GLBA Privacy Notice
Privacy Policy for D'Fi Financial Services
Last updated: May 2, 2026
This privacy notice is provided by D-Fi Financial Technologies LLC in connection with the financial products and services offered under the D'Fi brand.
Facts: What Does D'Fi Do With Your Personal Information?
| Reasons we can share your personal information | Does D'Fi share? | Can you limit this sharing? |
|---|---|---|
| For our everyday business purposes such as processing transactions, maintaining your account, responding to legal orders, and reporting to credit bureaus or regulators | Yes | No |
| For our marketing purposes to offer our financial products and services to you | No | Not shared |
| For joint marketing with other financial companies | Yes | No |
| For our affiliates' everyday business purposes about your transactions and experiences | Yes | No |
| For our affiliates' everyday business purposes about your creditworthiness | Yes | No |
| For our affiliates to market to you | No | Not shared |
| For nonaffiliates to market to you | No | Not shared |
If sharing practices change, D-Fi Financial Technologies LLC will update this notice and provide any legally required choice mechanisms.
What Information We Collect
- Identifiers and account data: name, email, phone number, username, cash handle, and account credentials.
- Financial information: balances, transaction records, payment method metadata, Stripe customer IDs, cardholder IDs, virtual card status, and Treasury/payment transfer records.
- Identity verification data: date of birth, SSN, address details, and identity verification session results handled through Stripe Identity.
- Crypto and wallet data: wallet addresses, blockchain transaction hashes, and crypto transfer activity for supported assets.
- Operational and security data: IP/device signals, login or verification event logs, fraud/risk indicators, and API request metadata.
- Communications data: support messages plus verification and security communications (email/SMS/push).
How We Collect Information
- Directly from you when you sign up, complete KYC, link payment rails, or submit support requests.
- From your transactions with us and with integrated financial service providers.
- From service providers and counterparties that support identity checks, payments, messaging, and blockchain operations.
- From your device and app events needed for security, fraud prevention, and service reliability.
How We Use and Share Information
- To open and service accounts, process card and transfer operations, and operate crypto and USDD workflows.
- To authenticate users, perform KYC/AML checks, and prevent fraud, abuse, and unauthorized access.
- To communicate account and security notices (for example, verification codes, confirmations, and alerts).
- To engage in joint marketing arrangements with other financial companies where permitted by law and consistent with this notice.
- To share with our affiliates for their everyday business purposes related to your transactions, experiences, and creditworthiness where permitted by law.
- To comply with legal obligations, court orders, law enforcement requests, and regulatory requirements.
- To work with processors and infrastructure providers such as payment processors, identity vendors, SMS/email providers, cloud hosting/storage providers, and analytics/security tooling under contractual confidentiality and data protection obligations.
We do not sell nonpublic personal information.
Non-Custodial Wallets
D'Fi assigns decentralized, non-custodial crypto wallets at signup. You control the private keys, seed phrases, and recovery details for those wallets. D'Fi does not store, manage, or control wallet access, and we cannot recover funds if wallet credentials are lost, deleted, forgotten, or compromised.
Your responsibility includes keeping recovery phrases, backup files, and other access credentials secure and available so you can restore your wallets when needed.
How D'Fi Protects Information
We maintain administrative, technical, and physical safeguards designed to protect nonpublic personal information. These include access controls, authenticated service integrations, encryption in transit, role-based permissions, and monitoring/logging controls. No system is guaranteed to be completely secure.
Retention
We retain information for as long as needed to provide services, meet financial recordkeeping obligations, resolve disputes, enforce agreements, and satisfy legal/regulatory duties. Certain account, transaction, and identity verification records may be retained after account closure as required by law.
Former Customers
We continue to protect former customers' nonpublic personal information under this policy and applicable law.
Children's Privacy
D'Fi financial services are intended for users age 18 and older. We do not knowingly offer financial products to children.
State and Other Rights
Depending on where you live, you may have additional rights under state privacy laws (for example, rights to request access, correction, or deletion of certain personal data). Those rights are subject to legal exceptions, including financial recordkeeping and fraud prevention requirements.
Changes to This Privacy Policy
We may update this policy from time to time. We will update the date at the top of this page and provide additional notice when required by law.
Questions and Contact
Email: support@dfi.cash
Web: https://dfi.cash
Legal entity: D-Fi Financial Technologies LLC
Mailing address: 4801 Glenwood Avenue Suite 200 PMB 302, Raleigh, NC 27612.