Privacy Policy

Last Updated: February 23, 2026

1. Introduction and Scope

This Privacy Policy (“Policy”) governs the collection, use, storage, and disclosure of information by SatRepublic Technologies Inc. (“SatRepublic,” “we,” “us,” or “our”) in connection with your use of the Bread mobile application and related services (collectively, the “App”). Bread is a Bitcoin-backed neobank application that provides non-custodial wallet services, token swaps, rewards, market data, fiat on-ramp and off-ramp capabilities, and related financial services.

This Policy is legally binding and constitutes an agreement between you (“User,” “you,” or “your”) and SatRepublic. By accessing or using the App, you acknowledge that you have read, understood, and agree to be bound by this Policy.

2. Definitions

  • Non-Custodial Wallet: A cryptocurrency wallet where the User maintains exclusive control over their private keys and digital assets. SatRepublic does not hold, manage, or have access to User funds at any time.
  • Transaction Data: Information recorded on public blockchains (including but not limited to the Bitcoin and Spark networks) related to transfers of digital assets between addresses.
  • Private Keys: The cryptographic keys that provide control over digital assets held at specific addresses.
  • Swap Data: Information related to token exchange transactions executed through integrated decentralized exchange protocols.
  • Pool Data: Liquidity pool information, including token pairs, volumes, and pricing data sourced from third-party protocols.
  • Fiat On-Ramp/Off-Ramp: Services that enable the conversion between government-issued currency (fiat) and digital assets.
  • Third-Party Service Providers: External services integrated into the App, including but not limited to Flashnet, SparkScan, MoonPay, and their respective SDKs.

3. Information Collection and Use

3.1 Information We Do Not Collect

We explicitly do not collect:

  • Private keys, seed phrases, recovery phrases, or any credentials that could provide access to User funds
  • Social security numbers, tax identification numbers, or government-issued identification numbers (any such data required for fiat services is collected and processed solely by our licensed third-party providers)
  • Biometric data
  • Device contact lists or social media account information

3.2 Information You Provide Directly

Depending on the features you use, we may collect:

  • Account Information: Email address, display name, or other identifiers you voluntarily provide during onboarding or account setup
  • Support Communications: Information you provide when contacting our support team, including correspondence content and any attachments
  • User Preferences: App settings, notification preferences, and display configurations

3.3 Information Collected Automatically

We automatically collect and process:

  • Transaction Data: Transaction amounts, timestamps, public blockchain addresses, transaction identifiers (hashes), network fee information, and swap/exchange transaction details
  • Wallet Activity Data: Token balances, swap history, rewards earned, and portfolio activity as displayed within the App
  • Technical Data: App performance metrics, usage patterns, crash reports, device type, operating system version, app version, anonymous session identifiers, and general interaction logs
  • Network Data: IP address, connection type, and general geographic region (country/state level) for security, fraud prevention, and regulatory compliance purposes

3.4 Information Collected by Third-Party Service Providers

Our App integrates with third-party services that may independently collect information as described below. Each provider operates under its own privacy policy, which we encourage you to review:

3.4.1 MoonPay (Fiat On-Ramp / Off-Ramp)

When you elect to purchase digital assets with fiat currency or sell digital assets for fiat currency, you will interact directly with MoonPay, a licensed money services provider. MoonPay independently collects and processes identity verification information (Know Your Customer / KYC data) as required by applicable law, including your full legal name, date of birth, residential address, government-issued photo identification, payment method details (credit card, debit card, bank account), and transaction records. SatRepublic does not receive, store, or have access to your KYC documentation, payment credentials, or identity verification data submitted to MoonPay. MoonPay may share limited transaction confirmation data (such as transaction status and amount) with us solely to reflect your purchase or sale within the App. MoonPay's privacy policy is available at moonpay.com/legal/privacy_policy.

3.4.2 Flashnet

We integrate the Flashnet SDK and API to provide token swap functionality, rewards programs, trending token data, liquidity pool information, and related market data. Flashnet may process public blockchain addresses, swap transaction parameters, and interaction data necessary to facilitate these services. Flashnet does not receive personally identifiable information from SatRepublic.

3.4.3 SparkScan

We use SparkScan APIs to retrieve Spark network data including address balances, transaction history, and network state information. SparkScan processes public blockchain data and may log API request metadata (such as IP addresses and request timestamps) in accordance with its own policies.

3.4.4 Analytics Providers

We use analytics services (such as Google Firebase Analytics or similar) to collect anonymized usage data for the purpose of improving App performance and user experience.

4. How We Use Your Information

We use collected information for the following purposes:

  • Service Delivery: To operate and maintain the App's core functionality, including wallet services, token swaps, rewards, market data display, and fiat on/off-ramp coordination
  • Transaction Processing: To facilitate and display blockchain transactions, swap orders, and related activity
  • Security and Fraud Prevention: To detect, prevent, and respond to fraud, unauthorized access, and other malicious activity
  • Compliance: To comply with applicable laws, regulations, and legal obligations, including anti-money laundering (AML) requirements
  • Product Improvement: To analyze usage patterns, diagnose technical issues, and improve the App's performance, features, and user experience
  • Communications: To send service-related notifications, security alerts, and (with your consent) promotional communications
  • Dispute Resolution: To resolve disputes, enforce our terms of service, and respond to support requests

5. Legal Basis for Processing

5.1 Contractual Necessity

We process Transaction Data, Swap Data, and Wallet Activity Data as necessary to provide the financial services and wallet functionality you have requested through use of the App.

5.2 Legitimate Interests

We process Technical Data and Network Data based on our legitimate interests in improving App performance and reliability, detecting and preventing fraud and security threats, enhancing user experience, and protecting against illegal activity.

5.3 Legal Obligation

We may process certain data to comply with applicable financial regulations, law enforcement requests, tax reporting requirements, and other legal obligations.

5.4 Consent

Where required by applicable law, we obtain your consent before processing data for purposes beyond those described above, including marketing communications.

6. Data Protection and Security

6.1 Technical Safeguards

  • End-to-end encryption of sensitive data transmissions using Transport Layer Security (TLS) 1.3 or higher
  • Database-level encryption (encryption at rest) for all stored data
  • Application-level encryption of sensitive user data prior to storage
  • Multi-layer firewall and intrusion detection systems
  • Role-based access controls with principle of least privilege
  • Regular penetration testing and security audits
  • Secure API communication with all third-party service providers using authenticated and encrypted channels

6.2 Organizational Safeguards

  • Employee and contractor access restricted to a need-to-know basis
  • Regular security awareness training for all personnel
  • Documented incident response and breach notification procedures
  • Data handling and classification policies
  • Regular compliance and security reviews
  • Vendor security assessments for third-party service providers

6.3 Non-Custodial Architecture

The App operates on a non-custodial model. Your private keys are generated and stored locally on your device or derived from your recovery phrase. SatRepublic never has access to, custody of, or control over your private keys or digital assets. You are solely responsible for the security and backup of your private keys and recovery phrases.

7. Data Sharing and Disclosure

7.1 Third-Party Service Providers

We share data with the following categories of service providers, solely to the extent necessary to deliver the App's functionality:

  • Swap and Market Data Providers (Flashnet): Public wallet addresses and transaction parameters necessary to execute swaps, retrieve pool data, rewards, and market information
  • Blockchain Data Providers (SparkScan): Public wallet addresses necessary to retrieve balances, transaction histories, and network data
  • Fiat Service Providers (MoonPay): Limited transaction confirmation data; MoonPay independently collects KYC and payment data directly from you
  • Analytics Providers: Anonymized and aggregated usage and performance data
  • Infrastructure Providers: Cloud hosting, content delivery, and database service providers operating under strict data processing agreements

7.2 Legal and Regulatory Disclosures

We may disclose information in response to valid legal process, subpoenas, court orders, or government requests; to comply with applicable laws and regulations, including AML/KYC requirements; to protect the rights, property, or safety of SatRepublic, our users, or the public; and to enforce our terms of service.

7.3 Corporate Transactions

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control.

7.4 No Sale of Personal Data

We do not sell, rent, or lease any collected personal data to third parties for advertising, marketing, or other commercial purposes.

8. Data Retention

  • Transaction and Swap Data: Retained for the duration of your use of the App, plus any period required by applicable law or regulation
  • Technical and Analytics Data: Retained for no longer than 24 months from the date of collection, unless a longer period is required by law
  • Support Communications: Retained for 36 months from the date of last communication, or longer if required to resolve ongoing disputes
  • Network and Security Data: Retained for up to 12 months for security monitoring and fraud prevention purposes

Upon deletion of the App or account termination, we will delete or anonymize your data within a commercially reasonable timeframe, except where retention is required by law.

9. User Rights and Control

9.1 Your Rights

Subject to applicable law, you have the right to:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data, subject to legal retention requirements
  • Portability: Request your data in a structured, commonly used, machine-readable format
  • Restriction: Request restriction of processing in certain circumstances
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent at any time where processing is based on consent
  • Export: Export your private keys and wallet data at any time through the App

9.2 California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including the right to know what personal information we collect, the right to delete personal information, the right to opt out of the sale or sharing of personal information (we do not sell your data), and the right to non-discrimination for exercising your privacy rights.

9.3 European Economic Area Residents (GDPR)

If you are a resident of the European Economic Area, you have additional rights under the General Data Protection Regulation (GDPR), including all rights listed in Section 9.1 above and the right to lodge a complaint with your local data protection authority.

9.4 Exercise of Rights

To exercise any of these rights, contact us at legal@satrepublic.io. We will respond to all legitimate requests within 30 days. We may request verification of your identity before processing your request.

10. International Data Transfers

Data may be processed in countries other than your country of residence, including the United States. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses approved by relevant authorities, data processing agreements with all service providers, and reliance on adequacy decisions where applicable. By using the App, you acknowledge and consent to the transfer and processing of your data in accordance with this Policy.

11. Children's Privacy

The App is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that we have collected data from a minor, we will take steps to delete such data promptly. If you believe a minor has provided us with personal data, please contact us at legal@satrepublic.io.

12. Cookies and Tracking Technologies

The App may use local storage, session tokens, and similar technologies to maintain your session, remember your preferences, and provide core functionality. We do not use tracking cookies for advertising purposes. Our analytics providers may use anonymized device identifiers for performance monitoring purposes.

13. Changes to This Policy

We reserve the right to modify this Policy at any time. We will notify you of material changes through in-App notifications, posted notice on our website, and/or email notification (if you have provided an email address). Changes become effective upon posting unless otherwise specified. Your continued use of the App after the effective date of any changes constitutes your acceptance of the modified Policy. We encourage you to review this Policy periodically.

14. Governing Law and Dispute Resolution

This Policy is governed by the laws of the State of Florida, United States, without regard to its conflict of law provisions. Any disputes arising from or relating to this Policy shall be resolved in accordance with the dispute resolution provisions set forth in our Terms of Service.

15. Contact Information

For privacy-related inquiries, data subject requests, or complaints:

SatRepublic Technologies Inc.
Email: legal@satrepublic.io
Website: satgo.io

For urgent security-related matters, please email legal@satrepublic.io with “URGENT: Security” in the subject line.

16. Severability

If any provision of this Policy is found to be invalid, unlawful, or unenforceable by a court of competent jurisdiction, the remaining provisions shall remain in full force and effect. The invalid provision shall be modified to the minimum extent necessary to make it valid and enforceable while preserving its original intent.

17. Entire Agreement

This Policy, together with our Terms of Service, constitutes the entire agreement between you and SatRepublic regarding the collection and use of your information in connection with the App.