QCADGrapes AcademyAPI DocumentationStablecorp

Buy 1 =

1

Sell 1 =

1

Launch App

13370046 Canada Inc. (dba Grapes) Privacy Policy

GRAPES PRIVACY STATEMENT

Last updated: April 3, 2023

13370046 Canada Inc. (dba Grapes) and its affiliates (“Grapes”, “we”, “us” or “our”) take privacy seriously. We collect, use, store, share and protect your information when you use Grapes Services (as defined in Terms of Service) or access any of our associated websites (www.grapesfinance.com) and mobile applications (collectively, the “Platforms”).

Grapes Privacy Policy (“the Policy”) provides a general overview of our privacy practices in line with The Personal Information Protection and Electronic Documents Act (PIPEDA) expectations. It is important you read this policy carefully to understand how we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. You must be at least 18 years of old and a Canadian resident to use the Platforms or any of our services. By visiting or signing up to our Platforms, you consent to the practices described in this Policy.

In addition, the Platforms may contain links to other third-party websites or other internet resources. Clicking on any of the links may allow third parties to collect or share data about you. We do not accept responsibility or liability for practice practices of any third parties. You are encouraged to review the privacy policy any website you visit or service you consider using.

Who we are

Grapes is a Canadian federal corporation based in Toronto, Ontario that is part of a larger corporate group that provides the Platforms. Grapes is based and operated out of Toronto with all services, data, and management conducted in Canada.

Why we collect personal information

Grapes is a regulated Money Service Business in Canada. We are required by applicable laws, including anti-money laundering and counter-terrorist financing (“AML/CTF”) legislation under Proceeds of Crime (Money Laundering) and Terrorist Financing Act (“PCMLTFA”) and associated regulation, interpretation and guidance issued by the Financial Transactions and Reports Analysis Centre of Canada (“FINTRAC”) to collect and retain certain personal information on our users for regulatory reporting purposes.

In addition, we use your personal information to operate, provide, develop, and improve our products and services, including in connection with:

  • Account management: we use your personal information to verify your identity and manage your account.
  • Transactions: we use your personal information to process your orders and payments and to communicate with you about your account, orders, services and promotional offers.
  • Recommendations and personalization: we use your personal information to recommend features, products, and services that might be of interest to you, identify your preferences and personalize your experience with the Platforms.
  • Improve Grapes and manage credit risks: we use your personal information to operate, evaluate and improve our business, including to provide functionality, analyze performance, fix errors, and improve the usability and effectiveness of the Platforms. We may also use scoring methods to assess and manage credit risks.

How we collect your personal information

Except where otherwise permitted or required by law, we will obtain your informed consent prior to collecting, and in any case, prior to using or disclosing your personal information for any purpose. Most of the personal information we collect from you is provided by you (for example, when you register with us, fill out a form, change settings, enter an order or request a transfer). We may also collect personal information about you from public or third-party sources, such as public databases, ID verification partners, payment providers, companies providing services for money laundering and terrorist financing checks, credit risk reduction and other fraud and crime prevention purposes and companies providing similar services.

What we collect

Personal information: PIPEDA generally define “personal information” as any information about an identifiable individual, which includes information that can be used on its own or with other information to identify, contact, or locate a single person. Personal information may be collected online when you register for or update your user account, make purchases, sign up for newsletters or emails or use chat or telecommunication features. Here are the types of personal information we may collect when you navigate our Platforms;

Non-personal information: Grapes also creates and collects “non-personal information.” This is information that is not associated with or linked to your personal information, including information that has been aggregated or otherwise anonymized so that it no longer relates to an identifiable individual. Grapes may use, disclose, transfer, and retain non-personal information for any purpose and in any manner whatsoever. If non-personal information is combined with personal information, then the non-personal information will be treated as personal information for the purposes of this Policy.

We, or our third-party service providers on our behalf, collect the following personal information (i.e. information about an identifiable individual) about our customers and users:

  • Contact information (e.g. name, address, email, phone number, email address & login credentials); and,
  • Information that we are required by law to collect (AML/CTF) (e.g. occupation as required by law); and,
  • Identity documents as required by law (e.g. driver's license); and,
  • Photo(s) to compare against provided identity documents (e.g. selfie); and,
  • Network identifiers (e.g. IP address or browser information); and,
  • Analytics information that is typically anonymized but could in some instances be cross-referenced to obtain personal information when used in conjunction with other information; and,
  • Personal information that is requested from you and is required to use our website or app.

How we use your personal information

Grapes does not monetize our users’ data. Our primary purpose in collecting personal information is to provide you with a secure, efficient, and customized experience. We generally use your personal information for the following purposes, and we only use the personal information necessary to achieve these purposes:

  • to properly identify you and fulfill our anti-money laundering obligations with FINTRAC;
  • to open, manage, and administer your account with Grapes;
  • to determine your eligibility for Platforms;
  • to enforce the terms of our Terms & Conditions and other agreements;
  • to process your activity using the Services, including payment transfers, orders, and withdrawals;
  • to respond to questions, comments or concerns regarding Grapes;
  • to collect your personal information in aggregate form to develop consumer profiles, perform sales analysis and identify marketing opportunities and strategies;
  • to enhance your experience;
  • to recruit for positions at Grapes;
  • to maintain legal and regulatory compliance;
  • to understand, maintain, develop, and improve the Services, we use analytics to understand our Site activity and customer needs and to improve our Services. We may also generate aggregated information to monitor performance and use to improve our Platforms;
  • to investigate legal claims or regulatory inquiries;
  • to protect against fraud and/or funds or asset loss;
  • to administer our Platforms;
  • to ensure network and information security;
  • such purposes for which Grapes may obtain consent for other uses from time to time; and
  • such other uses as may be permitted or required by applicable law.

Third-party practices

Except as set forth in this Policy or as required or permitted by law, we do not monetarize your personal information with third parties. Even when we do disclose your personal information, we will not disclose more personal information than necessary for the purpose of disclosure and in compliance with data protection legislation. Here are the circumstances where we disclose your personal information:

  • Service Providers: We may transfer or otherwise make your personal information available to third-party service providers who provide services to us in accordance with our instructions and on our behalf. Our service providers are only given the personal information they need to perform their agreed-upon services and are not authorized to use or disclose personal information for their own marketing or other purposes. Our service providers include: ID verification partners; website hosting providers and other parties who assist us in operating the Site; payment services providers; companies providing services for money laundering and terrorist financing checks, credit risk reduction and other fraud and crime prevention purposes, including financial institutions and credit reference agencies; partners who provide us with accounting services in order to prepare invoices; our financial and legal consultants and auditors; and debt collectors in order to collect a debt. If personal information is transferred to a service provider based in the US or other foreign jurisdiction, it will be subject to the laws of that jurisdiction and may be disclosed to or accessed by the courts, law enforcement and governmental authorities in accordance with those laws.

  • Affiliates: We share personal information with affiliated entities of Grapes, who provide support and ancillary services, including our parent company Canada Stablecorp Inc. (with consent where required by applicable law). Our affiliates are not permitted to use your information for any unauthorized purpose.

  • Legal & Compliance: We may also provide your personal information in response to a search warrant, production order or other legally valid inquiry or order, including to public authorities and state institutions such as law enforcement agencies, bailiffs, notaries, tax authorities, supervisory authorities, regulatory authorities, financial intelligence agencies such as the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), or as otherwise required or permitted by Canadian and U.S. or other law or legal process. Your personal information may also be disclosed where necessary for the establishment, exercise, or defence of legal claims, or when we believe disclosure is appropriate to comply with the law or protect ours or others’ rights, property, or safety, including to investigate or prevent actual or suspected loss or harm to persons or property.

  • Business Sale: Your data may be provided to third parties in connection with a merger or sale (including transfers made as part of insolvency or bankruptcy proceedings) involving all or part of Grapes or Canada Stablecorp Inc., or as part of a corporate reorganization or stock sale or other change in corporate control, including for the purpose of determining whether to proceed or continue with such transaction or business relationship.

Retention, Location, and Protection of Personal Information

Grapes retains your personal information for the period necessary to fulfill the purposes outlined in this Policy or such longer retention period as may be required or permitted by applicable legal, accounting, or reporting requirements. Under some circumstances, we may anonymize your personal information so that it can no longer be associated with you. We reserve the right to use such anonymized data for any legitimate business purpose without further notice to you or your consent.

We may process, store, and transfer your personal information in and to a foreign country, such as the United States, with different privacy laws that may or may not be as comprehensive as Canadian law. In these circumstances, law enforcement or regulatory agencies of that country may be able to obtain access to your personal information in accordance with the laws of the foreign country. You can contact us for information regarding our use of service providers located outside of Canada using the contact details provided in Section 8 of this Policy.

Grapes employs safeguards, including organizational, technical, and physical measures, appropriate to the sensitivity of the personal information in its possession or under its control to protect that information from unauthorized access, collection, use, disclosure, disposal or similar risks. While Grapes uses reasonable efforts to protect your information, no method of transmission over the internet, or method of electronic storage is 100% secure, and therefore, Grapes cannot guarantee absolute security of your personal information.

Accuracy, Access and Withdrawing Consent

By law you have the right to request access to and to correct the personal information that we hold about you. You may review, verify or correct your Grapes account information through our Platforms. You may also contact us using the information provided below to request access to, correct, or delete any personal information that you have provided to us.

We may request specific information from you to help us confirm your identity and your right to access and provide you with the personal information that we hold about you or make your requested changes. Applicable law may allow or require us to refuse to provide you with access to some or all of the personal information that we hold about you, or we may have destroyed, erased, or made your personal information anonymous in accordance with our record retention obligations and practices. If we cannot provide you with access to your personal information, we will inform you of the reasons why, subject to any legal or regulatory restrictions.

Where you have provided your consent to the collection, use, and transfer of your personal information, you have the legal right to withdraw your consent subject to legal and contractual restrictions. To withdraw your consent, contact us using the information provided below under Section 8 of this Policy. Please note that if you withdraw your consent we may not be able to provide you with a particular product or service.

Privacy questions and complaints

The best contact person a Grapes for privacy-related inquiries is:

By email:
Attn: Chief Privacy Officer
support@grapesfinance.com

In writing:
Attn: Chief Privacy Officer
13370046 Canada Inc. (dba Grapes)
703-477 Richmond Street West
Toronto, ON M5V 3E7