Money Transfers Made Easy.  •  Send Funds with Confidence.  •  Your Transfer, Our Priority.  •  Simplifying Global Payments Daily.  •  Trusted Transfers, Global Reach.  •  Your Money. Our Mission.  •  Money Transfers Made Easy.  •  Send Funds with Confidence.  •  Your Transfer, Our Priority.  •  Simplifying Global Payments Daily.  •  Trusted Transfers, Global Reach.  •  Your Money. Our Mission.  • 

Privacy & Policy

Last Updated: 2025/12/11

Introduction:
Fiat2Fiat LLC (“Fiat2Fiat,” “we,” “us,” or “our”) is committed to protecting your personal information. As a licensed Money Services Business in Canada, our privacy practices comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial laws. We also adhere to international data protection standards, including key principles of the EU General Data Protection Regulation (GDPR), to protect users worldwide . This Privacy Policy explains what data we collect, how we use and safeguard it, and the choices and rights you have.

Information We Collect

We collect personal information necessary to provide our currency transfer services and to meet legal requirements. This includes:
• Identity Data: Full name, date of birth, and government-issued identification (e.g. passport or driver’s license) .
• Contact Details: Residential address, email address, and telephone number .
• Verification Data: Copies of ID documents, selfies or biometric data (for identity verification), and any Know-Your-Customer (KYC) forms you submit.
• Transaction Data: Details of transactions you perform through Fiat2Fiat, such as the transfer amount, currency, sender and recipient bank details, purpose of transfer, and timestamps . We also log transaction history and patterns as needed for service delivery and anti-fraud monitoring.
• Financial Information: Payment method details (e.g. bank account or card numbers) and source of funds, used to execute your transfers .
• Technical Data: When you use our website or app, we collect device and network information (like IP address, browser type, device identifiers) and usage data (login times, clicks) for security and optimization purposes .
• Communications: Copies of your correspondence with us (emails, chats, call recordings) for customer service and compliance record-keeping.

We collect this information directly from you or through secure third-party verification services as part of our account opening and transaction processes. We limit collection to what is necessary for the purposes identified in this Policy or as required by law, in line with PIPEDA’s Limiting Collection Principle .

How We Use Your Information

Fiat2Fiat uses personal information only for legitimate and disclosed purposes. The primary uses include:
• Providing Services: We use your data to facilitate currency transfers and related services you request. For example, we verify recipient details and process payment instructions to ensure your money reaches the intended beneficiary. We also use your contact information to send transaction confirmations, receipts, and service notifications.
• Regulatory Compliance: As a regulated financial institution, we are legally required to verify customer identities, monitor transactions, and retain certain records . Your information is used to conduct KYC checks, perform anti-money laundering (AML) and counter-terrorist financing (CTF) screening, and report any transactions that meet reporting thresholds or appear suspicious to the relevant authorities . We maintain records of your identification and transactions for the legally mandated period (see Data Retention below).
• Fraud Prevention and Risk Management: We process data to protect you and our business from fraud and unauthorized activity . This includes using device and usage data to detect unusual account access, verifying the authenticity of documents, and analyzing transaction patterns to prevent misuse of our services.
• Service Improvements: We may analyze aggregated usage data to improve our platform’s functionality, user interface, and security. These analytics help us optimize transaction speeds, enhance customer support, and introduce new features. Any such analysis is done in a manner that does not identify individuals.
• Communications and Marketing: We will use your contact information to communicate with you about your transactions and account (e.g. service alerts or support responses). We may also send you promotional messages or newsletters about new features with your consent. You can opt out of marketing communications at any time, and we will not send you marketing emails if you have opted out. (Opting out of marketing will not affect service-related communications, such as fraud alerts or transaction confirmations.)

We do not use personal data for any purpose incompatible with those described above. If we need to use your information for a new purpose, we will seek your consent or ensure we have a lawful basis under applicable law.

How We Share Information

Fiat2Fiat respects the confidentiality of your personal information. We do not sell or rent your data to third parties . We only disclose your information in limited scenarios, such as:
• Service Providers (“Essential Service Providers”): We share necessary information with trusted third-party partners who enable our services. This includes banks and payment processing networks (to execute your transfers), identity verification providers (to confirm your ID and screen against sanction lists), and technology/cloud service providers (for data hosting and communications)  . These parties receive only the data required for their function (for example, we share your beneficiary’s name, account number, and transfer amount with our intermediary bank to complete a transfer) . All service providers are bound by strict contracts to keep your data confidential, to use it only for the agreed purpose, and to apply robust security measures  .
• Regulators and Law Enforcement: We may disclose information to government authorities or agencies when required by law or regulation. For instance, we must report certain transactions and suspicious activities to the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) and other financial intelligence units . We may also be legally compelled to share data in response to court orders, subpoenas, or other legal processes . Any such disclosure is done strictly in line with the law, and we ensure requests are valid and necessary before complying  .
• Corporate Transactions: In the event of a potential business transaction such as a merger, acquisition, or asset sale, it may be necessary to share relevant personal data with the involved parties (e.g., a due diligence advisor or a new entity taking over operations). In such cases, we continue to protect your information with confidentiality agreements and will notify you of any change in data handling as required by law.
• With Your Consent: In any situation where your personal information would be shared for purposes beyond the scope of this Policy, we will obtain your consent. For example, if we ever partner with another company for joint offerings and need to share basic information, we will let you know and give you the choice to participate.

Importantly, all disclosures of your data are limited to what is necessary for the purpose and are accompanied by safeguards. We ensure data minimization, requiring third parties to uphold confidentiality and security standards comparable to our own  . Fiat2Fiat will never share your personal information with any third party for their own marketing or other uses unrelated to providing our services, unless you expressly consent.

International Data Transfers

By the nature of our business, we may process and transfer data internationally. Fiat2Fiat primarily stores personal data on secure servers in Canada. However, if you or your beneficiaries are located outside of Canada, or if we use an overseas intermediary bank or verification service, your information may be transferred to or accessed from other countries as part of the transaction process  . For example, to deliver a payment to a recipient’s bank in India or Pakistan, we will transmit the necessary details through international payment networks which may involve processors in multiple jurisdictions .

When we transfer data across borders, we take steps to ensure adequate protection. If you are in the European Economic Area (EEA) or another region with data transfer restrictions, we rely on legally recognized transfer mechanisms. These may include:
• Adequacy Decisions: Only transferring data to countries deemed to have acceptable data protection laws by relevant authorities (e.g., the European Commission) .
• Standard Contractual Clauses: Contracts with our service providers incorporating standard data protection clauses approved by regulators, obligating them to protect your information regardless of location .
• PIPEDA Protections: For transfers from Canada, ensuring foreign recipients handle the data in line with Canadian privacy principles .
• Technical Safeguards: Using encryption, access controls, and other measures during transfer and storage to prevent unauthorized access .

Despite different countries having different laws, our commitment to your privacy is global: we apply the same high standards of care to your data no matter where it is processed. We also comply with local data protection laws in the regions where we operate. For example, if GDPR or UK data protection law applies to certain processing, we honor rights and obligations under those laws as described below.

Data Retention

We retain personal information only as long as necessary for the purposes outlined and to meet our legal and regulatory obligations . Under Canadian AML laws and international standards, Fiat2Fiat is required to keep certain records for a minimum period. In general:
• Identification (KYC) Records: Information you provided to verify your identity (such as copies of ID and address proof) is retained for at least 5 years after you cease to be our customer . This retention allows us to comply with FINTRAC’s recordkeeping rules under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA).
• Transaction Records: Details of payment transactions, including sender and recipient information and amounts, are retained for at least 5 years from the date of each transaction . Financial regulations require this to assist in any future audits or investigations.
• Communications and Other Data: Customer service communications, consent records, and other related data are kept as long as needed for our business purposes and legal compliance. Typically, this will not exceed 7 years unless a longer period is required by law or for a legitimate reason such as handling a dispute .

After these retention periods elapse, and provided the data is no longer needed, we will securely delete or anonymize your personal information. We periodically review the data we hold and erase or anonymize information that is no longer required. Please note that we cannot honor general requests for erasure of data that we must keep by law – for instance, even if you close your account, we must retain transaction and KYC records for the full 5-year period.  However, we will not keep your data indefinitely; it will be removed once obligations expire.

Data Security

We take data security seriously and employ strong measures to protect your personal information against loss, theft, unauthorized access, and disclosure. Fiat2Fiat’s security program includes:
• Encryption: All sensitive data is encrypted in transit and at rest on our systems . When you enter personal information on our website or app, it is transmitted over secure TLS/SSL connections. We also encrypt stored data (and backup media) using industry-standard algorithms to prevent unauthorized reading.
• Access Controls: Access to personal data within our organization is strictly limited. Only authorized personnel with a valid business need can access your information  . We enforce multi-factor authentication for our employees and use role-based access management so that each staff member can only see the information necessary for their role . All access is logged and monitored.
• Network & System Security: Our servers are protected by firewalls and intrusion detection systems . We continuously monitor for any signs of breaches or attacks. Regular security audits, vulnerability scans, and penetration tests are conducted to assess and improve our defenses. Security patches and system updates are applied promptly to mitigate risks.
• Organizational Policies: We have comprehensive security and privacy policies that all employees must follow . Staff undergo background checks where permitted by law, and we provide regular training on data protection best practices and phishing awareness . We also have in place incident response plans to handle and notify (as required) in the event of a data breach.
• Third-Party Safeguards: Any third-party service providers handling user data on our behalf are vetted for robust security practices and required to maintain standards equivalent to ours  . This includes cloud hosting providers and payment partners. We include confidentiality and data protection clauses in all such contracts.

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. However, we continuously update and refine our security practices to meet or exceed industry standards and regulatory requirements. If you have reason to believe that your data has been compromised or any unauthorized use of your account has occurred, please contact us immediately.

Your Rights and Choices

Depending on your jurisdiction, you have certain rights regarding your personal information:
• Access and Correction: You have the right to access the personal data we hold about you and to request corrections of any inaccuracies  . You can review and update much of your basic account information by logging into your Fiat2Fiat account. For any additional access requests, you may contact us (see Contact Us below). We will provide you with a copy of your information in our records, and correct any verified inaccuracies, subject to any legal restrictions.
• Withdrawal of Consent: Where you have given consent for optional data processing (e.g. marketing emails), you have the right to withdraw that consent at any time. For marketing, you can use the “unsubscribe” link in our emails or adjust your account preferences. Withdrawal of consent will not retroactively affect lawful data uses, and note that we might still process certain data if required by law or for legitimate purposes (for example, we cannot delete your transaction records before the retention period ends, even if you withdraw consent for marketing).
• Deletion (Right to Erasure): International users (e.g., EU residents) may have the right to request deletion of personal data in certain circumstances (such as if the data is no longer necessary, or if processing was based on consent you have withdrawn). Fiat2Fiat will honor valid deletion requests to the extent possible; however, as noted, we must retain certain information by law. If you request deletion, we will remove non-essential data and inform you of any information we must keep and why (e.g., “we cannot delete your transaction history due to 5-year AML recordkeeping laws”).
• Data Portability: If applicable law (like GDPR) provides, you may request a copy of certain information in a machine-readable format, particularly information you provided to us directly and that we process by automated means. This can enable you to transfer it to another service. We will assist with such requests as required by law.
• Automated Decision-Making: Fiat2Fiat does not make any legally significant decisions about you purely by automated means without human review. If that ever changes, and you are subject to a jurisdiction (like the EU) that grants rights regarding automated decisions (e.g., the right to request human intervention), we will ensure compliance and let you know.
• Opt-Out of Data Sharing: You may have a right to opt out of certain data sharing with third parties. Since we do not share your information except for the purposes stated (service delivery and compliance), there is generally no third-party data sharing for you to opt out of, aside from not using our service. If in the future we consider sharing information in new ways, we will provide an appropriate opt-out or opt-in mechanism as required.

To exercise any of your rights, please contact our Privacy Officer (see Contact Us). We will verify your identity (to protect your privacy) before fulfilling the request. We will respond to your request within the timeframe required by law (generally within 30 days under PIPEDA, or faster if possible). If we need more time or cannot fulfill a request, we will explain why (for example, if it unreasonably compromises others’ privacy or is excessively impracticable).

Contact Us

If you have questions, concerns, or complaints about this Privacy Policy or our data practices, you can reach out to our designated Privacy Officer:
• Email: privacy@[Fiat2Fiat].com
• Address: Fiat2Fiat LLC – Privacy Office, 1234 Finance St., Toronto, ON, Canada
• Phone: +1 (XXX) XXX-XXXX

We will gladly respond to inquiries and work to resolve any concerns. If you are not satisfied with our response, you have the right to contact the Office of the Privacy Commissioner of Canada (or your local data protection authority, if applicable) and file a complaint.