Privacy Policy

Fire Labs, Inc. Privacy Policy

Last updated: July 23, 2025

1. Introduction

Fire Labs, Inc. (“Fire Labs,” “we,” “our,” or “us”) builds financial‑technology, AI, and developer tools—including stable‑asset in frastructure, payment processing, and software‑as‑a‑service (SaaS) platforms. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit firelabs.com or any site, mobile application, or service that links to it (together, the “Services”). It also describes your privacy rights and how you can exercise them.

Not legal advice: This Policy is provided for informational purposes only. You should consult qualified counsel to ensure compliance with all applicable laws.

2. Scope

This Policy applies to information we process about:

  • Visitors to our marketing website(s).
  • Individuals who create accounts, subscribe to newsletters, join wait‑lists, or otherwise interact with our Services.
  • Business contacts at banks, card‑issuing partners, merchants, developers, and other counterparties.

It does not apply to workforce applicants or employees (see our HR privacy notice) or to third‑party websites that link to/from our Services.

3. Information We Collect

CategoryExamplesSource
Identifiers & contact dataName, email, phone number, usernameYou provide; partners
Financial & transactional dataCard digits, billing address, wallet, rewardsYou; bank; blockchain records
Commercial dataPurchase history, subscription tierGenerated by your use
Technical dataIP address, browser, cookies, session logsCollected automatically
Geolocation & inferenceCity, region, user segmentationDerived from other data

We do not intentionally collect information about children under 13, nor do we process “sensitive” data (e.g., health, biometric) except where required for regulated onboarding.

4. How We Use Information

PurposeLawful basis (GDPR/UK GDPR)
Provide, secure, and troubleshoot the Services; authenticate users; process payments and stable‑asset transactions.Performance of a contract; Legitimate interests.
Issue digital payment cards, operate the BankCoin ecosystem, manage liquidity, calculate and distribute FireLabsYieldToken rewards.Performance of a contract; Legal obligation.
Develop new features, conduct analytics, machine‑learning training, and product research (e.g., improving approval rates, optimizing blockchain settlement).Legitimate interests (to innovate, detect fraud, and provide reliable services).
Send administrative emails, technical notices, policy updates, and—if you opt‑in—marketing communications about Fire Labs products or partner integrations.Legitimate interests; Consent (for certain marketing).
Comply with KYC/AML, sanctions, tax, and other legal or regulatory obligations.Legal obligation.
Protect rights, safety, and property of Fire Labs, users, and the public; detect and prevent fraud or abuse.Legitimate interests; Legal obligation.
Execute corporate transactions (e.g., merger, acquisition, financing).Legitimate interests.

We do not intentionally collect information about children under 13, nor do we process “sensitive” data (e.g., health, biometric) except where required for regulated onboarding.

5. Disclosure of Information

We share information only as necessary:

  • Service providers & sub‑processors(cloud hosting, analytics, email delivery, identity verification, card fulfillment, blockchain node operators) bound by confidentiality and data‑protection commitments.
  • Banking & card‑network partners(principal Visa/Mastercard issuer/acquirer), liquidity providers, and regulators for transaction settlement and compliance.
  • Affiliates & subsidiaries such as Future Solutions LLC (merchant acquiring) and Fire Dev (software development) for integrated services
  • Law enforcement or regulators when required by law or to protect legal rights.
  • Business transfereesif we engage in a merger, acquisition, or asset sale (your information will remain subject to this Policy or a successor policy with materially similar protections).

We do not sell your personal data for money. Under California law, we also do not “share” it for cross‑context behavioral advertising without opt‑in consent.

6. Cookies & Tracking Technologies

We and our partners use cookies, local storage, and similar technologies to:

  1. Authenticate sessions and prevent fraud.
  2. Remember preferences (e.g., dark/light mode).
  3. Measure site performance and usage patterns (Google Analytics, LogRocket, etc.).
  4. Market Fire Labs products via retargeting (only where permitted and with consent where required).

You may disable non‑essential cookies via our Cookie Banner or your browser settings. Doing so may limit functionality.

7. Your Rights & Choices

RegionRights
EEA/UK/SwitzerlandAccess, rectify, erase, restrict, object, data portability, lodge a complaint with a supervisory authority.
CaliforniaKnow, delete, correct, opt‑out of “sale”/“sharing,” limit sensitive data.
Other U.S. states (e.g., Virginia, Colorado)Similar rights to access, delete, correct, opt‑out of targeted advertising and profiling.

To exercise rights, email privacy@firelabs.com or use our self‑service portal. We will verify your identity before actioning requests.

8. Data Security

We apply administrative, technical, and physical safeguards—such as end‑to‑end encryption, role‑based access controls, and continuous monitoring—to protect information. No internet transmission, however, is 100 % secure.

9. Data Retention

We retain information only as long as necessary to fulfill the purposes outlined in this Policy, satisfy legal obligations (e.g., BSA/AML record‑keeping), resolve disputes, enforce agreements, or as otherwise permitted by law.

10. International Transfers

Fire Labs is headquartered in the United States. If you are outside the U.S., we transfer and process your information there and in other countries where we or our service providers operate. For transfers from the EEA/UK/Switzerland, we rely on:

  • Adequacy decisions (where applicable);
  • Standard Contractual Clauses (SCCs) with supplementary safeguards.
  • Other legally recognized transfer mechanisms.

11. Children’s Privacy

Our Services are not directed to children under 13 (or under 16 in the EEA). If we learn we have collected personal data from a child without parental consent, we will delete it promptly.

12. Third‑Party Links

Our Services may link to third‑party sites (e.g., developer documentation, card‑network resources). We are not responsible for their privacy practices. Review the privacy policies of any site you visit.

13. Changes to This Policy

We may update this Policy periodically. If changes are material, we will notify you (e.g., via email or banner) and indicate the “Last updated” date. Continued use of the Services after the update constitutes acceptance.