Last Updated: February 21, 2026

Arorix Financial, Inc,  referred to as “Arorix,” “we,” “us,” or “our,” values the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and protect information when you access or use our websites, mobile applications, and related services, collectively referred to as the “Services.”

This Policy also describes your rights under applicable United States privacy laws. By using the Services, you agree to the terms of this Privacy Policy.

1. WHO WE ARE

Arorix Financial, Inc is a financial technology company and is not a bank.

Certain financial products and services made available through the Services are provided by one or more third party financial institution partners that are federally insured and regulated. These financial institutions are referred to as “Banking Partners.” Banking Partners may change from time to time. Where required, the applicable Banking Partner will be identified within the Services or in product specific disclosures.

Certain financial information may also be subject to the Gramm Leach Bliley Act and other applicable financial privacy regulations.

1. SCOPE

This Privacy Policy applies to information we collect directly from you, automatically through your use of the Services, and from third parties in connection with providing the Services.

This Policy does not apply to third party websites, applications, or services that we do not control. Banking Partners and other third parties may maintain separate privacy policies governing their own practices.

1. INFORMATION WE COLLECT

We collect information necessary to provide financial services, operate our platform, and comply with legal and regulatory requirements.

1. Identifiers and Contact Information
   We may collect your name, email address, phone number, mailing address, account usernames, and similar identifying information.
2. Government Identification and Verification Information
   We may collect your date of birth, government issued identification, Social Security number or other taxpayer identification number where required, and related verification information. We may also collect identity verification results and fraud or risk indicators generated during onboarding or account monitoring.
3. Financial Information
   We may collect account and card identifiers, transaction details such as merchant name, amount, date and time, balances, payment activity, funding source information, and transfer details. Account numbers are masked or tokenized where appropriate.
4. Business Information
   If you use business features, we may collect business name, entity type, employer identification number, formation details, beneficial ownership information, authorized user information, and business contact details.
5. Device and Usage Information
   We may collect device type, operating system, browser type, IP address, device identifiers, application usage logs, performance data, and diagnostic information. We use cookies and similar technologies as described below.
6. Communications
   We collect information you provide when contacting support or communicating with us through email, chat, SMS, or phone. We may maintain records of those communications.
7. Marketing and Advertising Information
   We may collect information about your marketing preferences, campaign engagement, and how you learned about Arorix.
8. Geolocation
   We may infer approximate location from your IP address for security, compliance, and fraud prevention purposes. We do not intentionally collect precise location data unless clearly disclosed and permitted by you.
9. Information from Third Parties
   We may receive information from Banking Partners, identity verification providers, fraud prevention vendors, compliance and sanctions screening providers, payment processors, card networks, marketing partners, analytics providers, and public sources such as business registries and government watchlists where permitted by law.

1. HOW WE USE INFORMATION

We use personal information for legitimate business and legal purposes, including:

To provide, operate, and improve the Services
To create and administer accounts
To process transactions and enable payments, transfers, and card functionality
To verify identity and business information in connection with KYC and KYB obligations
To comply with anti money laundering, sanctions, tax reporting, and other regulatory requirements
To detect and prevent fraud, unauthorized activity, and security incidents
To communicate with you regarding your account and product updates
To provide marketing communications where permitted by law and subject to your preferences
To enforce our agreements and protect the rights, property, and safety of Arorix and others

Where applicable, we process information to perform our contractual obligations, comply with legal requirements, pursue legitimate business interests, or based on your consent.

1. HOW WE DISCLOSE INFORMATION

We may disclose personal information in the following circumstances:

Banking Partners and Regulated Financial Partners
We share information with Banking Partners and related regulated partners as necessary to provide financial services, conduct identity verification, and meet compliance obligations.

Service Providers
We engage service providers to operate and support the Services. These providers may include cloud hosting providers including Amazon Web Services, data storage providers, logging and monitoring services, identity verification vendors, fraud detection providers, analytics tools, customer support systems, and marketing communication platforms. Service providers are contractually obligated to safeguard information and use it only for authorized purposes.

Payment Networks and Ecosystem Participants
We may share information with card networks, payment processors, settlement providers, wallet providers, and counterparties as necessary to complete transactions.

Legal and Regulatory Requirements
We may disclose information to regulators, law enforcement, courts, or government authorities when required or permitted by law, including in response to subpoenas, court orders, or lawful requests.

Corporate Transactions
In the event of a merger, acquisition, restructuring, financing, or sale of assets, personal information may be disclosed as part of that transaction subject to confidentiality protections and applicable law.

With Your Direction
We may share information when you direct or authorize us to do so.

Aggregated or Deidentified Information
We may disclose aggregated or deidentified information that cannot reasonably identify you.

We do not sell personal information for monetary consideration.

1. COOKIES AND ANALYTICS

We use cookies, software development kits, and similar technologies to operate the Services, maintain security, understand usage patterns, and measure marketing performance.

Some browsers offer a Do Not Track setting. We do not respond to Do Not Track signals because there is no uniform industry standard.

1. MARKETING COMMUNICATIONS

You may opt out of marketing emails by using the unsubscribe link in the message. We may continue to send transactional or service related communications.

If you provide your phone number, we may send service related text messages such as verification codes and security alerts. Marketing text messages will be sent only where permitted by law and subject to opt in where required. You may opt out of marketing text messages by following the instructions in the message. Message and data rates may apply.

Push notifications may be managed through your device settings.

1. DATA RETENTION

We retain personal information for as long as reasonably necessary to provide the Services, maintain records, comply with regulatory obligations, prevent fraud, resolve disputes, and enforce agreements. Financial services regulations, including anti money laundering requirements, may require retention of certain records after account closure.

1. SECURITY

We implement administrative, technical, and physical safeguards designed to protect personal information. These measures include access controls, encryption in transit, and security monitoring.

No method of transmission or storage is completely secure. You are responsible for protecting your login credentials.

In the event of a data security incident involving personal information, we will provide notice as required by applicable law.

1. INTERNATIONAL USERS

Arorix is based in the United States. If you access the Services from outside the United States, you understand that your information may be processed and stored in the United States and other jurisdictions where our service providers operate.

1. CHILDREN

The Services are not intended for individuals under eighteen years of age. We do not knowingly collect personal information from minors.

1. CHANGES TO THIS POLICY

We may update this Privacy Policy periodically. Updates will be posted within the Services with a revised Last Updated date. Continued use of the Services after updates constitutes acceptance of the revised Policy.

1. CONTACT INFORMATION

Arorix Financial, Inc
Email: support@arorix.com
Privacy Requests: support@arorix.com with “Privacy Request” in the subject line

STATE PRIVACY RIGHTS

Residents of certain U.S. states may have rights to access, correct, delete, or obtain a copy of personal information, and to opt out of certain targeted advertising or profiling practices, subject to legal exceptions. California residents may have additional rights under the California Consumer Privacy Act as amended.

We collect and disclose categories of personal information described in this Policy for the purposes of providing financial services, maintaining security, complying with law, and conducting marketing where permitted.

To submit a privacy request, contact support@arorix.com with the subject line “State Privacy Request.” We will verify your identity before processing requests and may request additional information for verification purposes. Where permitted by law, you may designate an authorized agent.

If we deny your request and your state provides a right to appeal, you may submit an appeal by replying with “Appeal” in the subject line.