This Privacy Policy explains how Djooky Finance Limited collects, uses, discloses, and safeguards your personal information in compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy laws.
Djooky Finance Limited ("Djooky Finance," "we," "us," or "our") is a Money Services Business incorporated in British Columbia, Canada (BC1535602), registered with FINTRAC (MSB No. C100000967), operating at 5780 Victoria Dr, Unit #123, Vancouver, BC V5P 3W7.
We provide crypto on/off ramp services, custodial wallets, virtual currency exchange, fund remittance, and related financial services. As a federally regulated financial entity, we are required by law to collect certain personal information to comply with PCMLTFA obligations, including anti-money laundering and Know Your Customer (KYC) requirements.
Privacy Officer: For all privacy-related inquiries, contact our Privacy Officer at: 5780 Victoria Dr, Unit #123, Vancouver, BC V5P 3W7, Canada.
Required by law (PCMLTFA) for regulated transactions:
| Purpose | Information Used | Legal Basis |
|---|---|---|
| Identity verification (KYC) | ID documents, name, address | Legal obligation (PCMLTFA) |
| Processing transactions | Financial info, wallet addresses | Contract performance |
| AML/CTF compliance & monitoring | Transaction history, identity | Legal obligation |
| FINTRAC regulatory reporting | Identity, transaction data | Legal obligation |
| Account management | Contact info, credentials | Contract performance |
| Fraud prevention & security | Usage data, IP, device info | Legitimate interest |
| Customer support | Communications, account data | Contract performance |
| Service improvements | Usage analytics (anonymized) | Legitimate interest |
| Legal & regulatory compliance | All categories as required | Legal obligation |
| Marketing (with consent) | Email, preferences | Consent |
Under PIPEDA, we process personal information on the following grounds:
Much of our data collection is mandated by the PCMLTFA and FINTRAC regulations. We are legally required to identify clients, retain records, and report certain transactions. Failure to comply would expose the Company to regulatory penalties.
We process personal information necessary to provide the services you have engaged us for — executing trades, managing your wallet, processing deposits and withdrawals.
We process certain data (such as usage analytics and fraud detection signals) based on our legitimate business interests, where these interests are not overridden by your privacy rights.
For optional processing such as marketing emails, we rely on your explicit consent, which you may withdraw at any time.
We do not sell your personal information. We may share your information in the following circumstances:
We engage third-party processors who assist in delivering our services, subject to data processing agreements:
In the event of a merger, acquisition, or sale of assets, personal information may be transferred as part of that transaction. We will notify you of any such change via email and/or a prominent notice on our platform.
We never sell your data. Your personal information is not sold, rented, or traded to third parties for marketing purposes under any circumstances.
We retain personal information for as long as necessary to fulfil the purposes for which it was collected, subject to the following minimum retention periods mandated by law:
| Data Category | Minimum Retention Period | Legal Basis |
|---|---|---|
| Client identification records | 5 years from end of relationship | PCMLTFA s. 6 |
| Transaction records | 5 years from transaction date | PCMLTFA regulations |
| FINTRAC reports | 5 years from report date | PCMLTFA s. 6 |
| Account information | 5 years after account closure | PCMLTFA / PIPEDA |
| Communication records | 3 years | Legitimate interest |
| Marketing consent records | Until consent withdrawn + 3 years | CASL |
After applicable retention periods expire, personal information is securely destroyed or anonymized in accordance with our data destruction procedures.
We implement technical, administrative, and physical safeguards appropriate to the sensitivity of the information we hold, including:
In the event of a data breach that poses a real risk of significant harm to individuals, we will notify affected individuals and the Office of the Privacy Commissioner of Canada as required under PIPEDA's mandatory breach reporting provisions.
Our website uses cookies and similar technologies to enhance your experience and collect analytics data.
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential cookies | Required for site functionality, session management, security | Session |
| Analytics cookies | Understanding how visitors use our site (anonymized) | Up to 2 years |
| Preference cookies | Remembering your settings and preferences | Up to 1 year |
| Marketing cookies | Delivering relevant advertising (with consent only) | Up to 90 days |
You may control cookie preferences through your browser settings. Disabling essential cookies may impact platform functionality. Non-essential cookies require your consent under Canada's Anti-Spam Legislation (CASL) guidelines.
Under PIPEDA and applicable provincial privacy legislation, you have the following rights with respect to your personal information:
You have the right to request access to the personal information we hold about you, including how it is being used and to whom it has been disclosed.
If you believe personal information we hold is inaccurate or incomplete, you may request that we correct it.
Where processing is based on consent (such as marketing), you may withdraw your consent at any time. Withdrawal does not affect the lawfulness of prior processing, and we are not required to delete data that we are legally obligated to retain.
If you believe your privacy rights have been violated, you may file a complaint with the Office of the Privacy Commissioner of Canada at www.priv.gc.ca or 1-800-282-1376.
Important limitation: Due to our legal obligations under the PCMLTFA, we cannot delete or modify certain records (such as KYC documents and transaction histories) regardless of a request to do so. These records are maintained as required by federal law.
To exercise your rights, submit a written request to our Privacy Officer. We will respond within 30 days of receiving a complete request.
Some of our service providers may be located outside of Canada, including in the United States. When we transfer personal information outside of Canada, we ensure appropriate safeguards are in place, such as contractual data processing agreements that require the recipient to provide a comparable level of protection to that provided under PIPEDA.
By using our services, you acknowledge that your information may be processed in jurisdictions outside Canada. We will notify you of the countries involved upon request.
Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have collected personal information from a person under 18, we will take steps to delete that information promptly and close the associated account. If you believe a minor has provided us with personal information, please contact us immediately.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or applicable law. When we make material changes, we will:
Your continued use of our services after the effective date of any changes constitutes your acceptance of the updated policy.
For any questions, concerns, or requests relating to this Privacy Policy or the handling of your personal information, please contact:
Privacy Officer — Djooky Finance Limited
5780 Victoria Dr, Unit #123
Vancouver, BC V5P 3W7, Canada
We aim to respond to all privacy inquiries within 30 business days.
You also have the right to contact the Office of the Privacy Commissioner of Canada:
www.priv.gc.ca · 1-800-282-1376