At – we take privacy and data security seriously. We are committed to transparency in the collection and use of your personal information. The Privacy Notice describes how we collect and use personal information and the circumstances under which we may share this information.
CANADA’S PRIVACY LAWS
In order to comply with The Personal Information Protection and Electronic Documents Act (PIPEDA), businesses are required to ask for the least amount of personal information to meet the purpose of providing the product or service and to clearly tell customers why they are collecting it. Businesses may ask for information that goes beyond the purpose of providing the product or service if we make it clearly optional; or we may ask for consent to use information for secondary purposes, such as marketing, if we make it optional.
CANADA’S MONEY SERVICE BUSINESS REGULATIONS
Identity verification
In order to comply with with our obligations as a Money Service Business under Canada’s Proceeds of Crime (Money Laundering) and Terrorist Financing Act, we are required to verify the identity of our users if they are conducting Buy or Sell transactions of over $1000 and we are required to keep some KYC data and transaction data for users that conduct transactions over $1000.
Transactions reported to FINTRAC
Suspicious Transactions: A suspicious transaction report must be submitted to FINTRAC in respect of a financial transaction that occurs or is attempted, and for which there are reasonable grounds to suspect that the transaction is related to the commission or attempted commission of a money laundering or terrorist activity financing offence. Unlike all other reporting obligations, there is no monetary threshold associated with the reporting of a suspicious transaction.
Large virtual currency transaction: (Effective as of June 1st 2021.) A large virtual currency transaction report must be submitted to FINTRAC when a reporting entity receives virtual currency (VC) in an amount equivalent to $10,000 or more in the course of a single transaction, or when it receives two or more amounts of VC, that total the equivalent of $10,000 or more within a consecutive 24-hour window, by or on behalf of the same person or entity, or for the same beneficiary.
Depending on the location of customers of the service, different entities within the – provide the service and are responsible for customers’ personal information.
This Privacy Notice applies to the privacy practices of – on its trademarked BT-Wallet website located at https://bt-wallet.io/ (together the “BT-Wallet Service”).
This Privacy Notice also describes your privacy rights and how you can exercise these rights with us. It is important that you read this Privacy Notice together with any other privacy notice, fair processing notice, or other notice that we may provide when we are collecting or processing Personal Information about you so that you are fully aware of how and why we are using your data. This Privacy Notice supplements but is not intended to override those other notices.
This Privacy Notice applies to your Personal Information in our possession or under our control, including Personal Information in the possession of organizations which have engaged us to provide the services to you or the Personal Information in the possession of organizations which we have engaged to collect, use, disclose or process Personal Information for the purposes stipulated herein. The purpose of this Privacy Notice is to inform you about the types of Personal Information we collect, use, process, or disclose.
From time to time, we may make changes to this Privacy Notice. The Privacy Notice is effective as of the “last update” which appears at the top of this page. We will treat Personal Information in a manner consistent with the Privacy Notice under which it was collected and our current privacy practices, unless we have your consent to treat it differently. This Privacy Notice applies to any Personal Information we collect or receive about you, from any source.
Collection and Use of Personal Information
What personal information do we collect?
| Identity Data | Name, personal identification code or date of birth, signature. |
| Contact Data | Address, phone number, e-mail address. |
| Financial Data | Bank account information, payment information, liabilities, online payments and money transfers, payment methods, prices paid, quantity of order, time stamps associated with orders and payments, payment authorization information, and order activity history. |
| Anti-money laundering (AML) and Counter-Terrorist Financing (CTF) Data | Your government-issued photo identification or other identity document, country of residence, source of funds, data about your assets, the origin of assets, place of work, position, nature of your work, whether you are a politically exposed person or the family member or close associate of a politically exposed persons. |
| Communication Data | Data contained in requests we receive from you, including customer service requests or your other communications with us via any channel, including communication by phone, e-mail, messages and other manners of communication. |
| Service Usage Information | Data about the date and time you access our Service, data about your device (such as device type, IP address, and device identifiers), operating system and hardware settings, browser type and characteristics, length of visits, pages viewed, geographic location, language preferences, referring URLs, time spent on pages, scrolling, mouse movements, and links clicked, and information derived from SIM card, network operator, IP address, GPS geolocation data. |
| Legal Compliance Data | Data obtained while performing our legal obligations, including data relating to enquiries made by investigative bodies, notaries, tax authorities, bailiff courts and other state institutions |
How do we process your data?
We process your data in order to perform the services you request and to establish a client relationship with you, to respond to your requests and otherwise communicate with you, and to comply with our legal obligations and due diligence obligations under applicable laws. We use your data in the following ways:
- Account Creation: In order to open and administer your account we process your Identity Data, Contact Data and Communication Data. Where applicable, the legal basis of processing such data is your consent. You can withdraw your consent at any time and we will stop processing your Data given on the basis of your consent.
- Account Administration: We process your Identity Data, Contact Data and Communication Data in order to enter into a client agreement and communicate with you. Depending on your jurisdiction, we may be required by statute to collect this data as part of entering into a client agreement with you. Where applicable, the legal basis of processing such data is the performance of a client contract and if you fail to provide such data, we cannot provide services to you.
- Enforcing our Agreement: We process Financial Data, Services Data, Communication Data and Legal Compliance Data to perform and execute and enforce our client agreement with you, including but not limited to reviewing, investigating, and preventing any potentially prohibited or illegal activities that may violate the client agreement. Where applicable, the legal basis of processing such data is the performance of a client contract and if you fail to provide such data, we cannot provide services to you. We will use your personal information when it is necessary for -, its affiliates or other third party’s legitimate interests to preserve or defend its rights and interests in any legal claim or other claims and to protect us from any other damage or loss.
- Identity Verification: We process the AML and CTF Data in order to check and verify your identity, to meet legal obligations and to keep your data updated and correct. The processing of this data is necessary for compliance with our obligations arising from applicable laws and regulations and also to comply with rules and regulations related to AML and CTF requirements. If you fail to provide such data, we cannot provide services to you. We will explain to you the content and requirements of such personal information each time we collect information. We reserve the right to change the information that we are required to collect as c global or local regulatory standards change.
- Payments: When you engage in cryptocurrency transactions through the BT-Wallet, we collect transaction information (including payment card details) on the purchase or sale of digital currencies, or other transaction-based information that you generate or that is connected to your account.
- Service Usage Information: When you access your account, visit our website and use our Services, we may process Service Usage Information to ensure that our interface is accessible for you, to customize, measure, and improve the quality of our Service and the content of our website, and to develop new Services. We may also use certain of this information to create user replay sessions (as necessary) and to improve our visitors’ experience. Where applicable, the legal basis of processing such data is our legitimate interests.
- Marketing Communications: We also process data about your name and e-mail based on your consent in order to send you information about our services and direct marketing messages. The consent will contain information on that specific processing activity. You can withdraw your consent at any time by using the unsubscribe mechanism set out in our messages or by contacting our Privacy Officer at [email protected]. Please note that you may continue to receive transactional and account-related communications from us.
- Contacting Us: When you contact us with a comment or question or for customer support, we collect the information you provide such as your name, phone number and email address, along with additional information that we may need to help us promptly respond to your inquiry. We retain this information to assist you in the future and to improve our customer service and service offerings. We also use personal information to establish and manage our relationship with you and provide quality service.
- Analytics: To understand, maintain, develop and improve the BT-Wallet, we use analytics to understand our website and/or app activity and customer needs and to improve our Service. We may also generate aggregated information to monitor performance and use to improve our Services.
How do we collect your data?
Most of the data we collect and process is directly provided by you. We collect and process the information about you in the following situations:
- When you visit our website, create an account, log in, or use our service;
- When we provide services to you or perform ongoing obligations;
- When you communicate or provide your feedback to us via email or any other channel;
- When you visit or use our website;
- Other situations when we may collect your data as mentioned in this Privacy Notice.
We also may collect information about you from public or third-party sources, such as public databases, ID verification partners, payment providers, companies providing services for money laundering and terrorist financing checks, credit risk reduction and other fraud and crime prevention purposes and companies providing similar services.
How we share your data with third parties
Except as set forth in this Privacy Notice and as required or permitted by law, we do not sell or share your personal information with third parties. We will not disclose more data than necessary for the purpose of disclosure and in compliance with regulatory legislation and data protection legislation.
Service Providers: We may transfer or otherwise make your data available to our third-party service providers who provide services to us in accordance with our instructions and on our behalf. Our service providers are only given the information they need to perform their designated functions, and are not authorized to use or disclose personal information for their own marketing or other purposes. We may transfer your data to third-party service providers as set out below:
- To ID verification partners in order to verify your identity and identification documents, in accordance with our AML/CTF legal obligations;
- To our website hosting partners and other parties who assist us in operating our website (including creating user session replays) and sending communications;
- To our payment services providers, to assist in processing payments;
- To companies providing services for money laundering and terrorist financing checks, credit risk reduction and other fraud and crime prevention purposes, including financial institutions and credit reference agencies;
- To partners who provide us with accounting services in order to prepare invoices; To our financial and legal consultants and auditors; and
- To debt collectors in order to collect a debt.
Legal and Compliance: We may also provide your information in response to a search warrant or other legally valid inquiry or order, including to public authorities and state institutions such as law enforcement agencies, bailiffs, notaries, tax authorities, supervisory authorities, financial intelligence agencies such as , Financial Crimes Enforcement Network and Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), or as otherwise required or permitted by Canadian, US, European, or other law or legal process. Your data may also be disclosed where necessary for the establishment, exercise, or defence of legal claims, or when we believe disclosure is appropriate to comply with the law or protect ours or others’ rights, property, or safety, including to investigate or prevent actual or suspected loss or harm to persons or property.
Sale of Business: Your data may be provided to third parties in connection with a merger or sale (including transfers made as part of insolvency or bankruptcy proceedings) involving all or part of -, or as part of a corporate reorganization or stock sale or other change in corporate control, including for the purpose of determining whether to proceed or continue with such transaction or business relationship.
Safeguarding and Retention of Personal Information
We have implemented reasonable administrative, technical and physical measures in an effort to safeguard the personal information in our custody and control against theft, loss and unauthorized access, use, modification and disclosure. We restrict access to your personal information on a need-to-know basis to employees and authorized service providers who require access to fulfill their job requirements.
We have personal information retention processes designed to retain personal information for no longer than necessary for the purposes stated above or to otherwise meet legal requirements. We may retain personal information, including financial information relating to transactions, for accounting and auditing purposes and otherwise in accordance with our obligations under applicable law.
Access to Personal Information
You have the right to access, update and correct inaccuracies in your personal information in our custody and control, subject to certain exceptions prescribed by law. You may request access, updating and corrections of inaccuracies in other personal information we have in our custody or control by emailing [email protected]. We may request certain personal information for the purposes of verifying the identity of the individual seeking access to their personal information records.
Your Additional Rights
You may have certain additional rights in relation to your personal information, depending on your jurisdiction. While some of these rights are general and unrestricted, other rights only apply in certain circumstances. The manner in which these rights apply may vary depending on the jurisdiction in which you are located.
Your rights may include:
- access – you are entitled to obtain a copy of the personal information which we hold about you and certain additional details regarding how we process your personal information.
- rectification – you can request rectification or updating of your personal information if it is inaccurate or incomplete.
- restriction – you can restrict our use of your personal information.
- deletion – you are entitled to request that we erase your personal information.
- objection – you can object to the processing of your personal information where we are processing that information based on our legitimate interests or those of a third party, or where we are using it for direct marketing purposes.
- portability – you can request a copy of personal information you provided to us to be transferred, subject to certain exceptions provided by law.
- withdrawing your consent – where we rely on consent to process your personal information you can withdraw this consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
If you wish to exercise any of your rights, please contact us at the details below.
Cookies
We collect, information from cookies stored on your device. Learn more about how we use cookies in our https://bt-wallet.io/cookies-policy
How long do we keep your data?
We will only retain your personal information for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting obligations or to resolve disputes. While retention requirements vary by jurisdiction, information about our typical retention periods for different aspects of your personal information are described below.
- Personal information collected to comply with our legal obligations under financial or anti-money laundering laws may be retained after account closure for as long as required under such laws.
- Contact Information such as your name, email address and telephone number for marketing purposes is retained on an ongoing basis until you unsubscribe. Thereafter we will add your details to our suppression list to ensure we do not inadvertently market to you.
- Content that you post on our Sites such as support desk comments, photographs, videos, blog posts, and other content may be kept after you close your account for audit and crime prevention purposes (e.g. to prevent a known fraudulent actor from opening a new account).
- Information collected via technical means such as cookies, web page counters and other analytics tools is kept for a period of up to one year from expiry of the cookie.
When Personal Data is no longer necessary for the purpose for which it was collected, we will remove any details that identifies you or we will securely destroy the records, where permissible. However, we may need to maintain records for a significant period of time (after you cease using a particular Service) as mandated by regulation. For example, we are subject to certain anti-money laundering laws that require us to retain the following, for a period of five (5) years after our business relationship with you has ended.
How about children’s privacy?
– does not address anyone under the age of 18. We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us at [email protected]. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
What happens if we make changes to this Privacy Notice?
We may update this Privacy Notice to reflect changes to our information practices but we will not reduce your rights under this Privacy Notice without your express consent. We will post any changes to this page and, if the changes are significant, we will provide a more prominent notice. We will also keep prior versions of this Privacy Notice in an archive for your review. We encourage you to periodically review our Privacy Notice for the latest information on our privacy practices and to contact us if you have any questions or concerns.
Contact Us
If you have any comments, questions, concerns, or complaints regarding your Personal Information or our privacy practices, please feel free to send in details of the same to our Data Protection Officer’s team as follows:
By written notice:
Data Protection Officer,
Afanasjev Dmitri
By email: [email protected]
We take all comments, questions, concerns, and complaints very seriously and will respond as soon as reasonably practicable upon receiving the same.
