Privacy Policy — SparkPulse Exchange

Effective date: 2026-02-27
Last updated: 2026-02-27

This Privacy Policy explains how Galactic Bridge Sdn Bhd ("Spark Exchange", "we", "us") collects, uses, stores, and shares personal data when you use the Spark Exchange Android app and related services.

Controller contact: Galactic Bridge Sdn Bhd, M2-13A-09, Menara 2, 8 Trium, Jalan Cempaka SD12/5, Bandar Sri Damansara, 52200 Kuala Lumpur, Malaysia
Support email: [email protected]
Website: https://exchange.sparkpulse.net/
Data protection enquiries: [email protected]

1. Data We Collect

1.1 Account and Identity Data

Name, email, phone number, date of birth, and account identifiers.
KYC information and verification artifacts required by law (where applicable).

1.2 Financial and Transaction Data

Wallet balances, orders, trade history, deposits, withdrawals, and payment references.
Risk, fraud, and AML screening results and audit records.

1.3 Device and Technical Data

Device identifiers, app version, OS version, push token (FCM), and security logs.
Crash diagnostics and service telemetry for reliability and abuse prevention.

2. Why We Process Data

To provide exchange features, account security, and transaction settlement.
To comply with legal obligations (KYC/AML/sanctions/tax/accounting records).
To detect and prevent fraud, abuse, account takeover, and market manipulation.
To send service notifications (orders, deposits/withdrawals, security alerts).

3. Legal Bases (where required by law)

Contract performance (service delivery).
Legal obligations (compliance and recordkeeping).
Legitimate interests (security, platform integrity, fraud prevention).
Consent (where legally required for specific communications/processing).

4. Sharing and Recipients

Infrastructure, cloud, analytics, and communications providers under contract.
Identity verification and compliance partners.
Payment and banking partners for fiat rails (if applicable).
Regulators, law enforcement, courts, or competent authorities where required.

5. International Transfers

We may transfer data across borders. Where required, we use legal transfer mechanisms and contractual protections appropriate to your jurisdiction.

6. Retention

We retain personal data only as long as necessary for service operation, security, dispute resolution, and legal obligations (including KYC/AML and accounting retention periods). Typical compliance retention may extend up to 7 years where required by applicable financial, AML, and tax regulations.

7. Security

Encryption in transit (TLS/HTTPS) for app-server communication.
Access controls, auditing, and least-privilege operational processes.
Monitoring and incident response procedures.

8. Your Rights

Depending on your location, you may have rights to access, correct, delete, restrict, object, or port your data. You may request account/data deletion using:

In-app: Settings → Account → Delete Account
Email: [email protected]
Web form: https://exchange.sparkpulse.net/app/landing/account-data-deletion.html

9. Children

Spark Exchange is not intended for minors and is only available to users who satisfy applicable age and legal eligibility requirements in their jurisdiction.

10. Cookies and Similar Technologies

If web properties are used alongside the app, we may use cookies/local storage for authentication, security, and analytics as described in supplementary notices.

11. Changes to This Policy

We may update this Policy from time to time. Material changes will be notified through the app or website where required.

12. Contact

For privacy requests or complaints: [email protected]
Postal address: M2-13A-09, Menara 2, 8 Trium, Jalan Cempaka SD12/5, Bandar Sri Damansara, 52200 Kuala Lumpur, Malaysia