← Back to ISTRUCTURE

Privacy Policy

Last updated: 17 July 2026

1. Who we are

ISTRUCTURE ("we", "us") operates a tokenized real-estate investment platform available on the web and as native iOS and Android apps. This policy explains what data we collect, why, and your rights over it.

2. Data we collect

  • Account: name, email, password hash, referral code.
  • KYC: government ID (front/back), proof of address, selfie — retained under AML law.
  • Financial: wallet balances, orders, trades, distributions, tax residency.
  • Device: push tokens, biometric enrolment flag, IP, OS, app version.
  • Usage: pages viewed, actions taken — for security and product analytics.

3. How we use it

To operate your account, execute trades, settle distributions, meet KYC/AML obligations, prevent fraud, send transactional notifications, and improve the product. We do not sell your data.

4. Sharing

With regulated custodians, payment processors (Stripe, Paystack, banks), KYC vendors, cloud infrastructure providers, and law enforcement where legally compelled. Every processor is bound by DPA.

5. Storage & security

Data is encrypted in transit (TLS) and at rest. KYC images sit in a private storage bucket with row-level access controls. Passwords are hashed. Access is audited.

6. Your rights

You can access, correct, export or delete your personal data — email privacy@istructure.app. We honour GDPR, UK-GDPR, and NDPR requests within 30 days. Some records (KYC, transactions) are retained for the statutory period even after account closure.

7. Cookies & analytics

We use strictly-necessary cookies to keep you signed in and lightweight product analytics to detect bugs and abuse. No third-party ad networks.

8. Children

ISTRUCTURE is not for anyone under 18. We do not knowingly collect data from minors.

9. Changes

We'll post updates here and, for material changes, notify you by email or in-app.

10. Contact