Privacy Policy
Upfrontly FZ-LLC Privacy Policy
Effective Date: January 3, 2026 Last Updated: January 3, 2026
Upfrontly FZ-LLC (the "Company," "we," "us," or "our"), a company incorporated in the United Arab Emirates (UAE), is committed to protecting your privacy and handling your personal information responsibly. This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information when you visit our website (the "Website"), use our services (including payout acceleration and advance features), or otherwise interact with us.
We provide embedded financial services that enable early access to platform earnings. This involves processing sensitive financial and payout data from third-party platforms. We comply with applicable data protection laws, including the UAE Federal Decree-Law No. 45/2021 on the Protection of Personal Data (PDPL), the General Data Protection Regulation (GDPR) where applicable (e.g., for EU residents), and other relevant regulations such as the Gramm-Leach-Bliley Act (GLBA) for certain financial information.
By using our Website or services, you consent to the practices described in this Privacy Policy. If you do not agree, please do not use our services.
1. Information We Collect
We collect information in the following ways:
Information You Provide Directly:
Contact details (name, email, phone number, business address)
Identification information (for verification, e.g., government ID where required)
Financial and business information (bank account details for fund delivery, business registration)
Platform credentials or authorizations (to ingest payout statements securely)
Information from Platform Integrations:
Payout statements, earnings history, gross/net amounts, refunds, chargebacks, and hold-backs (ingested via APIs, CSVs, or JSON from partnering platforms with your consent)
Verified payout history for eligibility and pricing of advances
Automatically Collected Information:
Device and usage data (IP address, browser type, pages visited, time spent)
Cookies and similar technologies (for analytics, security, and functionality; see our Cookie Policy for details)
Information from Third Parties:
Data from partnering platforms (with your explicit authorization)
Credit and risk data from capital partners or service providers (e.g., TradeVector for payment orchestration)
Publicly available information for compliance (e.g., sanctions screening)
We minimize collection to what is necessary for providing services, underwriting, repayment netting, and compliance.
2. How We Use Your Information
We use your information to:
Provide and improve services (e.g., determine advance eligibility, deliver funds via ACH/RTP, automate repayment netting)
Underwrite and price advances based on verified payout history
Prevent fraud, assess risk, and comply with anti-money laundering (AML) and know-your-customer (KYC) requirements
Communicate with you (service updates, offers, disclosures)
Analyze usage and improve our Website/services
Comply with legal obligations (e.g., reporting, audits)
We process sensitive financial data (e.g., payout statements) solely for service delivery and repayment, without selling it or using it for unrelated purposes.
3. Legal Bases for Processing (Where Applicable, e.g., GDPR)
Contract: To fulfill our agreement with you (e.g., providing advances)
Consent: For optional features or marketing (revocable at any time)
Legitimate Interests: For fraud prevention, analytics, and service improvement (balanced against your rights)
Legal Obligation: For compliance with laws
4. Sharing Your Information
We share information only as necessary:
With Partnering Platforms: Limited data for integration and repayment netting (no recourse to platforms)
With Capital and Service Providers: E.g., Obsidian Creek Capital (credit sponsor), TradeVector (payment/reconciliation infra), bld.ai (engineering), and institutional lenders (for funding advances; off-balance-sheet structure)
With Payment Rails: Banks or processors for fund delivery/repayment
For Legal Reasons: To comply with laws, respond to authorities, or protect rights/safety
Business Transfers: In case of merger/acquisition (your data would remain protected)
We require third parties to protect your data via contracts (e.g., Data Processing Agreements) and limit use to specified purposes.
5. International Data Transfers
As a UAE-incorporated company with global operations, we may transfer data to countries outside the UAE or EEA. We use safeguards like Standard Contractual Clauses, adequacy decisions, or equivalent measures to ensure protection.
6. Data Security
We implement robust security measures, including:
Encryption (in transit and at rest)
Access controls and institutional-grade infrastructure (via TradeVector)
Regular audits and compliance with standards (e.g., ISO 27001 equivalents)
No system is impenetrable; we notify you and authorities of breaches as required by law.
7. Data Retention
We retain information as long as needed for services, legal compliance, or dispute resolution (typically 7 years for financial records). We securely delete or anonymize data when no longer required.
8. Your Rights
Depending on your location, you may have rights to:
Access, correct, or delete your data
Restrict or object to processing
Data portability
Withdraw consent
Opt-out of marketing
For UAE/EU residents: Contact our Data Protection Officer. We respond within applicable timelines (e.g., 30 days under GDPR).
US residents: Additional rights under state laws (e.g., CCPA opt-out of "sales").
To exercise rights, email [insert privacy contact email].
9. Children's Privacy
Our services are not for individuals under 18. We do not knowingly collect data from children.
10. Changes to This Policy
We may update this Policy. Significant changes will be notified via email or Website notice. Continued use constitutes acceptance.
11. Contact Us
Questions or requests: Email: privacy@upfrontly.com Address: Upfrontly FZ-LLC, [UAE Free Zone Address]
