KYC Policy

The KYC form asks for an ID or passport number and a photo captured or selected from the user's device.

Users should submit only their own information and should avoid uploading documents that are not required for testing.

Admins can approve or reject submitted KYC records. Admins can also directly mark a user as KYC verified or unverified from the admin panel.

If KYC is rejected or manually unverified, the profile returns to an unverified state until a new approval is made.

KYC images are stored in private Blob storage and viewed through authenticated application routes. Admin users can view submissions for review.

The database keeps the KYC status, ID number, review status, rejection reason, reviewer, timestamps, and private storage reference.

This KYC workflow is built for demonstration and training. It should not be treated as a complete regulatory compliance program without legal review and production-grade operational controls.