Privacy Policy for Phoenix Market

Last Updated: April 20, 2026

  1. Scope

Phoenix Market, built by Suave Money Inc. (“Phoenix Market,” “we,” “our,” “us”), respects your privacy. This Privacy Policy describes how we collect, use, share, and protect personal information in connection with your access to and use of the Phoenix Market application, website, and related services (collectively, the “Services”), in compliance with applicable laws and Apple App Store requirements.

Phoenix Market operates a peer-to-peer, non-custodial marketplace that enables users to exchange USDC and fiat directly with one another using their own wallets and bank accounts. This Privacy Policy applies only to personal information collected by Phoenix Market through the Services and does not apply to information collected directly by third parties, including banks, wallet providers, blockchain networks, or other external services.

By using the Services, you acknowledge and agree to the practices described in this Privacy Policy.

  1. Information We Collect

Phoenix Market collects only the minimum personal information reasonably necessary to operate a peer-to-peer marketplace and coordinate transactions. The categories of personal information we may collect include:

  • Account Information: email address, wallet address, and user-selected identifiers

  • Transaction Metadata: timestamps, transaction status, amounts, and order parameters (excluding full bank transaction histories)

  • Proof Submissions: user-submitted information or files provided to demonstrate completion of a fiat payment

  • Usage and Device Information: device type, operating system version, app version, crash and error logs, and interaction data used to maintain security and improve performance

  • Network Information: IP addresses and connection data are automatically generated by standard internet protocols, used for security, fraud prevention, and service delivery. Because IP addresses may indicate approximate location, they are treated as personal data under applicable law.

  • Blockchain Transactions: If you interact with smart contracts, your transactions are publicly recorded on the blockchain. This is by design of blockchain networks and outside our control.

  1. Information We Do Not Collect

Phoenix Market is designed to minimize data collection and does not collect, store, or access:

  • Bank login credentials or banking passwords

  • Wallet private keys, seed phrases, or recovery phrases

  • User account passwords for banks or wallets

  • Full bank transaction histories

  • Authentication secrets or credentials of any kind

  • Health or other sensitive personal data

  • Contacts or calendar information

  • Precise geolocation data

  • Data used for third-party advertising or marketing profiling

Unlike financial data aggregators such as Plaid, Phoenix Market does not request, receive, or store users’ banking credentials, nor does Phoenix Market access bank accounts on a user’s behalf. Users interact directly with their banks through bank-controlled interfaces.

  1. Bank Interaction Process

Phoenix Market does not operate as a bank, financial institution, or data aggregator.

When users interact with their bank in connection with a transaction:

  • Users authenticate directly with their own bank

  • Phoenix Market does not intercept, store, or transmit bank credentials

  • Any bank interface displayed in the Services is embedded or redirected but remains fully controlled by the bank

  • Phoenix Market receives only limited confirmation signals or user-submitted proof, not credentials or account access

Phoenix Market does not have the ability to view, initiate, modify, or cancel bank transactions and does not maintain persistent access to any bank accounts.

  1. How We Use Information

Phoenix Market uses the information it collects solely for legitimate operational purposes, including to:

  • Facilitate matching between buyers and sellers

  • Coordinate and verify proof submissions

  • Prevent fraud, abuse, or misuse of the platform

  • Monitor platform integrity and security

  • Diagnose crashes, fix bugs, and improve product functionality, reliability, and user experience

  • Comply with applicable legal and regulatory obligations

Phoenix Market does not use personal information for third-party advertising, cross-app tracking, or profiling unrelated to the operation of the Services.

  1. Data Sharing and Disclosure

Phoenix Market does not sell or rent your personal information.

Phoenix Market may share limited personal information only as necessary in the following circumstances:

  • Infrastructure Providers: such as hosting, analytics, or security service providers that support the operation of the Services, subject to confidentiality and security obligations

  • Legal and Regulatory Authorities: Where required to comply with applicable law, regulation, subpoena, court order, or lawful governmental request

Phoenix Market does not share sensitive financial credentials, as such information is not collected.

  1. Blockchain Transparency Notice

Blockchain transactions initiated through the Services occur on public blockchain networks.

Users acknowledge and understand that:

  • On-chain transactions and wallet addresses may be publicly visible

  • Phoenix Market cannot alter, delete, or obscure blockchain records

  • Phoenix Market does not control blockchain networks or transaction visibility

  • Users are solely responsible for maintaining wallet privacy and managing on-chain activity

Phoenix Market does not anonymize or obfuscate blockchain data beyond what is inherently provided by the underlying network.

  1. Data Security

Phoenix Market employs reasonable administrative, technical, and organizational measures designed to protect personal information, including:

  • No storage of sensitive financial credentials, including bank login credentials, passwords, private keys, or recovery phrases

  • Least-privilege access controls, limiting access to user data to authorized personnel and systems on a strict need-to-know basis

  • Encryption in transit (TLS/SSL) and encryption at rest where appropriate

  • Monitoring and safeguards designed to detect unauthorized access or misuse

  • Periodic security reviews of infrastructure and smart contracts

While Phoenix Market takes reasonable steps to protect personal information, no system is completely secure, and Phoenix Market cannot guarantee absolute security of user data.

  1. International Use and Transfers

Phoenix Market Services are accessible globally. Personal information may be processed and stored in the United States or other jurisdictions where our infrastructure providers operate. Where personal data is transferred across borders, Phoenix Market relies on appropriate safeguards under applicable law (such as Standard Contractual Clauses under the GDPR) and applies the same privacy and security standards described in this Policy regardless of where data is processed.

  1. Data Retention

Phoenix Market retains personal information only for as long as reasonably necessary to:

  • Provide and maintain the Services

  • Comply with legal, regulatory, or contractual obligations

  • Resolve disputes and enforce agreements

  • Prevent fraud and misuse of the platform

Users may request deletion of personal information that Phoenix Market is able to delete, including account-level identifiers and user-submitted content, subject to applicable law. For the avoidance of doubt, blockchain transaction data is publicly recorded and immutable; Phoenix cannot delete on-chain data recorded on the public ledger.

Phoenix Market cannot delete or alter personal information that must be retained for legal, security, or compliance purposes, such as historical transaction metadata.

When deletion is requested and permitted, Phoenix Market will take reasonable steps to remove personal information from active systems, subject to lawful retention obligations.

  1. Your Rights and Controls

Subject to applicable law, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), users may have the right to:

  • Access personal information Phoenix Market holds about them

  • Correct inaccurate or incomplete personal information

  • Request deletion of personal information, where feasible and legally permitted

  • Object to or restrict certain processing activities

  • Receive a portable copy of personal information where applicable

  • Withdraw consent, where processing is based on consent

Some personal information may be exempt from deletion or modification due to legal, security, or technical constraints, including blockchain records and transaction logs required for fraud prevention.

Requests to exercise these rights may be submitted through the contact information in Section 14. Phoenix Market may require verification of identity before processing certain requests. Phoenix Market will not discriminate against users who exercise their privacy rights.

  1. Children’s Privacy (COPPA Compliance)

Our Services are not directed to children under 13 (or the age of digital consent in your jurisdiction). We do not knowingly collect any data from children. If we discover unintentional collection, we will delete it immediately.

  1. Regulatory and Compliance Framework

Phoenix Market is a non-custodial peer-to-peer marketplace and is not a bank, financial institution, or money transmitter. Phoenix Market does not accept, hold, or transmit fiat or cryptocurrency on behalf of users.

Users remain subject to the AML/KYC requirements imposed by their own banks, payment providers, and wallet services. Phoenix Market does not perform identity verification or customer due diligence equivalent to that of a bank or money transmitter, as Phoenix Market does not handle user funds.

This Privacy Policy is written to align with, among other frameworks:

  • Apple App Store Review Guidelines (Sections 5.1.1–5.1.2)

  • General Data Protection Regulation (GDPR)

  • California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA)

  • Children’s Online Privacy Protection Act (COPPA)

Phoenix Market cooperates with lawful requests from courts, regulators, or government authorities where required by applicable law.

  1. Contact Information

If you have questions, concerns, or wish to submit a User Rights request, please contact:

Phoenix Market / Suave Money Inc.

Email: support@phoenix.market

  1. Dispute Resolution

f you have an unresolved privacy concern that we have not addressed satisfactorily, you may escalate it by contacting:

  • Your local data protection authority (for GDPR jurisdictions, including the right to lodge a complaint with a supervisory authority)

  • The California Attorney General’s Office or California Privacy Protection Agency (for CCPA/CPRA)

  • The Federal Trade Commission (FTC) in the United States

  1. Changes to This Privacy Policy

Phoenix Market may update this Privacy Policy from time to time to reflect changes in the Services, legal requirements, or data practices. Phoenix Market will provide notice of material changes by updating the “Last Updated” date above and, where appropriate, via an in-app notice or other reasonable communication method. Continued use of the Services after the effective date of an updated Privacy Policy constitutes acceptance of the revised policy.