Coalesce

Privacy Policy

Your privacy is important to us. This policy explains how Coalesce collects, uses, and protects your information.

Last Updated: June 3, 2026|Effective Date: June 3, 2026

1. Introduction

Welcome to Coalesce ("we," "our," or "us"), operated by Saguaro Money, Inc., operating as Coalesce Finance. Coalesce provides non-custodial software and a user interface for unsecured (peer-to-business) lending on the Solana blockchain, where lenders and borrowers transact directly with one another. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at coalescefi.com, use our mobile applications, or interact with our smart contracts and services (collectively, the "Platform").

By using our Platform, you acknowledge this Privacy Policy and understand that we process personal data using the legal bases described in this policy. Where consent is required by applicable law, we will request it at or before the time of collection. If you do not agree with this policy, please do not access or use our Platform.

Important Notice: Blockchain transactions are public and immutable. Wallet addresses and on-chain activities are permanently recorded on the Solana blockchain and cannot be deleted or modified by Coalesce.

2. Blockchain & Smart Contract Data

2.1 Nature of Blockchain Data

Coalesce operates on the Solana blockchain using decentralized smart contracts. When you interact with our Platform, certain information is automatically and permanently recorded on the blockchain:

  • Your wallet address (public key)
  • Transaction signatures and hashes
  • Lending deposits and withdrawal amounts
  • Loan disbursement and repayment events
  • Interest payments and accruals
  • Vault operations and position changes
  • Timestamps of all transactions

2.2 Immutability Disclaimer

Blockchain data is immutable and publicly accessible. Once a transaction is confirmed on the Solana blockchain, it cannot be deleted, modified, or controlled by Coalesce. This includes your wallet address and all associated transaction history. This is a fundamental characteristic of blockchain technology, not a limitation of our Platform.

2.3 Smart Contract Operations

Our lending operations are executed through smart contracts deployed on the Solana blockchain, which may from time to time undergo third-party security audits. These contracts operate autonomously according to their programmed logic. While we deploy and maintain these contracts, once deployed:

  • Interest rate calculations are performed on-chain
  • Vault parameters and loan terms are enforced automatically
  • Loan disbursements and repayments are executed by smart contracts
  • We cannot reverse or modify completed transactions

3. KYC/KYB/AML Data Collection

To comply with applicable anti-money laundering (AML), know your business (KYB), know your customer (KYC), and sanctions regulations, we collect and verify information from borrower businesses and, where required by law, their authorized representatives.

3.1 Verification Data We Collect

Business Documentation

  • • Certificate of formation or incorporation
  • • Business registration records
  • • Business tax registration documents
  • • Proof of business address

Authorized Representative Documents

  • • Government-issued photo ID
  • • Passport
  • • Driver's license
  • • National identity card

3.2 Additional KYB/KYC Information

  • Legal business name and any registered trade names
  • Jurisdiction of formation and principal place of business
  • Business tax identification number (where required)
  • Authorized representative full name and role
  • Authorized representative date of birth and residential address (where required)
  • Source of funds documentation
  • Wallet addresses used on the Platform
  • Transaction history relevant to compliance, security, and Platform operations

3.3 Purpose of KYB/KYC Data Processing

We process KYB/KYC data for the following purposes:

  • Fraud Prevention: Detecting and preventing fraudulent activities
  • Eligibility Determination: Verifying business eligibility to use the Platform through KYB and sanctions screening
  • Sanctions Compliance: Screening against OFAC, UN, EU, and other sanctions lists
  • Legal Compliance: Meeting regulatory obligations in applicable jurisdictions
  • Tax Reporting: Fulfilling tax withholding and reporting requirements where applicable

4. Borrower Credit Information

As part of borrower onboarding and ongoing eligibility, Coalesce and/or independent third parties (such as Channel Partners) may collect credit-related information that borrowers provide or authorize, such as business and financial information and credit references. Some of this information, or summaries of it, may be made available to prospective lenders to help them make their own lending decisions.

Coalesce is solely a technology provider. We do not underwrite loans or make creditworthiness determinations, and any borrower information made available through the Platform is informational only and does not constitute a credit assessment, recommendation, or endorsement by Coalesce. Lenders are solely responsible for evaluating borrowers and bear all credit risk.

Coalesce or its affiliates may, from time to time, participate on the Platform as a lender (LP) in their individual capacity on the same terms available to other lenders. The technology-provider disclaimers above continue to apply to Coalesce's operation of the Platform.

We retain credit-related information only as long as necessary for the purposes described in this policy and as required by applicable law (see Section 8). You may exercise the data rights described in Sections 9 and 10 with respect to off-chain credit-related information that we hold.

On-Chain Data: Platform activity may create public on-chain state, such as wallet addresses, market participation, borrower whitelist status, capacity fields, deposits, withdrawals, disbursements, repayments, settlement factors, and position changes. Once recorded on the blockchain, those records are immutable and cannot be deleted by Coalesce. They do not contain raw KYB files, raw financial statements, or raw credit reports.

5. Data We Collect

In addition to blockchain, KYB/KYC, and credit-related information, we collect the following information:

5.1 Information You Provide

  • Account registration information (email address)
  • Communication preferences
  • Customer support correspondence
  • Survey responses and feedback

5.2 Automatically Collected Information

  • IP address and geolocation (country level)
  • Browser type and version
  • Device information and identifiers
  • Operating system
  • Referring URLs and pages visited
  • Time spent on pages
  • Click patterns and navigation paths

5.3 Wallet Information

  • Connected wallet addresses
  • Wallet provider used (Phantom, Solflare, etc.)
  • Token balances (when connected)

6. How We Use Your Data

We use the collected information for the following purposes:

  • Platform Operation: To provide, maintain, and improve our lending services
  • User Experience: To personalize your experience and display relevant information
  • Risk Management: To manage operational, security, and compliance risks of operating the Platform
  • Compliance: To comply with legal obligations, including KYC/AML requirements
  • Security: To detect, prevent, and address fraud and security issues
  • Communication: To send important updates about your account and transactions
  • Analytics: To understand platform usage and improve our services
  • Customer Support: To respond to inquiries and resolve issues

7. Data Sharing & Disclosure

We may share your information in the following circumstances:

7.1 Service Providers

We share data with third-party service providers who assist in operating our Platform:

  • KYC/AML verification providers
  • Cloud hosting and infrastructure providers
  • Analytics and monitoring services
  • Customer support platforms

7.2 Legal Requirements

We may disclose your information when required by law or in response to:

  • Court orders or legal process
  • Government or regulatory requests
  • Fraud investigations
  • Protection of our legal rights

7.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control.

8. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law.

GDPR Erasure Note: For GDPR erasure requests, we can delete off-chain data (KYC documents, email, account info, analytics data) where deletion is not restricted by legal retention requirements, but cannot delete on-chain data (wallet addresses, transaction history, smart contract interactions, and public on-chain state). The retention table below distinguishes between deletable and non-deletable categories.

Retention Periods

Data TypeRetention PeriodErasure on Request
KYB/KYC/AML Documents5 years after account closure or longer where required by lawSubject to legal retention requirements
Off-Chain Transaction Records7 years where required for legal, tax, or accounting recordsSubject to legal retention requirements
Account InformationDuration of account + 3 yearsYes
Off-Chain Credit-Related InformationDuration of active loan + 3 yearsYes (off-chain only)
Analytics Data24 months (rolling)Yes
Blockchain DataPermanent (immutable by nature)No (on-chain immutable)

9. GDPR Rights (European Union Users)

If you are located in the European Economic Area (EEA), you have the following rights under the General Data Protection Regulation (GDPR):

Data Controller

Saguaro Money, Inc., operating as Coalesce Finance
2501 Chatham Rd Ste 5997 Springfield, IL 62704, United States
Email: compliance@coalescefi.com

9.1 Legal Bases for Processing (GDPR Article 6)

  • Contractual necessity: operating accounts, facilitating smart contract interactions, and servicing platform activity
  • Legal obligation: AML/KYB/KYC, sanctions screening, tax, and regulatory compliance
  • Legitimate interests: security monitoring, fraud prevention, risk management, and product improvement
  • Consent: optional communications and any non-essential analytics or cookies, where consent is required

9.2 Your Rights

Right of Access

Request a copy of the personal data we hold about you.

Right to Rectification

Request correction of inaccurate or incomplete data.

Right to Erasure ("Right to be Forgotten")

Request deletion of your personal data, subject to legal retention requirements and the immutable nature of blockchain data.

Right to Data Portability

Receive your data in a structured, machine-readable format.

Right to Withdraw Consent

Withdraw consent for data processing where consent is the legal basis.

Right to Object

Object to processing based on legitimate interests or for direct marketing.

Right to Restriction of Processing

Request temporary restriction of processing in circumstances permitted by GDPR.

Right to Lodge a Complaint

Lodge a complaint with your local EU/EEA supervisory authority if you believe our processing violates GDPR.

9.3 Automated Decision-Making and Human Review

Coalesce may use automated tools as part of borrower onboarding and eligibility screening (for example, KYB and sanctions screening). These screening processes relate to identity, compliance, and sanctions eligibility, not to any assessment of creditworthiness. We do not make final adverse eligibility determinations based solely on automated processing where the data subject is materially affected. Final adverse decisions include human review, and affected users may request reconsideration by contacting compliance@coalescefi.com.

Blockchain Limitation: For erasure requests, we distinguish between data we can and cannot delete:

  • Can be deleted on request: KYC documents, email address, account preferences, analytics data, support correspondence
  • Cannot be deleted (immutable): on-chain wallet address, transaction history, smart contract interactions, and public on-chain state

Privacy & Compliance Contact

For GDPR-related inquiries, please contact our compliance team at: compliance@coalescefi.com

10. CCPA/CPRA Rights (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

10.1 Your Rights

  • Right to Know: What personal information we collect, use, disclose, and share
  • Right to Delete: Request deletion of your personal information
  • Right to Correct: Request correction of inaccurate information
  • Right to Opt-Out: Opt out of the "sale" or "sharing" of personal information
  • Right to Non-Discrimination: Not be discriminated against for exercising your rights

10.2 Categories of Personal Information Collected

  • Identifiers: Name, email, wallet address, IP address
  • Financial Information: Transaction history, balances
  • Internet Activity: Browsing history, platform interactions
  • Geolocation: Country-level location data
  • Professional Information: Source of funds documentation

10.3 Notice Regarding "Sale" or "Sharing" of Personal Information

Coalesce does not sell or share your personal information as defined under CCPA/CPRA. We do not receive monetary or other valuable consideration for personal information and do not share personal information for cross-context behavioral advertising.

Exercising Your California Privacy Rights

To exercise your rights, contact us at: compliance@coalescefi.com
Browser-based opt-out preference signals (including Global Privacy Control) are processed in accordance with applicable law if our sale/sharing practices change.
We will respond to verified requests within 45 days.

11. International Data Transfers

Coalesce operates globally and may transfer your data to jurisdictions outside your country of residence, including the United States. These transfers are conducted in compliance with applicable data protection laws.

11.1 Transfer Mechanisms

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Binding Corporate Rules where applicable
  • Adequacy decisions by relevant authorities
  • Your explicit consent where required

To request information about applicable transfer safeguards (including relevant SCCs), contact compliance@coalescefi.com.

11.2 Data Storage Locations

Our primary data processing facilities are located in the United States. Additional processing may occur in other countries where our service providers operate. We ensure all providers maintain equivalent data protection standards.

12. Cookies & Analytics

We use cookies and similar tracking technologies to enhance your experience on our Platform.

12.1 Types of Cookies We Use

Essential Cookies

Required for platform functionality, authentication, and security.

Analytics Cookies

Help us understand how users interact with our Platform.

Preference Cookies

Remember your settings and preferences for future visits.

12.2 Analytics Tools

Third-party analytics tools listed below are planned but are not currently enabled in production. If enabled in the future, they may be used as described:

  • Vercel Analytics: May be used for web performance and usage metrics. Vercel Analytics is privacy-friendly and does not use cookies.
  • Google Analytics: May be used for user behavior and traffic analysis. Google Analytics may use cookies to collect usage data.

12.3 Managing Cookies

You can control cookies through your browser settings. Note that disabling certain cookies may limit platform functionality. For more information about our cookie practices, please contact us.

13. Security Measures

We implement industry-standard security measures to protect your personal information:

  • TLS/SSL encryption for data in transit
  • AES-256 encryption for data at rest
  • Regular security audits and penetration testing
  • Access controls and authentication mechanisms
  • Employee security training and background checks
  • Incident response and breach notification procedures

No Guarantee: While we employ commercially reasonable security measures, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security of your information.

14. Children's Privacy

Our Platform is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a minor, please contact us immediately at compliance@coalescefi.com, and we will take appropriate steps to delete such information.

15. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes:

  • We will update the "Last Updated" date at the top of this policy
  • We will notify you via email or prominent notice on our Platform
  • For significant changes, we may require your explicit consent before continued use

Your continued use of the Platform after such modifications constitutes your acceptance of the updated Privacy Policy.

16. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Saguaro Money, Inc., operating as Coalesce Finance

Mailing Address: 2501 Chatham Rd Ste 5997 Springfield, IL 62704

Legal Inquiries: legal@coalescefi.com

General Support: support@coalescefi.com

Compliance & Privacy: compliance@coalescefi.com

This Privacy Policy was last updated on June 3, 2026.

Terms of Service|Return to Home