Privacy Policy

  1. General
    1. This privacy policy (“Privacy Policy”) governs the manner in which AIR PAY INC., legal entity located at 2093A Philadelphia Pike, Suite 462, Claymont, DE 19703, USA (“MilX”, “we”, “us”, or “our”), collects, uses, processes, stores, and discloses information received from users of our website https://milx.app/ (“Website”) and/or users of our MilX mobile application, and/or our MilX web application available on the Website (“Application”) in order to provide users with services available through Application (“Services”).
    2. This Privacy Policy has incorporated provisions of the US Privacy Act of 1974 and other data protection laws and regulations.
    3. We respect the privacy of all users of the Application and the Website. The users’ Personal Data is treated confidentially and in compliance with applicable laws and regulations.
    4. We collect and process Personal Data to provide our Services to you, ensure the proper functioning of our Services, identify you, and ensure the security of our Services.
    5. This Privacy Policy applies to the Application, Website, Services, and products offered by MilX.
    6. By using the Application, Website, Services, and products offered by MilX, you express your consent to the terms of this Privacy Policy.
    7. Our products comply with Google API Services User Data Policy, including the Limited Use requirements. Use and transfer of data received from Google APIs to any app will adhere to Google API Services User Data Policy, including the Limited Use requirements.
    8. This Privacy Policy is an integral part of our User Agreement.
    9. If you have any questions regarding this Privacy Policy or your Personal Data, please contact our Data Protection Officer at [email protected].
  2. Personal Data collection and use

    1. We collect the following Personal Data:

      1. Personal Data that you provide us for registration or while using the Application and/or Website, including:

        1. your contact details: surname, name, company name, email address, telephone number;
        2. upon additional request for certain types of operations: residential address and other data.
      2. Know Your Customer (KYC) Personal Data from you, third parties, or publicly available sources, including results of KYC or Politically Exposed Person (PEP) checks, including information collected by our service suppliers.
      3. Personal Data we receive for AML/CFT (Anti-Money Laundering / Countering the Financing of Terrorism) purposes.

      4. Personal Data you provide as part of your Account with MilX, including:

        1. password;
        2. login;
        3. marketing preferences.

      5. Personal Data relating to your use of our Services, including:

        1. your orders and instructions to us;
        2. your transactions using your Account with MilX, accounts, including your accounts with third-party banks and financial institutions, payment card details, etc., and the amount, originator, or beneficiary, and time and date of the transfers you make or receive;
        3. information about the digital device through which you access our Services, such as device type, operating system, screen resolution, unique device identifiers, or mobile network system;
        4. IP address and name of the city nearest to you at the time of registration and at the time of the last login to the Application;
        5. date and time of login and requests.

      6. Personal Data in your correspondence with us by email, telephone, messaging, online chats, social media, or otherwise, including:

        1. whether you have clicked on links in electronic communications from us, such as the URL clickstream to our Website;
        2. Personal Data that you provide in response to our surveys.

      7. Personal Data that we collect from third parties to register you as a customer or provide you with Services:

        1. Personal Data related to payments to or from your accounts provided by payment processing services, banks, card schemes, and other financial service firms;
        2. Personal Data from credit reference agencies or fraud prevention agencies.

      8. Personal Data that we collect through your use of our Application or Website, including:

        1. device information;
        2. hardware and browser settings;
        3. date and time of visits;
        4. the pages you visit, the length of the visit, your interactions with the page, methods to browse away from our Website, and search engine terms you use;
        5. IP address.

    2. We may use your Personal Data as follows:

      1. We may use Personal Data that you provide to register with us to:

        1. process your registration request;
        2. on-board you as a customer;
        3. provide our products and Services;
        4. manage and administer our Services;
        5. administer your Account in the Application;
        6. communicate with you about your Account in the Application and our Services;
        7. send personalized offers of services and products.

      2. We may use Know Your Customer (KYC) Personal Data to:

        1. carry out regulatory checks and meet our obligations to our regulators;
        2. help us ensure that our customers are genuine and to prevent and detect crime, such as fraud, money laundering, terrorist financing, and other offenses, including those involving identity theft.

      3. We may use Personal Data that you provide as part of your Account with MilX to:

        1. manage and administer your Account;
        2. communicate with you about your Account and our Services.

      4. We may use Personal Data relating to your use of our Services to:

        1. manage and administer our Services and systems;
        2. check if you are in a location or using a device consistent with our records, in order to help prevent fraud;
        3. develop and improve our Services based on analyzing this information, the behaviors of our users, and the technical capabilities of our users;
        4. ensure effective communication with customers and train our personnel.

      5. We may use Personal Data that we collect from third parties to:

        1. register you as our customer;
        2. provide Services to you;
        3. manage and administer our Services and systems;
        4. prevent and detect fraud.

      6. We may use Personal Data that we collect through your use of our Application and/or Website to:

        1. develop new Services;
        2. identify and eliminate issues with the Application and Website;
        3. monitor the way our Application, Services, and Website are used in order to determine the locations they are accessed from, devices they are accessed from, places where our customers have come from online (e.g., links on other websites or advertising banners); and understand and analyze peak usage times, the functionality and information that are the most and least accessed, the structure of our customers, the ways that our Application and Website are used by different groups of users, and what attracts our customers to our Application, Website and Services.
  3. Rights of the Personal Data subject

    1. You have the following rights with respect to your Personal Data:

      1. Right to be informed – You have the right to be informed about the collection and use of your Personal Data and the following information: who has collected and processed Personal Data; the purposes for processing your Personal Data; retention periods for Personal Data; and who Personal Data will be shared with, etc.
      2. Right to access – You have the right to obtain confirmation from us as to whether or not your Personal Data is being processed, the purposes of the processing, the categories of Personal Data collected, the recipients to whom the Personal Data has been or will be disclosed, etc.
      3. Right to rectification – You have the right to obtain from us rectification of inaccurate Personal Data concerning you as well as the right to have incomplete Personal Data completed.
      4. Right to erasure (“right to be forgotten”) – You have the right to ask for the deletion of your Personal Data if the Personal Data is no longer necessary in relation to the purposes for which it was collected or otherwise processed or if there is no other legal ground for the processing.
      5. Right to restriction of processing – You have the right to ask us to restrict further processing of your Personal Data, so that in each case the data may be processed only with separate consent from you or as otherwise provided by data protection laws.
      6. Right to data portability – You have the right to receive your Personal Data in a structured, commonly used, machine-readable format, and the right to transmit that data to another controller where technically feasible.
      7. Right to object – You have the right to object at any time, on grounds relating to your particular situation, to the processing of your Personal Data if there are no legitimate grounds for processing it which override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims.
      8. Right to withdraw – You can withdraw your consent to your Personal Data being processed if you believe that we do not have the proper rights to do so.
      9. Right to delete your Account in the Application - You can delete your Account in the Application as well as delete your Personal Data according to Section 14 herein.
    2. To exercise your rights, please contact our Data Protection Officer at [email protected].
  4. Direct marketing
    1. Please note that if you have given explicit consent to marketing communications, this can be withdrawn at any time. You can also unsubscribe from our marketing communications.
    2. Please be aware that from time to time we may need to contact you regarding Application and/or Website operation issues or to adhere to the requirements of the User Agreement.
  5. Legal requirements
    1. We need to collect certain types of Personal Data to comply with legal requirements relating to our anti-fraud, anti-money-laundering, counter-terrorist financing, and Know Your Customer obligations. If this Personal Data is not provided, we cannot provide our Services to you.
    2. Your Personal Data may also be processed if it is necessary on reasonable request by a law enforcement or regulatory authority, body, or agency or in the defense of a legal claim. We will not delete Personal Data if relevant to an investigation or dispute. It will continue to be stored until the investigation is complete or the dispute is fully resolved.
  6. Personal Data we do not process
    1. We take children’s privacy very seriously, and therefore we deliberately do not collect or process personal data of children under the age of 13. By using our Application, Services and/or Website you confirm that you are at least 18 years old, otherwise, you confirm that you are older than 13 years old and have obtained the corresponding consent from your parent or legal guardian. If we find that a child under 13 years old has misrepresented their age we will immediately terminate such cooperation.
    2. We do not process any sensitive personal information, such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health, or data concerning a natural person’s sex life or sexual orientation.
  7. Security of Personal Data
    1. We use a variety of physical, technical, and administrative security measures to ensure the confidentiality of your Personal Data and protect your Personal Data from loss, theft, unauthorized access, misuse, alteration, or destruction, as well as from other illegal actions of third parties.
    2. We implement security measures such as data encryption when in transit and storage, data storage diversification, strict physical access controls to buildings and files, anonymization technology, asset diversification, strict physical access by a minimal number of individuals, using multisign access tools, and compliance with confidentiality commitments.
    3. We make sure that we regularly review our information security policies and measures and improve them when necessary.
  8. Sharing your Personal Data
    1. We do not sell, trade, or rent our users’ Personal Data to any third parties. We may transfer certain Personal Data of users (such as your contact and/or identification information) to third-party financial institutions in exceptional cases when required by the rules and policies of such financial institutions, in order to identify users and provide them with our Services.
    2. Users acknowledge and consent that we can transfer their Personal Data to third parties that carry out KYC checks and fraud database checks. Such third parties have been assessed by us and guarantee compliance with legislation on personal data processing and with this Privacy Policy.
  9. Retention of Personal Data
    1. We retain your Personal Data only for those periods necessary to fulfill the various purposes outlined in this Privacy Policy unless a longer retention period is required or allowed by law.
    2. For the purposes of complying with our legal obligations and the world industry standards for Personal Data storage, you give us consent and permission to keep records of such information throughout the term of your Account as well as for Personal Data indicated in item 14.3 herein for five (5) years after the closure or deletion of your Account.
    3. We may store your Personal Data for longer than is required by law as long as it is in our legitimate business interests and not prohibited by law.
  10. Personal Data disclosure
    1. We may disclose some of your Personal Data to our partners and/or our affiliated and associated companies ("Partners") who provide services to you or work with us to provide you with the Services if they are bound by an obligation to ensure an adequate level of protection of your Personal Data. We provide such data to Partners with the limited purpose of providing and offering services and/or Services for you.
    2. We may disclose your Personal Data in accordance with the law or court order, in court proceedings, and/or based on requests from government authorities in or outside the territory of your country of residence. We may also disclose your Personal Data if we determine that such disclosure is necessary or appropriate for national security and/or law enforcement.
    3. We may also disclose your Personal Data if we determine that the disclosure is necessary to enforce the MilX User Agreement or protect our activities and our users.
  11. Personal Data transfers
    1. We may transfer to and store your Personal Data that we collect in countries other than the country in which the data was originally collected, including countries outside the USA, the European Economic Area (“EEA”), the United Kingdom, and Switzerland. Those countries may not have the same data protection laws as the country in which you provided the data. When we transfer your Personal Data to other countries, we will protect the data as described in this Privacy Policy and comply with applicable legal requirements providing adequate protection for the transfer of data to countries outside the EEA, the United Kingdom, and Switzerland.

    2. If you are located in the EEA, the United Kingdom, or Switzerland, we will only transfer your Personal Data if:

      1. the country to which the Personal Data will be transferred has been granted a European Commission adequacy decision; or
      2. we have put in place appropriate safeguards in respect of the transfer; for example, we have entered into EU standard contractual clauses and required additional safeguards with the recipient, or the recipient is a party to binding corporate rules approved by an EU, UK, or Swiss supervisory authority.
  12. Cookies
    1. Cookies are text files placed on your computer to collect standard internet log information and visitor behavior information. When you visit our Website, we may automatically collect information about you using cookies or similar technology. For more information on cookies, you may visit www.allaboutcookies.org.

    2. We use cookies in a variety of ways to improve your experience with our Website, including:

      1. enabling you to stay logged in;
      2. understanding how you use our Website;
      3. analyzing the behavior and interests of our Website visitors.
    3. We use the data we receive from the cookies on our Website to generate reports. We analyze these reports to make changes to the operation of the Website that will improve the client and user experience.

    4. There are several kinds of cookies. Our Website uses two:

      1. Functional – We use these cookies so that we can recognize you on our Website and save your previously selected settings, which may include your preferred language and location.
      2. Advertising – We use these cookies to collect information about your visits to the Website, the content viewed, the links you followed, and information about your browser, device, and IP address.
    5. We may sometimes transfer some of this data to third parties for advertising purposes. We may also transfer data collected through cookies to newsletter service providers. This means that when you visit another Website, you may be shown advertisements based on your views on our Website.
    6. You can set your browser so that it does not accept cookies. Visit www.allaboutcookies.org to learn how to delete cookies from your browser. However, in such cases, some Website features may not work.
    7. We use Google Analytics, a web analytics tool that helps us understand how users engage with our Website. Like many services, Google Analytics uses first-party cookies to track user interactions. In our case, they are used to collect information about how users use our Website. This information is used to compile reports and to help us improve our Website. These reports disclose Website trends without identifying individual visitors.
  13. Account security measures, camera permission
    1. To gain access to the Аccount, the user must provide their valid email address and confirm it by using the link provided in the email sent to the specified address. This process ensures the security and confidentiality of the user's Account, confirming that only the owner of the email address has access to the Account.

    2. For additional Account protection, we offer users the following features:

      1. The ability to set up two-factor authentication (2FA).
      2. The option to utilize facial recognition technology (Face ID).
    3. Certain features of the Application (for example, the use of Face ID) may require access to the user's device camera. We commit to not using the camera without the user's permission and to not store or transmit video recordings without proper notification and consent from the user. The camera will not operate outside the Application.
  14. Account and Personal Data deleting
    1. You have the right to delete your Account in the Application as well as certain Personal Data stored by MilX at any time upon completion of all pending transactions in which you participate, payment of applicable fees, and fulfillment of all other obligations arising from use of the Services.
    2. To delete an Account in the Application, go to the "My Profile" section and click "Delete Account". If you have any technical problems, including but not limited to the lack of access to your Account, you can contact our Data Protection Officer at [email protected].

    3. Together with the Account, we also undertake to delete your Personal Data, with the exception of the following information:

      1. Personal data provided by you during registration or while using the Application and/or Website, including your contact details: surname, name, company name, email address, telephone number, residential address;
      2. Know Your Customer (KYC) Personal Data;
      3. Personal Data we receive for AML/CFT purposes;
      4. Information about your balance and transaction history.
    4. We store your Personal Data specified in item 14.3 herein because the storage of such information is necessary to prevent and detect crimes and fulfill our obligations to prevent and detect crime, such as fraud, money laundering, terrorist financing, and other offenses.
    5. Your Personal Data defined in item 14.3 herein may be necessary for a certain investigation or dispute. We will not delete Personal Data if it is necessary for any investigation or dispute. They will be retained until the investigation is complete or the dispute is fully resolved.
  15. Privacy policy of other sites and applications
    1. Our Website and Application may contain links to other websites and applications. Our Privacy Policy only applies to our Website and Application, so if you follow a link to another website or application, you should check their privacy policy.
  16. Changes to the Privacy Policy
    1. We reserve the right to amend the Privacy Policy at our discretion and at any time.
    2. Any changes to this Privacy Policy will take effect from the moment it is published in the Application and/or on the Website unless otherwise stipulated herein.
    3. You shall regularly review the Privacy Policy and pay attention to its revisions.
    4. Your continued use of our Application, Website, and Services following the posting of changes constitutes your acceptance of the amended Privacy Policy.
    5. This Privacy Policy was last updated on April 3, 2024.