Privacy Policy: Your Data, Our Commitment
At MantaPay, we're committed to transparency and protection of your personal information. Our comprehensive privacy policy outlines how we collect, use, and safeguard your data while providing our innovative payment services.
Contact Us
1. Information We Collect and How We Use It
1
Personal Information You Provide
When you create an account, register for our services, or contact us, we collect various identifiers such as your full name, email address, physical address, phone number, username, and profile details (e.g., birthdate, gender, if voluntarily provided). To comply with Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations, we may also request and collect verification documents, including government-issued identification (e.g., driver's license, passport) and proof of address (e.g., utility bills). We also record your communication preferences, such as your opt-in/out status for newsletters and marketing communications. Any demographic data (e.g., age range, income bracket) you choose to share is entirely optional and is used to better understand our user base and tailor our service offerings, always with your explicit consent.
2
Service Usage and Device Data
We automatically gather data on how you interact with MantaPay services, providing insights into service improvement and security. This includes usage data such as login times, the specific features you access, content viewed, search queries, referral sources (e.g., websites that led you to us), and the pages you visit. We also collect technical information about your device and network, including your device type, operating system, browser type, unique device identifiers, mobile network information, and crash reports. Your IP address is recorded, and we may collect geolocation data (both precise and approximate) to prevent fraud and offer localized services where applicable. This information helps us improve functionality, detect potential fraud through behavioral analytics and transaction monitoring, and optimize overall performance and user experience.
3
Third-Party Data Sources
To enhance our services and maintain a secure environment, we may receive information from various trusted third-party partners. These include identity verification services, financial institutions, and anti-fraud agencies, which provide data necessary for account security and regulatory compliance. We also integrate with analytics providers, such as Google Analytics, to collect aggregate data on website traffic, application performance, and user engagement metrics, helping us understand user behavior without identifying individuals. If you choose to connect your MantaPay account with social media platforms, we may receive profile data (e.g., public profile information) according to your privacy settings on those platforms, to facilitate improved login or sharing features. Additionally, we may utilize data enrichment services that provide information from public records and marketing databases to enhance our understanding of our user base and improve personalized service delivery, always while maintaining our commitment to privacy and adhering to data protection laws.

Your data enables us to provide, maintain, and improve our services, comply with legal obligations, conduct security monitoring, and communicate important updates or offers with your consent.
2. Sharing, Security, and Your Rights
Data Sharing
We share your information only when necessary to provide our services, comply with legal obligations, or with your explicit consent. This includes sharing with essential service providers such as secure cloud infrastructure providers (e.g., AWS, Azure), payment processors (e.g., Stripe, PayPal), and analytics platforms (e.g., Google Analytics). Such sharing is based on legitimate business interests and contractual necessity. All third-party service providers are bound by strict Data Processing Agreements (DPAs) that require them to protect your data in accordance with our privacy standards and applicable laws. "Explicit consent" means we will obtain your clear, affirmative agreement before sharing your data for purposes outside of core service provision or legal compliance.
As a global company, your data may be transferred to and processed in countries outside your jurisdiction, including but not limited to the European Union and the United States. We ensure that such international transfers are protected by appropriate safeguards in compliance with data protection laws. These safeguards include relying on adequacy decisions by regulatory bodies (where applicable), implementing Standard Contractual Clauses (SCCs), or adhering to Binding Corporate Rules (BCRs) approved by competent supervisory authorities. Additionally, technical and organizational measures like encryption and pseudonymization are applied to further protect data during transfer. Users have the right to inquire about these safeguards and, in certain circumstances, obtain copies of the relevant transfer mechanisms.
Security Measures
MantaPay employs industry-leading security measures to protect your data:
Encryption Standards: We utilize AES-256 encryption for data at rest and TLS 1.3 for data in transit, ensuring your information is secure both on our servers and during transmission.
Multi-Factor Authentication (MFA): Mandatory for all access, MFA supports various methods including TOTP (Time-based One-Time Password) apps, biometrics, and hardware security keys to prevent unauthorized logins.
Continuous Monitoring Systems: Our security operations include 24/7 continuous monitoring, utilizing advanced Intrusion Detection Systems (IDS), anomaly detection algorithms, and a dedicated Security Incident Response Team (SIRT) to promptly identify and neutralize potential threats.
Compliance Certifications: MantaPay adheres to stringent international security standards, holding certifications such as SOC 2 Type II, ISO 27001, and PCI DSS (where applicable for payment processing).
Data Backup and Disaster Recovery: To ensure data availability and resilience, we implement regular encrypted data backups and maintain comprehensive disaster recovery plans with geographically dispersed recovery sites.
Employee Security Training and Access Controls: All employees undergo mandatory, regular security awareness training. Access to sensitive data is strictly controlled on a least privilege basis, with regular audits of access rights.
Regular Security Audits and Penetration Testing: We conduct periodic independent security audits and penetration tests to proactively identify and mitigate vulnerabilities within our systems.
Incident Response Procedures: Our robust Incident Response Plan ensures a structured approach to identifying, containing, eradicating, recovering from, and learning from any security incidents, minimizing potential impact.
Your Privacy Rights
Depending on your jurisdiction, you have robust rights concerning your personal data. MantaPay is committed to facilitating the exercise of these rights, aligning with global privacy regulations such as the General Data Protection Regulation (GDPR) in Europe, the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA) in the United States, the Lei Geral de Proteção de Dados (LGPD) in Brazil, and PIPEDA in Canada. Your rights may include:
  • Right to Access: You have the right to request a copy of the personal data we hold about you.
  • Right to Rectification: You can request that any inaccurate or incomplete personal data we hold about you be corrected or updated.
  • Right to Erasure ('Right to be Forgotten'): You can request the deletion of your personal data under certain circumstances, for example, when the data is no longer necessary for the purposes for which it was collected.
  • Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller without hindrance.
  • Right to Object to Processing: You can object to the processing of your personal data under certain conditions, including for direct marketing purposes.
  • Right to Restrict Processing: You have the right to request the restriction of processing your personal data, for example, if you contest the accuracy of the data.
  • Rights Related to Automated Decision-Making and Profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, unless certain exceptions apply.
You can typically exercise these rights through your account settings on the MantaPay platform. For requests not available via self-service tools, or if you require further assistance, please contact our dedicated support team through the channels provided in our Privacy Policy. We will respond to your request in accordance with applicable laws.
Children's Privacy
MantaPay is strongly committed to protecting the privacy of children. Our services are not directed at, nor do we knowingly collect personal data from, individuals under the age of 16 without verifiable parental consent. We implement age verification processes at various touchpoints to minimize the risk of underage users accessing our services without proper authorization. These processes may include requesting birthdate information upon registration or when accessing age-restricted features.
In the event that we discover personal data has been collected from a child under 16 without verifiable parental consent, we will take immediate and reasonable steps to promptly delete that data from our records. We encourage parents and guardians to monitor their children's internet usage and to instruct them not to provide personal information through our services without their permission.
Our practices comply with the Children's Online Privacy Protection Act (COPPA) in the United States, and we adhere to similar child data protection principles outlined in regulations like the GDPR-K (GDPR-Kids) and the UK Age Appropriate Design Code (also known as the Children's Code). We are dedicated to providing specific protections for minors, including limitations on data collection, restrictions on targeted advertising, and enhanced security measures for any data associated with underage users if parental consent is obtained for limited service use.
3. Data Retention, Policy Updates, and Contact Information
Retention Period
We retain your personal data only as long as necessary to fulfill the purposes outlined, comply with legal requirements, resolve disputes, and enforce agreements.
Policy Updates
This Privacy Policy may be updated periodically to reflect changes in laws, technology, or our practices. We notify users of significant changes via email or prominent notices on our platform.
Cookies and Tracking Technologies
We use cookies and similar tools to enhance user experience, analyze traffic, and provide personalized content. You can manage your cookie preferences through your browser settings.

Contact Us
For questions, concerns, or to exercise your privacy rights, please contact our Data Protection Officer at:
Email: privacy@mantapay.com
Help Center: mantapay.com/support