Last updated: September 25, 2020

1. About this Policy

Privacy is a fundamental right

A society without privacy isn’t one that we want to live in. Since we prefer to live in a society of privacy and liberty, we go above-and-beyond Canadian legal requirements in order to help protect your privacy. As a customer of Shakepay you can be confident that we treat your personal information with a level of care that exceeds our obligations as a regulated Money Services Business.

Companion document to Terms of Use

This privacy policy is a companion document to the Shakepay Terms of Use agreement that governs your legal relationship with us. You should read these documents together, but the Terms of Use shall govern if there is a conflict with this privacy policy.

Who we are

Shakepay Inc. is a Canadian federal corporation based in Montreal, Quebec that is a part of a larger corporate group that provides the Shakepay services ("Shakepay"). This privacy policy applies to all aspects of Shakepay's operations, including its mobile applications and website properties.

2. Why we collect personal information

As a regulated Money Services Business we are required by applicable laws, including anti-money laundering and counter-terrorist financing laws ("AML/CTF"), and in particular the Proceeds of Crime (Money Laundering) and Terrorist Financing Act, and in conformance with guidance issued by the Quebec government and the Canadian Department of Finance (and its agency, FINTRAC), to collect, process, store, and disclose certain personal information about our customers. We also collect personal information in order to better understand customer service issues, improve Shakepay’s software & services, and to communicate with you for business purposes.

3. What we collect

We, or our third-party service providers on our behalf, collect the following personal information (i.e. information about an identifiable individual) about our customers and users:

1. contact information (e.g. name, address, email); and,

2. information that we are required by law to collect (AML/CTF) (e.g. occupation as required by law); and,

3. identity documents as required by law (e.g. driver's license); and,

4. photo(s) to compare against provided identity documents (e.g. selfie); and,

5. network identifiers (e.g. IP address or browser information); and,

6. analytics information that is typically anonymized but could in some instances be cross-referenced to obtain personal information when used in conjunction with other information; and,

7. personal information that is requested from you and is required to use our website or app.

4. Shakepay practices

Who handles personal information?

Most personal information that Shakepay collects is processed by our own staff, but for some purposes we rely on third-parties, as described in the next section. We collect and process personal information using Shakepay staff who have received training in the importance of security, confidentiality, and privacy. Most Shakepay staff are employees, but in some cases we make use of contractors, who are legally bound to confidentiality and are also trained on security, confidentiality and privacy.

Security measures

As a virtual currency dealer we must ensure that our company and our customers’ personal information is held securely. In addition to the security measures that we take in general, Shakepay implements access controls to reduce access to personal information on a "need-to-know" basis within the company.

Access and corrections

We want to have accurate information about our customers and users, and we want you to be able to access the information we have collected about you. You can write to us to gain access to your personal information. We require customers and users to clearly demonstrate who they are before divulging personal information because we are mindful of attempts to impersonate people in order to gain access to their personal information inappropriately.

If you would like to correct an error regarding your personal information, please use the provided functionality within the Shakepay Platform or write to us with an explanation of the correction.

5. Third-party practices

Anti-money laundering service providers

We are required by law to obtain more personal information about our customers than is strictly needed to provide services in order to help fight money laundering and terrorist financing. Shakepay has to comply with the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (S.C. 2000, c. 17), the Money-Services Businesses Act (Chapter E.12.000001), and other regulations. In order to comply with these laws, we use third-party service providers and provide customer information to them so that they can provide AML/CTF services to us. AML/CTF services provided to Shakepay are primarily in relation to identity verification or screening.

Protection of personal information

Personal information that is processed by third party service providers is protected by contractual guarantees of confidentiality, security, and privacy.

Third-party analytics and cookies

We also make use of third-party service providers to help us provide better quality software, prevent abuse/fraud, and make decisions about marketing by collecting analytics about website visitors, application usage, and other analytics purposes. We minimize disclosure of sensitive information to these services but they may be able to cross-reference information to determine more about you than what we disclose. For example, we make use of Google Analytics, and it is likely that Google has significant information about you because of their global data collection practices that are outside of Shakepay's control.

Third-party storage and cloud computing

The Shakepay computer systems run partially on cloud-based systems operated by other companies in the United States, Canada, and elsewhere. Your personal information may be disclosed to our providers, who are contractually bound to treat all information confidentially, as part of day-to-day business operations. We attempt to make use of services that encrypt information.

Disclosure of specific service providers

The service providers that we use change periodically as we try to use vendors that best respect privacy and provide good quality services. If you have concerns or would like to learn more about specific service providers please contact us.

6. Limited disclosure where necessary

Our general approach

Bitcoin and other decentralized technologies are pro-privacy technologies and we do our best to operate Shakepay along these lines. We try to limit disclosure of your personal information to the extent that this is possible, but there are a number of circumstances where Canadian law creates a requirement to disclose personal information to people or companies outside of Shakepay.

We don't rent or sell your personal information

We make money by buying and selling digital currency. Renting or selling your personal information is not a part of our business model and we don't do it.

Disclosure to law enforcement

We may be required to provide your personal information to law enforcement or government agencies (primarily related to AML/CTF) as part of our legal obligations as a regulated business. We also may be required to disclose information pursuant to court orders. Although we attempt to minimize disclosure, Canadian laws regarding businesses such as Shakepay require us to do so under some circumstances, and we may also do so voluntarily if we suspect criminal activity targeting us, our customers, or the public.

Disclosure to financial institutions and payment providers

In order to undertake financial transactions on behalf of our customers, we may be required to disclose personal information relating to those transactions. If we disclose personal information to a financial institution or payment provider (or other service providers), we only do so pursuant to a written agreement that protects the confidentiality of this information, in keeping with Canadian legal requirements.

7. Privacy-conscious practices

Shakepay views privacy as a two-way conversation and not as a set of practices that we dictate. As part of this and our constant process of improvement, we'd like to hear from you about how we can improve our privacy practices. We’re a rapidly growing company used by over 500,000 Canadians but we’re not perfect yet. You are always welcome to write to us to let us know how we can do better.

8. Privacy questions and complaints

The best contact person at Shakepay for privacy-related inquiries is:

Attn: Chief Privacy Officer privacy@shakepay.com

500 Place d’Armes, Suite 1800 Montreal (Quebec) H2Y 2W2 Canada - Please note this is a mailing address only. There are no Shakepay employees at this location.