13370046 Canada Inc. (dba Grapes) Privacy Policy

PRIVACY POLICY

Last revised: Dec, 2022

13370046 Canada Inc. (dba Grapes) and our corporate affiliates (variously referred to as “Grapes”, “we”, “us” or “our”) respect your privacy. This privacy policy (this “Policy”) describes the manner in which we collect, use, disclose, and protect your personal information and it applies to all of our websites (including the website located at www.grapesfinance.com) and applications that reference this Policy (collectively, the “Platforms”).

Please read this Policy carefully to understand our policies and practices for collecting, processing, and disclosing your information. We will only use your personal information in accordance with this Policy except where otherwise required by. You must be at least 18 years old and the age of majority in the jurisdiction where you reside to use the Platforms or any of our services. By visiting our Platforms or providing us with your personal information, you consent to the practices described in this Policy.

The Platforms may contain links to other third-party websites or other internet resources. Clicking on those links may allow third parties to collect or share data about you. We do not accept any responsibility or liability for the privacy practices of third-party websites and other resources. You are encouraged to review the privacy policy every website you visit.

1. What Information Do We Collect?

   The types of information we collect depends on the nature of your interaction with us. We may collect and use several types of information from and about you, including:

   Personal information. Privacy laws in Canada generally define “personal information” as any information about an identifiable individual, which includes information that can be used on its own or with other information to identify, contact, or locate a single person. Personal information may be collected online when you register for or update your user account, make purchases, sign up for newsletters or emails or use chat or telecommunication features. Here are the types of personal information we may collect when you navigate our Platforms:

   • Contact information. For example, your name, home address, telephone number, email address and login credentials.
   • Identity Information. For example, your gender, date of birth, nationality, photographic images and a video recording of you, credit history reports and copies of any documents that you provide us for identity verification purposes, such as government issued photo identification documents.
   • Your personal preferences. For example, preferences based on previous transactions and page interaction information (including the timing, frequency and pattern of use), time zone, language settings, location information and your consent to receive marketing materials.
   • Your transaction information. For example, past purchases, methods of payment, amounts paid and banking and credit card details.
   • Technical information. For example, device ID, IP address, geographical location, browser type and version, operating systems and platforms, length of visits on the Platforms, page views and website navigation paths.
   • Other information you provide us. For example, information contained in or relating to any communication that you send to us (including the communication content and metadata associated with the communication) or any other personal information that you choose to send to us.

   Non-personal information. Grapes also creates and collects “non-personal information.” This is information that is not associated with or linked to your personal information, including information that has been aggregated or otherwise anonymized so that it no longer relates to an identifiable individual. Grapes may use, disclose, transfer, and retain non-personal information for any purpose and in any manner whatsoever. If non-personal information is combined with personal information, then the non-personal information will be treated as personal information for the purposes of this Policy.

2. How Do We Collect Information?

   We use different methods to collect your information, including through:

   • Direct Interactions with You. We collect information you directly provide us by, for example, filling in forms, posting material or corresponding with us.

   • Cookies and other Tracking Tools. The Platforms use “cookies”, a tiny element of data that our Platforms sends to your browser, which may then be stored in a small file placed on the hard drive of your computer. Cookies enhance the convenience and use of the Platforms. For example, we send a “session cookie” to your computer any time you log in to your account. This type of cookie helps us to recognize you if you visit multiple pages on our site during the same session, so that we do not need to ask you for your password on each page. We use these technologies to recognize you as a user, customize content, improve our services and collect information about your computer or other access device to mitigate risk, help prevent fraud, and promote trust and safety. Our Platforms will automatically issue cookies when you visit our Platforms unless you adjust the applicable settings on your browser to refuse cookies. However, if you refuse to accept cookies, you may be unable to access certain parts of our Platforms.

     We may use other tracking technologies, such as web beacons or pixel tags, to compile statistical information, for example, regarding website user demographics, preferences and traffic patterns.

   • Our Partners. We collect information from our partners, including credit bureaus, to facilitate compliance with our “know your client”, anti-money laundering and other legal obligations.

3. For What Purposes Do We Use Personal Information?

   We use your personal information to operate, provide, develop, and improve our products and services, including in connection with:

   • Account management. We use your personal information to verify your identity and manage your account.
   • Transactions. We use your personal information to process your orders and payments and to communicate with you about your account, orders, services and promotional offers.
   • Recommendations and personalization. We use your personal information to recommend features, products, and services that might be of interest to you, identify your preferences and personalize your experience with the Platforms.
   • Improve Grapes and manage credit risks. We use your personal information to operate, evaluate and improve our business, including to provide functionality, analyze performance, fix errors, and improve the usability and effectiveness of the Platforms. We may also use scoring methods to assess and manage credit risks.
   • Other. We may use your personal information to prevent fraud or criminal activity, to protect or enforce the rights of Grapes, to safeguard the security of our customers, Grapes and others and as required or permitted by applicable law, including to comply with our obligations under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (Canada).

4. How We Share Personal Information

   Grapes does not sell our customers' personal information. However, in the normal course of business, we may share some of your personal information for our legitimate business purposes and as required or permitted by law, including:

   • With affiliates. Grapes may share personal information amongst our corporate affiliates that are also subject to this Policy.

   • With suppliers and service providers. Grapes may disclose your personal information to Grapes's suppliers and service providers who perform services on our behalf such as payment processors, data processors and marketing, fraud detection and credit management providers. When we do use an outside company, we use contractual or other appropriate means to ensure that your personal information is protected substantially in accordance with this Policy. Among others:

     • We use the services of iComply Investor Services Inc. to meet our “know your customer” and anti-money laundering compliance obligations. iComply's privacy policy can be found here: https://icomplyis.com/privacy-policy/.
     • We use the services of our banking partner, Luminus Financial Services & Credit Union Limited. Information with respect to Luminus' privacy practices can be found here: https://www.luminusfinancial.com/Personal/AboutUs/OnlinePolicies/Privacy/.

     • We use Google Analytics to help us improve the Platforms. You can prevent the collection of data relating to your use of the Platforms (including your IP address) by Google Analytics, by installing the browser plug-in available at the following link:

       https://tools.google.com/dlpage/gaoptout?hl=en. You can also obtain additional information on Google Analytics' collection and processing of data and data privacy and security at the following links:

       https://policies.google.com/technologies/partner-sites?hl=en-US

       https://support.google.com/analytics/answer/6004245?hl=en

   • With your consent. Grapes may disclose your personal information with your consent. For example, you may elect for Grapes to share your personal information with its partners that are also subject to “know your client” and anti-money laundering obligations to streamline your experience with those businesses. You can withdraw your consent at any time by contacting us using the contact details provided in Section 8 of this Policy.
   • With any successor to all or part of our business. Grapes may disclose your personal information in connection with a proposed or actual business transaction, such as a corporate reorganization, merger or acquisition, or the sale of some or all of Grapes's business or assets (including in connection with a bankruptcy proceeding), but Grapes will require that the information recipient agree to protect the privacy of your personal information in a manner that is consistent with this Policy.
   • Other. Grapes and its service providers may disclose your information as required to comply with any court order, law, or legal process, including to respond to any government or regulatory request. We may also disclose your personal information to prevent fraud or criminal activity, to protect the rights and interests of Grapes, to safeguard the security of our customers, Grapes and others and as otherwise may be required or permitted by applicable law.

5. Retention, Location, and Protection of Personal Information

   Grapes retains your personal information for the period necessary to fulfill the purposes outlined in this Policy or such longer retention period as may be required or permitted by applicable legal, accounting, or reporting requirements. Under some circumstances, we may anonymize your personal information so that it can no longer be associated with you. We reserve the right to use such anonymized data for any legitimate business purpose without further notice to you or your consent.

   We may process, store, and transfer your personal information in and to a foreign country, such as the United States, with different privacy laws that may or may not be as comprehensive as Canadian law. In these circumstances, law enforcement or regulatory agencies of that country may be able to obtain access to your personal information in accordance with the laws of the foreign country. You can contact us for information regarding our use of service providers located outside of Canada using the contact details provided in Section 8 of this Policy.

   Grapes employs safeguards, including organizational, technical, and physical measures, appropriate to the sensitivity of the personal information in its possession or under its control to protect that information from unauthorized access, collection, use, disclosure, disposal or similar risks. While Grapes uses reasonable efforts to protect your information, no method of transmission over the internet, or method of electronic storage is 100% secure, and therefore, Grapes cannot guarantee absolute security of your personal information.

6. Accuracy, Access and Withdrawing Consent

   By law you have the right to request access to and to correct the personal information that we hold about you. You may review, verify or correct your Grapes account information through Grapes's Platforms. You may also contact us using the information provided below under Section 8 of this Policy to request access to, correct, or delete any personal information that you have provided to us.

   We may request specific information from you to help us confirm your identity and your right to access and provide you with the personal information that we hold about you or make your requested changes. Applicable law may allow or require us to refuse to provide you with access to some or all of the personal information that we hold about you, or we may have destroyed, erased, or made your personal information anonymous in accordance with our record retention obligations and practices. If we cannot provide you with access to your personal information, we will inform you of the reasons why, subject to any legal or regulatory restrictions.

   Where you have provided your consent to the collection, use, and transfer of your personal information, you have the legal right to withdraw your consent subject to legal and contractual restrictions. To withdraw your consent, contact us using the information provided below under Section 8 of this Policy. Please note that if you withdraw your consent we may not be able to provide you with a particular product or service.

7. Changes to the Policy

   It is our policy to post any changes we make to this Policy on this webpage at www.grapesfinance.com/privacypolicy. If we make material changes to how we treat our users' personal information, we will notify you by email to the email address associated with your account or through a notice on our homepage.

   We include the date this Policy was last revised at the top of this Policy. You are responsible for ensuring we have an up-to-date, active, and deliverable email address for you and for periodically visiting our Platforms and this Policy to check for any changes.

8. Contact Us

   If you have complaints or additional questions regarding this Policy, please contact us by email at support@grapesfinance.com.

   You can write to us at:

   13370046 Canada Inc. (dba Grapes)
   703-477 Richmond Street W.
   Toronto, ON M5V 3E7
   Attn: Privacy Officer