Privacy Policy

Last Updated: July 29, 2025

Welcome to Lendingify ("we," "our," or "us"). We are committed to protecting your privacy and handling your data in an open and transparent manner. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

1. Information We Collect

To provide and improve our service, we collect the following types of information:

• Information from Google OAuth: When you register or log in using your Google account, we collect your email address and basic profile information (such as your name) as provided by Google. This is used solely for account creation, authentication, and communication purposes.
• Bitfinex API Keys: We collect and store your Bitfinex API Key and API Secret. These keys are configured with limited, read-only permissions for account data and specific permissions required only for lending operations. We never request or store keys with withdrawal permissions.
• Usage and Behavioral Data: We automatically collect data on how you interact with our service. This includes feature usage, click patterns, session duration, and performance metrics. This data is aggregated and anonymized to help us improve user experience and service performance.

2. How We Use Your Information

We use the information we collect for the following purposes:

• To provide, operate, and maintain our service.
• To authenticate your access to the service and manage your account.
• To improve, personalize, and expand our service based on user behavior.
• To communicate with you, including sending service updates, security alerts, and support messages.
• To monitor and analyze usage and trends to enhance the security and functionality of our platform.
• To comply with legal obligations and enforce our terms.

3. Data Security: Our Top Priority

We implement institutional-grade security measures to protect your information.

• API Key Security: Your API keys are encrypted using AES-256 encryption both at rest and in transit. They are stored in a secure, SOC 2 compliant infrastructure with a zero-knowledge architecture, meaning even our team cannot access the raw keys after they are stored.
• Principle of Least Privilege: Our system is designed to operate with the minimum required API permissions. We cannot and will not access funds, perform withdrawals, or execute any non-lending trades on your behalf.
• Data Isolation: Your data is logically isolated to prevent unauthorized access between accounts.
• Regular Audits: We conduct regular third-party security audits to ensure our infrastructure and practices meet the highest industry standards.

4. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following limited circumstances:

• With third-party service providers for performance analytics and monitoring (e.g., Google Analytics, Sentry), under strict confidentiality agreements.
• If required by law, such as to comply with a subpoena or other legal process.
• To protect our rights, property, or safety, or the rights, property, or safety of others.

5. Your Rights and Choices

You have the right to access, update, or delete your personal information. You can manage your account information through your settings page. You can revoke our access at any time by deleting the API keys from your Bitfinex account settings, which will immediately and permanently sever our connection to your account.

6. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last Updated" date.

7. Contact Us

If you have any questions about this Privacy Policy, please contact us at [email protected].