Cassiopay's Privacy Policy

Your privacy is important to us. We are committed to protecting and ensuring the confidentiality of any Personal Information you provide to us.

This Privacy Policy ("Privacy Policy") addresses how Cassiopay Limited and its affiliates (“we,” “our,” “Cassiopay”) handles information we gather from third parties including, but not limited to, visitors to cassiopay.ca (the “website”) and users of the Cassiopay Services (“Users”). This Privacy Policy describes the ways we collect, use, and disclose Personal Information. Our Privacy Policy applies whenever you visit the website or use the Services.

Please read this Privacy Policy along with our Terms and Conditions carefully. By using our website, or otherwise providing us with your Personal Information, you are hereby consenting to Cassiopay’s collection, use, and disclosure of your Personal Information in accordance with this Privacy Policy.

If you do not consent to the practices described in this Privacy Policy, you may not continue to use our website.

For the purposes of this Privacy Policy,

“Access Codes” means a set of user name, password and a second authentication factor in the form of a single use code used to access your Account and/or initiate a payment for the purpose of executing a transfer;

"Account" means a data account in our systems where we record your available balance, Transaction data and other information from time to time;

“Personal Information” means any information that relates to you and either identifies you directly or could be used to identify you with other information available. It includes your name, user ID, email address, phone number, mailing address and payment account number. It does not include data where the information that identifies you has been removed, such as pseudonymized or anonymous data;

“Services” means the services supplied by us to you under our Terms and Conditions, including Accounts and executing Transactions;

"Transaction" means a payment resulting in a credit or debit of Account, along with associated fees.

Questions regarding this statement should be emailed to our Privacy Officer at support@cassiopay.ca or mailed to 2173-1055 West Georgia Street, Vancouver, BC V6E 0B6 Attention: Customer Service. You may also call us at +1 604 786 3718 and ask for the Privacy Officer.

Cassiopay has a separate, more detailed Privacy Policy with regard to the UK (accessible here) and EEA (accessible here). If you reside in any of those regions, you should refer to that separate Privacy Policy for further detail on your rights and our responsibilities.

Not Intended for Children

Cassiopay’s website and Services are not intended for children under the age of 18. We do not knowingly collect data relating to children. If you are under the age of 18, do not use or provide information on this website.

Highlights

We Collect a variety of Personal Information from visitors and Users, depending on how they interact with our website or Services. This includes:

• Registration and billing information submitted by Users;
• Log data collected automatically on the Cassiopay website;
• Information collected via cookies on the Cassiopay website;
• User data collected through User engagement with our Services; and
• Marketing and communication data provided to us by visitors, Users, or subscribers to our marketing communications.

We Use this information for the following purposes,

• Providing our Services and service communications;
• Data management and support for our Users;
• Improvements to our Services, website, and marketing strategies;
• Sending out marketing and promotional materials in accordance with your preferences;
• Billing coordination; and
• As otherwise permitted or required by law.

We Share Personal Information with the following entities as necessary to provide the Services.

• Third party service providers, only as necessary to assist in providing certain components of our Services, and only with contractual requirements in place to protect the Personal Information and handle it only in accordance with this Privacy Policy;
• Group companies, such as affiliates and subsidiaries, to assist in providing the Services;
• Potential acquirers of Cassiopay’s business, to evaluate or carry out a business transaction; and
• Other entities as permitted or required by law.

We Protect your Personal Information with industry-standard administrative, technical, organizational, and physical security measures. These measures include firewalls, SSL encryption, limiting storage of financial information to a PCI compliant third party provider, system redundancies, and co-location in a 24/7 secured, controlled environment.

However, perfect security does not exist, and we cannot guarantee the absolute security of your Personal Information. Some Personal Information may be transferred to, and processed in, countries outside of Canada, and accordingly, may be accessible to courts, law enforcement and national security authorities of those countries.

Agreement to Terms by Using this Website

Please read this Privacy Policy so that you are aware of how and why we use your Personal Information. When you use this website, you are agreeing to the terms of this Privacy Policy.

This Privacy Policy may change from time to time, as reflected in the revision date above, to reflect changing legal, regulatory or operational requirements. Cassiopay will provide notification of material changes to this Privacy Policy through the website at least thirty (30) business days prior to the change taking effect. Where appropriate, we may also email Users who have opted to receive communications from us notifying them of changes to this Privacy Policy. If we are required by applicable data protection laws to obtain your consent to any material changes to this Privacy Policy, then we will do so before such changes take effect.

Your continued use of this website after we make changes constitutes deemed acceptance of these terms.

Third Party Links

This website may contain links to third party websites, plug-ins and applications. Clicking those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third party websites, plug-ins and applications and are not responsible for their privacy statements and practices. When you leave our website, we encourage you to read the privacy policy of every website you visit.

How we Collect and Use Your Data

Information Gathered

We may collect, store, use and transfer different kinds of Personal Information about you, as described below:

Registration and Billing Information. You may provide us with your Personal Information such as name, date of birth, email address, mailing address, proof of address documents, ID documents, other personal information such as user ID, gender, bank account details, telephone number, transactional information, and online form information when you register for an Account to use our Services. Where you decline consent for the collection and processing of your Personal Information, we reserve the right to discontinue providing your our Services due to our obligations as a financial services institution.

Log Data and Activity Tracking: Cassiopay collects certain information automatically from visitors and Users of the Services, such as internet protocol (IP) addresses and associated geolocation data, browser types, timestamps (time a page was accessed), as well as the specific pages the visitor has requested.

Cookies. We collect certain information automatically using cookies and similar technologies, including information from third parties.

User Data: We store and process User data in the context of providing the Services, which may include login data, browser type and version, location, operating system, and similar information.

Marketing and Communications: We collect, store, and process information that you provide to us when you communicate with us, including when you email us, call us, or use the contact form on our website. We also store and process your preferences in receiving marketing materials from us and your communication preferences.

Other. We also collect and use certain aggregate data, which has been anonymized, such as statistical data regarding use of our Services, for lawful purposes. For example, we may aggregate data to calculate the percentage of Users accessing specific website features. As noted above, this type of data is not considered “Personal Information” subject to privacy laws because it cannot be used to identify a particular person.

We avoid collecting any of the following sensitive categories of Personal Information about you: information regarding your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, health and genetic data.

Information Use

We will only use your Personal Information when the law allows us to and as described below

Providing Cassiopay’s Services and Services Communications. Users of Cassiopay’s Services have a more specific relationship with us. User registration information may be used for the following purposes:

• Feedback requests;
• Security updates;
• Providing payment and e-wallet services to you as per our contractual obligations;
• To promote, analyze and improve our products and services;
• Process your Account information, payment transactions funds remittance and provide our Services;
• Verify your identity for compliance with the applicable laws regarding the prevention of money laundering and the prevention of terrorist financing or misuse of services;
• Manage risk, or to detect, prevent, and/or mitigate fraud or other potentially illegal or prohibited activities or as requested by law enforcement for investigation of crime;
• Respond to inquiries and provide customer support (for example in relation to payment refunds/chargebacks);
• For audits, regulatory purposes, and compliance with industry standards;
• To send communications regarding new services or products, events, offers and other news regarding our products and services;
• To develop new products and to improve or modify our Services.

Data Management and Support. Cassiopay stores and processes User content only on behalf of, and as instructed by, its Users. However, User content may be viewed or accessed by Cassiopay for the purpose of resolving a problem or support issue. Users are responsible for maintaining the confidentiality and security of their Access Codes and password.

Improvements. We also use visitor and User Personal Information to help deliver a better experience (for example, by displaying personalized content to you based on your interactions with the website), to diagnose technical problems, to support marketing activities and so that we may better administer and improve the quality of both the website and the Services.

Marketing and Promotion. Cassiopay uses the information listed in the section above to contact Users and visitors to further discuss their interest in the website and the Services, or to send Users and visitors information regarding Cassiopay or its partners, such as information about new features, promotions, and events. Any such communications will be sent in accordance with Users' and visitors' marketing preferences and consent choices. We may also email Users with service-related information concerning the Services or the website to the extent allowed by law and in light of the commercial relationship between us. You may opt out of receiving marketing materials at any time by logging into the website and adjusting your marketing preferences or following the unsubscribe instructions included in each marketing communication.

Billing Coordination. All financial and billing information collected through the website is used solely to complete any Transaction request and to bill for the Services. This billing information is not used by Cassiopay for marketing or promotional purposes.

To Enforce Compliance with Our Policies. Cassiopay may access User Data and certain visitor information if necessary to investigate a suspected violation of the Terms and Conditions for the Services.

To Maintain Legal or Regulatory Compliance. Our Services are subject to certain laws and regulations which may require us to use your Personal Information. For example, we use your Personal Information to pay our taxes, to fulfill our business obligations, and as otherwise required by law. Without using your Personal Information for such purposes, we could not perform the Services in accordance with our legal and regulatory requirements.

How we Share Your Data

Sharing of Information

Cassiopay will not copy, distribute, or otherwise share any User or visitor Personal Information except as set out in this Privacy Policy. Cassiopay may share Users' and visitors' Personal Information in the following ways:

• Third party service providers: Cassiopay may partner with other parties to provide Users with specific services such as (i) the provision of an electronic money account for businesses and associated payment services; and (ii) to verify your identity and comply with applicable money laundering and governmental regulations. These service providers are subject to confidentiality and security agreements and are required to agree to use the Personal Information of Users and visitors for the purpose of providing services, under Cassiopay’s instructions, to keep that information secure, and otherwise to handle Personal Information in the same manner as provided in this Privacy Policy, as required by applicable laws.
• Group companies: From time to time, we may provide Personal Information about Users to Cassiopay 's subsidiaries and affiliates so that those entities may assist Cassiopay in providing Services to Users. Each of these entities will process information in accordance with this Privacy Policy.
• Potential acquirers of Cassiopay's business: If Cassiopay  is involved in a merger, acquisition, or asset sale (each a “transaction”), some or all of Cassiopay  Users' and visitors' Personal Information may be disclosed for the purposes of evaluating or carrying out the transaction. In such a case, the other party will be instructed to handle the Personal Information in the same manner as provided in this Privacy Policy, and Users or visitors will be notified to the extent required by applicable laws.
• Law Enforcement. We may be required in certain circumstances to disclose Personal Information in response to a lawful request by public authorities, courts, law enforcement, or to comply with national security requirements, or as otherwise required by the applicable data protection law. To the extent allowed by law, we will notify you before a disclosure is made.
• Consent: We may disclose Users' and visitors' Personal Information with third parties where we have consent to do so, except as otherwise prohibited by law.

Data Location and Data Transfers

Visitors' and Users' Personal Information may be transferred to, and processed in, countries outside of Canada. Specifically, Cassiopay's website and Services are hosted on servers located in Canada, the United Kingdom, Estonia and Romania. Our group companies and third party service providers and partners may operate around the world, including in Canada, the United Kingdom, Estonia and Romania. This means that when Cassiopay collects visitors' and Users' Personal Information, such information may be processed in any of these countries, and accordingly, may be accessible to courts, law enforcement and national security authorities of those countries. For more information about how we transfer visitors' and Users' Personal Information, please contact our Privacy Officer at support@cassiopay.ca.

If you have any questions or wish to obtain further written information about Cassiopay’s policies and practices with respect to the collection, use, disclosure, or storage of your Personal Information by service providers or affiliates outside of Canada, you may contact our Privacy Officer at support@cassiopay.ca.

How we Protect and Manage Your Data

Security

Cassiopay uses appropriate administrative, technical, organizational, and physical security measures to protect our Users' and visitors' Personal Information against accidental or unlawful destruction, loss, and alteration, and against unauthorized disclosure and access. We use standard industry practices to protect visitors’ and Users’ Personal Information, including firewalls, SSL encryption, limiting storage of financial information to a PCI compliant third party provider, system redundancies, and co-location in a 24/7 secured, controlled environment.

We have procedures in place to address any suspected personal data breach and will notify you and any applicable regulator of a breach as required by law.

Personal Information in our possession may be accessed by different groups of employees and personnel within our company, only as required in order for them to carry out their responsibilities. Such personnel may include our Client Support, Compliance and Finance, and Legal teams.

Data Retention

We retain Personal Information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with the Services you have requested, to comply with applicable legal, contractual, tax or accounting requirements, or to defend ourselves from possible legal actions). When we have no ongoing legitimate business need to process your Personal Information, we will destroy it or anonymize it.

Your Choices to Control Your Data

Your Data Protection Rights

You can exercise any one of the following data protection rights as may be available to you under applicable law by contacting us at support@cassiopay.ca or through one of the other methods set forth in the introduction to this Privacy Policy. We will acknowledge and respond to your requests promptly and in all cases no later than within 30 days unless required to respond sooner under applicable law. In certain jurisdictions, we may need to verify your identity before responding to your request.

Depending on your jurisdiction, you may have the following data protection rights:

• You may have the right to access, correct, update or request deletion of the Personal Information we collect about you. To exercise your rights, please email our Privacy Officer at support@cassiopay.ca.
• You have the right to opt out of marketing communications, even if you have previously consented to receiving them. You may opt out at any time.
• You may have the right to request portability of your Personal Information.
• You may have the right to de-indexation.
• If we have collected and process your Personal Information with your consent, then you can withdraw your consent at any time by contacting us through one of the methods below – see the heading “Contact”.

We will make and post specific information about our policies and practices relating to:

• retention and destruction of your Personal Information;
• the roles and responsibilities of Cassiopay’s members of its personnel throughout the life cycle of your Personal Information;
• the process for dealing with complaints regarding the protection of your Personal Information.

Contact

In order to exercise your data protection rights or should you have any questions, concerns or complaint regarding our Privacy Policy or the processing of your Personal Information, you may email our Privacy Officer at support@cassiopay.ca or mail your request to 2173-1055 West Georgia Street, Vancouver, BC V6E 0B6.