Privacy Policy

Last Updated: June 2026

1. Introduction & About Us

This Privacy Policy explains how Granite Peak Global Inc. (“Talaps,” “we,” “us,” or “our”) collects, uses, shares, and protects your personal information when you use the Talaps app and our related services.

Granite Peak Global Inc. is a financial technology company, not a bank or money transmitter. We offer a self- and non-custodial wallet. While we are registered with FinCEN as a Money Services Business (MSB), all regulated financial services (including US virtual bank accounts, investing, and asset ramping) are provided through our licensed partners.

  • Age Requirement: You must be 18 or older to use our Services. We do not knowingly collect data from minors.
  • Your Consent: By using Talaps, you agree to the collection and use of your data as outlined below.

2. Information We Collect

2.1 Information You Provide

  • Account & KYC Data: Full name, date of birth, gender, physical address (and proof of address), email, phone number, employment details, estimated monthly deposits, source of funds, government ID, tax identification numbers (SSN/TIN), and linked external bank account details.
  • Communications: Messages, images, or documents you send via our support channels (Intercom, WhatsApp, email).

2.2 Automatically Collected Information

  • Technical Data: Device model, operating system, unique identifiers, IP address, network info, and approximate location.
  • App Performance & Analytics:
    • Sentry: For crash reporting and app stability.
    • PostHog: To analyze how you use the app. (EEA/UK users: This tracks only with your explicit consent).

2.3 Third-Party & Blockchain Data

  • Partners: Data from identity verification and compliance partners.
  • Blockchain Network: When interacting with the Base blockchain, transactions (wallet addresses, amounts, and timestamps) are public and permanently recorded. This data cannot be deleted or modified.
  • Derived Data: Inferences we make regarding risk assessments and service eligibility.

3. How We Use Your Information

We process your data to:

  • Deliver Core Services: Connect you to partner banks, facilitate deposits/withdrawals, enable yield-earning and investing, and provide self-custody wallet tools.
  • Compliance & Security: Verify your identity (KYC), monitor for anti-money laundering (AML), prevent fraud, and secure your account.
  • Support & Product Improvement: Fix bugs, respond to queries, analyze app usage, and develop new features.
  • Automated Decision-Making: Use automated partner systems for fraud screening and KYC eligibility. You can request a manual review if affected.

4. Legal Basis for Processing (EU/EEA/UK Users)

If you reside in the EEA or UK, we process data under these legal grounds:

  • Legal Obligation: KYC and financial regulatory compliance.
  • Contractual Necessity: Delivering core services and handling support.
  • Legitimate Interest: Fraud prevention, security, and crash reporting.
  • Consent: PostHog analytics and sharing data with advertising partners.

5. How We Share Your Information

  • Financial & Infrastructure Partners: Shared with licensed financial institutions, database hosts, support platforms, and wallet infrastructure providers to run our services.
  • Advertising Partners: With your consent (required for EEA/UK), we may share hashed identifiers with Meta to measure ad effectiveness.
  • Legal Requirements: When required by law enforcement, regulators, or during a corporate merger/asset sale.

6. International Data Transfers

All personal data is stored and processed on cloud infrastructure in the United States. For EEA/UK users, transfers to the US are protected using European Commission-approved Standard Contractual Clauses. You can request a copy via privacy@talaps.com.

7. Data Retention & Security

  • Retention: Active account data is kept indefinitely. If you deactivate your account, we retain data for 5 years to comply with financial regulations, after which it is deleted.
  • Security: We safeguard your data using data encryption (in transit and at rest), strict need-to-know access controls, and secure authentication protocols.

8. Your Privacy Rights

Depending on your location, you have rights regarding your personal data:

8.1 EEA & UK Users (GDPR)

You have the right to access, correct, restrict, object to, or port your data, as well as withdraw consent or request deletion.

Note: We cannot delete data that we are legally required to retain for financial regulatory compliance.

8.2 California Residents (CCPA)

You are entitled to know what personal data we collect, how it is used, and to request its deletion. To exercise any of these rights, contact us at privacy@talaps.com. We respond within 30 days.

9. Third-Party Links & Policy Changes

  • External Links: Our app may contain links to third-party sites. We are not responsible for their privacy policies.
  • Policy Updates: We will notify you of material changes by posting the updated policy in the app with a revised “Last Updated” date.

10. Contact Us

For questions regarding this policy or your data, please contact us at privacy@talaps.com.