Effective Date: 07 November, 2025 

This Privacy Policy describes how Ryze India Advisory Solutions Private Limited and its subsidiaries, affiliates, agents and assigns (collectively, “Ryze,” “we,” or “us”) collect, use, disclose, and otherwise process personal information associated with a specific person as well as information that, in isolation, cannot be directly associated with a specific person or entity. This Privacy Policy applies to information we collect when you access or use any of our Site, and other online products and services offered through Ryze, including Zyne Card, that link to this Privacy Policy (collectively, “Services”), or when you otherwise interact with us, such as through our customer support channels or on social media. We may provide different or additional notices of our privacy practices for certain offerings or activities in which case those notices will supplement or replace the disclosures in this Privacy Policy. This Privacy Policy applies only to our processing activities and not to any other financial institution or other third party that you interact or contract with as part of the Services. 

This Privacy Policy is applicable to the extent we process personal information as defined under applicable law for the purposes of the Services. Please note that these Services are targeted at business entities accordingly, do not provide any personal information unless requested by us as part of the services. 

This Privacy Policy is subject to Terms and Conditions and is an integral part of the same. 

Your personal privacy is important to us. In furtherance of our commitment to this Policy, our Privacy Program has focused on compliance with applicable privacy laws including but not limited to the California Consumer Privacy Act as amended (“CCPA”), the Illinois Biometric Information Privacy Act (“BIPA”), and the Gramm-Leach-Bliley Act (“GLBA”).  

We may change this Privacy Policy from time to time and the same are effective once published here. If we make changes, we will notify you by revising the date at the top of this Privacy Policy. If we make material changes, we will provide you with additional notice (such as by adding a statement to the Services or sending you a notification). We encourage you to review this Privacy Policy regularly to stay informed about our information practices and the choices available to you.

1. COLLECTION OF INFORMATION  

The information we collect about you depends on how you use the Services or otherwise interact with us. In this section, we describe the categories of information we collect and the sources of this information.

1. Information You Provide to Us  

We collect information you provide directly to us. For example, we collect information directly from you when you create an account, fill out a form, sign up to receive communications from us, request customer support, or otherwise communicate with us. The types of information that we collect directly from you include:  

• Name and contact information of the business, such as name, email address, postal address, and phone number;  

• Nature of business i.e. sole proprietorship, partnership, company; 

• Government-issued identifiers, such as your social security number (for self-employed individuals or sole proprietorship),  registrations, incorporation related documents, taxpayer identification number;  

• Business related information such as employee information, business expense related information; 

• Financial Account Information, such as the names of the financial institutions where you have your checking accounts, balances, transactions, as may be provided to us by open banking service providers like Finicity, subject to your consent;  

• Payment Information, we engage a third-party payment processor to collect and process information such as payment method and related information like account number and routing number, account type, security codes, and expiration date; and  

• Other Information you choose to provide directly to us, such as information about you contained in your communications with us. 

2. Information We Collect Automatically  

We automatically collect information about your interactions with us or the Services, including: 

• Transaction Information: When you complete a transaction through the Services, such as by using one of the card products, we collect information about the transactions, such as the merchant you transacted with, the merchant’s location, transaction amount, and date of the transaction.  

• Device, Usage, and Activity Information: We collect information about how you access the Services, including data about the device and network you use,your hardware model, operating system version, mobile network, IP address, unique device identifiers, browser type, app version, session data, biometric and mobile data (including images obtained from your camera, microphone, photo library, contacts, biometric authentication, or device advertising IDs (IDFA/GAID)).  

• Audio Recordings and Chat Content: If you contact customer service through our chat feature or by phone, we may monitor and retain those conversations. We also maintain digital communication logs that track information like your phone number, calling-party number, forwarding numbers, time and date of calls, duration of calls, SMS routing information and types of calls. 

• Precise Geolocation Information: With your consent, we may collect information about the precise location of your device. You may stop the collection of precise location information at any time (see the Your Privacy Choices section below for details).  

• Information Collected by Cookies and Similar Tracking Technologies: We use tracking technologies, such as cookies, pixels, SDKs, and session replay, to collect information about your interactions with the Services and our marketing communications. For more information about the cookies and other tracking technologies we use, and the choices available to you, see the Targeted Advertising and Analytics and the Your Privacy Choices sections below. 

3. Information We Collect from Other Sources  

We obtain information from other sources. For example, we may collect information from credit reporting agencies; open banking service providers like Finicity, financial institutions that you use; companies that connect the Services to the financial institutions you use; service providers that support offers and rewards programs; payment processors; and fraud detection services, data analytics providers, our affiliates or business partners, based on information that has already been shared with or made available to them. By using our Service, you grant Ryze and our bank partners, the right, power, and authority to act on your behalf to access and transmit your personal and financial information from the relevant financial institution.

Further, certain online service providers or business partners that associate with our services may implement technologies that allow for the collection of personal information over time and across websites. We recommend that you review each privacy policy posted on the websites that you visit to better understand privacy practices on those websites.  

4. Information We Derive  

We may derive information or draw inferences about you based on the information we collect. For example, we may make inferences about your approximate location based on your IP address or infer which of the Services may be of interest to you. 

5. Notice About Biometric Information  

If you choose to use features of our Services that involve biometric identifiers or biometric information (collectively, “Biometric Data”)—such as facial recognition, fingerprint authentication, or voice recognition—we will collect and process this information solely for the purposes of verifying your identity, enhancing account security, or enabling specific product features. 

Before collecting Biometric Data, we will provide you with written notice and obtain your explicit written consent, as required under BIPA and other applicable laws. You may decline to provide Biometric Data, though certain features of the Services may not be available without it. Biometric Data will not be sold, leased, traded, or otherwise profited from. We will not disclose Biometric Data to third parties unless required to provide the Services, with your consent, or as required by law.  

We will retain Biometric Data only until the initial purpose for collecting it has been satisfied or within three (3) years of your last interaction with the Services, whichever occurs first. Thereafter, Biometric Data will be permanently destroyed.  

2. USE OF INFORMATION  

We use the information we collect to:  

• Provide, maintain, and improve the Services and develop new products and services;  

• Provide and administer the rewards and offers program(s);  

• Process payments that you authorize or initiate; 

• Personalize your experience with us;  

• Communicate with you and send you technical notices, security alerts, support messages, and other transactional or relationship messages;  

• Send you marketing communications (see the Your Privacy Choices section below for information about how to opt out of these communications at any time);  

• Target advertisements to you on third-party platforms and websites (for more information and to opt out, see the Targeted Advertising and Analytics section below);  

• Monitor and analyze trends, usage, and activities in connection with the Services;  

• Detect, investigate, respond to, prosecute, and help protect against security incidents and other malicious, deceptive, fraudulent, or illegal activity, and help protect the rights and property of Ryze and others; and  

• Verify your identity and comply with our legal and financial obligations. This includes sharing information with our service providers and partners as necessary for them to fulfill their own legal compliance requirements, such as anti-money laundering (“AML”), know-your-customer (“KYC”), fraud prevention, and other regulatory reporting obligations.

3. TARGETED ADVERTISING AND ANALYTICS  

We engage others to provide analytics services, serve advertisements, and perform related services across the web. To do this, we and these third parties may use cookies, web beacons, SDKs, device identifiers, and other technologies to collect information about your use of the Services and other websites and mobile apps, such as your IP address, media access control ("MAC") numbers, which may be considered personal information in certain countries or geopolitical regions including the European Union (“EU”), the number of times a user visits the Site, accesses, operating system, browser type, screen resolution, and the locations of the web pages the user views right before arriving at, while navigating and immediately after leaving the Site, web browser and mobile network information, pages viewed, time spent on pages or in mobile apps, links clicked, and conversion information. We analyze personal information gathered from users of the Site to help us better understand how the Site is being used. By identifying patterns and trends in usage, Ryze is able to better design the Site to improve users' experiences, both in terms of content and ease of use. From time to time, Ryze may also release the non–personal information gathered from Site users in the aggregate, such as by publishing a report on trends in the usage of the Site. 

You have a variety of tools to control cookies, web beacons and similar technologies, including browser controls to block and delete cookies and controls from some third-party analytics service providers to opt out of data collection through web beacons and similar technologies. Your browser and other choices may impact experiences with our Services. The activities described in this section may constitute “targeted advertising,” “sharing,” or “selling” under certain privacy laws. See Additional Information for Individuals Residing in Certain U.S. States below for details.

4. DISCLOSURES OF INFORMATION  

We disclose personal information as described in the Targeted Advertising and Analytics section above and in the following scenarios:

• Vendors and Service Providers. We disclose personal information to our vendors, service providers, contractors, and consultants who perform services for us, such as companies that assist us with web hosting, payment processing, fraud prevention, identity verification, customer service, professional advisors (e.g., legal, financial, and insurance advisors), analytics, and marketing.  

• Open Banking Service Providers. We disclose your information with open banking service providers like Finicty to link your bank accounts and enable us to gather and verify information about your financial accounts, including obtaining your authority and right to access these accounts, as well as managing and initiating transactions involving your accounts.

• Financial Institutions. We disclose information about you to the financial institutions that provide you with financial products and services through us.  

• Law Enforcement Authorities and Individuals Involved in Legal Proceedings. We disclose personal information in response to a request for information if we believe that disclosure is in accordance with, or required by, any applicable law, regulation, or legal process, including lawful requests by public authorities to meet national security or law enforcement requirements.  

• To Protect the Rights of Ryze and Others. We disclose personal information if we believe that your actions are inconsistent with our Terms, Cardholder Agreement, other user agreements or policies, if we believe that you have violated the law, or if we believe it is necessary to protect the rights, property, and safety of Ryze, our users, our third-party business partners, the public, or others.  

• Corporate Transactions. We disclose personal information in connection with, or during negotiations of certain corporate transactions, including the merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.  

• Corporate Affiliates. Personal information is disclosed between and among Ryze and our parents, affiliates, subsidiaries, and other companies under common control and ownership.  

• Successors in Interest. If we undergo a merger, acquisition, reorganization, business transfer or sale of assets, your information may be transferred to the successor entity as part of that transaction.  

• De-Identified and Aggregated Data. We may also share de-identified or aggregated information (such as usage trends or analytics) with third parties for research, analytics, and business purposes, provided such information cannot reasonably be used to identify you 

• With Your Consent and at Your Direction. We make personal information available to third parties when we have your consent, or you intentionally direct us to do so. For example, when you participate in any of the offers and rewards programs, you direct us to disclose information about you and your transactions to offers and rewards programs partners, payment card networks, and merchants.  

We do not sell or rent your personal information for third parties’ independent marketing purposes. If you provide a publicly available product review or otherwise post publicly available content through the Services, the public will be able to see this information. We also disclose aggregated or de-identified information that cannot reasonably be used to identify you.

5. ARTIFICIAL INTELLIGENCE 

We may use automated systems, including artificial intelligence (“AI”) and machine learning technologies, to help us deliver and improve our Services. These systems may: 

• Profile Users, Analyze user data to create financial profiles and segment users for insights, product recommendations, or service optimization. 

• Assess Creditworthiness Evaluate financial information to determine levels of financial risk.  

• Determine Eligibility. Automatically assess eligibility for our Services and products.  

These processes enable us to provide faster and more consistent decisions, enhance user experience, and tailor the Services to your needs. Human review of automated decisions is generally not available, unless required by applicable law. Where such rights apply, you may request an explanation of the logic involved in the decision-making process and, if applicable, request human intervention.

6. PROTECTION OF INFORMATION

Ryze implements security policies and practices designed to protect the confidentiality and security of personal information associated with your account, which includes the information you provide to register for the Services (such as government issued identifiers and other identifying information) and other personal information we collect about you and associated with your account. Ryze implements measures designed to limit access to this information to personnel that have a business reason to know it and prohibits its personnel from unlawfully disclosing this information.

7. INTERNATIONAL TRANSFERS 

Ryze and our service providers process and store personal information on servers located in the United States. However, such information may be processed in jurisdictions outside the of the United States where we or affiliates have our offices, and which may not provide levels of data protection that are equivalent to those of your home jurisdiction. By using the Services, you acknowledge that such transfers of information outside of your country of residence may occur.

8. DATA RETENTION 

We retain personal information for as long as necessary to fulfill the business purposes for which it was collected, including providing our Services, meeting our contractual obligations, complying with legal and regulatory requirements, resolving disputes, and enforcing our agreements. 

Users may request deletion of certain data elements—such as linked financial accounts or marketing communication preferences—either through the Site or by contacting our support team. We may not delete information if we are required to retain such information under applicable laws or for our internal compliance purposes. 

At this time, we do not operate a formal data minimization or fixed-period retention schedule. However, we comply with all applicable data retention and destruction laws and ensure that personal information is not kept longer than necessary for the purposes described in this Privacy Policy. We will store and maintain data in a manner consistent with the record retention requirements of applicable law.  

9. YOUR PRIVACY CHOICES

1. Information You Provide to Us

You can access, correct, and delete certain information stored within your Ryze account at any time.

2. Cookies and Similar Tracking Technologies

Ryze uses cookies and similar tracking technologies, as described above. You can usually adjust your browser settings to remove or reject browser cookies. Please note that removing or rejecting cookies could affect some of the functionality of the Services, such as remembering your password once you have logged in. Other than honoring legally recognized universal choice signals as described in Your Privacy Rights below, our Site does not currently respond to other do not track signals.

3. Communications Preferences

You may opt out of receiving text messages or promotional emails from Ryze by following the instructions in those communications. If you opt out, we may still send you non-promotional emails, such as those about your account or transactions.

10. . ADDITIONAL INFORMATION FOR INDIVIDUALS RESIDING IN CERTAIN U.S. STATES  

1. Notice to California Residents

Shine the Light Act. Ryze does not sell, rent, or lease your Personal Information (as defined below). We do not disclose your Personal Information to third parties for their direct marketing purposes.

2. Notice to California, Maryland, Nebraska and Texas Residents  

If you are a Consumer (as defined below) residing in California, Maryland, Nebraska or Texas, the following provisions may apply to our processing of information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household ("Personal Information") subject to the CCPA, the Maryland Online Data Privacy Act, the Nebraska Data Privacy Act, or the Texas Data Privacy and Security Act (collectively the "Privacy Laws"). 

• For California residents a 'Consumer' is any individual residing in California acting in any capacity.

• For Maryland, Nebraska and Texas residents a 'Consumer' is an individual residing in Maryland, Nebraska or Texas who is acting in an individual or household capacity, but this excludes state residents who are acting in an employment capacity (as one of our current, former or prospective employees) or in a commercial capacity (as an employee, owner, director, officer, etc. of an entity communicating with us in that context).

For Consumers, the provisions of this section prevail over any conflicting provisions of this Privacy Policy. We adopt this section of our Privacy Policy to comply with the Privacy Laws and any terms defined in the Privacy Laws have the meaning set forth in the law of your state of residence when used in this section.  

3. Verified California, Maryland, Nebraska and Texas residents have the following rights: 

• Information Access Rights

1. Request and receive confirmation that we hold information about them and disclosure of our Personal Information collection practices, including the categories of Personal Information about them that we collected, the categories of sources of such information, our business purpose for collecting or sharing such information, and the categories of third parties to whom we disclose such information.

2. Request and receive a copy of the Personal Information we have collected about them ("Data Portability").

3. Request and receive disclosure of our information sharing practices, including a list of the categories of Personal Information about them that we sold or disclosed to the category of third-party recipients and a list of the categories of Personal Information about you that we disclosed for a business purpose.

4. You may exercise these rights up to twice in a 12-month period. Our disclosure will cover information processed during the prior 12 months or, at your option, since January 1, 2022.

• Information Correction Rights

1. Request that we correct information we hold about you which is inaccurate.  

• Opt Out Rights

1. Request that we not sell Personal Information about you.  

2. Request that we do not share Personal Information for targeted or cross-context or behavioral advertising purposes. Cross-context behavioral marketing or targeted marketing means processing information that is obtained from that Consumer's activities over time and across websites or online applications that are not affiliated with Ryze and using or sharing that information to predict the Consumer's preferences or interests and display to a Consumer an advertisement that is selected based on such information (This does not include using your interactions with us or information that you provide to us to allow us to select advertisements to show you).  

3. Request that we limit processing of sensitive personal information for any purpose other than legal purposes or the purpose for which we originally collected it (We already limit our processing of sensitive personal information in this way).  

4. Request that we do not use any form of solely automated processing performed on Personal Information to evaluate, analyze, or predict personal aspects related to an identified or identifiable individual's economic situation, health, personal preferences, interests, reliability, behavior, location, or movements in order for us to make decisions resulting in the provision or denial of credit, housing or insurance services (We do not engage in this kind of profiling). 

• Deletion Rights

1. Request that we delete (and direct our service providers to delete) Personal Information subject to certain exceptions.

2. We will not discriminate against you as a result of your exercise of any of these rights.  

How to Exercise California, Maryland, Nebraska and Texas Privacy Rights 

• Information Access Rights, Information Correction Rights, and Information Deletion Rights. In order to make a request to exercise any of these rights, California, Maryland, Nebraska and Texas Consumers may make a request online here. We will ask you for information that allows us to reasonably verify your identity (that you are the person about whom we collected personal information) and will use the information you submit only for that purpose. If you do not have a registered account with us, we may request that you submit a signed statement under penalty of perjury that you are the individual you claim to be. We cannot respond to your request or provide you with Personal Information if we cannot verify your identity and confirm that the Personal Information relates to you. We will acknowledge receipt of your request within 10 days and will endeavor to respond within 45 days of receipt of your request, but if we require more time (up to an additional 45 days) we will notify you of our need for additional time.  

• For requests for a copy of the Personal Information we have collected, we will endeavor to provide the information in a format that is readily useable, including by mailing you a paper copy or providing an electronic copy to your registered account, if you have registered an account with us. 

• If you request that we delete your Personal Information, Privacy Laws permits us to retain certain information and not to delete it under certain circumstances. By way of example, we are not required to comply with a request to delete information if the information is necessary for us to complete a transaction for you or otherwise perform a contract; to detect, protect against, or prosecute security incidents, fraud or illegal activity; to use the information only internally in ways reasonably aligned with your expectations as our customer (such as maintaining sales records), and to comply with legal obligations.

• Opt Out Requests

1. Limit Processing of Sensitive Personal Information. We do not process sensitive personal information for purposes other than the purposes allowed by Privacy Laws or for which we originally collected it. As a result, there is no need for you to opt out.

2. Do Not Profile: We do not use any form of solely automated processing performed on Personal Information to evaluate, analyze, or predict personal aspects related to an identified or identifiable individual's economic situation, health, personal preferences, interests, reliability, behavior, location, or movements in order for us to make decisions resulting in the provision or denial of credit, housing or insurance services. As a result, there is no need for you to opt out.  

3. Sharing Personal Information for Targeted or Cross Context Behavioral Marketing Purposes: We process Personal Information for marketing purposes only based on your interactions on our Site only. We use technology on our Site to detect whether your browser originates within the State of California, Maryland, Nebraska, or Texas. If your browser originates from within California, Maryland, Nebraska, or Texas, as a default, we DO NOT share your online identifier for cross context behavioral marketing purposes or use it for targeted marketing purposes. To continue in the default mode where we do not share or use your information for these purposes, you may click on the "Do Not Sell or Share My Personal Information" as described below, submit a request to us by clicking here.  

4. Sale of Information: Processing of Personal Information for analytics and advertising purposes is limited to interactions on our Site only. We do not sell Personal Information of those we have reason to believe are California, Maryland, Nebraska, or Texas Consumers for monetary or other valuable consideration. We generally share a site visitor's online identifier information, which may constitute Personal Information of California, Maryland, Nebraska, or Texas Consumers, with third parties for advertising and analytics purposes. However, we use technology on our Site to detect whether your browser originates within the State of California, Maryland, Nebraska, or Texas. If your browser originates from within California, Maryland, Nebraska, or Texas, as a default, we DO NOT share your online identifier for these purposes. When site visitors whose browsers originate from within California, Maryland, Nebraska, or Texas access our Site, they are given a choice to allow us to share the online identifier for analytics and advertising purposes or to have us continue not sharing their online identifier with third parties. To continue in the default mode where we do not share your information for these purposes, you can select the "Do Not Sell or Share My Personal Information" option and we will place a "preference cookie" on your browser that tells us to keep default mode in place and not share the online identifier and not to show you the choice message when you revisit our Site. If you agree to the sharing of your online identifier for advertising and analytics purposes by selecting the "Manage My Preferences" choice presented and opting in, we will place a "preference cookie" on your browser that tells us we are permitted to share your online identifier. Our Site will remember your preference until you delete or clear the "preference cookie" from your device, in which case you may see the choice message again in the future. If your "preference cookie" is deleted or cleared, you are returned to default mode and your online identifier is not shared until you opt in. You may change this preference at any time by clicking here.  

5. Cookie Preferences: You may also opt out by activating a user-enabled global privacy control, such as a browser plug-in or privacy setting, device setting, or other mechanism, that communicates or signals your choice to opt-out of the sale and sharing of Personal Information. When we receive such a signal we will stop setting third party, analytics, or advertising partner cookies on your browser. This will prevent the sale or sharing of information relating to that specific device through cookies to our advertising or analytics partners. This option does not stop all sales or sharing of your information because we cannot match your device's identification or internet protocol address with your personally identifiable information like your name, phone number, email address or ZIP code. If you delete cookies on your browser, any prior do not sell or do not share signal is also deleted and you should make sure that your user-enabled setting is always activated.  

6. Using an Authorized Agent: You may submit a request through someone holding a formal power of attorney. Otherwise, you may submit a request using an authorized agent only if: (1) you provide the authorized agent with written permission to make a request; and (2) you verify your own identity directly with us. We will require the agent to submit proof to us that they have been authorized to make requests on your behalf.  

7. Appealing denied requests (Maryland, Nebraska and Texas Consumers). If we have denied your Consumer request, you have the ability to file an appeal with us. To file an appeal with us, you must either: submit your request online here.

We will respond to you in writing within 60 days of any action taken or not taken in response to the appeal, including an explanation of the reasons for our decisions. If we deny your appeal, you can contact your state’s Attorney General at:  

Office of Maryland Attorney General
200 St. Paul Place
Baltimore, MD 21202 
(410) 528-8662  

Maryland Attorney General - Consumer Protection Division (Online Portal) 

Office of Nebraska Attorney General  
2115 State Capitol
Lincoln, NE 68509  
(402) 471-2682 

Nebraska Attorney General – Consumer Protection Division (Online Portal)  

Office of Texas Attorney General  

PO Box 12548  
Austin, TX 78711-2548 

Texas Attorney General - Consumer Protection Division (Online Portal)  

California Privacy Protection Agency  

400 R Street Suite 330  
Sacramento, CA 95811  

California Privacy Protection Agency- Online Portal for filing complaint 

5. Information Collected, Sources, Business Purpose for Collection, and Disclosure  

During the past 12 months, we have collected the following categories of information from the listed sources, used it for the listed business purposes and disclosed it for a business purpose to the listed categories of third parties. The categories of information include information we collect from our Site visitors, registered users, employees, vendors, suppliers and any other person that interacts with us either online or offline. Not all information is collected about all individuals. For instance, we may collect different information from applicants for employment or from vendors or from customers.  

*More specifically, the business purposes include:  

• Performing Services for you:  

1. To administer or otherwise carry out our obligations in relation to any agreement to which we are a party;  

2. To assist you in completing a transaction or order;  

3. To allow tracking of products;  

4. To prepare and process invoices;  

5. To respond to queries or requests and to provide Services and support;  

6. To provide customer relationship management;  

7. To notify you about changes to our Services and products;  

8. To administer any promotion, contest, survey, or competition;  

9. To provide you information regarding our products and Services; and  

10. To offer our products and Services to you in a personalized way, for example, we may provide suggestions based on your previous requests to enable you to identify suitable products and Services more quickly.  

• Advertising customization:  

For marketing and promotions, we believe you may find of interest and to provide you or allow selected third parties to provide you with information about products and services that may interest you.  

• Auditing relating to transactions, internal research and development:  

1. To provide for internal business administration and operations, including troubleshooting, Site customization, enhancement or development, testing, research, administration and operation of our Site and data analytics;  

2. To create products or services that may meet your needs; and  

3. To measure performance of marketing initiatives, advertisements, and websites "powered by" another company on our behalf.  

• Security detection, protection and enforcement; functionality debugging, error repair:  

1. As part of our efforts to keep our Site safe and secure;  

2. To ensure the security of your account and our business, preventing or detecting fraud, malicious activity or abuses of our Site, for example, by requesting verification information in order to reset your account password (if applicable);  

3. To ensure the physical security of our premises through the monitoring of surveillance images; and  

4. To resolve disputes, to protect the rights, safety and interests of ourselves, our users or others, and to comply with our legal obligations.  

• Quality control.  

1. To monitor quality control and ensure compliance with our legal obligations, codes and ordinances, policies and procedures; and  

2. To develop and improve our products and services, for example, by reviewing visits to the Sites and various subpages, demand for specific products and services and user comments.

6. Disclosing Personal Information To Third Parties.  

We may disclose certain categories of Personal Information to third parties (described above). Note that for purposes of the Privacy Laws, we only “share” information as that term is specifically defined in the Privacy Laws (including the CCPA) as described below. When we provide information to third parties, the type of, business model of, or processing conducted by each third party to is consistent with the purposes for which we collect and use such information as permitted by law and as disclosed above or at the time we collect the information unless otherwise required by law. The following are permitted purposes under the Privacy Laws:

• To perform the Services or products reasonably expected by an average consumer who requests those Services or products;  

• To prevent, detect, and investigate security incidents that compromise the availability, authenticity, integrity, or confidentiality of stored or transmitted Personal Information;  

• To resist malicious, deceptive, fraudulent, or illegal actions directed at the business and to prosecute those responsible for those actions;  

• To ensure the physical safety of natural persons;  

• For short-term, transient use, including, but not limited to, non-personalized advertising shown as part of a consumer's current interaction with the business, provided that the Personal Information is not disclosed to another third party and is not used to build a profile about the consumer or otherwise alter the consumer's experience outside the current interaction with the business;  

• To perform services on behalf of our business;  

• To verify or maintain the quality or safety of products or services that we own or control, and to improve, upgrade, or enhance such products or services; and  

• To collect or process sensitive personal information where such collection or processing is not for the purpose of inferring characteristics about a consumer.  

7. Processing Sensitive Personal Information  

We collect limited sensitive personal information (described above). For the avoidance of doubt, the sensitive personal information we collect does not include any: (1) data revealing racial or ethnic origin, religious beliefs, consumer health data (as defined under the Privacy Laws), sex life, sexual orientation, status as transgender or nonbinary, national origin, or citizenship or immigration status; (2) genetic or biometric data; (3) Personal Information of any person that we know or have reason to know is under the age of 18; or (4) precise geolocation data. We process and disclose the limited sensitive personal information that we do collect only for the purposes permitted by law and as disclosed above or at the time we collect this information unless otherwise required by law.  

8. Sharing Information for Targeted or Cross-Context Behavioral Marketing. 

Under the CCPA, sharing your Personal Information means making it available to a third party so that they can use it to display a targeted or cross-context behavioral advertisement to you. Cross-context behavioral or targeted advertising means that we display an advertisement to you that is selected based on Personal Information about you that we obtained or inferred over time from your activities across other websites, applications or online services that we use to predict your preferences or interests. Targeted advertising does not include using your interactions with us or information that you provide to us to select advertisements to show you. In the preceding twelve (12) months, we have shared the following categories of Personal Information of non-minors who have opted in for behavioral or cross context or targeted advertising: identifiers (cookies or similar tracking technologies).  

9. Notice to Nevada Residents  

We do not transfer Personal Information for monetary consideration. If you are a Nevada resident and would like to tell us not to sell your information in the future (in case we change our no-sell policy) you may make a request online here with your name, postal address, telephone number and email address with "Nevada do not sell" in the subject section. 

10. Notice to residents of Colorado, Connecticut, Delaware, Florida, Iowa, Minnesota, Montana, New Hampshire, New Jersey, Oregon, Tennessee, Virginia, and Utah  

Residents of certain U.S. states may have additional privacy rights under applicable state laws, including the Colorado Privacy Act, the Connecticut Data Privacy Act, the Delaware Personal Data Privacy Act, the Florida Digital Bill of Rights, the Iowa Consumer Data Protection Act, the Minnesota Consumer Data Privacy Act, the Montana Consumer Data Privacy Act, the New Hampshire Expectation of Privacy Act, the New Jersey Data Privacy Act, the Oregon Consumer Privacy Act, the Tennessee Information Protection Act, the Virginia Consumer Data Protection Act, and the Utah Consumer Privacy Act (collectively, the “Other State Privacy Laws”).  

If you are a resident of one of these states, subject to certain exceptions, you may have the following rights: 

• Right to Know/Access – You may request that we confirm whether we are processing your personal information and to access such personal information.  

• Right to Correction – You may request that we correct inaccuracies in your personal information. 

• Right to Deletion – You may request that we delete personal information we have collected from or about you.  

• Right to Data Portability – You may request a copy of your personal information in a portable and readily usable format.  

• Right to Opt Out – You may opt out of the processing of your personal information for targeted advertising, the sale of personal information, or profiling in furtherance of decisions that produce legal or similarly significant effects.  

• Right to Appeal – If we deny your request, you may appeal our decision by contacting us using the information below.  

To exercise these rights, you may contact us at support@zyne.cards. We may need to verify your identity before responding to your request. We will respond within the timeframes required by applicable law.  

We do not process sensitive personal information for purposes other than those permitted under the Other State Privacy Laws. We also do not sell personal information as defined under these state laws.  

11. CONTACT US  

If you have any questions about this Privacy Policy, please contact us at support@zyne.cards.

12. THIRD PARTY WEBSITES  

The Site and Services may allow you to link directly to websites or other apps operated by third parties, including, without limitation, Ryze service providers or marketing providers. Some of these third-party marketing channels may be "co-branded" with a Ryze logo; even so, these third-party channels are not operated, controlled or maintained by Ryze. These channels or links are provided for your convenience only and should be used with your discretion and prudent judgment. Links from our Site to third-party websites do not constitute sponsorship, endorsement, or approval by Ryze of the content, policies or practices of such third-party websites. The collection and use of your personal information by such co-branding third parties is the responsibility of the co-branding partner, and not Ryze. Ryze is not responsible for any information these websites or digital channels may obtain and does not oversee their policies or practices in collecting personal information. This Privacy Policy does not apply to information provided to or gathered by the third parties that operate them. The privacy policies of these third-party websites may differ from those of Ryze. These websites may ask you for personal information. Please review the privacy policy on third-party channels before submitting information, because Ryze does not have control over the use of information collected on these websites. The Site may also be linked to websites operated by companies affiliated with Ryze. Please review the privacy policies and practices of these digital channels before providing any personal information. 

Ryze is neither responsible nor liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with your use of such third party website or product and you release Ryze from any claims, demands, or damages of any kind, known or unknown, arising out of or in any way connected with your use of such party product or website. 

13. . RYZE FEDERAL PRIVACY NOTICE  

The above Privacy Policy is also a federal privacy notice which provides details about the information we process, the purposes for such processing and your rights in relation to the same. To limit our sharing, Federal law gives you the right to limit only: Sharing for affiliates’ everyday business purposes—information about your creditworthiness  Affiliates from using your information to market to you. 

Sharing for non-affiliates to market to you State laws and individual companies may give you additional rights to limit sharing. See below for more on your rights under state law. E-mail us at support@zyne.cards. Please include “Limit Sharing” in the subject line of the email and include opt-out statements in the body of the email to indicate your choices If you are a new customer, we can begin sharing your information 30 (thirty) days from the date we sent this notice. When you are no longer our customer, we continue to share your information as described in this notice.  

1. Questions?  

Email us at support@zyne.cards.  

2. Who is providing this notice? 

Ryze India Advisory Solutions Private Limited.  

3. How does Ryze protect my personal information?  

To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings. For more information, see the “Protection of Information” section of our Privacy Policy. 

4. How does Ryze collect my personal information?  

We collect your personal information, for example, when you use our Services. We also collect your personal information from others, such as credit bureaus, affiliates, or other companies. For more information, see the “Collection of Information” section of our Privacy Policy.  

5. Other Information  

• For California residents: In accordance with California law, we will not share information we collect about you with companies outside of our corporate family, except as permitted by law, including, for example, with your consent or to service your account. We will limit sharing among our companies to the extent required by California law.  
    

• For Vermont residents: In accordance with Vermont law, we will not share information we collect about you with companies outside of our corporate family, except as permitted by law, including, for example with your consent or to service your account. 
  We will share information about your creditworthiness and transactions or experiences with us within our corporate family in accordance with law, such as, with respect to your creditworthiness, with your authorization or consent.  
    

• Telephone Communications: All telephone communications with us or our authorized agents may be monitored or recorded.  
    
  You may have other privacy protections under applicable state laws. To the extent these state laws apply, we will comply with them when we share information about you.