Privacy Policy

1. Information We Collect

Kadima Payments, Inc. ("Kadima," "we," "us," or "our") collects the following categories of information when you visit our website, apply for a merchant account, or use our services:

Personal Information

• Full name, email address, phone number, and mailing address
• Business name, business address, and business structure details
• Employer Identification Number (EIN) or Social Security Number for underwriting purposes

Financial Information

• Bank account and routing numbers for merchant account setup and settlement
• Processing history and volume estimates
• Credit and financial background information as required for underwriting

Technical Information

• IP address, browser type, operating system, and device information
• Pages visited, time spent on pages, and referral sources
• Cookies and similar tracking technologies (see Section 6 below)

2. How We Use Your Information

We use the information we collect for the following purposes:

• Process Applications: Evaluate and underwrite merchant account applications, perform identity verification, and conduct required due diligence.
• Provide Services: Set up and maintain merchant accounts, process transactions, manage settlements, and deliver ongoing account support.
• Communicate: Respond to inquiries, send account-related notifications, and provide updates about our products and services.
• Improve Our Platform: Analyze usage patterns, troubleshoot issues, and enhance the functionality, security, and performance of our website and services.
• Comply with Regulations: Meet our legal and regulatory obligations, including anti-money laundering (AML), Know Your Customer (KYC), and payment card industry requirements.

3. How We Share Your Information

We do not sell your personal information. We may share your information with the following parties as necessary to deliver our services:

• Payment Processors and Acquiring Banks: To underwrite, approve, and facilitate payment processing on your behalf.
• Service Providers: Trusted third parties who assist with identity verification, fraud prevention, analytics, customer support, and technology infrastructure, all bound by contractual confidentiality obligations.
• Legal Obligations: When required by law, regulation, subpoena, court order, or governmental request, or to protect the rights, property, or safety of Kadima, our clients, or others.
• Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

4. Data Security

We take the protection of your data seriously and implement industry-leading security measures, including:

• PCI DSS Level 1 Compliance: We adhere to the highest level of the Payment Card Industry Data Security Standard, the most stringent certification available in the payments industry.
• 256-Bit Encryption: All sensitive data is encrypted in transit and at rest using AES-256 encryption.
• Access Controls: Role-based access ensures that only authorized personnel can access sensitive information, with multi-factor authentication required for critical systems.
• Regular Audits: We conduct periodic security assessments, penetration testing, and compliance audits to identify and address vulnerabilities.

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but are committed to maintaining the highest standards in the industry.

5. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you.
• Correction: Request that we correct inaccurate or incomplete information.
• Deletion: Request that we delete your personal information, subject to legal and regulatory retention requirements.
• Opt Out of Marketing: Unsubscribe from promotional emails at any time by clicking the "unsubscribe" link in any marketing email or by contacting us directly.

California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including the right to know what personal information we collect, the right to request deletion, and the right to opt out of the sale or sharing of personal information. We do not sell personal information. To exercise your rights, contact us using the information in Section 10 below.

Other State Privacy Rights

Residents of other states with applicable privacy laws (such as Virginia, Colorado, Connecticut, and others) may have similar rights. We will honor your requests in accordance with applicable law.

6. Cookies and Tracking

We use cookies and similar technologies to enhance your experience on our website. The types of cookies we use include:

• Essential Cookies: Required for the basic functionality of our website, including secure login, session management, and form submissions. These cannot be disabled.
• Analytics Cookies: Help us understand how visitors interact with our website so we can improve content, navigation, and overall performance. These may include tools such as Google Analytics.
• Preference Cookies: Remember your settings and choices (such as language or region) to provide a more personalized experience.

You can manage your cookie preferences through your browser settings. Please note that disabling certain cookies may limit the functionality of our website. Most browsers allow you to block or delete cookies, and you can find instructions for your specific browser in its help documentation.

7. Data Retention

We retain your personal information for as long as reasonably necessary to provide our services, fulfill the purposes described in this Privacy Policy, and comply with our legal obligations. Specifically:

• Merchant account data is retained for the duration of the business relationship and for a period afterward as required by applicable payment industry regulations and financial record-keeping laws.
• Application data for accounts that are not approved may be retained for a limited period for regulatory compliance and fraud prevention purposes.
• Technical and analytics data is retained in aggregated or anonymized form for trend analysis and platform improvement.

When your data is no longer required, we will securely delete or anonymize it in accordance with our data retention policies and applicable regulations.

8. Children's Privacy

Our website and services are not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal information from a person under 18, we will take steps to delete that information promptly. If you believe a child has provided us with personal information, please contact us using the details in Section 10 below.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or industry standards. When we make material changes, we will notify you by posting the updated policy on our website and updating the "Last Updated" date at the bottom of this page. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

10. Contact Us

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or need to reach us for any reason, please contact:

Kadima Payments, Inc.
Calabasas, CA
Email: info@KadimaHQ.com
Phone: (888) 292-8555

Last updated: February 2026