropriate, we may direct your request to those providers or coordinate with them to fulfill your request.

Consent

By using the Services or submitting personal information to us, you consent to the collection, use, and disclosure of your information as described in this Policy, including sharing with third-party providers for identity verification, fraud prevention, and related purposes, and, where applicable, their independent processing as described in this Policy and their privacy notices. Where required by applicable law, we will request your consent through a separate user interface flow for specific processing activities, including certain sharing of Reusable Identity Data with another platform that uses Meld. In those cases, we will describe the data to be shared, the purpose of the sharing, and any relevant choices available to you at or before the time of collection or disclosure. At any time, you have the right to remove your consent to the collection, and future use and disclosure of your information, subject to reasonable notice and legal, contractual and technological limitations. You may make this request by sending an email to contact@meld.io

Data Security

We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure The safety and security of your information also depends on you. If we have given you a password for access to certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained through our Services.

Changes to Our Privacy Policy

It is our policy to post any changes we make to our privacy policy on this page. The date the privacy policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Website and this privacy policy to check for any changes.

Contact Information

To ask questions or comment about this privacy policy and our privacy practices, contact us at: contact@meld.io