Introduction

Nicheclear Inc., registered in Ontario with company number 1000535259 and registered office at 100 King Street West, Suite 3400, 1 First Canadian Place, Toronto, Ontario, M5X 1A4, Canada, Canada (“Nicheclear”, "Company", "we", "us", "our"), provides online payment processing services and financial services. We abide by laws and regulations regarding the prevention of money laundering, which requires us to collect and process personal information. We commit to upholding your privacy rights in the process.

This privacy policy outlines our commitment to safeguarding your privacy, in accordance with the scope of our business activities.

Privacy Principles

We process all personal information in compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada and any other applicable provincial privacy laws. We adhere to the following principles:

  1. Accountability: We take responsibility for personal information under our control.

  2. Identifying Purposes: We clearly state the reasons for data collection before or during the collection process.

  3. Consent: We require your informed consent for the collection, use, and disclosure of personal information, except where it is legally unnecessary.

  4. Limiting Collection: We collect data strictly for the identified purposes.

  5. Limiting Use, Disclosure, and Retention: We ensure data is not used or disclosed for purposes other than those for which it was collected, unless the individual consents or it is required by law.

  6. Accuracy: We keep personal information as accurate, complete, and up-to-date as necessary.

  7. Safeguards: We protect personal information against loss or theft, as well as unauthorised access, disclosure, copying, use, or modification.

  8. Openness: We readily provide information about our policies and practices related to managing personal information.

  9. Individual Access: Upon request, we will inform an individual of the existence, use, and disclosure of their personal information and provide access to that information.

  10. Challenging Compliance: We have procedures in place to receive and respond to complaints or inquiries about our policies and practices relating to the handling of personal information.

What data do we collect?

When you use our services, we collect personal information provided to us directly or indirectly. This includes data from applications, transaction and payment information, and technical metadata (browser version, IP address, operating system).

Personal information we gather generally includes:

  • Personal details: Your name, address, citizenship, place of birth, date of birth, age, gender, passport or other identification document number, image of passport, other government issued number, tax identification number, tax country, nationality, source of wealth, signature, photographs and any other data relating to one’s identity.

  • Contact details: mailing address, phone number, email address, social media profile details.

  • Employment / occupation information: Business activities, industry, role, names of current and former employers, work address, work telephone number, work email address, ownership in companies.

  • Education history: Details of education and qualifications.

  • Financial details: Bank account numbers, credit card numbers, cardholder or accountholder name and details, instruction records, transaction details and counterparty details.

  • Electronic identifying data: IP address, cookies, activity logs, online identifiers, unique device identifiers and geolocation data.

How do we use your data?

We collect and process data only when we have a legitimate business need. This data is used for:

  • Regulatory and legal obligations: To comply with laws on money laundering prevention, fraud prevention, risk management, and to cooperate with law enforcement or authorised authorities.

  • Performance of obligations: To provide our services, set up customer records, operate accounts, process payments, verify identities, and share data with third parties for these purposes when needed.

  • Data analysis: To perform statistical analysis, testing, research, surveys, and problem-solving for service improvement.

  • Communication: To send updates, notifications, and if consented to, marketing and promotional activities. You can opt out of marketing materials at any time. To reply to any questions, suggestions, issues or complaints that you may contact us about.

To whom do we disclose your data?

We may disclose your personal information to other entities within the Nicheclear group for legitimate purposes, including providing services to you, in accordance with applicable law. In addition, we may share your personal information with:

  • Anti-fraud and anti-money laundering services

  • Thid-party payment service providers and financial institutions involved in the payment processing services

  • Law enforcement, governmental, legal and regulatory authorities, upon request or where required, including for the purposes of reporting any actual or suspected breach of applicable law and for the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties

  • Accountants, auditors, lawyers and other outside professional advisors to Nicheclear, subject to binding contractual obligations of confidentiality

  • Any relevant party such as a court or law enforcement agency to the extent necessary for the exercise or defend of our legal rights

 

We will not share your information with any third parties for the purposes of direct marketing.

How do we keep your data secure?

Nicheclear has implemented appropriate technical and organisational security measures designed to protect your personal information against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised access and other unlawful and unauthorised forms of processing, in accordance with applicable law, including:

  • Access controls to our information technology

  • Appropriate procedures and technical security measures (including firewalls, strict encryption, anonymisation and archiving techniques) to safeguard your information across all our computer systems, networks, websites and storage systems

  • Never asking you for your passwords

  • Employee training

Your Rights and Access To Your Data

Subject to applicable law, you have a number of rights regarding the processing of your personal information, including:

  •  The right to request access to, or copies of, your personal information that we process or control, together with information regarding the nature, processing and disclosure of that personal information

  • The right to request rectification of any inaccuracies in your personal information that we process or control

  • The righ to request, on legitimate grounds:

    • Deletion of your personal information that we process or control, or

    • Restriction of processing of your personal information that we process or control

  • The right to have your personal information that we process or control transferred to another organization to the extent applicable

  • Where we process your personal information with your consent, the right to withdraw that consent

  • The right to lodge complaints with a data protection authority regarding the processing of your personal information by us or on our behalf

 Subject to applicable law, you may also have the following additional rights regarding the processing of your personal information:

  • The right to object, on grounds relating to your particular situation, to the processing of your personal information by us or on our behalf, and

  • The right to object to the processing of your personal information by us or on our behalf for direct marketing purposes

 If we are unable to provide some of the personal information we hold about you, we will tell you why.

How long do we keep your data?

We will always retain your personal information in accordance with applicable law and never for longer than is necessary. Your personal information will be kept only for as long as reasonably necessary to fulfill its intended purpose or to satisfy legal requirements.

 We consider different criteria to determine the duration for which we will retain your personal information. 

Your personal information will be retained in a form that permits identification for as long as:

  • We maintain an ongoing relationship with you (for example, where you are a recipient of our services, or you are lawfully included in our mailing list and have not unsubscribed), or

  • It is necessary in connection with the lawful purposes set out in this policy, for which we have a valid legal basis (for example, where your personal information is included in a contract between you and us, and we have a legitimate interest in processing that information for the purposes of operating our business and fulfilling our obligations under that contract or where we have a legal or regulatory obligation to retain your personal information)

 We may retain personal information beyond our designated retention periods due to regulatory requirements or in response to a legal matter.

Changes to our Privacy Policy

We may change this privacy policy from time to time (for example, if the law changes). We recommend that you check this policy regularly to keep up-to-date.

How to contact us

If you would like to exercise one of your rights as set out above, or you have a question or a complaint about this policy or the way your personal information is processed please contact us at dpo@nicheclear.ca.

You also have the right to file a complaint with the Office of the Privacy Commissioner of Canada.