RutoWallet Docs
TopicsPrivacy Policy

Privacy Policy

Review how RutoWallet and RUTO AI LIMITED may collect, use, store, protect, retain, and process user information.

This Privacy and Data Retention Policy explains how RUTO AI LIMITED collects, uses, stores, protects, shares, retains, and processes personal information in connection with RutoWallet.

RutoWallet is a custodial crypto wallet and virtual card product created by RUTO AI LIMITED. RutoWallet allows users to access wallet services, deposit supported cryptocurrency, receive funds, send funds to other RutoWallet users, withdraw supported assets, convert supported assets, use eligible virtual card services, complete verification, receive support, and access related product features.

By accessing or using RutoWallet websites, applications, official social pages, support channels, or related online services, users acknowledge that they have reviewed this policy and understand how their information may be handled.

RUTO AI LIMITED may collect and process user information based on consent, contract performance, legal obligations, compliance requirements, legitimate security interests, fraud prevention, service delivery, and other lawful bases permitted by applicable data protection laws.

Where consent is required for a specific collection or use of information, RutoWallet may request that consent before collecting or using the information. Information collected through RutoWallet will be used only for disclosed, compatible, lawful, or required purposes.

Information We Collect

RutoWallet may collect personal information that identifies a user or can reasonably be linked to a user. This may include information provided during account creation, verification, wallet usage, card usage, support requests, security checks, compliance reviews, and service communications.

Information collected may include:

  • Account information such as name, username, email address, phone number, login method, account status, and account preferences
  • Identity and verification information such as government identification, selfie or liveness checks, date of birth, address, nationality, and Know Your Customer review information
  • Wallet and transaction information such as deposit records, withdrawal records, conversion records, user-to-user transfer records, wallet addresses, token selections, blockchain network details, balances, transaction references, and timestamps
  • Virtual card information such as card service eligibility, card purchase records, recharge and withdrawal records, card transaction metadata, card status, spending activity, plan details, limits, fees, chargebacks, declines, and provider-related records
  • Device and technical information such as IP address, device identifiers, browser type, operating system, app version, log data, access times, approximate location signals, and security event information
  • Compliance and risk information such as sanctions screening results, fraud indicators, suspicious activity reviews, blockchain risk data, account recovery information, dispute records, and law-enforcement or regulatory request records
  • Support and communication information such as messages, emails, tickets, survey responses, service notifications, marketing preferences, and user feedback

RutoWallet may also receive additional information from third-party identity verification providers, sanctions screening providers, blockchain intelligence providers, card providers, payment or infrastructure partners, fraud-prevention services, and other service providers used to support RutoWallet services.

How We Use Information

RUTO AI LIMITED may use user information to operate, secure, improve, and support RutoWallet products and services.

User information may be used to:

  • Create, maintain, and protect RutoWallet accounts
  • Provide wallet services, deposits, withdrawals, conversions, user-to-user transfers, virtual card services, and related product features
  • Verify identity, perform KYC checks, review eligibility, and meet compliance obligations
  • Detect, prevent, investigate, and manage fraud, misuse, scams, account takeover attempts, suspicious activity, sanctions exposure, stolen-fund risk, and other security or compliance concerns
  • Process transactions, calculate fees, keep transaction records, reconcile balances, and support card provider or blockchain network requirements
  • Respond to support requests, account recovery requests, disputes, complaints, and user inquiries
  • Send account notices, security alerts, service updates, product communications, legal notices, and permitted marketing communications
  • Improve product features, analyze service performance, monitor reliability, develop new services, and maintain accurate records
  • Comply with applicable laws, court orders, regulatory duties, reporting obligations, investigations, audits, and legal claims

Information From Website Visitors

When someone visits a RutoWallet website or online page without creating or logging into an account, RutoWallet may collect limited technical, analytics, and non-personally identifiable information to monitor, secure, and improve the website and services.

Where applicable, this information may be used to improve website performance, understand usage patterns, protect against abuse, support analytics, and provide relevant content or advertising in accordance with applicable law.

Purpose Limitation

RUTO AI LIMITED collects personal information for identified, lawful, and disclosed purposes. Personal information will not be reused for an incompatible purpose unless a lawful basis applies or the user's consent is obtained where required.

Data Minimization

RUTO AI LIMITED limits the collection and use of personal information to information that is relevant, adequate, and reasonably necessary for the purpose for which it is processed. Where a purpose can be achieved using anonymized or aggregated information, RutoWallet may use anonymized or aggregated information where appropriate.

Cookies and Similar Technologies

RutoWallet may use cookies, local storage, device identifiers, analytics tools, and similar technologies on its websites or related online services.

These technologies may be used to recognize users, support account access, maintain security, remember preferences, improve product experience, analyze website traffic, detect fraud, prevent misuse, and promote trust and safety.

RutoWallet cookies do not need to store sensitive personal information directly. They may store a unique reference or technical identifier that helps RutoWallet recognize a browser or session. If a browser or add-on permits, users may disable cookies, but doing so may affect website or service functionality.

How We Protect Information

RUTO AI LIMITED is committed to protecting the integrity and confidentiality of personal information in digital and physical formats. RutoWallet uses administrative, technical, and physical safeguards designed to reduce the risk of loss, misuse, unauthorized access, unauthorized disclosure, alteration, or accidental compromise.

Security safeguards may include encryption, access controls, monitoring, internal authorization controls, secure infrastructure practices, risk reviews, and limits on employee or contractor access to information. Access to personal information is limited to personnel and service providers who need the information to perform authorized responsibilities.

No system can be guaranteed to be completely secure. Users are responsible for protecting their login credentials, devices, passcodes, and account access methods, and should contact RutoWallet immediately if they suspect unauthorized access.

How We Share Information

RUTO AI LIMITED does not sell, trade, or rent personal information. RutoWallet may share personal information where necessary to provide services, comply with legal obligations, protect users, secure the platform, or support authorized business operations.

Information may be shared with:

  • Identity verification, KYC, sanctions screening, fraud-prevention, and blockchain intelligence providers
  • Card issuers, card processors, card program managers, payment infrastructure providers, wallet infrastructure providers, cloud hosting providers, analytics providers, communication providers, and support tools
  • Professional advisers, auditors, insurers, legal advisers, compliance consultants, and business operations providers
  • Regulators, law-enforcement authorities, courts, government agencies, or other parties where disclosure is required or permitted by law
  • Third parties that a user directly authorizes to receive information

Third-party services used with or through RutoWallet may have their own privacy policies. RUTO AI LIMITED is not responsible for independent third-party privacy practices, and users should review the relevant third-party policies where applicable.

Third-Party Processors

RUTO AI LIMITED may engage third-party processors to process personal information on its behalf. Processing by such third parties should be governed by appropriate contractual, confidentiality, security, and data protection obligations designed to protect personal information.

International Transfers

RutoWallet may rely on third-party servers, infrastructure providers, verification providers, card providers, risk tools, and support providers located in Nigeria or foreign jurisdictions. As a result, personal information may be transferred to, stored in, maintained in, or processed from countries outside the user's country of residence.

Where personal information is transferred outside Nigeria, RUTO AI LIMITED will take reasonable steps to ensure that appropriate safeguards are used in accordance with applicable data protection laws, including the Nigeria Data Protection Act and the Nigeria Data Protection Regulation where applicable.

International transfers may occur where:

  • The user's consent has been obtained where required
  • The transfer is necessary to perform a contract with the user or take requested pre-contractual steps
  • The transfer is necessary to conclude or perform a contract with a third party in the user's interest
  • The transfer is necessary for reasons of public interest
  • The transfer is necessary for the establishment, exercise, or defense of legal claims
  • The transfer is necessary to protect the vital interests of the user or another person where consent cannot reasonably be given

Details of safeguards used for international transfers may be provided upon request where required by applicable law.

Data Retention

RUTO AI LIMITED will retain personal information for as long as needed to provide RutoWallet services, maintain accounts, process transactions, support card services, complete verification, prevent fraud, resolve disputes, enforce terms, comply with legal and statutory obligations, support audits, and respond to regulatory or law-enforcement requests.

Even after a user stops using RutoWallet, certain personal information, verification records, wallet records, card records, transaction data, compliance records, and security records may be retained where required for legal, regulatory, contractual, fraud-prevention, accounting, dispute-resolution, or legitimate business purposes.

Retention periods may depend on:

  • The purpose for which the information was collected
  • The user's contractual or account relationship with RutoWallet
  • Applicable legal, regulatory, tax, accounting, audit, KYC, anti-money laundering, card provider, or blockchain compliance requirements
  • Whether the information is needed for investigations, disputes, legal claims, account recovery, security reviews, or enforcement
  • Whether the user has requested deletion and whether RUTO AI LIMITED has a lawful basis or obligation to continue retaining the information

For legal and regulatory compliance reasons, RUTO AI LIMITED may retain personal data for an additional period of six years after termination of the relationship between the user and RutoWallet, unless a longer retention period is required or permitted by law. Deletion requests may be reviewed and honored where RUTO AI LIMITED is not required or permitted to retain the information. More information about deletion, account closure, backups, retained records, and related request handling is available in the Data Deletion Policy.

User Choices and Rights

Subject to applicable law and any lawful retention or compliance obligations, users may contact RutoWallet to exercise rights relating to their personal information.

These rights may include:

  • The right to request access to personal information collected and stored
  • The right to receive information about personal information collected and stored
  • The right to request correction, rectification, or modification of personal information
  • The right to object to or request restriction of certain processing
  • The right to object to automated decision-making where applicable
  • The right to request deletion or erasure of personal information, also known as the right to be forgotten
  • The right to request portability or movement of personal information to a third party where applicable
  • The right to be informed about how restrictions may affect access to RutoWallet services

Requests will be reviewed and carried out except where restricted by law, legal obligations, regulatory duties, security requirements, contractual obligations, or other lawful reasons. Deletion and account closure requests are handled according to the Data Deletion Policy. Users may request privacy support by contacting support@rutowallet.com or legal@rutowallet.com.

Marketing Communications

RutoWallet may send service updates, security notices, legal notices, product updates, newsletters, or marketing communications where permitted. Users may unsubscribe from marketing communications where an unsubscribe option is provided, but important account, security, legal, or service notices may still be sent.

Age Restriction

RutoWallet services are directed to users who are 18 years of age or older. If a parent or guardian becomes aware that a child or ward has provided information to RutoWallet without appropriate consent, the parent or guardian should contact support@rutowallet.com.

Updates, Modifications, and Amendments

RUTO AI LIMITED may update, modify, change, or revise this Privacy Policy from time to time. Changes will not be retroactive unless required by law. The most current version of this policy will govern the relationship between RutoWallet and users.

Users should review this page periodically. Where material changes are made, RutoWallet may try to notify users through the email associated with their account, in-app notices, website notices, or other service notifications. Continued use of RutoWallet after changes become effective means the user agrees to the revised policy where permitted by law.

Governing Law

This Privacy and Data Retention Policy is made pursuant to applicable data protection laws and regulations, including but not limited to the Nigeria Data Protection Act and the Nigeria Data Protection Regulation.

Contact Us

Users may contact RutoWallet upon becoming aware of any breach of personal information, suspected unauthorized account access, compromised credentials, suspicious account activity, or privacy concern so RutoWallet can take appropriate steps to protect personal information and account security.

Questions about this Privacy Policy, requests to exercise data protection rights, and privacy-related inquiries may be sent to support@rutowallet.com or legal@rutowallet.com.

Effective Date

This Privacy and Data Retention Policy is effective as of February 20, 2025.

Last updated June 10, 2026