Protecting your privacy rights is important to APX Inc. (together with its affiliates and subsidiaries, “APX” or “APX Lending”) and we are committed to maintaining and protecting the trust and confidence of our users when handling personal information.
• on this Website;
• in email, text, and other electronic messages between you and this Website;
• through mobile and desktop applications you download from this Website, which provide dedicated non-browser-based interaction between you and this Website;
• when you interact with our advertising and applications on third-party websites, plug-ins, social networks, search engines or services, if such applications or advertising include links to this Policy; and
• when you communicate or interact with us as part of our marketing practices, or at industry events and conferences.
If you do not agree with our policies and practices, it is your choice not to use our Website or Services. By accessing or using our Website, including our mobile app, products, or services (collectively, our “Services”), you indicate that you understand, accept, and consent to the practices described in this Policy. This Policy may change and/ or be updated from time to time. Your continued use of this Website after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates.
APX will only use your personal and financial information in accordance with this Policy unless otherwise required by applicable law. We take steps to ensure that the personal and financial information we collect about you is adequate, relevant, in compliance with the legal and regulatory obligations of the jurisdictions in which we operate, and used for the limited purpose of originating, administering, and processing our Services.
2. What is Personal Information
Personal information typically includes data that identifies an individual or relates to an identifiable individual. This includes information APX can reasonably use to, directly or indirectly, identify you, such as your name, mailing address, email address, telephone number, Internet protocol (IP) address used to connect your computer to the internet, username or other similar identifier, billing and account information, government IDs, and any other identifier APX may use to contact you.
3. Personal Information and How We Collect It
The personal information we collect about you on our Website and our applications is voluntarily provided to us by you when you:
• register for our Services;
• express any interest in obtaining information about us or our Services;
• fill out a form on our Website;
• navigate or engage in activities on our Website; or
• otherwise contact or communicate us.
APX also collects personal information through cookies and other automated technologies or interactions as you navigate our Website. Automatically collected information may include, but is not limited to, usage details, IP addresses, and information through cookies, web beacons, and other tracking technologies. In addition, we may use third-party services such as Google Analytics or Microsoft Clarity and Cloudflare that collect, monitor and analyze this data. We may also use remarketing pixels such as the Meta and GooglePixel. A remarketing pixel is a small, unobtrusive piece of code that we implement on our website. This tool is essential for digital marketing strategies, particularly in tailoring our advertising efforts to the needs and interests of our users.
We may also collect information about you from third-party sources such as public databases, credit bureaus, identity verification partners, resellers and channel partners, support channel partners, joint marketing partners, and social media platforms. We collect this information to fulfil the legal and regulatory obligations of the jurisdiction in which we are providing you with our Services.
We also collect details of transactions you carry out on our Website and for the fulfilment of your loan requests. We may require you to provide financial information on our Website or through our Services from time to time. This information is either required by law to verify, identity, or necessary to provide our Services or may be relevant for certain specified purposes described in detail below. We may also ask for additional information or confirm the information you previously provided to us.
3.1 Information Provided by You to APX
We collect personal information about you in various ways when you use our Services, such as your name, email address, date of birth, company information, and other information you provide us with when you contact us. We may require personal information for verification purposes. We may collect information from your device by using cookies and other tracking technology such as your geo-location data, voice recordings, motion tracking, IP address, Wi-Fi connectivity, the version of our application used, the number of times you visit our Website and the amount of time spent on our Website.
We collect information about our institutional clients for various onboarding and compliance purposes, including location of headquarters, names of affiliated entities, certificate of good standing, information on Know-Your-Customer/ Anti-Money Laundering (“KYC/ AML”) program, and financial history and details, including investment activity, bank statements, balance sheets, etc.
We collect personal information about you through formal identification information, including government and state/provincial issued ID cards, tax ID number, social insurance number or any other comparable identification number issued by a government, social security number, passport number, driver's license details, national identity cards, visa and/ or any other information deemed necessary to comply with our legal obligation under financial, anti-money laundering or counter terrorism financing laws.
3.2 Information We Collect Through Cookies
Cookies (or browser cookies) are small text files sent from a site to the hard drive of your device (e.g., computer or phone) to store bits of information related to you. First-party cookies are put on your device directly by our Website, which allows us to collect analytical data and provide other useful functions that create a good user experience.
3.3 Information We Collect Through Third Parties
While conducting our business, we may use ad partners, ad networks and servers, content providers, application providers, and analytics partners to analyze the usage and traffic on our Website for our Services. Please note we do not link to or provide them with your actual account details. We may analyze and measure using third-parties, the number of unique visitors to our Website, estimate our audience size and usage patterns, store information about your preferences, recognize you when you may return to our Website, and provide technical information to your development team, to either debug issues with use of our Website, or otherwise to improve our user experience and Services.
The information collected by third parties may be associated with your personal information or they may collect information about your online activities over time and across different websites and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content. We do not control these third parties' tracking technologies or how they are used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider.
3.4 Publicly Available Information
We obtain information about you from public databases and ID verification partners to verify your identity in accordance with applicable law. ID verification partners use a combination of government records and publicly available information about you to verify your identity. Such information may include your name, address, job role, public employment profile, credit history, status on any sanctions lists maintained by public authorities, and other relevant data. We obtain such information to comply with our legal obligations, such as anti-money laundering laws. In some cases, we may process additional data about you to assess risk and ensure our services are not used fraudulently or for other illicit activities. In such instances, processing is necessary for us to continue to perform our contractual obligations towards you and others. In addition, in some instances we may require your consent to process or transfer data with our third party partners.
3.5 Information We Collect Through Automatic Data Collection Technologies
We may analyze public blockchain data to ensure parties utilizing our services are not engaged in illegal or prohibited activity under our Terms and Conditions, and to analyze transaction trends for research and development purposes. Since blockchain technologies and transactions generate a public key, through which others can see the balance and transaction history of any public digital asset address, this may enable us to identify you from such blockchain transaction. This is because information published on a blockchain can be correlated with information that we and others may posses, as they matched your digital asset address to other information publicly available about you. This is possible even without our direct involvement in the blockchain transaction.
Data analysis techniques on a given blockchain enable us to identify other information about you. As part of our security, anti-fraud and/or identity verification and authentication checks, we may conduct such analysis to collect and process such information about you. You acknowledge and agree to allow us to perform such practices.
3.6 Children’s Privacy
Our Services are not intended for persons under the age of 18, and we do not knowingly or intentionally collect any personal information from, or market to, individuals under the age of 18. If you are under 18, do not use our Website or provide any information on this Website or on or through any of its features.
If we become aware, or if you learn that an individual under the age of 18 has provided us with personal information or used our Services contrary to these rules, please contact us as described in Section 12 “Contact Us” and we will delete the information from our systems.
4. Why We Collect Your Personal Information and How We Use It
The information collected and the practices described in this Policy are intended to provide you with the best experience possible, protect you from risks related to improper use and fraud, comply with various legal and regulatory obligations, and help us maintain and improve our Services.
We use personal information we collect about you in the following ways:
4.1. Compliance with the Law
The Services we provide may require us to collect, use, and store your personal information to comply with applicable laws, regulations, and contractual obligations of the jurisdictions we operate in and the jurisdiction of our users. This may include the collection and storage of photo government ID and other documents you may have provided us with to identify and verify customers using our Services, conducting compliance and/ or security checks, audits, assessments to investigate, prevent, and mitigate any potentially prohibited activity, detect and prevent violations to our user agreements and Terms, and comply with applicable law enforcement provisions.
In addition, we use third parties to verify your identity by comparing the personal information you provide to any other third-party databases and public records. We may require you to provide additional information which we may use in collaboration with service providers acting on our behalf to verify your identity or address, and/or to manage risk as required under applicable law.
4.2. Protecting Our Customers and Us
We use the information about you to resolve disputes and protect your rights, property, safety and interests. We also process your personal information in order to administer and protect our business, prevent and mitigate fraud, criminal activity, or misuses of our services, and to ensure the security of our systems, architecture and networks, and to protect you against account compromise or loss of funds.
4.3. To Provide You With Our Services And Keep You Informed
We process your personal information to provide our services to you. For example, when you want to send or withdraw crypto assets to or from our platform, we require certain information such as your identification, contact information, and wallet information. We, generally, cannot provide our services to you without such information. Third parties such as identity verification services may also access and/or collect your personal information when providing identity verification and/or fraud prevention services.
4.4. De-identified or Aggregate Information
We may use the information we have about you to create de-identified or aggregate information, such as de-identified demographic or location information, information about devices used to access our services, or other relevant analyses. We may also share such data with any third parties, including advertisers, promotional partners, sponsors, event promoters, etc.
5. Legal basis for collecting and processing your information
At the time that your personal information is collected, we rely on the following legal bases for processing your information. We usually only collect or process your data where we are legally required to, where processing is necessary to perform any contracts we entered with you (or to take steps at your request prior to entering into a contract with you), or to comply with the law/ public interest, or for our legitimate interests to operate our business or to protect our or your property, rights, or safety, or where you have consented to the processing of your personal information for specific purposes. When we collect or process your personal information based on our legitimate interests and providing our Services, we ensure that we consider and balance any potential impact on you and your rights under privacy protection laws and take adequate steps for the storage and protection of your information and data.
6. With whom do we share your information?
6.1. Our Affiliates
6.2. Service Providers and Third Parties
We may share your personal information with, financial, accounting, legal, marketing, communication and technology companies to provide services such as data processing, proof-of-reserves attestations, administrative services, regulatory support, legal services, mediation, liquidity services, bank services, cloud storage, authentication support, payment processing, technical support, sales, client support, data hosting, marketing analytics auditors, accountant, cryptocurrency exchange and custodians, cryptocurrency forensic analysis services.
We may share your personal information with contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.
We may also share your information with service providers with which we partner to validate our clients’ identities as required by applicable laws and regulatory requirements, and financial institutions with whom we partner to process payments authorized by you.
6.3. Regulatory and Government Authorities
We may share your personal information with law enforcement, regulatory agencies, and self-regulatory agencies to help prevent fraud and/or other illegal activities, for legal proceedings, or as otherwise required by law. We may also be required to disclose your personal information to comply with court orders, access to information requests, regulatory requirements or legal processes, including responding to any government or regulatory requests.
Digital assets transactions may be subject to certain automatic reporting obligations. For example, we may report your transaction to the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) in order to meet and comply with our reporting obligations under the Proceeds of Crime (Money laundering) and Terrorist Financing Act and associated regulations. We are also legally obligated to report certain transactions if we have reasonable grounds to suspect that the transaction or attempted transaction is related to the commission of a money laundering offence or a terrorist activity financing offence.
We may also share your information to the protect the rights, property or safety of APXour users, clients, or others. This may include exchanging information with companies or organizations for the purpose of fraud protection and credit risk reduction.
7. Why do we share your information with others?
We may share your information in order to be able to process certain transactions. We may disclose personal information to third parties in order to administer or process a transaction, product or service you have authorized or requested, or in the context of facilitating the execution of a transaction. This includes sharing your information with financial institutions with which we partner to process payments which you have authorized.
We may share your information in order to meet our legal obligations, including our know-your-customer (KYC) and anti-money-laundering obligations (AML). We are required to validate our clients’ identities by applicable laws and regulatory requirements and rely on third-party services to perform these validations. Personal information that you provide to us during the account opening process is passed to these service providers at account opening and on an ongoing basis thereafter.
We may share your information in order to protect our legal rights. We may disclose or transfer information we collect upon account closing where you have a deficient balance or for any other reason.
We may also share or transfer your personal information, in accordance with applicable law, to a buyer of our company, or a buyer of substantially all of its assets. You acknowledge that such transfers may occur, and that any purchaser of or successor to our business or its assets may continue to collect, use and disclose your information as set forth in this Policy.
8. Where do we store and process your personal information?
We may transfer your personal information outside your home jurisdiction to our subsidiaries, service providers and business partners who are engaged on our behalf. To the extent that we transfer your personal information outside of your home jurisdiction, we will ensure that the transfer is lawful and that all persons to whom we transfer such data are obliged to comply with all applicable laws, rules and regulations. Additional notice may not be provided.
9. How do we protect your personal information?
We are strongly committed to keeping your personal information safe. This commitment exists throughout the lifecycle of your personal data, starting with the design of our services. We protect your personal information by maintaining physical, electronic, and procedural safeguards in compliance with the applicable laws and regulations. For example, we use computer safeguards such as firewalls and data encryption, we enforce physical access controls to our physical sites and files, and we restrict access to personal information only for those employees who are authortized and require it to fulfill their job responsibilities.
However, we cannot guarantee that loss, misuse, unauthorized acquisition, or alteration of your data will not occur. Please recognize that you play a vital role in protecting your own personal information. When registering for an account with us it is important to choose a password of sufficient length and complexity, to turn on Two-Factor Authentication and to not reveal your password to any other person, and to immediately notify us if you become aware of any unauthorized access to or use of your account.
10. Our Data Retention Policy
11. Your Privacy Rights
11.1. Right to Access
You may request we provide you a copy of the personal information we hold about you and certain information about our processing of this information. In accordance with law, this request must be in writing. The information will be provided within 30 days (as per PIPEDA).
It is important to us that your personal information is up to date. We will take all reasonable steps to make sure that your personal information remains accurate, complete and up to date. If the personal information we hold about you is inaccurate or incomplete, you are entitled to have it rectified. If we have disclosed your personal information to others, we will let them know about such rectification where possible. If you enquire from us, if possible and lawful to do so, we will also inform you with whom we have shared your personal information so that you can contact them directly.
We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect or inaccurate. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
a. complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you,
b. detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities,
c. comply with a legal obligation, or
d. make other internal and lawful uses of that information that are compatible with the context in which you provided it.
11.3. Right to Erasure
You may request we delete your personal information from our records subject to applicable law. For example, we may deny your request if retaining your personal information is required under certain circumstances, including but not limited to complying with a legal obligation; establishing, exercising or defending legal claims; or performing a task in the public interest or in the exercise of official authority.
11.4. Right to Data Portability
You may request we transfer a machine-readable copy of your personal information to you or a third party of your choice. In this case, we may provide you, or a third party, with your personal information in a machine-readable format. This only applies to personal information you have consented for us to use and will be subject to a potential fee associated with gathering such information as permitted by law. The request must be submitted in writing and the transfer, if we agree to such transfer will take place within 30 days of your written request.
11.5. Right to Restrict Processing
In certain jurisdictions, applicable law may provide you with the right to restrict or object to us processing your personal information under personal circumstances. You may request in writing that we restrict or suppress the processing of your personal information for various reasons. For example: (a) to establish the accuracy of the personal information; where the processing is unlawful, but you do not want your personal information erased; (b) where we no longer need to process your personal information, but the information must be retained for legal reasons; (c) and where you have objected to our processing your personal information, but we need to determine whether our legitimate interest overrides your objection.
11.6. Right to Object
You may object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights. You also may object to our process of your personal information for direct marketing purposes.
11.7. Right to Withdraw Consent
You may withdraw your consent at any time where we are relying on it to process your personal information. Withdrawing your consent does not affect the lawfulness of our processing of your personal information prior to such withdrawal of consent.
11.8. Right Not to Sell
We will never sell or rent your personal information to any third parties without your explicit consent. We do not sell your personal information in the ordinary course of business.
11.9. Jurisdictional Specific Privacy Rights
Depending on the jurisdiction where you reside or where our Services are provided, you may have certain additional statutory rights over the personal information we collect about you. You may exercise these rights at any time by contacting us. Note that we may refuse to grant your requests in whole or in part as permitted by applicable law.
APX will post any changes made to this Policy on this page. This Policy is regularly updated to ensure that any new obligations and technologies, as well as any changes to our business operations and practices. This Policy is updated to be in compliance with regulations and legal obligations. We endeavor to keep abreast of the changing regulatory environment.
12. How You Can Contact Us
Latest Update: November 22, 2023