DATA PRIVACY POLICY OF ABROAD FINANCIAL TECHNOLOGIES LTD
Effective Date: February 1, 2025
Last Updated: October 25, 2025
This Privacy Policy explains how Abroad Financial Technologies Ltd (“Abroad”, “we”, “us”, or “our”) collects, uses, shares, and protects your personal information. By accessing or using our services, you acknowledge that you have read and understood this policy and consent to the processing of your data as described herein.
1. Overview
This Privacy Policy explains how Abroad Financial Technologies Ltd (“Abroad”, “we”, “us”, or “our”) collects, uses, shares, and protects personal data in compliance with the UK Data Protection Act 2018 and the General Data Protection Regulation (GDPR).
Abroad provides technological infrastructure (APIs) that connects digital wallets, fintech companies, and financial institutions, enabling payment, conversion, and liquidity operations using both blockchain and traditional finance rails.
We operate globally from the United Kingdom, with partnerships in Colombia (through Traguatan S.A.S.) and Brazil (through a licensed local partner). Abroad acts as Data Controller for all personal data processed under its infrastructure.
2. Data Processing Scope
Abroad does not directly serve retail consumers but processes data for compliance, transaction verification, and operational security related to its B2B clients and their users. This includes:
- Identity verification (KYC and KYB) via withpersona.com.
- Transaction monitoring and risk analysis (AML/CFT and KYT compliance).
- Integration with licensed financial entities for fund custody and settlement.
3. Data Controller
Abroad acts as the data processor for our clients (digital wallets and other payment service providers) with the technology that we process. Our clients are the data controllers who determine the purposes and means of processing personal data.
If you are a user of a digital wallet or payment service provided by one of our clients, please refer to their privacy policy for details on how they collect, use, and store your personal data.
4. Information We Collect
As a payment infrastructure provider, we do not collect personal data directly from end-users (such as consumers). However, we collect the following types of information from our clients:
- Client and Service Provider Information: Business name, contact details, account information, and other administrative data related to our relationship with the client.
- Payment Information: Transaction details, including payment amounts, timestamps, and blockchain-related data required to facilitate payments.
- Technical Data: Information related to the interactions between our platform and the client’s system, such as IP addresses, device identifiers, and blockchain transaction identifiers.
- Financial and transactional data (wallet addresses, transaction history, risk indicators.
- Behavioral and risk profiling (source of funds, transactional patterns, KYT alerts)
- Verification data: identity information and screening lists processed through withpersona.com.
Since we do not process personal data directly from end-users, any personal data required for the execution of payments is processed and managed by our clients.
6. Legal Basis for Processing Your Data
Under the GDPR, we process personal data based on the following legal basis:
For more information, or to exercise any of these rights, please contact your digital wallet provider or payment service provider directly.
11. Data Protection and Rights
Individuals may request: access, correction, deletion, restriction, or portability of their data by contacting
legal@abroad.finance.
All requests will be handled in line with GDPR timelines and standards.
Cross-border transfers follow
Standard Contractual Clauses (SCCs) and equivalent safeguards.
9. International Transfers
As part of providing our services, personal data may be transferred outside of the European Economic Area (EEA) or the United Kingdom. If data is transferred internationally, we ensure that appropriate safeguards are in place, such as the use of Standard Contractual Clauses (SCCs) or other legal mechanisms required by the GDPR or UK GDPR and Data Protection Act 2018 to protect your data.
10. Your Data Protection Rights
As our role is limited to processing data on behalf of our clients, individuals seeking to exercise their rights under the GDPR should contact the data controller (our client) directly.However, if you are a customer of Abroad, and you believe we have data on you, you may contact us directly to make a request related to your rights under data protection laws. These rights include:
For more information, or to exercise any of these rights, please contact your digital wallet provider or payment service provider directly.
11. Data Protection and Rights
Individuals may request: access, correction, deletion, restriction, or portability of their data by contacting
📧
legal@abroad.finance.
All requests will be handled in line with GDPR timelines and standards.
12. Security
We implement appropriate technical and organizational measures to ensure the security of the personal data processed on our platform, including data encryption, secure servers, and access controls. However, as a service provider, we rely on our clients to ensure that personal data is processed securely on their end.
13. Cookies
We use cookies and similar technologies to provide and improve our services, analyze usage, and ensure the security of our platform. You may manage cookie preferences through your browser settings and check our Cookies Policy.
14. Changes to This Privacy Policy
We may update this Privacy Policy periodically. Any updates will be posted on this page with the effective date. We encourage you to review this policy regularly to stay informed about how we are protecting your data.
15. Final Notes
By using our services (directly or via a client platform), you consent to the processing, transmission, and analysis of your personal data by Abroad and our verified service providers, in accordance with this policy.
16. Validity
This data privacy policy is effective as of October 21, 2025 and applies to all Services performed from the date of their publication and thereafter.This data privacy policy may be modified from time to time by ABROAD and such modifications shall be deemed applicable to the Services performed after the corresponding modification.
Disclaimer: Applicable Jurisdiction for Users in Colombia
For more information, or to exercise any of these rights, please contact your digital wallet provider or payment service provider directly.
11. Data Protection and RightsIndividuals may request: access, correction, deletion, restriction, or portability of their data by contacting
legal@abroad.finance.
All requests will be handled in line with GDPR timelines and standards.
If you reside in Colombia or access our services from within Colombian territory, please note that the processing of your personal data is governed both by this Privacy Policy and by the Personal Data Processing Policy issued by Traguatan S.A.S., in accordance with Colombian data protection regulations, including Law 1581 of 2012, Decree 1377 of 2013, and any other applicable provisions.
Circular 01 of 2025 reinforces the principles of demonstrated responsibility, risk management, and traceability in data processing, as well as the obligation to implement a Comprehensive Personal Data Management Program (PIGD).
By using our services, you provide your prior, express, and informed consent for your personal data to be processed under both policies. In case of any conflict between provisions, the Colombian legal framework will prevail for users located in Colombia.
Abroad Financial Technologies Ltd. acts as the Controller of personal data, while Traguatan S.A.S. acts as the Local Processor for operations in Colombia.
Data Protection Officer (DPO):
Tannia Valenzuela – 📧 legal@abroad.finance
.svg)
