Our Commitment

At Natural, we are committed to safeguarding your Personal Data. We collect only the Personal Data we need to facilitate money movement—according to Natural users’ instructions—and fulfill our financial partner and compliance obligations. 

This Privacy Policy describes the Personal Data we collect, how we use and share it, and how you can reach us with privacy-related inquiries. The Privacy Policy also outlines your rights and choices as a data subject, including your right to object to certain uses of your Personal Data. 

Data We Collect

Natural categorizes the data we collect into data classes to ensure we apply appropriate security controls:

  • Personal Data/PII (information that identifies you, such as your name, date of birth, email address, physical address, phone number, and Social Security number);

  • Financial Data (your sensitive financial or bank account information); and

  • Restricted Data (highly sensitive information, including payment-related data and cryptographic materials).

How We Use Your Data

Natural uses your Personal Data for specified, legitimate business purposes, including to:

  • provide and maintain Natural’s Services;

  • verify your identity and conduct required screening (KYB/KYC/AML);

  • validate your financial instruments and process your transactions;

  • monitor and prevent fraud, security threats, or other harmful activities;

  • comply with legal requirements and requests from our financial partners; and

  • improve our technology and customer support.

How We Protect Your Data

Natural safeguards your personal data by implementing appropriate technical and organizational measures; limiting data processing to what is necessary to fulfill our specified purposes; and retaining Personal Data only as long as necessary for legitimate business or compliance purposes.

We use strict technical and organizational measures to keep your data secure:

Encryption. Natural encrypts data in transit and at rest.  

  • Data in Transit. TLS 1.3 for external traffic and mTLS between services; and

  • Data at Rest. AES-256-GCM with a qualified encryption vendor for tokenizing Restricted Data.

Tokenization. Natural tokenizes payment credentials through regulated third-party providers and does not store payment credentials within Natural’s systems. 

Access Controls. We limit employee access to your data through role-based access controls. We require multi-factor authentication and manage encryption keys through secure systems.

Audits. We perform regular vulnerability tests and audits to ensure our network and systems are secure.

Our Role in Handling Your Data

Depending on the activity, Natural assumes the role of a "Data Processor" ("Service Provider" under the CCPA) or a "Data Controller". The nature of the data processing activity determines which role Natural assumes. 

The Data Processor is an entity acting on behalf and under the instructions of a Data Controller in processing Personal Data. Natural acts as a Data Processor when it facilitates transactions on behalf of and at the direction of a Natural user (the Data Controller). This includes where a Natural user instructs its agent(s) to transact, in which case the Natural user and its agent(s) are collectively the Data Controller. 

The Data Controller is the entity that determines the purposes and means of a data processing activity. Natural is required to act as a Data Controller as a part of providing services to the Natural users. Examples of when Natural must act as a Data Controller include:

  • Financial Partner Integrations (Natural selects and manages third-party banking relationships and payment method connections); 

  • Fraud Prevention (Natural detects and blocks fraudulent activity across the Natural Technology); 

  • Risk Mitigation (Natural monitors, prevents, and attempts to mitigate financial losses, security risks, and other potential harms; 

  • Regulatory Compliance (Natural complies with KYB/KYC/AML legal requirements and obligations to financial partners and governmental authorities); 

  •  Operational Management (Natural implements and adheres to its internal processes to enable its services, provide customer support, and perform billing and invoicing); and

  • Product Evolution (Natural analyzes, maintains, and improves its products and services).

Data Retention and Disposal

Natural retains your Personal Data for only as long as we need it to fulfill the purposes described in this Privacy Policy or meet legal requirements. When we no longer need your Personal Data, we delete it using methods that comply with applicable law. Even after we stop providing services directly to you, and even after you close your Natural account, we may continue to retain your Personal Data to:

  • comply with our legal and regulatory obligations;

  • enable fraud monitoring, detection, and prevention activities; and

  • comply with our tax, accounting, and financial reporting obligations, including when financial partners require specific retention and where data retention is mandated by the payment method(s) you've used.

Your Rights

You have the following rights regarding your Personal Data:

  • Access and Correction (you may ask to see the data we have about you or fix inaccuracies); 

  • Deletion (we will delete your Personal Data upon request, except that we may keep certain information to comply with the law or our internal policies); and

  • Objection (you may object to how we process your Personal Data in certain circumstances).

Updates to the Privacy Policy

Natural may update the Privacy Policy at any time by notifying you of the update and publishing the new version on Natural’s website. Your continued use of the Services means You accept the updated Privacy Policy.

Contact Natural

If you have questions about this Privacy Policy or your Personal Data, please email us at privacy@natural.co.

ProductsWalletPayCollectComing soonCreditComing soonBillComing soonTransferComing soon
FeaturesIdentityObservabilityDisputesCompliance
DevelopersGuidesDocsStatus
CompanyAboutBlogCareersPricing
ConnectX (Twitter)LinkedInInstagramGitHubEmail
LegalServices AgreementPrivacy PolicyAuthorized Use PolicyDisclosures

Natural is a financial technology company, not an FDIC-insured bank. Banking services will be provided through Bank Partners. FDIC deposit insurance covers the failure of an insured depository institution. Deposits in Wallet accounts will be FDIC-insured through Bank Partners and their Sweep Program Network Banks. Certain conditions must be satisfied for pass-through FDIC insurance to apply.

©2026 Natural AI, Inc.