On this page
Legal
Modveon Privacy Policy
1. Introduction
This Privacy Policy explains how Modveon Inc. and its operating subsidiaries ("Modveon," "we," "us," or "our") collect, use, share, store, and protect your personal data when you use the Modveon platform and any Modveon-powered application, including Sivar in El Salvador (collectively, the "Services").
This Privacy Policy is divided into layered sections. Sections 1 through 9 apply to all users of the Services worldwide. Section 10 applies only to users in the United States and includes specific disclosures required under United States federal and state law. Section 11 applies only to users in El Salvador and includes specific disclosures required under Salvadoran law.
Your contracting entity for purposes of data protection is determined by your location:
- El Salvador users: Modveon El Salvador, S.A.S. de C.V., a company organized under the laws of the Republic of El Salvador.
- United States users: Modveon Payments LLC, a Delaware limited liability company.
This Privacy Policy should be read together with the Modveon Terms of Service and the applicable Country Addendum. By creating an account or using the Services, you confirm that you have read and understood this Privacy Policy.
2. Information We Collect
We collect only information necessary to provide and improve the Services, comply with legal obligations, and protect the integrity of our platform. We do not collect information for advertising or commercial profiling.
2.1 Information You Provide Directly
- Account profile information (username, profile photo, optional bio).
- Posts, comments, civic poll votes, complaint submissions, and other content you submit through the Services ("User Content").
- Communications with us through support channels (email, in-app support, WhatsApp).
- Information you provide in response to compliance requests or surveys.
2.2 Information Collected Through Identity Verification
When you create an account, we collect and verify the following information from your government-issued identity record through the applicable national identity database (the Registro Nacional de las Personas Naturales ("RNPN") in El Salvador, or its equivalent in your jurisdiction):
- Full legal name.
- Government-issued photograph.
- National identification number.
- Address of residence (used to assign you to your national, municipal, and district communities).
- Date of birth (for age eligibility verification).
2.3 Transaction and Wallet Information
- Transaction records (amount, recipient address, timestamp, transaction reference) for transfers initiated through the Services.
- Compliance and screening results from our transaction monitoring partners.
2.4 Automatically Collected Technical Information
- Device information (model, operating system, app version).
- IP address and approximate location derived from IP address.
- Session timestamps, login records, and authentication events.
- Application performance, crash, and error data.
- General usage analytics (pages viewed, features used, in-app navigation patterns).
2.5 Information from Third Parties
- Identity verification confirmations from the RNPN or equivalent national identity system.
- Compliance screening results from sanctions and transaction monitoring providers.
- Payment status from on-ramp and off-ramp partners.
2.6 What We Do Not Collect
We do not collect:
- Your contact lists, address books, or messages from other applications.
- Background location data when the App is not in use.
- Browsing history outside of the Services.
- Biometric data beyond the photograph stored in your government identity record.
- Sensitive personal data is not collected.
3. How We Use Your Information
We use your personal data for the following purposes only:
(a) Identity verification and account creation — to verify your eligibility to use the Services and to assign you to the correct civic communities.
(c) Compliance with applicable law — including anti-money laundering and counter-terrorism financing ("AML/CFT") obligations, sanctions screening, regulatory reporting, and responding to lawful legal process.
(d) Platform integrity and security — to detect and prevent fraud, abuse, unauthorized access, and other threats; to investigate suspected violations of our Terms; and to maintain the security of our systems.
(e) Customer support and communication — to respond to your inquiries, complaints, and requests; to send you transactional communications related to your account and transactions (such as one-time passcodes, transfer confirmations, and security alerts).
(f) Service improvement — to analyze how the Services are used, identify and fix technical issues, and improve features.
(g) Legal and regulatory obligations — to comply with our legal obligations, enforce our Terms, and protect the rights, property, or safety of Modveon, our users, or others.
We do not use your personal data for:
- Targeted advertising or behavioral advertising.
- Selling or renting to third parties for their commercial use.
- Building consumer profiles for marketing purposes.
5. International Data Transfers
The Modveon platform's primary infrastructure is located in the United States, on Google Cloud Platform servers. If you are located outside the United States, your personal data will be transferred to, stored, and processed in the United States.
By creating an account and using the Services, you consent to the transfer of your personal data to the United States. We maintain contractual, technical, and organizational safeguards designed to protect your data during international transfer and at rest, including:
- Encryption in transit (TLS 1.2 or higher) and at rest (AES-256 or equivalent).
- Access controls, role-based permissions, and audit logging for all administrative access.
- Contractual data protection terms with all sub-processors that meet or exceed our internal standards.
6. Data Retention
We retain your personal data only as long as necessary to provide the Services, comply with applicable law, and resolve disputes.
For full details on data retention, including jurisdiction-specific retention periods, see Sections 10 and 11.
6.1 Account Data
Your profile, identity verification, and account configuration data are retained for the duration of your active account.
6.2 Transaction and Compliance Records
Transaction records, identity verification records, and AML/CFT compliance data are retained for a minimum of fifteen (15) years from the date of the relevant transaction or account closure, whichever is later. This retention period reflects mandatory legal requirements and cannot be shortened on user request.
6.3 User Content
Posts, comments, and other User Content remain visible while the relevant community exists. Audit and moderation logs may be retained longer for security and accountability purposes.
6.4 Technical and Usage Data
Device, session, and usage data are retained for up to 24 months from collection for security, fraud prevention, and service improvement purposes, after which they are aggregated or deleted.
6.5 Closed Accounts
When your account is closed, your personal data is deleted from active systems within 30 days, except for data we are required to retain for legal, regulatory, audit, or dispute resolution purposes.
7. Data Security
We apply technical and organizational security measures designed to protect your personal data, including:
- Encryption of data in transit and at rest.
- Access controls, role-based permissions, and audit logging for all administrative actions.
- Multi-factor authentication for internal access to sensitive systems.
- Regular security monitoring, vulnerability assessment, and patching.
- Vendor security reviews for all sub-processors that handle personal data.
- Incident response procedures for security events.
Despite these measures, no online service can guarantee absolute security. You are responsible for:
• Maintaining the security of the device on which you use the Services.
• Protecting your login credentials.
• Notifying us immediately of any suspected unauthorized access to your account at support@modveon.com.
8. Your Rights and Choices
Depending on your jurisdiction, you have certain rights regarding your personal data. The specific rights available to you, and the procedures for exercising them, are set out in Sections 10 (United States users) and 11 (El Salvador users) below.
In all jurisdictions, you may:
- Access your information. Request a copy of the personal data we hold about you.
- Correct your information. Request correction of inaccurate or incomplete data.
- Close your account. End your relationship with us at any time, subject to legal retention obligations.
- Withdraw consent. Withdraw consent for any data processing that is based on your consent (subject to limitations described in this Policy).
- Contact us. Submit any privacy-related question or request to support@modveon.com.
We will respond to all requests within the timeframes required by applicable law.
9. Children's Privacy
The Services are not directed to children under the age of 18. You must be at least 18 years old to create an account or use the Services.
We do not knowingly collect personal data from children under 18. If we become aware that we have collected personal data from a child under 18 without verified parental consent (where required), we will delete that information promptly. If you believe we have inadvertently collected information from a child under 18, please contact us at support@modveon.com.
10. United States Users — Additional Disclosures
This Section applies only if you are a user located in or accessing the Services from the United States. It is provided in addition to, and forms part of, this Privacy Policy.
10.1 Annual Privacy Notice (Gramm-Leach-Bliley Act)
The notice required under the Gramm-Leach-Bliley Act ("GLBA") and 12 CFR Part 1016 is set out below in the standard regulatory format.
FACTS — WHAT MODVEON PAYMENTS LLC DOES WITH YOUR PERSONAL INFORMATION
Why? Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully.
What? The types of personal information we collect and share depend on the product or service you have with us. This information can include name, address, and contact details; government identification information; transaction history and account balances; and device and usage data.
How? All financial companies need to share customers' personal information to run their everyday business. The chart below shows the reasons we can share your personal information; the reasons Modveon Payments LLC chooses to share; and whether you can limit this sharing.
To limit our sharing. Federal law gives you the right to limit only sharing for affiliates' everyday business purposes (creditworthiness information), affiliates using your information to market to you, and sharing for non-affiliates to market to you. Modveon does not engage in any of the sharing categories above for which you would have a right to opt out, so there is nothing to opt out of.
Questions? Contact us at support@modveon.com or visit modveon.com.
Who we are. Modveon Payments LLC, a Delaware limited liability company.
What we do to protect your information. To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings. For full details, see Section 7 of this Privacy Policy.
How we collect your personal information. We collect your personal information, for example, when you open an account, use our Services, provide account information, or interact with us. We also collect your personal information from others, such as identity verification providers, compliance partners, and the RNPN.
Definitions. Affiliates — companies related by common ownership or control. Our affiliates include Modveon Inc. and Modveon El Salvador, S.A.S. de C.V. Non-affiliates — companies not related by common ownership or control. Joint marketing — a formal agreement between non-affiliated financial companies that together market financial products or services to you. We do not engage in joint marketing.
| Reasons we can share | Does Modveon share? | Can you limit this? |
|---|---|---|
| For everyday business purposes — processing transactions, maintaining accounts, responding to court orders and legal investigations, reporting to regulators | Yes | No |
| For our marketing purposes — to offer our products and services to you | No | We do not share |
| For joint marketing with other financial companies | No | We do not share |
| For our affiliates' everyday business purposes — information about your transactions and experiences | Yes | No |
| For our affiliates' everyday business purposes — information about your creditworthiness | No | We do not share |
| For non-affiliates to market to you | No | We do not share |
10.2 California Residents — CCPA / CPRA Rights
If you are a California resident, you have the following rights under the California Consumer Privacy Act and the California Privacy Rights Act of 2020:
- Right to Know. You may request disclosure of: (a) the categories of personal information we have collected about you; (b) the categories of sources from which we collected it; (c) the business or commercial purpose for collecting it; (d) the categories of third parties with whom we share it; and (e) the specific pieces of personal information we hold.
- Right to Delete. You may request deletion of personal information we hold about you, subject to exceptions for information we are required to retain by law (including AML/CFT and financial record retention obligations).
- Right to Correct. You may request correction of inaccurate personal information.
- Right to Opt Out of Sale or Sharing. Modveon does not sell your personal information and does not share your personal information for cross-contextual behavioral advertising. There is nothing to opt out of. You may exercise this right at any time by contacting us, and we will confirm in writing.
- Right to Limit Use of Sensitive Personal Information. You may direct us to limit our use of sensitive personal information to the purposes described in CCPA Regulations §7027. We use sensitive personal information only for the purposes permitted under that section, but we will honor any such request.
- Right to Non-Discrimination. We will not deny you services, charge different prices, or provide a different level of service because you exercised any CCPA right.
How to Submit a Request. Submit a verifiable consumer request to support@modveon.com or through modveon.com/privacy. We will respond within 45 days. We may extend this period by an additional 45 days where reasonably necessary, with prior written notice.
You may designate an authorized agent to make a request on your behalf. We will require verification of the agent's authority before responding.
Categories of Personal Information Collected (Last 12 Months). For purposes of CCPA disclosure, in the past 12 months we have collected the following categories of personal information about California residents: identifiers; personal information categories listed in the California Customer Records statute; commercial information; internet or other similar network activity; geolocation data (approximate); and inferences drawn from the above. We have not collected biometric information beyond the photograph in government identity records, sensitive personal information beyond government identification numbers (used for verification only), or any of the other CCPA-enumerated categories.
10.3 Other State Laws
Where applicable, residents of other US states with comprehensive privacy laws (Virginia, Colorado, Connecticut, Utah, and others) may have rights similar to those described above. To exercise any such right, contact us at support@modveon.com.
11. El Salvador Users — Additional Disclosures
This Section applies only if you are a user located in or accessing the Services from El Salvador. It is provided in addition to, and forms part of, this Privacy Policy. The Spanish-language version of this Privacy Policy will be the governing version for El Salvador users.
11.1 Your Rights Under the Ley de Protección de Datos Personales (LPDP)
Under the LPDP, you have the following rights with respect to personal data processed by Modveon El Salvador:
- (a) Right of Access (Derecho de Acceso). You may request information about what personal data we hold about you, the purposes for which it is processed, and the categories of recipients with whom it is shared.
- (b) Right of Rectification (Derecho de Rectificación). You may request correction of inaccurate or incomplete personal data.
- (c) Right of Erasure (Derecho de Cancelación / Supresión). You may request deletion of your personal data, subject to our legal obligations to retain certain records (including AML/CFT and CNAD record retention requirements).
- (d) Right to Portability (Derecho de Portabilidad). You may request your personal data in a structured, commonly used, and machine-readable format.
- (e) Right to Object (Derecho de Oposición). You may object to processing of your personal data where that processing is not required by law or by the performance of our agreement with you.
- (f) Right to Limitation (Derecho de Limitación). You have the right to request the restriction of the processing of your personal data, in accordance with the provisions set forth under the LPDP.
To exercise any of these rights, submit a request to support@modveon.com. We will respond within twenty (20) business days; this period may be extended for justified reasons by up to an additional twenty (20) business days, in accordance with the LPDP.
11.2 Lawful Basis for Processing
Consistent with the LPDP's opt-in model, we process your personal data only on the basis of:
- (a) Your explicit, informed, free, and specific consent, obtained at account creation and at relevant points in the Services.
- (b) The performance of our contractual obligations to you under the Modveon Terms of Service and El Salvador Country Addendum.
- (c) Our legal obligations under applicable Salvadoran law, including AML/CFT, CNAD, UIF reporting, and consumer protection requirements.
You may withdraw consent at any time by contacting us at support@modveon.com. Withdrawal of consent may limit or prevent your ability to use the Services.
11.3 Cross-Border Transfer of Your Data
Your personal data is processed and stored on Google Cloud Platform servers located in the United States. By creating a Sivar account and using the Services, you provide your explicit consent to the transfer of your personal data to the United States for processing in accordance with this Privacy Policy. We have implemented contractual and technical safeguards designed to ensure that your data receives a level of protection in the United States that is consistent with the LPDP.
11.5 Data Retention in El Salvador
AML/CFT and CNAD records are retained for a minimum of fifteen (15) years from the date of the relevant transaction or account closure, whichever is later. This retention period reflects mandatory legal requirements and cannot be shortened on user request.
11.6 Sub-Processors and Cross-Border Transfers
A current list of sub-processors that may process your personal data, including any that are located outside El Salvador, is maintained at modveon.com/sub-processors.
11.7 Right to Lodge a Complaint
You have the right to lodge a complaint with:
- The Defensoría del Consumidor at defensoriadeconsumidor.gob.sv or hotline 910, for consumer protection and complaint handling matters.
- The Comisión Nacional de Activos Digitales (CNAD) for matters relating to digital asset services.
- The Agencia de Ciberseguridad del Estado (ACE) for matters related to personal data privacy.
- Any competent court of the Republic of El Salvador.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or the Services.
For material changes, we will provide at least 30 days' advance notice through in-app notification and to your registered contact before the change takes effect. Material changes include changes to:
- The categories of personal data we collect.
- How we use or share personal data.
- Your rights or how to exercise them.
- The purposes for which we process personal data.
For non-material changes, we will update the "Last Updated" date at the top of this Privacy Policy, and the change will take effect upon posting.
A complete change log of all versions of this Privacy Policy is maintained at modveon.com/privacy/changelog.
13. Contact Us
For any privacy-related question, request, or concern:
- Email: support@modveon.com
- Website: modveon.com
- El Salvador: sivarapp.sv
For United States users with questions about the GLBA Annual Privacy Notice or CCPA rights, please specify the nature of your request when you contact us.