Back
Privacy Policy for Duti
Privacy Policy
Effective Date: 02-07-2025
Last Updated: 03-24-2026
Welcome to Duti, a platform owned and operated by Jhadruk Inc ("Company," "we," "us," or "our"). At Duti, we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, safeguard, and share your information when you access our website (https://myduti.com) and related services.
1. Scope
-------------
This Privacy Policy applies to:
• Our website (https://myduti.com)
• Email communications referencing this Privacy Policy
• Third-party services we use (for analytics, payment processing, compliance, etc.)
• Any current or future mobile applications or services offered by Duti
By using our services, you agree to the terms outlined in this Privacy Policy.
2. Information We Collect
-------------------------
a) Personal Information
We collect personal information necessary to provide and improve our services. The categories of personal information we collect include:
• Identity Information: Full legal name, date of birth, and government-issued identification numbers. This includes your Social Security number (SSN), which is collected during identity verification (KYC) as required by federal anti-money laundering regulations. Your SSN is transmitted securely to our identity verification and payment service partners and is never displayed in full within the Duti platform.
• Contact Information: Email address, phone number, and physical mailing address.
• Security Credentials: Username, password, and security questions.
• Financial Information: Bank account numbers, routing numbers, and transaction history related to your participation in Duti Circles. This information is collected and managed through our payment service partners (Sila Money and Priority Bank).
• Signature and Consent Records: Digital signature data, IP addresses, device fingerprints, browser user agents, and timestamps collected when you sign agreements or pledges through the Duti platform.
• Technical Information: IP address, device information (browser type, operating system), and approximate location data where applicable.
b) Non-Personal Information
We also collect non-personal information, including:
• Cookies and tracking data for site analytics and fraud prevention.
• Aggregated and de-identified data for research and business insights.
c) Collection from Third Parties
We may obtain information from:
• Sila Money and Priority Bank (payment processing, account verification, transaction data)
• Plaid Inc. (bank account verification and financial data aggregation)
• AML/KYC verification providers (identity verification results)
• Public databases and consumer reporting agencies
3. How We Use Your Information
------------------------------
We process your information for several purposes, including:
a) Service Provision and Improvement
• Managing user accounts and facilitating Duti Circle participation.
• Verifying identities and conducting AML/KYC compliance checks.
• Processing and tracking gift contributions between circle members.
• Managing digital signature workflows for Contribution Assurance Pledges and Gift Acknowledgments.
• Enhancing user experience with personalized interactions.
b) Security and Fraud Prevention
• Detecting and preventing unauthorized access, identity theft, and fraudulent transactions.
• Maintaining security logs and ensuring system integrity.
• Recording signature metadata (IP address, device fingerprint, user agent) for audit purposes.
c) Business Analytics and Marketing
• Analyzing usage patterns to improve our platform.
• Assessing marketing effectiveness and engagement.
• Sending promotional emails, newsletters, and updates (with an option to opt out).
d) Legal and Regulatory Compliance
• Fulfilling our obligations under applicable laws and regulations.
• Responding to lawful requests from government agencies and law enforcement.
• Maintaining records required for AML/KYC compliance.
4. Categories of Personal Information (CCPA Disclosure)
------------------------------
For California residents, the following table describes the categories of personal information we have collected in the preceding 12 months, the business purpose for collection, and the categories of third parties with whom each category is shared:
• Identifiers (name, email, SSN, date of birth, IP address): Collected for account creation, identity verification, and regulatory compliance. Shared with: Sila Money, Priority Bank, Plaid, KYC verification providers.
• Financial Information (bank account numbers, routing numbers, transaction history): Collected for facilitating circle contributions and distributions. Shared with: Sila Money, Priority Bank, Plaid.
• Internet/Electronic Activity (browsing history, device information, cookies): Collected for analytics, security, and fraud prevention. Shared with: analytics providers, hosting infrastructure partners.
• Geolocation Data (approximate location from IP address): Collected for fraud prevention and compliance. Shared with: security and fraud detection providers.
• Professional/Employment Information (if voluntarily provided): Collected only if provided during profile creation. Not routinely shared.
• Signatures and Consent Records (digital signatures, device fingerprints, timestamps): Collected for agreement execution and audit trails. Stored by Duti; not shared with third parties except as required by law.
5. Legal Basis for Processing
For applicable U.S. privacy laws (including rights provided under the California Consumer Privacy Act for California residents), our legal bases for processing your personal data include:
Consent: When you have provided explicit consent.
Contractual Necessity: To fulfill our obligations under the Terms of Service.
Legal Obligation: To comply with legal or regulatory requirements (including AML/KYC).
Legitimate Interests: For our business interests, provided they do not override your rights and freedoms.
6. Data Retention
We retain your personal data for as long as necessary to fulfill the purposes for which it was collected and to comply with our legal obligations. In particular, for AML (Anti-Money Laundering) and related compliance requirements, we retain your data for 5 years from the date of collection. Digital signature records are retained for the duration of the associated circle cycle plus 5 years.
7. Security of Your Data
We implement industry-standard technical and organizational measures to safeguard your personal data against unauthorized access, disclosure, alteration, or destruction. Specific measures include: encryption of sensitive data in transit and at rest, structured logging with automatic redaction of personally identifiable information, immutability protections on signed agreement records, and secure token-based access for signature workflows. While we strive to protect your information, please note that no method of transmission over the Internet or electronic storage is completely secure.
8. Your Rights
Depending on your location and applicable laws, you may have rights regarding your personal data, including:
Access: Request copies of your personal data.
Correction: Request correction of any inaccurate or incomplete data.
Deletion: Request deletion of your personal data (subject to legal obligations such as the 5-year retention period for AML compliance).
Data Portability: Request transfer of your data to another service provider in a commonly used format.
Objection: Object to processing based on legitimate interests or direct marketing.
For California Residents (CCPA/CPRA Rights):
Under the California Consumer Privacy Act, as amended by the California Privacy Rights Act, if you are a California resident, you have additional rights, including:
Right to Know: Request information regarding the categories and specific pieces of personal data we have collected, the sources of collection, the business purposes, and the categories of third parties with whom we share your data. See Section 4 for a summary.
Right to Delete: Request deletion of your personal data (subject to legal retention requirements including AML obligations).
Right to Correct: Request correction of inaccurate personal information.
Right to Opt Out of Sale/Sharing: We do not sell your personal data. We do not share your personal data for cross-context behavioral advertising. You have the right to direct us not to sell or share your information.
Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
Right to Limit Use of Sensitive Personal Information: You may request that we limit the use of your sensitive personal information (including SSN and financial account information) to purposes necessary for providing the services.
To exercise these rights, please contact us at support@myduti.jhadruk.com. We will respond to verifiable consumer requests within 45 days. You may also designate an authorized agent to make a request on your behalf.
9. Data Sharing and Disclosure
We do not sell your personal data. We do not share your personal data for cross-context behavioral advertising. We may share your information with the following categories of recipients:
Sila Money and Priority Bank: Your identity information (including name, SSN, date of birth, address), financial information, and transaction data are shared with Sila Money and its partner bank (Priority Bank) to facilitate account creation, identity verification, and the processing of circle contributions and distributions. Sila Money's privacy policy governs their use of your data once received.
Plaid Inc.: Your bank account credentials and financial data are shared with Plaid to verify your bank account and facilitate ACH transfers. Plaid's end user privacy policy (available at https://plaid.com/legal) governs their use of your data.
KYC/AML Verification Providers: Your identity information is shared with third-party providers to conduct identity verification and anti-money laundering checks as required by law.
Service Providers and Infrastructure Partners: We share limited technical data with hosting, analytics, security, and fraud detection providers who assist in operating our platform.
Legal and Regulatory Authorities: We may disclose your information when required by law, court order, subpoena, or regulatory request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
10. International Data Transfers
Your information is processed in the United States. Since our operations are based in the U.S., all data processing complies with applicable U.S. laws. If you are accessing our services from outside the United States, please be aware that your information will be transferred to and stored in the U.S.
11. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to:
Enhance website performance and user experience.
Analyze site traffic and user behavior.
Prevent fraud and unauthorized access.
You can manage your cookie preferences through your browser settings; however, disabling cookies may affect the functionality of our website.
Do Not Track Signals: Our website does not currently respond to "Do Not Track" (DNT) browser signals. There is no uniform industry standard for recognizing or honoring DNT signals at this time. If a standard is established in the future, we will revisit this practice.
12. Advertising and Marketing
We may use third-party advertising services (e.g., Google Ads, Facebook Ads) to display personalized advertisements based on your browsing history and interactions. You can opt out of interest-based ads by visiting optout.aboutads.info.
13. Third-Party Payment Services
When you participate in a Duti Circle, your financial information is processed by our third-party payment partners (Sila Money and Priority Bank). These providers have their own privacy policies and terms of service governing the use of your data. We do not store your full bank account numbers on our systems — this information is held by our payment partners. See Section 9 for details on what data is shared with each provider.
14. Children's Privacy
Our services are intended solely for individuals aged 18 and older. We do not knowingly collect data from minors. If we become aware that personal data from a minor has been collected in error, we will promptly take steps to remove that information.
15. Updates to This Privacy Policy
We may update this Privacy Policy from time to time. Significant changes will be communicated via email and posted on our website with a revised "Last Updated" date. Continued use of our services after such updates indicates your acceptance of the revised policy.
16. Contact Information
-----------------------
If you have any questions or concerns regarding this Privacy Policy or our data practices, or to exercise any of your privacy rights, please contact us at:
Email: support@myduti.jhadruk.com
Website: https://myduti.com