Privacy Policy

1. Identity of the Data Controller

The entity responsible for the collection and processing of personal information described in this Policy is DIRE MONEY TRANSMITTER LLC, a limited liability company registered in the United States. Our principal place of business is located at 9000 Renton Ave S Unit 1, Seattle, WA 98118. You may contact us regarding privacy matters by email at support@aurelionis.org or by mail at the address above. For inquiries directed to our Fort Worth office, please use 200 W Rosedale St, Fort Worth, TX 76104, or call +1 817 877 0708.

2. Categories of Personal Information Collected

We collect personal information in several categories depending on the nature of your interaction with us. Website visitors who browse without creating an account may have certain technical information collected automatically, including IP address, browser type and version, operating system, referring URL, pages visited, and timestamps of access. This information is collected through server logs and, where applicable, cookies and similar technologies as described in our Cookie Policy.

Individuals who submit inquiries through our contact form provide their name, email address, and the content of their message. This information is collected for the purpose of responding to the inquiry and is not used for any other purpose without separate notice.

Account applicants and account holders are required to provide substantially more information as part of our Customer Identification Program under the Bank Secrecy Act and USA PATRIOT Act. This includes, but is not limited to, full legal name, date of birth, residential address, government-issued identification document number and type, and taxpayer identification number where applicable. For business accounts, entity formation information, beneficial ownership details, and authorized representative identification are also collected. This information is collected as a legal requirement and cannot be waived.

In the course of providing exchange and wallet services, we collect transaction data including transaction amounts, asset types, timestamps, wallet addresses, and counterparty information where relevant. This data is maintained as required by the Bank Secrecy Act and applicable state regulations.

3. Purposes of Processing and Legal Bases

We process personal information for the following purposes. First, to fulfill our legal obligations as a registered Money Services Business under FinCEN, including compliance with the Bank Secrecy Act (31 U.S.C. 5311 et seq.), the USA PATRIOT Act (Public Law 107-56), FinCEN's Customer Due Diligence rule (31 C.F.R. Part 1010), and applicable state money transmission statutes. These obligations include customer identification, beneficial ownership verification, transaction monitoring, suspicious activity reporting, and currency transaction reporting where thresholds are met. Compliance with these obligations is not optional and constitutes a legal basis for processing that cannot be overridden by individual preference.

Second, to operate and improve the Aurelionis website and platform. Technical information collected automatically is used to maintain site security, diagnose technical issues, and understand aggregate usage patterns. Third, to respond to inquiries submitted through our contact form or by email or telephone. Fourth, to communicate with account holders regarding account status, required documentation, transaction confirmations, and regulatory notices. Fifth, to detect and prevent fraud, money laundering, and other unlawful activity in accordance with our AML program.

4. Disclosure of Personal Information to Third Parties

We do not sell personal information. We do not share personal information with third parties for their own marketing purposes. We may disclose personal information in the following circumstances.

To regulatory and law enforcement authorities as required by law. This includes mandatory reporting to FinCEN under the Bank Secrecy Act, responses to lawful subpoenas, court orders, and regulatory examinations, and cooperation with federal and state law enforcement agencies investigating financial crime. These disclosures are not optional and do not require your consent.

To service providers who assist us in operating the platform and fulfilling our regulatory obligations. These include identity verification service providers, technology infrastructure providers, and compliance software vendors. Service providers are contractually required to use personal information only for the purposes for which it was disclosed and to maintain appropriate security measures.

In connection with a merger, acquisition, or sale of all or substantially all of our assets, personal information may be transferred to the acquiring entity, subject to the same privacy obligations described in this Policy.

5. Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this Policy and to comply with our legal obligations. Records required under the Bank Secrecy Act, including customer identification records and transaction records, are retained for a minimum of five years as required by 31 C.F.R. Part 1010. Records related to suspicious activity reports are retained for a minimum of five years from the date of filing. Account records for inactive or closed accounts are retained for the period required by applicable federal and state law.

Technical information collected through website logs may be retained for shorter periods, typically no more than twelve months, unless a specific legal basis requires longer retention. Inquiry records submitted through the contact form are retained for a period sufficient to resolve the inquiry and for a reasonable period thereafter.

6. Security Measures

We implement technical and organizational measures designed to protect personal information against unauthorized access, disclosure, alteration, and destruction. These measures include encryption of data in transit using industry-standard protocols, access controls limiting access to personal information to personnel with a need to know, regular review of security practices, and vendor security assessments for third-party service providers handling personal information on our behalf.

No security measure is impenetrable. We cannot warrant that personal information will never be accessed by unauthorized parties, and we disclaim liability for security incidents that result despite reasonable precautions. In the event of a data breach affecting your personal information, we will notify you as required by applicable law.

7. California Privacy Rights (CCPA/CPRA)

California residents have specific rights under the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act of 2020. These rights include the right to know what personal information we collect, use, disclose, and sell about you; the right to request deletion of personal information we have collected from you, subject to exceptions including our legal obligations as a Money Services Business; the right to correct inaccurate personal information; the right to opt out of the sale or sharing of personal information (we do not sell personal information); the right to limit the use and disclosure of sensitive personal information; and the right to non-discrimination for exercising these rights.

To exercise your California privacy rights, please submit a verifiable consumer request to support@aurelionis.org. We will respond to verifiable requests within 45 days as required by law, with a possible extension of an additional 45 days where reasonably necessary. Please note that certain information collected in connection with our regulatory obligations as a Money Services Business may be exempt from deletion requests under applicable law.

8. Rights of Residents of Other States

Residents of Virginia, Colorado, Connecticut, Texas, and other states with enacted comprehensive consumer privacy laws may have rights similar to those described above, including rights to access, correct, delete, and port personal information, and to opt out of certain processing activities. The specific rights available depend on the law of your state of residence. To exercise applicable rights, please contact us at support@aurelionis.org with your state of residence and a description of the right you wish to exercise. We will respond in accordance with applicable state law.

9. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. Account opening requires identity verification that confirms the applicant meets the minimum age requirement. If we become aware that we have inadvertently collected personal information from a person under 18, we will take steps to delete that information promptly.

10. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies. The categories of cookies used, the purposes for which they are used, and your options for managing cookie preferences are described in our Cookie Policy, available at aurelionis.org/cookies.html. Your cookie preferences can be adjusted at any time through the cookie consent interface available on our website.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, applicable law, or regulatory requirements. When we make material changes, we will update the "Last Updated" date at the top of this Policy. Continued use of aurelionis.org after the effective date of any update constitutes acknowledgment of the updated Policy. We encourage you to review this Policy periodically.

12. Contact for Privacy Inquiries

For questions, requests, or concerns regarding this Privacy Policy or our data practices, please contact DIRE MONEY TRANSMITTER LLC at: Email: support@aurelionis.org. Mail: DIRE MONEY TRANSMITTER LLC, 9000 Renton Ave S Unit 1, Seattle, WA 98118. We will acknowledge receipt of privacy inquiries within a reasonable time and respond substantively as required by applicable law.