Privacy Policy

Last updated: July 1, 2026

01 Overview and Definitions

Rombex is a company incorporated in Nigeria and the United Kingdom, with its registered office at 37 Torkildsen Way, Harlow, England, CM20 1AU. We are committed to complying with applicable data protection laws, including the UK GDPR, the Data Protection Act 2018, the Nigeria Data Protection Regulation (NDPR), and Canada's Personal Information Protection and Electronic Documents Act (PIPEDA). This Privacy Policy explains how and why we collect, store, use, and share your Personal Data in connection with our financial infrastructure for fiat and stablecoin collections.

Rombex's Role

Depending on the activity, Rombex acts as a 'data controller' or 'data processor.' We are the controller of the Personal Data obtained via our Services to provide them to you. We act as a data processor for Personal Data needed by Rombex Partners to provide their services.

Key Definitions

Financial Infrastructure refers to the systems and partnerships Rombex uses to provision bank details, facilitate fiat-to-stablecoin conversions, and manage cross-border collections. Automated Decision-Making refers to technology used to verify identities (KYC/KYB) or assess fraud risks without human intervention. Personal Data means any data relating to an identified or identifiable living individual. Services refers to the Rombex website, APIs, software systems, and financial services made available to users.

02 Personal Data Collection

To perform our Services, verify your identity, and comply with AML/KYC/KYB regulations, we collect Identity & Business Data (name, email, address, date of birth, tax ID, and business registration/beneficial ownership details), Financial Data (fiat bank account information, stablecoin wallet addresses, and source of funds documentation), and Technical & Usage Data (IP addresses, device information, GPS/location data, and interaction logs). We collect data directly from you, from Rombex Partners who share data with your permission, and from third-party identity verification services and public records.

03 Personal Data Use & Financial Services

We process data based on your consent, to comply with legal and regulatory obligations, to perform our contract with you, and for our legitimate business interests. We use your data to provision bank details for fiat and stablecoin collections, which involves sharing necessary data with our banking partners and liquidity providers to facilitate global settlements. We utilize automated systems for security and fraud prevention. If you are significantly affected by an automated decision, you have the right to request a manual review by contacting us at info@rombex.com.

04 Disclosure of Information

We share Personal Data with Other Rombex Group companies to assist in performing our Services, Financial & Liquidity Partners (banks, payout providers, crypto exchanges) to facilitate transactions, Service Providers (hosting, analytics, identity verification, and fraud detection), and Regulators & Law Enforcement as required by law or to protect against illegal activity.

05 International Transfers

Rombex operates globally. Where we transfer Personal Data across borders (e.g., from the UK/EEA to the US, Canada, or Nigeria), we ensure it is protected via Standard Contractual Clauses, adequacy decisions, or other legally permitted safeguards to maintain GDPR standards.

06 Safeguards & Security

We maintain administrative, technical, and physical safeguards, including SSL/TLS encryption, to protect your Personal Data. In the event of a significant data breach that poses a risk to your rights, we will notify you and the relevant supervisory authority without undue delay.

07 Data Retention

We retain Personal Data for as long as is necessary to fulfill the purposes for which it was collected, to address potential legal claims, and to satisfy our AML/KYC/KYB legal and regulatory obligations.

08 Your Rights

You have the right to access, rectify, or erase your data, request data portability, withdraw consent, and object to or restrict processing. To exercise these rights, or to contact our Data Protection representative, please email info@rombex.com. You may also lodge a complaint with the UK Information Commissioner's Office (ICO) or your local supervisory authority.

09 Children's Data

Our Services are intended for professional and business use. We do not knowingly collect Personal Data from individuals under the age of 18.

10 Cookies

We use Essential, Functional, Performance, and Analytics cookies, along with Web Beacons, to operate our Services and improve user experience. You can manage these via your browser settings or the link on our homepage.