Privacy Policy

1. Introduction

This Enterprise-Grade Privacy Policy (“Policy”) describes how Orange Standard LLC (“Orange Standard,” “we,” “our,” “us”) collects, processes, stores, shares, and protects information when individuals (“Users,” “you,” “your”) access our website, platform, Bitcoin custody systems, lending infrastructure, mobile application, or any related services (“Services”).

By accessing the Services, you confirm that you have read, understood, and agreed to this Policy. If you do not agree, you must discontinue the use of the Services immediately.

2. Categories of Information We Collect

Orange Standard collects information required for regulatory compliance, security, operational integrity, and user experience. This includes:

A. Personal Identification

• Full legal name

• Address and residency details

• Date of birth

• Government-issued identification

• Social Security Number (U.S. customers)

• Proof of address documents

B. Financial Information

• Bank account details

• Payment method details

• Bitcoin wallet addresses

• Transaction records

• Loan applications, collateral details, and repayment history

C. Regulatory & Compliance Data

• KYC/AML verification data

• Sanctions screening results

• Politically Exposed Person (PEP) checks

• Fraud-prevention risk scores

D. Technical & Usage Data

• IP addresses

• Device identifiers

• Browser fingerprinting

• Login timestamps

• Platform usage interactions

• Security logs

E. Cookies & Tracking Technologies

• Session cookies

• Authentication tokens

• Analytics tracking

• Behavioral interaction data

F. Communications

• Emails

• Chat messages

• Support requests

• Recorded consent logs

We collect information directly from you and through authorized third-party partners.

3. How We Use Information

We use your information for:

• Identity verification and regulatory compliance

• Transaction processing

• Bitcoin custody operations

• Collateralized loan management

• Security monitoring and fraud prevention

• User communications, alerts, and notices

• Internal analytics, product improvement, and optimization

• Compliance with subpoenas, legal orders, and regulatory requests

• Disaster recovery and backup operations

• Account management and authentication

Orange Standard never sells personal information.

4. Legal Basis for Processing

We process information under the following legal bases:

• Contractual necessity

• Compliance with legal and regulatory obligations

• Legitimate business interest in securing operations

• Protection against fraud and misuse

• Explicit user consent where required

5. How We Share Information

We may share information with:

• Licensed custodians

• Banking and payment partners

• KYC/AML verification vendors

• Fraud detection providers

• Blockchain analytics firms

• Cloud hosting and cybersecurity vendors

• Lending partners

• Regulators, auditors, and law enforcement

We require all partners to maintain strict confidentiality and security standards.

6. International Data Transfers

Your data may be transferred to the United States or other jurisdictions.

We use contractual safeguards, encryption, and compliance frameworks for all international transfers.

7. Data Retention Policy

We retain data as long as necessary to:

• Provide services

• Meet regulatory requirements (including multi-year AML retention requirements)

• Maintain security logs

• Resolve disputes

• Comply with legal obligations

Retention periods may extend beyond account closure.

8. Data Security Measures

We implement enterprise-grade security including:

• Encryption at rest and in transit

• Multi-layer access control

• Zero-trust security architecture

• Geographically distributed data storage

• Real-time intrusion detection

• Firewalls, anti-malware, and DDoS mitigation

• Key access logging and monitoring

• Secure enclaves and hardware-backed signing systems

No system is impenetrable, but we take extensive measures to mitigate risks.

9. User Rights

Depending on jurisdiction, Users may have rights to:

• Access personal data

• Request correction

• Request deletion (subject to regulatory requirements)

• Restrict processing

• Request data portability

• Object to certain processing activities

We may deny requests that conflict with regulatory obligations.

10. Children’s Privacy

We do not knowingly collect data from individuals under 18.

Accounts belonging to minors will be terminated, and data will be purged when legally permissible.

11. Cookies, Tracking, & Analytics

We use cookies and analytics tools for:

• Authentication

• Security

• Platform optimization

• User experience improvement

Users may control cookies through browser settings.

12. Third-Party Links & Integrations

Our site may link to third-party services.

Once you leave Orange Standard’s domain, this Policy no longer applies.

13. Data Breach Response

In the event of a data breach, Orange Standard will:

• Investigate immediately

• Isolate affected systems

• Notify users if legally required

• Cooperate with regulators

• Implement corrective security measures

14. Regulatory Compliance

Orange Standard complies with:

• Bank Secrecy Act (BSA)

• Anti-Money Laundering (AML) regulations

• Office of Foreign Assets Control (OFAC) sanctions programs

• FinCEN MSB rules

• State money transmitter regulations (where applicable)

• Lending compliance rules for applicable states

15. Information for Lending Customers

For customers using Bitcoin-backed loans, we collect and store:

• Collateral information

• Loan agreements

• Margin call history

• Liquidation records

• Repayment information

This data is retained for regulatory and audit purposes.

16. Non-Rehypothecation Guarantee

Orange Standard does not sell, lend, pledge, or rehypothecate customer Bitcoin unless expressly authorized by the User in a loan agreement.

Customer Bitcoin held in custody is never used for operational, investment, or liquidity purposes.

17. Automated Decision-Making

We may use automated systems for:

• Fraud detection

• Risk scoring

• Identity verification

• Transaction monitoring

Users may request a manual review where appropriate.

18. Data Subject Access Verification

We require identity verification before honoring data requests to prevent unauthorized disclosures.

19. Changes to This Privacy Policy

We may update this Policy at any time.

Users will be notified when required by law.

Continued use constitutes acceptance of the updated Policy.

20. Contact Information

Orange Standard LLC

8 The Green

Dover, DE 19901

Email: support@orangestandard.com