Effective Date: June 15, 2026
1. Introduction
PONT Inc. ("PONT," "we," "us," or "our") operates the "Sampo" mobile application, web platform, and related services (collectively, the "Service"). This Privacy Policy describes how we collect, use, share, and protect information about you ("User" or "you") when you use the Service.
By using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please do not use the Service.
This Privacy Policy is intended to satisfy applicable U.S. privacy laws (including the California Consumer Privacy Act ("CCPA") as amended by the California Privacy Rights Act ("CPRA")), the European Union General Data Protection Regulation ("GDPR") to the extent applicable, and other relevant data-protection frameworks.
2. Information We Collect
We collect the following categories of information:
2.1 Information You Provide
- Account Information: email address, hashed password, date of birth, phone number, language preference.
- Identity Verification Information (only when required for higher-value transactions): full name, residential address, government-issued ID image, selfie photo, tax identification number.
- Communications: messages you send to our support team.
2.2 Information Collected Automatically
- Step & Movement Data: step count, distance, and movement-mode estimates obtained from HealthKit (iOS), Google Fit, or Health Connect (Android), with your permission.
- Location Data: GPS coordinates, Wi-Fi or Bluetooth beacon information, and IP address, with your permission where required.
- Device Information: device model, OS version, language settings, time zone, hashed device identifier, app version.
- Advertising Identifiers: IDFA (iOS) or Advertising ID (Android). On iOS 14.5+, we only use IDFA if you grant permission via the App Tracking Transparency prompt.
- Usage Data: screen views, session durations, in-app actions, Point earning and exchange history, offer-wall and survey participation, invitation code activity.
- Wallet Information: your wallet address, transaction history of Target Digital Assets sent through the Service. WE DO NOT COLLECT OR STORE YOUR PRIVATE KEYS, SEED PHRASES, OR PASSCODES (see Section 5).