Privacy and Data Protection Policy

Learn about how we handle your data



LAST UPDATE OF THIS PRIVACY POLICY - APRIL 10, 2023


BEFORE USING OUR SITES, PLEASE READ THIS PRIVACY POLICY CAREFULLY.


This privacy and data protection policy (the policy) will explain how Chimoney uses the personal data we collect from our users and related partners when they use our platform. It describes our commitment to treat your information with the utmost care and confidentiality, and explains your privacy rights regarding Chit Technologies Inc (“Chimoney”, “we”, “us” or “our”) collection, use, storage, sharing and protection of your personal information.

This Privacy Policy describes a user's privacy rights regarding our collection, use, storage, sharing and protection of personal information. It applies to our website and all related sites, applications, services and tools regardless of how they are accessed or used. This Policy does not apply to services that are not owned or controlled by Chimoney, including third-party websites and the services of other Chimoney’s merchants that may be accessible through links which are present on our website and all related sites, applications, services and tools. You are encouraged to review the privacy policy of such merchants or third parties.

We conduct business in a responsible and sustainable manner and ensure customer information is securely collected, processed, and stored based on business requirements. In furtherance of this and compliance with industry regulations, we have provided appropriate documentation, which includes this policy. We therefore provide notice about this policy and applicable procedures.

Throughout this Privacy Policy, we use the term "personal information or data" to describe information that can be associated with a specific user or a business, and can be used to identify that user. We do not consider personal information to include information that has been made anonymous such that it does not identify a specific user.

To use our website or any of our products or services, your consent is required for the use of your data as described in this Policy.

This Privacy Policy is intended to set certain standards across the operations of Chimoney..

  1. The Information we Collect

1.1 Personal Data Provided by Users;

Chimoney collects personally identifiable information pertaining to account holders during the course of of KYC onboarding as follows;

  • Registration Information; To gain full access to Chimoney services, a user must register for an account. When an account is registered, we collect business data and personal information, which are voluntarily provided by the user in order to complete the KYC onboarding process. Eg. Name, email address, passport or driver's licence, bank details, utility bills, phone number, and where the user is a corporate entity, a proof of corporate identity, and a recently compliant licence granted by a regulatory authority. 
  • Payment Information; When a user initiates a transaction, we collect details of such transactions initiated by the user, for record purposes and to ensure it gets to the intended recipient.
  • Communications; When a user contacts us directly, with regards to support arising from the use of Chimoney, we may receive additional information about the user, or transaction, including email addresses and the purpose of such communications initiated.

1.2 Personal Information We Collect Automatically From Users;

 

  • Usage Information; To help Chimoney understand how a user interacts with our services, including the demo parts of our website, and to also help us improve our them, we automatically receive information about your interactions. This information includes registration, transaction history, or records, and some others through cookies etc.
  • User Device Information; We receive information regarding user’s device, software, browser types and operating system version to enable us to optimise and build better supporting services from the feedback we get from users’ use of Chimoney.
  • Location Information; When users on the chimoney platform interact with our services, we may collect data to enable us know what locations have more traffic in order to ascertain priority areas and focus on ensuring we are providing the best experience based on those information collected.

1.3 Personal Data We Receive From Third Parties

  • Partnerships; We may receive information, or data about users from third parties and other verification services such as payment gateways or financial institutions. Such data may be collected and combined with others to help us KYC, or identify a user on the Chimoney platform
  • Publicly Available Data; Where data about a user is publicly available, such as a corporate body like Google, or Microsoft, Chimoney may rely on such available data to improve the data of a user on our platform.
  • Inferences; In the absence of a contradictory information, or data competing with an available one, we may infer or record such data for a user eg. what a user regularly interacts with, or transacts may be easily suggested upon subsequent use.
  1. We use your Personal Information to:
  • Provide you with the required services;
  • Respond to your instructions, questions or requests;
  • Improve features, website content and analyse data to develop products and services that suit your need as a user
  • Address inappropriate use of our website;
  • Prevent, detect and manage risk against Money Laundering and illegal activities using internal and third-party screening tools;
  • Send you newsletters, tracking of history of transactions, and service updates created by Chimoney, however, we will provide you with an option to unsubscribe if you do not want to hear from us;
  • Verify your identity and the information you provide in line with Chimoney’s statutory obligations using internal and third-party tools;
  • Maintain up-to-date records;
  • Resolve disputes that may arise, including investigations by law enforcement or regulatory bodies;
  • Any other purpose that we disclose to you in the course of providing Chimoney’s services to you.

Once you begin using our services through your Chimoney account, we will keep records of your transactions and collect information about your other activities related to our services. We will not share or disclose your Personal Information with a third party without your consent except as may be required for the purpose of providing you with our services or under applicable international regulations.

In providing you with the services, we may rely on third-party servers located in foreign jurisdictions from time to time, which as a result, may require the transfer or maintenance of your personally identifiable information on computers or servers in foreign jurisdictions. We will ensure that such foreign jurisdictions have data protection legislation that is no less than the existing data protection regulations in force with internationally acceptable standards and your personally identifiable information is treated in a safe and secure manner.

  1. Purpose Limitation

Chimoney collects Personal Information only for identified purposes and for which consent has been obtained. Such Personal Information cannot be reused for another purpose that is incompatible with the original purpose, except consent is obtained for such other purpose.

  1. Data Minimization

Chimoney limits Personal Information collection and usage to data that is relevant, adequate, and absolutely necessary for carrying out the purpose for which the data is processed.

Chimoney will evaluate whether and to what extent the processing of Personal Information as a user is necessary and where the purpose allows, anonymized data will be used.

  1. Updates, Modifications & Amendments

We may need to update, modify or amend our Privacy Policy as our technology evolves and as required by law. We reserve the right to make changes to this Privacy Policy from time to time and notify Users of material changes. The Privacy Policy will apply from the effective date

We advise that you check this page often, referring to the date of the last modification on the page. If a User objects to any of the changes to this Privacy Policy, the User must cease the use of Chimoney services, or terminate their account in the event an account has been created, or maintained.

  1. Age Restriction

Our website and services are not directed to children under 18. We do not knowingly collect information from children under 18. If as a parent or guardian, you become aware that your child or ward has provided us with any information without your consent, please contact us through the details provided in this Privacy Policy.

  1. Cookies

We use cookies to identify you as a User and make your user experience easier, customise our services and content, to help you ensure that your account security is not compromised, mitigate risks and prevent fraud; and to promote trust and safety on our website. Cookies allow our servers to remember IP addresses, date and time of visits, monitor web traffic and prevent fraudulent activities.

Our cookies never store personal or sensitive information; they simply hold a unique random reference to you so that once you visit the site, we can recognize who you are and provide certain content to you.

If your browser or browser add-on permits, you have the choice to disable cookies on our website, however this may impact your experience using our website.

  1. How We Protect your Information

Chimoney shall establish adequate controls in order to protect the integrity and confidentiality of Personal Information, both in digital and physical format and to prevent Personal Information from being accidentally or deliberately compromised. Chimoney is committed to managing your Personal Information in line with global industry best practices and in compliance with regulatory requirements. We store and process your personal information on our computers where our members of staff are located. We protect your information using physical, technical, and administrative security measures to reduce the risks of loss, misuse, unauthorised access, disclosure, and alteration.

Some of the safeguards we use are firewalls and data encryption, physical access controls to our data centres, and information access authorization controls. We have also taken additional measures by ensuring our system complies with industry information security standards.

Chimoney employees may have access to users’ Personal Information only as is appropriate for the type and scope of the task in question and are forbidden to use Personal Information for their own private or commercial purposes or to disclose them to unauthorised persons, or to make them available in any other way.

  1. Marketing and sharing Personal Information

Chimoney does not sell, trade or rent personal information to anyone. However, to enable us to render our services to you on our website, we may share your information with trusted third parties, such third parties include financial institutions, payment processors, verification services, sanctions screening and identity verification services as well as any third parties that you have directly authorised to receive your Personal Information. Your Personal Information may be stored in locations outside the direct control of Chimoney, for instance, on servers or databases co-located with hosting providers. We may disclose your Personal Information in compliance with applicable law or a legal obligation to which we are bound.

The use of your information by such third parties will be subject to their applicable privacy policy, which you should carefully review.

  1. Grounds for Processing of Personal Information

Processing of Personal Information by Chimoney shall be lawful if at least one of the following applies:

  • the Data Subject has given consent to the processing of his/her Personal Information for one or more specific purposes;
  • the processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the Data Subject prior to entering into a contract;
  • processing is necessary for compliance with a legal obligation to which Chimoney is subject;
  • processing is necessary in order to protect the vital interests of the data Subject or of another natural person; and
  • processing is necessary for the performance of a task carried out in the public interest or in exercise of official public mandate vested in Chimoney.

For the purpose of this Privacy Policy, consent means any freely given, specific, informed and unambiguous indication of a user's wishes by which they, through a statement or a clear affirmative action, signify their agreement to the processing of Personal Information relating to them.

  1. Choices and Rights

Individuals who have Personal Information held by Chimoney are entitled to reach out to Chimoney to exercise the following rights:

  • Right to request for and access their Personal Information collected and stored. Where data is held electronically in a structured form, such as in a Database, the user has a right to receive that data in a common electronic format;
  • Right to information on their personal information collected and stored
  • Right to objection or request for restriction;
  • Right to object to automated decision making;
  • Right to request rectification and modification of Personal Information which Chimoney keeps
  • Right to request for deletion of their data;
  • Right to request the movement of data from Chimoney to a third party; this is the right to the portability of data; and
  • Right to object to, and to request that Chimoney restricts the processing of their information

Your request will be reviewed by Chimoney’s Compliance Officer and carried out except as restricted by law or Chimoney’s statutory obligations. You may decline to provide your personal Information when it is requested by Chimoney, however, certain services or all the services may be unavailable to you. You may review your account settings and update your Personal Information directly or by contacting us.

  1. The Data that We Retain

We will retain your information for as long as your account is active or as needed to provide our services to you, comply with our legal and statutory obligations or verify your information with a financial institution.

Chimoney is statutorily obligated to retain the data you provide us with in order to process transactions, ensure settlements, make refunds, identify fraud and in compliance with laws and regulatory guidelines applicable to us, our banking providers and card processors.

Therefore, even after closing your Chimoney account, we will retain certain Personal Information and transaction data to comply with these obligations. All Personal Information shall be destroyed by Chimoney where possible. For all Personal Data and records obtained, used and stored by Chimoney, we shall perform periodical reviews of the data retained to confirm the accuracy, purpose, validity and requirement to retain.

The length of storage of Personal Information shall, amongst other things, be determined by relevant legislation

  1. Transfer of Personal Information
  • Chimoney may engage the services of third parties in order to process the Personal Information of Data Subjects collected by the Chimoney. The processing by such third parties shall be governed by a written contract with Chimoney to ensure adequate protection and security measures are put in place by the third party for the protection of Personal Information in accordance with the terms of this Privacy Policy.
  • Where Personal Information being transferred to a country outside Canada or the US, Chimoney shall put adequate measures in place to ensure the security of such Personal Information. In particular, Chimoney shall, among other things, confirm whether the country is on the National Information Technology Development Agency (“NITDA”) White List of Countries with adequate data protection laws. 
  1. Contact Chimoney’s Compliance Officer

If you have any questions relating to this Privacy Policy or would like to find out more about exercising your data protection rights, please reach out to our compliance team via compliance@chimoney.io

Chimoney maintains a data breach procedure in order to deal with incidents concerning Personal Information or practices leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Information transmitted, stored or otherwise processed.

You may contact our compliance team upon becoming aware of any breach of Personal Information or if your access credentials have been compromised, to enable us to take the necessary steps towards ensuring the security of your Personal Information or account.