Last Updated: January 22, 2026
Version: 1.0
1.1 Applicability. These Partner Privacy Terms: Rail ("Partner Privacy Terms") govern the collection, use, and disclosure of your personal information in connection with banking and payment services accessed through the Squarefi Platform. These Partner Privacy Terms supplement the Mosta Privacy Policy ("Master Privacy Policy") available at mosta.io/privacy. By using banking or payment services through the Platform, you agree to be bound by these Partner Privacy Terms in addition to the Master Privacy Policy.
1.2 Service Provider. Banking and payment services are provided by Layer2 Financials LLC ("Rail"), a regulated financial services provider. Rail provides access to banking and payment rails through its network of partner banks. Squarefi acts solely as a technology platform facilitating access to Rail's services; Squarefi does not provide banking or payment services directly.
1.3 Partner Banks. Rail provides access to banking and payment services through partner banks, including: (a) SSB Bank and Zenus Bank for USD payment rails; (b) OpenPayd and Banking Circle for EUR payment rails; and (c) ClearBank for GBP payment rails. Partner banks may be added, removed, or replaced by Rail at any time. Each partner bank maintains its own privacy practices and regulatory obligations.
2.1 Governing Document. Rail's collection, use, and disclosure of your personal information is governed by Rail's Privacy Policy. You must review and accept Rail's Privacy Policy as a condition of using Rail's services:
Rail Privacy Policy: https://legal.rail.io/legal/privacy
2.2 Acceptance Requirement. By using any banking or payment service through the Platform, you explicitly acknowledge, attest, and confirm that: (a) you have accessed, reviewed, and read Rail's Privacy Policy at the link provided above; (b) you understand and agree to Rail's Privacy Policy; (c) you understand that Rail's Privacy Policy governs Rail's handling of your personal information; and (d) you provide your explicit affirmative attestation that you accept Rail's Privacy Policy as a condition of accessing Rail's services through the Platform.
2.3 Dynamic Policy. Rail may modify its Privacy Policy from time to time. You are responsible for periodically reviewing Rail's Privacy Policy at the link provided above. Your continued use of banking and payment services after any modification constitutes acceptance of the modified policy.
3.1 Authorization. By using banking and payment services through the Platform, you authorize Squarefi to share your personal information with Rail and its partner banks as necessary to: (a) provide banking and payment services; (b) verify your identity and comply with KYC requirements; (c) comply with AML laws and regulations; (d) process transactions; (e) maintain your account; (f) detect and prevent fraud; and (g) fulfill contractual and regulatory obligations.
3.2 Categories of Information. Information shared with Rail may include: (a) identity information such as name, date of birth, address, and government-issued identification; (b) contact information such as email address and phone number; (c) business information for entity accounts such as business name, registration details, and beneficial ownership information; (d) financial information such as bank account details and transaction history; (e) verification documentation; and (f) other information as required for service provision and regulatory compliance.
3.3 Purpose Limitation. Information shared with Rail shall be used by Rail in accordance with Rail's Privacy Policy and applicable law. Squarefi does not control and is not responsible for Rail's use of your information once disclosed to Rail.
4.1 Categories. We may receive information from Rail, including: (a) account status and verification results; (b) transaction data and history; (c) compliance-related information; (d) fraud alerts and risk assessments; and (e) other information necessary to facilitate services and maintain your Account on the Platform.
4.2 Use. Information received from Rail shall be used in accordance with the Master Privacy Policy and these Partner Privacy Terms.
5.1 Legal Requirements. Rail and its partner banks may be required to disclose your information to: (a) regulatory authorities; (b) law enforcement agencies; (c) tax authorities; (d) courts and tribunals; and (e) other governmental bodies as required by applicable law.
5.2 No Prior Notice. Such disclosures may occur without prior notice to you where prohibited by law or where notice would compromise an investigation or legal proceeding.
5.3 Squarefi's Non-Participation. Squarefi is not a party to and has no control over disclosures made by Rail or its partner banks to regulatory authorities or other third parties.
6.1 Rail's Retention. Rail retains your personal information in accordance with Rail's Privacy Policy and applicable regulatory requirements. Retention periods are determined by Rail, not Squarefi.
6.2 Squarefi's Retention. Squarefi retains information related to banking and payment services in accordance with the Master Privacy Policy, including retention for at least five (5) years after Account closure to comply with AML record-keeping requirements.
6.3 Survival. Your information may be retained by Rail and its partner banks after termination of your relationship with Squarefi, in accordance with Rail's Privacy Policy and applicable law.
7.1 Rights Under Rail's Policy. Your rights with respect to personal information held by Rail are governed by Rail's Privacy Policy and applicable law. To exercise rights regarding information held by Rail, you must contact Rail directly in accordance with the procedures set forth in Rail's Privacy Policy.
7.2 Rights Under Master Privacy Policy. Your rights with respect to personal information held by Squarefi are governed by the Master Privacy Policy. To exercise rights regarding information held by Squarefi, contact legal@mosta.io.
7.3 Coordination. Where a request involves information held by both Squarefi and Rail, you may need to submit separate requests to each party.
8.1 Squarefi's Measures. Squarefi implements security measures as described in the Master Privacy Policy to protect information during transmission to Rail.
8.2 Rail's Measures. Rail implements its own security measures as described in Rail's Privacy Policy. Squarefi does not control and is not responsible for Rail's security practices.
8.3 Partner Banks. Each partner bank maintains its own security measures in accordance with applicable banking regulations and standards.
9.1 Transfer to Rail. Your information may be transferred to Rail and its partner banks, which may be located in jurisdictions other than your country of residence.
9.2 Safeguards. Transfers are made in accordance with applicable data protection laws and appropriate safeguards. Rail's international transfer practices are governed by Rail's Privacy Policy.
10.1 Order of Precedence. In the event of conflict between privacy-related documents, the following order of precedence applies: (a) Rail's Privacy Policy controls for all matters relating to Rail's handling of your personal information; (b) these Partner Privacy Terms control over the Master Privacy Policy for matters specific to Rail's services; and (c) the Master Privacy Policy governs all other matters not specifically addressed in Rail's Privacy Policy or these Partner Privacy Terms.
10.2 Non-Contradiction. These Partner Privacy Terms are intended to supplement, not contradict, Rail's Privacy Policy. To the extent any provision herein could be interpreted as contradicting Rail's Privacy Policy, Rail's Privacy Policy shall prevail for matters within Rail's control.
11.1 Modifications. Squarefi may amend these Partner Privacy Terms at any time by posting an updated version at mosta.io/legal. Material changes shall be communicated via email or Platform notification.
11.2 Continued Use. Your continued use of banking and payment services after any amendment constitutes acceptance of the amended Partner Privacy Terms.
11.3 Version Control. Squarefi maintains version control and update logs for these Partner Privacy Terms for at least five (5) years. Previous versions are available upon request to legal@mosta.io.
For Platform privacy inquiries:
Squarefi Inc. (DBA Mosta)
Email: legal@mosta.io
