Log in Get API key
Legal

Privacy policy

How eKYC Pro collects, uses, and safeguards personal data under GDPR and applicable local law. We are a privacy-first fraud intelligence provider — signals only, no retention of submitted identifiers.

Last updated: April 2026

We're excited that you're interested in our company. Protecting data is a top priority for eKYC Pro's management team. While our website can be used without revealing personal data, using specific services might require processing such data. We always seek the individual's consent when processing personal data is necessary and there's no legal basis for it.

Handling personal data — such as names, addresses, email, or phone numbers — always complies with the General Data Protection Regulation (GDPR) and local data protection laws applicable to eKYC Pro. Through this statement, we aim to inform people about how we collect, use, and process personal data, and about their associated rights.

As the data handler, eKYC Pro has adopted extensive technical and organizational measures to maximize the protection of data processed on our website. However, data transmission over the Internet can have security vulnerabilities, so we cannot guarantee absolute safety. Consequently, individuals can choose to send us their data through other methods, like phone calls, and are responsible for the security of the data they transmit.

1. What data we process

When you use the eKYC Pro website or API, we may process the following categories of personal data:

  • Contact data — name, business email, phone number, company, country, and any message you submit through our contact forms.
  • API identifiers — phone numbers and email addresses that your systems submit to our fraud intelligence API for risk signal lookup.
  • Technical data — IP address, browser type, referrer, timestamps, and derived session information for security, logging, and service quality monitoring.
  • Marketing data — subscription preferences, consent records, and engagement with our communications.

2. How we process API identifiers

Phone numbers and email addresses submitted to the eKYC Pro risk intelligence API are processed in-memory and discarded at request close. We do not index, retain, or use submitted identifiers for model training. The API returns boolean registration signals and derived risk scores only — not profile data, not names, not email contents.

3. Legal basis

We process personal data on the following legal grounds: (a) performance of a contract where you have engaged our services; (b) your consent — which you may withdraw at any time; (c) our legitimate interests in securing our platform and operating our business; and (d) compliance with legal obligations.

4. Data sharing & subprocessors

We do not sell personal data. We share data with vetted subprocessors only as necessary to deliver the service (e.g., cloud hosting, security monitoring, payment processing, and customer support tooling). A current list of subprocessors is available on request through the Data Processing Agreement (DPA).

5. International transfers

Data residency options are available: you can choose US, EU, or APAC region processing to match your regulatory requirements. Where cross-border transfers are necessary, we rely on Standard Contractual Clauses or other mechanisms recognized under GDPR.

6. Retention

Contact form submissions are retained for as long as necessary to respond to your inquiry and for legitimate follow-up, typically no longer than 24 months. API logs are retained only as long as necessary for billing, security, and troubleshooting purposes. Submitted API identifiers (phone numbers, emails) are not retained — see section 2.

7. Your rights

Under GDPR and comparable frameworks, you have the right to access, rectify, erase, restrict, or object to the processing of your personal data, and the right to data portability. To exercise any of these rights, contact us using the form on our homepage or by emailing privacy@ekycpro.com. You also have the right to lodge a complaint with your local data protection authority.

8. Security

All API traffic is encrypted with TLS 1.3. Any transient data is encrypted with AES-256 before storage. We operate scoped API keys, per-environment isolation, and auditable call logs. For security questionnaires, evidence packs, or DPA terms, contact us and we will route you to the right team.

9. Cookies

Details of how this site uses cookies are provided separately in our Cookie policy.

10. Changes to this policy

We may update this policy from time to time to reflect service changes, legal developments, or operational improvements. Updates are posted on this page with a revised "last updated" date.

11. Contact

For privacy questions, DPA requests, or to exercise your rights: use our contact form or email privacy@ekycpro.com.

← Back to home

Chat on WhatsApp