Privacy Policy
Welcome to the Shakepay Application and Websites. We are confident that you will find our Services useful. This Privacy Policy (the “Policy”) covers several different situations, so please refer to the following definitions for clarification:
“Application” refers to the free app for iOS or Android created and owned by Shakepay. Application also includes any Application updates and upgrades that Shakepay may provide to you or make available to you, or that you obtain after the date you obtain your initial copy of the Application, to the extent that such items are not accompanied by a separate privacy policy. The Application may be specified as either “iOS Application” or “Android Application”, for use with respect to the Application’s operating system environment.
“Device” refers to the handheld or tablet device onto which you downloaded the Application and are using the Services.
“Services” are the proprietary software services that Shakepay has developed to allow Users to complete certain Transactions, and related functionalities. The Services may be accessed through the Application or the Websites.
“Shakepay” refers to Shakepay Inc., a duly incorporated company located in the province of Quebec, Canada. Where the present Policy refers to “Shakepay”, it may refer to Shakepay or its employees, officers, directors, subcontractors, agents or representatives, depending on the context. Any reference to “we”, “our”, or “us” in this Policy shall also refer to Shakepay. In this Policy, a Website visitor or Services User may be referred to as “you”. When you have created an account, you may be referred to as a “User”, and when you have logged in with your account credentials, you may be referred to as a “Logged-in User”.
“Transaction” refers to a financial transaction completed using the Services, as more fully described in the Terms of Use.
“Websites” are the websites located at https://shakepay.co and https://shakepay.com which are owned and operated by Shakepay, and includes all subdomains, present and future. Without limiting the generality of the foregoing, the Websites include any subdomain of the shakepay.co or shakepay.com domains where the Services may be accessed.
Additional definitions may be made throughout this Policy, but they will be recognizable as they will be capitalized, bolded, and in quotation marks. Additional definitions may also be found in the Terms of Use, and will have the same meaning in this Policy as they do there. The definitions found in this Policy shall also apply to the Terms of Use.
By visiting the Websites, using the Services on a Website, or downloading, using or accessing the Application on your Device in any capacity, you agree to be bound by the terms of the Policy. By submitting Personal Information to us through the Services or via other means, you consent to Shakepay’s collection, use and disclosure of such Personal Information (as that term is defined hereinbelow) in accordance with this Policy (as amended from time to time) and as permitted or required by law. If you do not agree to all the provisions contained in the Policy, you are not authorized to use the Websites or Services. If you have downloaded the Application and do not agree to all the provisions of the Policy, you must delete the Application from your Device.
If you are an individual using a Website or Services on behalf of a corporation, partnership, or other legally-registered organization (hereinafter “Legal Entity”), you represent and warrant that you have the capacity and authority to accept the Policy on behalf of the Legal Entity, and hereby agree to be the collection, use, and disclosure of Personal Information on behalf of that Legal Entity.
Shakepay reserves the right, at any time and without prior notice, to modify or replace any of the Policy. Any changes to the Policy can be found at this URL. It is your responsibility to check the Policy periodically for changes. Your use of the Websites and / or the Services following the posting of any changes to the Policy constitutes acceptance of those changes. If there are any significant changes to the Policy that materially affect the way we treat your information, you will be notified upon logging-in to the Services or via email.
The Policy should be read in conjunction with the Terms of Use, as both these documents govern your use of the Websites and / or Application.
If you have any questions about the Policy or if you wish to inquire about and / or access any Personal Information Shakepay holds about you, please contact:
Shakepay Legal Team [email protected]
Shakepay takes your privacy and security of Personal Information very seriously. We have provided a secure environment and this strict Policy that describes the limited ways the information is used and the limited access to such information.
This Policy covers the treatment of personally-identifiable information, i.e. any information that identifies an individual, or can be used in conjunction with other information to identify an individual (“Personal Information”) and other information gathered by Shakepay when you are using or accessing the Websites or using the Services. This Policy also covers Shakepay’s treatment of any Personal Information that Shakepay may share with its business partners or other third parties under very limited circumstances.
This Policy does not apply to the general practices and treatment of information (whether personal or not) by third parties that Shakepay does not own or control, including but not limited to any third-party websites or services that you elect to access through the Websites or Services or via a link from the Websites or Services (“Third-Party Website”), or to individuals that Shakepay does not manage or employ. While we attempt to facilitate access or link only to those Third-Party Websites that share our respect for your privacy, we cannot take responsibility for the content or privacy policies of those Third-Party Websites. We encourage you to carefully review the privacy policies of any Third-Party Website you access. We have named and provided links to the most important of these Third-Party Websites elsewhere in this Policy.
Finally, this Policy does not cover any Personal Information you send to Shakepay via any non-secured mode of communications such as email, instant messenger, Intercom, Facebook or Twitter, as communications via these methods may be subject to interception, loss, or alteration. While we welcome your comments and suggestions sent to us in this manner, we encourage you to carefully examine what Personal Information you send to Shakepay via these methods.
If you have any questions about the Policy or if you wish to inquire about and / or access any Personal Information Shakepay holds about you, please contact:
Shakepay Privacy Officer [email protected]
or:
Shakepay Privacy Officer 410-500 Saint-Jacques Street Montreal, QC H2Y 1S1
Except as provided in the next paragraph, Shakepay does not, as a matter of course, gather any of your Personal Information while you are using the Websites or Services, unless you are asked to provide such information, for example by signing up for an account. Personal Information is only gathered with your informed consent. Where you have provided Personal Information, it will only be used for the stated purpose, as detailed more specifically in the next section.
In order to prevent fraud, help to keep your account secure and to meet our obligations under the law, Shakepay automatically collects information about your Device when you create your account with us, or if you already have an account, when you open the Application for the first time following this new practice. We automatically collect information about your Device which may be considered Personal Information, including your Device’s name, unique ID, and serial number, among other information. We store this “Device Information” in our databases and it can be connected to your account. We require this information so that we can prevent fraudulent transactions, and help trace fraudulent activities. By creating an account, you consent to our collection and storage of this Device Information.
The following is an exhaustive list of Personal Information collected from you when you use the Websites or Services and what we use it for. You acknowledge that you are submitting this Personal Information with your informed consent.
“Account Information”. As specified in the Terms of Use, Users will be required to create an account and enter the following Personal Information in order to use certain of the Services: email address and phone number. This Account Information is used to verify your identity, to manage your account, to verify your credentials for logging-in to the Services, to communicate with you information about your account, and to communicate with you about your Transactions.
“Verification Information”. In addition to the Account Information listed above, you will need to submit additional Verification Information so that we may verify your account and allow you to use all of the Services. This Verification Information includes your first name, last name, current home address and length of time you have lived there, industry, and date of birth. Under certain circumstances we may also ask you for additional documents that include personal information, such as copies of photo identification or other personal documents. We use this Verification Information in order to verify your identity and account, so that you may use all of the Services, and to verify certain Transactions. For more information about the treatment of this Verification Information, please refer to the section entitled “Verification and Financial Information Transfer to Third Parties” further in this Policy.
“Referral Information”. If you have a Shakepay Account and are participating in the Referral Program as defined in the Terms of Use (a “Referrer”), or if you choose to accept a referral from a Referred and create a Shakepay Account (the “Referee”), we will share information about you with you respective Referrer or Referred as applicable. As a Referrer, we may share your first and last name, city and province of residence, and a photo of you from publicly available sources (programs such as Gravatar) so that your Referee(s) can know who you are. As a Referee, we will share your first and last names with your Referrer so that they can know who was referred.
“Contest Information”. If you choose to enter a Shakepay contest via any means, your Account Information and Verification Information, as well as your Twitter or Instagram username as applicable, will also be used for the purposes of determining your eligibility to enter the contest; to contact you about the contest including but not limited to informing you if you have been declared a contest winner; and if you are declared a contest winner, to use in advertising and promoting the contest.
In addition, Shakepay may use your Personal Information for fraud prevention. Shakepay may also use your email address and phone number for various marketing and advertising purposes. Please refer to the sections on Email Marketing and Shakepay Advertising further in this Policy for more Information. Furthermore, certain Personal Information is used for anti-money laundering; please refer to that section further in this Policy for more details.
Finally, Shakepay uses your email address and phone number for the purposes of two-factor authentication. Please see that section further in this Policy.
Shakepay uses only industry best practices (physical, electronic and procedural) in keeping any data collected (including Personal Information) secure. In addition, Shakepay uses third party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run the Websites and the Services, and these third parties have been selected for their high standards of security, both electronic and physical. For example, Shakepay uses Digital Ocean, Amazon Web Services, and Backblaze, recognized leaders in secure data, for hosting of the Websites and Services, and storage of information (including Personal Information). Please note that these third parties may not be located in your home jurisdiction – see the Transfer of Personal Information Outside Your Home Jurisdiction section further in this Policy for more information.
Where you use the Services to perform a Transaction, all Transaction data, including Financial Information, is transferred by encrypted Transport Layer Security (“TLS”), the highest modern standard for Internet financial transactions.
Shakepay automatically collects certain information using third-party analytics programs Segment, Google Analytics, Amplitude, Branch and Fabric to help us understand how our Users use the Websites and Services, but none of this information identifies you personally. For example, each time you visit a Website, we automatically collect your IP address, browser and computer type, access times, the web page from which you came, and the web page(s) you access (as applicable). We use information collected in this manner only to better understand your needs and the needs of the Websites or Services Users in the aggregate. Shakepay also makes use of information gathered for statistical purposes to keep track of the number of visits to the Websites, the specific pages on the Websites, and Users of the Services with a view to introducing improvements.
Your IP address and other relevant information may be used in order to trace any fraudulent or criminal activity, or any activity in violation of the Terms of Use.
In addition to the information collected by the analytics program as described in the previous section, we may also generate, use and disclose aggregated and / or anonymized information and statistics about the Services and Services Users for marketing and strategic purposes. However, no User of the Services will be individually identifiable from these aggregated and / or anonymized information and statistics.
Except as provided in the next paragraph and the next sections in this Policy on Email Communications, Verification and Financial Information, Two-Factor Authentication, and Anti-Money Laundering, Shakepay does not divulge any Personal Information gathered via the Websites or Services to third parties. Moreover, Shakepay does not sell, rent, trade or license any Personal Information regarding its Users to third parties. Only the employees, representatives, subcontractors, officers, agents, or assigns of Shakepay are responsible for the management and development of the Websites and Services, and only these individuals have access to the information collected there. These employees, representatives, subcontractors, officers, agents or assigns all have been instructed to comply with the Policy.
Notwithstanding anything in the Policy to the contrary, we may share any information we have collected about you or that you have submitted (whether Personal Information or not): (1) in response to subpoenas, court orders, or legal process, or to establish, protect, or exercise our legal rights or defend against legal claims or demands; (2) if we believe it is necessary in order to investigate, prevent, or take action regarding illegal activities, fraud, or situations involving potential threats to the safety of any person, or any violation of the Terms of Use; (3) if we believe it is necessary to investigate, prevent, or take action regarding situations that involve abuse of the Websites or Services infrastructure or the Internet in general (such as voluminous spamming, denial of service attacks, or attempts to compromise the security of the Websites or Services infrastructure or the Websites or Services generally); (4) to a parent company, subsidiaries, joint ventures, or other companies under common control with Shakepay (in which case we will require such entities to honour this Policy); (5) if Shakepay merges with another entity, is subject to a corporate reorganization, sells or transfers all or part of its business, assets or shares (in which case we will require such entity to assume our obligations under this Policy, or inform you that you are covered by a new privacy policy).
Shakepay currently uses Mailgun and Intercom (“Email Providers”) to send out emails and manage our newsletter. Personal Information is transferred to the Email Providers in order for our email communications to function properly. Your Personal Information is only used for the proper sending out of email; the Email Providers do not use this Personal Information for any other purpose, and will not transfer or sell your Personal Information to any other third party. You may unsubscribe from receiving marketing emails from us at any time by following the link at the bottom of any email sent to you.
Shakepay’s practices with regards to its email practices are designed to be compliant with anti-spam laws, specifically the law unofficially called “CASL”, or Canada’s Anti-Spam Law. If you believe you have received email in violation of this law, please contact us using the contact information further up in this Policy.
When you request to have your account verified, your Account Information and Verification Information is transferred to one or more third parties, in order for them to verify your identity and account so that you may use all of the Services. We currently use two providers: Securefact (https://www.securefact.com/) and Onfido (https://onfido.com). Our service providers are contractually required to use your Personal Information only for the verification process and to treat it as confidential information. For more information about how Securefact treats your Personal Information, please see their privacy notice at https://www.securefact.com/privacy-notice/. Onfido’s privacy policy is available here: https://onfido.com/privacy/. Our service providers make use of document and facial recognition processes in order to efficiently verify your identity.
When you use the Services to complete a Transaction, certain financial information or Personal Information may be transferred to third parties in order to complete the Transaction, under the following circumstances: (1) certain Personal Information is sent to your Financial Institution upon their request when they need to verify certain information or Transactions; or (2) when transferring funds to Shakepay in order to add money to your Wallet, your Verification Information may be shared with our financial partners in order to verify your identity to complete the Transaction. Our financial partners are contractually required to use this information only for this purpose, and to treat your Personal Information in the strictest confidence and highest security.
Shakepay uses third-party service Twilio for the purposes of verifying your phone number and enabling two-factor authentication to log into the Services. Your email and / or mobile phone number is transferred to Twilio in order for this service to function properly.
In order to comply with our legal obligations and to prevent our Services being used for money laundering, Shakepay uses the third-party anti-money laundering service Comply Advantage. Your full name and year of birth, and company name if applicable, is transferred to Comply Advantage so that they may run certain checks to facilitate our anti-money laundering activities.
Any information (Personal or not) the Services collect while you use them may be stored locally on your Device or computer and then transferred to servers controlled by Shakepay, and Shakepay may obtain this information as a result of the data being sent to our servers from the Services. The information, however, is only used (or not used) by Shakepay as described elsewhere in this Policy. Your contact information, date of sign-up, number of payments you have received may be provided to Users when you transact with, on, or through Shakepay.
Services Users may access the Services from any country in the world. Shakepay and its third-party vendors, including service providers and hosting partners, are located in the United States, Europe and Canada. You acknowledge that Shakepay and our third-party vendors may be located in jurisdictions or countries where the privacy laws may not be as protective as those in your home country, state, province or other governmental jurisdiction, and consent to the transfer of your Personal Information to such countries. Without limiting the generality of the foregoing, Users in the European Union acknowledge and agree that their Personal Information may be transferred to the United States.
The following is a complete listing and description of what functions on the Device that were developed by third parties are accessed and / or modified by the Application. Unless otherwise specified, these Permissions apply both to iOS Devices and Android Devices. Where noted, they operate with User permission only.
Localisation services. Allows the Application to determine your location through network and GPS services. (User permission only)
Network services access. Application will access your wi-fi or cellular services to display your network connection, and exchange data (including Personal Information) with servers controlled by Shakepay. Allows retrieval and sending of information from and to the internet in general.
Contacts access. Application will request access to your contacts to display a list of recipients when sending or requesting funds and when sending an invite notification. Application will also request access to your contacts to be able to check which of your contacts are also using the Services. (User permission only)
Phone status and identity. Application will use your Device identity for the purposes of identifying authentication requests from new devices, and collect your Device Information to help prevent fraud and trace fraudulent activities.
Camera access. Application will use the camera in order to scan QR codes for the purposes of capturing recipient cryptocurrency addresses. (User permission only)
Storage & media access. Application requests access to store data locally on your Device such as authentication tokens, and any other storage required by the Application.
Shakepay uses tracking technology (“cookies” and related technology such as tags, pixels and web beacons) on the Websites and in the Application and by using a Website or Services you agree to their use. Cookies are small text files placed on your hard drive or memory when you visit a website or use an Application, in order to track use and to improve the User experience by storing certain data on your computer or Device. The Websites and Services uses “session cookies,” which improve your User experience by storing certain information from your current visit on your computer.
Specifically, we use the following cookies to perform the following functions:
Session cookie for the Services to identify the Logged-in User. It expires when the User logs out;
Authentication cookie for the Services to facilitate signing in;
Google Analytics, Segment, Hotjar, and Amplitude cookies to provide general internal and User analytics and to assist in identifying possible fraudulent activities;
Intercom session cookie to help identify Users who use the customer support services provided by Intercom;
Advertising cookies as described in the next section of this Policy.
Your browser or Device can be set to refuse cookies or delete them after they have been stored. Please refer to your browser or Device’s help section for instructions. Please note that deleting or refusing these cookies may reduce your User experience by requiring you to re-enter certain information, including information required to use the Services. Furthermore, as we use authentication cookies, deleting those cookies may prevent certain functions, including the entirety of the Services, from working at all. Shakepay and its Representatives shall not be held responsible for any function that may not operate after you refuse or delete cookies, or any losses or damages arising from those functions not operating, or having reduced functionality.
Shakepay currently uses Google Adwords and Display Network and by using our Websites or Services you consent to this use. Specifically, Shakepay uses the remarketing features of interest-based advertising of Google AdWords that delivers you advertisements that will be of particular interest to you, based on your browsing and activity history at our websites. These advertisements will appear on third-party websites around the web. Google uses specific cookies to allow them to serve these ads around the web.
You may prevent this type of advertising by deleting the appropriate Google cookie through your browser, though this may not be permanent. For a more permanent solution, you may opt out of such Google advertising by following Google’s instructions.
Shakepay also advertises using Facebook Custom Audience and Facebook Lookalike Audience, to display advertisements to you on Facebook that will be of interest to you, and by using the Services you consent to this use. Facebook may collect or receive information from our Application using a cookie or other related technology and other applications and use that information to provide measurement services and targeted ads. Shakepay may also transfer your email address or phone number to Facebook to facilitate this type of advertising. If you do not want to receive such Facebook advertisements, please contact us by email at [email protected].
Shakepay also advertises using AdRoll, and by using the Websites or Services you consent to this use. AdRoll may place cookies on your browser for this purpose, or may collect or receive information from our Application using a cookie or other related technology and other applications and use that information to provide ads. Shakepay may also transfer your email address or phone number to AdRoll to facilitate this type of advertising. You can opt-out from receiving these targeted advertisements by visiting the NAI website opt-out page here: http://www.networkadvertising.org/choices/ or the DAA opt-out page here: http://www.aboutads.info/, or by emailing [email protected].
Shakepay may in the future add additional advertising networks or services, in which case this section will be updated accordingly.
For the Application, you can access and change certain User settings from the settings menu on your Device. You may also uninstall; uninstall methods may vary depending on your Device or iOS or Android version. Shakepay has no control over these functions and denies any responsibility of your use thereof, and any data or Personal Information sent to third parties as a result of said activities. Shakepay shall also not be held responsible for any damages, pecuniary or otherwise, for your failure to backup important information prior to uninstalling the Application.
You have the right to: (i) verify what Personal Information Shakepay holds about you; (ii) ask for your Personal Information to be corrected or updated; and (iii) to withdraw your consent to the use by Shakepay of your Personal Information and have it deleted from our records. If you wish to inquire about and verify and / or correct Personal Information Shakepay holds about you, or if you wish to have all your Personal Information permanently deleted from our records, please contact us using the contact information further up in this Policy. Please note that deletion of your Personal Information may make it impossible for you to use the Services, or certain portions thereof, and Shakepay accepts no responsibility for any damages, pecuniary or otherwise, resulting therefrom. If you request deletion of your Personal Information, Shakepay reserves the right to retain some of your Personal Information for a reasonable time in order to satisfy our legal obligations or under a legal procedure of any sort.
Despite Shakepay's best efforts to ensure that third parties will not access or obtain your Personal Information through your use of the Websites or Services, complete confidentiality and security cannot currently be guaranteed on the Internet and / or where data is transferred via wireless digital technology of any type. Communication via the Internet is subject to interception, loss, or alteration. You acknowledge and agree that Shakepay cannot be held responsible for damages resulting from the transmission of confidential information or Personal Information over the Internet and that such communications are at your own risk.
Shakepay, and / or its respective officers, directors, owners, officials, partners, partnerships, principals, employees, affiliates and other related entities, servants, agents, representatives, successors and assigns, will not be held liable for any losses or damages (pecuniary or otherwise) resulting from the misuse of any information collected by any third party, or any misuse of any information collected through the Websites or Services not in violation of the Policy.
This Policy and Shakepay’s practices in general are designed to be in compliance with Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”, S.C. 2000, c. 5) and Quebec’s An Act Respecting the Protection Of Personal Information in the Private Sector (R.S.Q. c. P-39.1). If you have any questions regarding this compliance, please contact us using the contact information further up in this Policy.
© Shakepay Inc. 2020
