1. INTRODUCTION

Thank you for using the services of PaySprint (PS). We provide money transfer (local and international) b, Pay Invoice and Wallet Services for individuals and merchants at affordable rates in order to meet your obligations.

This Privacy Policy applies to the processing of personal data by PaySprint (PS) by Express Ca Corp (as defined) located at 10 George St. North, Brampton. ON (‘PS’, ‘EXBC, ‘Express Ca Corp’, 'we’, ‘us’, ‘our’).

We may change this Policy from time to time. If we do, we shall post a revision of this Privacy Policy at https://paysprint.ca/privacy-policy and your continued use of the Services provided through mobile app or website shall be subject to such revised terms.

2. OUR SERVICES

Our Service include:

Sending and receiving money, Payment Processing and maintaining wallet platform which are carried out on the mobile and web platforms including Text to Transfer, Text to Pay and QR functionality.

3. INFORMATION WE COLLECT ABOUT YOU

1. Customer Information

We collect information from people who visit our website, make enquiries or otherwise contact us, trial our software, or set up and operate an account on behalf of a Merchant (including Merchant Administrators and Authorized Users). We call this ‘Customer Information.’

The Customer Information we collect includes:

  • Name, email address and phone number and other contact details.
  • Merchant name, location, website and number of members.
  • Financial information such as your Merchant’s bank account details and Tax ID.
  • Legal representative information such as name, address, date of birth and copy of personal identification.
  • Electronic data such as IP addresses.
2. Individual Information

Personal information is also collected from individuals who use our Services to interact with, or send money, receive money, pay invoice or maintain a wallet with us. We call this information ‘Individual Information.’

Information collected from individuals includes:
  • Name, email, phone number, address, and contact details.
  • Other information required for verification purposes such as date of birth and copy of personal identification.
  • Money transfer amount and purpose of transfer of funds.
  • Payment information such as bank account details or credit / debit card information.


We collect and process Individual Information as a Data Controller (for GDPR purposes).

More detailed information about the data collected in relation to the use of any Sending Service is included in the PS Terms of Service.

3. Customer Collected Information

You may use our Services by attending sending or receiving money or Pay for an invoice sent by merchant registered on our platform through your PS wallet or attached Credit card, Debit card or Bank accounts.

We call information collected for these services ‘Customer Collected Information.’

Merchants who use our Pay Invoice System upload or support the uploading of information about their Customers, members and other individuals. In this case, the Merchant Administrator determines what personal information they will collect from you. That information is usually not disclosed to us nor do we have any right to use that information.

We process Customer Collected Information as a Data Processor (for GDPR purposes).

We assume that Merchants collect and process all Customer Collected Information lawfully, and in accordance with their obligations as Data Controllers pursuant to the GDPR and other applicable data protection laws.

4. Sensitive Data

The Customer Information, Individual Information and Customer Collected Information processed as part of our Services will include “special category data” for the purposes of the EU GDPR, or “sensitive data” under other privacy laws, as it includes information that relate to individual’s merchant affiliation.

We need your consent to collect this type of data (where we are acting as Data Controller as outlined above). To support this requirement, we have included confirmation of your consent in our on-line forms and on our website. If you do not provide this information, we may not be able to provide our Services.

Customer Collected Information is also special category or sensitive information, but this information has been collected and is processed by the Merchant as Data Controller.

If you are concerned about the Customer Collected Information that has been included in any of our Services, we recommend you contact the Merchant you are affiliated with.

5. Cookies and Web Beacons

PS may collect information through the use of common information-gathering tools such as web beacons or cookies.

A cookie is a small string of text that a website can send to your browser which helps the Site remember and customize your visit. You have the option to delete or decline cookies by changing your browser’s settings.

Web beacons help sites to understand the browsing, viewing, and click activity of visitors to our site.

For more information about our collection and use of this type of data, please refer to our Cookie Policy.

6. Other information PS may also collect information from your interaction with the Site, such as statistics in connection with pageviews, IP address, and standard web log information.

Other information that may be collected includes the average sent or received amount, the geographic breakdown of transactions by area, what times of the day have the heaviest traffic, and for what purpose money was sent or the type of service an invoice is paid. This information, collected in the aggregate, allows PS to better serve all users and in the development of new products and services. None of this information is used to identify individuals.

When browsing the Site through a mobile phone or mobile application, we will attempt to collect your location through GPS in order to understand transactions behaviours purposes. You may remove this location sharing authorization.

7. Children

PS does not knowingly collect any Personal Information from or about a child (which we generally regard as anyone under the age of 16 years, subject to local law requirements) without the consent of the child’s parent or legal guardian. We may ask for evidence of a user’s date of birth to help us verify this.

If we discover that we have inadvertently collected information from a child without the appropriate consent, we will promptly take all reasonable measures to delete that data from our systems.

8. How we collect your personal information.

We collect Customer Information and Individual Information directly through forms on the Website, Mobile App or when a Merchant Administrator or other individual signs up for a Service or establishes an Account directly with us.

We may also collect information:
  • When you interact with us via our website, Chatbot or another online channel.
  • When you connect with us via one of our social media platforms.
  • When you contact us via email or over the phone?


Customer Collected Information is collected by the Merchant you are connected to, including when you interact with one of the PS Services. In most cases, PS does not directly collect or control any Customer Collected Information.

If you are concerned about the Customer Collected Information that has been included in any of PS’s Services, we recommend you contact the Merchant you are affiliated with.

9. How we use your personal information.
9.1. Use in delivering services

We will only use Personal Information for purposes related to building and providing you with great products and services and Sending you a great experience. These purposes include:
  • To provide Merchants and Individuals with the goods and services they have requested.
  • To allow users to create or register and manage accounts.
  • To enable individuals to give to Merchants via a Sending or Pay Invoice account, and to administer Sending accounts, including pre-authorised recurring payments.
  • To enable us to administer accounts, including billing and dealing with payment issues.
  • To respond to requests, enquiries or complaints and other customer care related activities.
  • For administrative purposes including fraud and security checks.
  • To improve our website and Services and support the development of new products and services, including undertaking surveys and market research.
  • To generate statistics and aggregate reports for internal and external use.
  • To improve our understanding of all our Customers and our broader community, to help give all users and visitors a great experience.


We reserve the right to use all data collected, processed or derived by us in relation to the Services, for the purpose of industry trend and best practices reporting, statistical analysis and research relating to the development or improvement of any of our services or products. We will not publish or disclose statistical findings of individual Customer or Merchant activity.

We will not use your information for purposes other than described in this Policy unless we have your consent or there are specified law enforcement or public health and safety reasons or other uses required by law.

9.2. Direct Marketing and Mailing List

We may communicate directly with you by sending newsletters, promotions and other updates about our products and services.

If you do not wish to receive marketing communications from PS, you may unsubscribe by:
  • following the instructions in the communications sent to you; or
  • contacting us by email to privacy@paysprint.ca.


PS does not participate in bulk email solicitations (i.e., “spam”) without your consent.

Your Personal Information will not be disclosed to third party marketers. We never sell, share, or otherwise use personal information for any commercial purposes outside of PS. However, we may share aggregated anonymous information with third party advertisers, but this aggregated anonymous information cannot be matched with you personally unless you voluntarily share your Personal Information with the third-party advertisers.

9.3. Other sharing

Personal data may be shared among the different members of the Express Ca Corp group (subject to compliance with any legal restrictions on cross-border transfers).

PS may disclose or transfer personal information to a third party in the event of a proposed or actual purchase, sale, lease, merger, amalgamation or any other type of acquisition, disposal, transfer, conveyance or financing of all or any portion of Express Ca Corp in order for you to continue to receive the same services from the third party.

10. How we disclose your personal information.

Unless you consent, we will not disclose any Customer Information or Individual or merchant Information to third parties, other than data processors or sub-processors we use as part of delivering our services.

10.1. Processors and Sub-processors

A list of the data processors used by us could be obtaining by emailing us at: privacy@paysprint.ca

For all our processors and sub-processors:

each has agreed that it will only access and use personal information to the extent necessary to perform the functions contracted to it by us and which are necessary for us to be able to provide the Services.

we ensure that they will comply with all the obligations contained in this Policy either as part of the terms of service we have with them or pursuant to their commitment as Merchants that have certified as being compliant with the EU-US Privacy Shield arrangement.

10.2. Optional Third-Party Services

We give our Customers the option to use services that may involve third parties. This may be done via a link to another service or website and may include, as an example, links to PayPal or Stripe for online payment as part of our service.

The decision to use these services is at the discretion of each Customer.

Although we try to only partner with reputable and trustworthy suppliers, we cannot control or be responsible for the policies of other sites we may link to, or the use of any personal information you may share with them. Please note that this Policy does not cover these other websites, and we recommend that you review the privacy policies attached to the use of those services and websites before deciding whether to proceed.

If you opt to use an optional third-party processor, you give that processor the right, power, and authority to act on your behalf to access and transmit your personal and other information (including Financial Information) according to terms of that third-party provider’s privacy policy.

If you do not want your Individual Information to be shared with third parties for example for the purposes of emailing or texting you or supporting any activity, please let the Merchant you are affiliated with know and they can disable these services for you.

10.3. Financial Information

When undertaking a financial transaction via our Services, for example, when sending money, adding money to your wallet or withdrawing money from your wallet, you may provide information including credit, debit or bank account details, and your name and address (“Financial Information”). PS does not disclose Financial Information except to the appropriate banking institutions or payment processing provider in order to process a credit or debit authorization for payment, or to resolve a dispute or for other related purposes.

PS does not have any access to your Financial Information inputted via third party payment processors.

10.4. Social Networks

We use social networking services such as Twitter, Facebook, Instagram and YouTube to communicate with Customers, Merchant Administrators, Authorized Users, Merchants and the public about our Services. When you communicate with us using these services, we may collect your personal information. The social networking service will also handle your personal information for its own purposes.

Our Site may also contain links to websites not affiliated with the PS.

These social networking and non-affiliated sites have their own privacy policies, and we recommend that you review them. We cannot control or be responsible for the policies of other sites we may link to, or the use of any personal information you may share with them.

By integrating your YouTube channel or Playlist with any PS Services you are also bound by Google Privacy Policy at http://www.google.com/policies/privacy.

11. International Transfers of Personal Information

Some of the processors and sub-processors we use are located in jurisdictions including Australia, the US, the United Kingdom and the EU. Use of their services may involve the cross-border transfer of personal information. PS also has offices and employees located globally, for example, in the USA and the United Kingdom. This means that the PS may process personal information in another country from time to time.

In all cases, appropriate safeguards for the purposes of the GDPR and other laws which restrict the cross-border flow of personal information, have been established and are maintained, whether in the form of standard contractual clauses, appropriate inter-company agreements, adequacy measures or through ensuring certification with the US-EU Privacy Shield. For more information, please refer to our Terms of Service (and the PS Data Processing Addendum).

12. Security and retention of personal information

12.1. Securing your account

Access to your account is secured via unique user passwords. You can help to keep your personal information secure by ensuring that any password you use is kept strictly confidential and by logging off when you have finished using a shared computer.

More information about your security responsibilities is included in the Terms of Service.

12.2. Data Security

We take steps to protect the security of the personal information we hold from both internal and external threats by:
  • regularly assessing the risk of misuse, interference, loss, and unauthorised access, modification or disclosure of that information
  • conducting regular internal and external audits to assess whether we have adequately complied with or implemented these measures.
  • encrypting the transfer of data all the way from the browser to where the data is stored. We use HTTPs and all our data is encrypted at rest.


12.3. Data Breaches

Unfortunately, no data transmitted over or accessible through the Internet can be guaranteed to be 100% secure. As a result, while PS attempts to protect all Personal Information, PS cannot ensure or warrant that Personal Information will be completely secure from misappropriation by hackers or from other nefarious or criminal activities, or in the event of a failure of computer hardware, software, or a telecommunications network.

If a data breach (as defined by applicable laws) involving Personal Information occurs, PS will:
  • notify you of it as soon as reasonably possible after it comes to our attention.
  • take reasonable steps to secure the affected data and minimise harm to all individuals; and
  • provide you with whatever reasonable assistance might otherwise be required.


Please note, our obligations in regard to notification of data breaches may vary depending on whether we are acting as Data Controller or Data Processor in regard to the Personal Information affected by the data breach.

12.4. Retention of Personal Information

Generally, we will keep Personal Information for as long as a Customer is actively using PS’s Services or the period during which any legal claim may be made in regard to the provision of Services in accordance with legal requirements or to meet our legal obligations. For example, we hold billing records, and any information associated with those records for 7 years.

If we hold personal information about you, and we do not need that information for any purpose, we will take reasonable steps to securely destroy or de-identify that information unless we are prevented from doing so by law.

We apply the following rules to the permanent deletion of information:

Customer accounts and associated Individual Information, where there has been no activity for more than 6 months (and where not required for PS’s own records or administrative processes) will be deleted permanently; and

Individual Information which has been deleted or disabled, will be permanently deleted or de-identified 90 days after deletion or disabling (or 18 months where members have financial data associated to them).

13. Your rights in relation to personal information
13.1. Access and Amendments

If you would like to request details about Customer Information or Individual Information that we hold about you and how we process it, contact us via the contact details below and we’ll be more than happy to help.

privacy@paysprint.ca

If you ever wish to amend personal information held by us, you may do so by:
  • logging into your account using your login credentials and password; or
  • contacting us at support@paysprint.ca or via the contact details below.


13.2. Deleting your Personal Information

Persons who wish to delete any personal information held by PS can contact us via the contact details below and we’ll be more than happy to help.

Customer Information

In relation to Customer Information, a Merchant Administrator can ask us to delete Customer Information at any time, and we will delete it from all live systems and make sure we do not process it further in any way (other than as we may need to support your account or for other reasonable administrative or legal purposes, such as billing).

Customer Collected Information

Merchants also can delete or disable Customer Collected Information at any time.

Individuals who wish to delete or stop the use of their Customer Collected Information for the purposes of any of the Services should contact the Merchant they are affiliated with directly. If an individual feels their Merchant has not dealt with their request promptly or effectively, we will work with the relevant data controller to attempt to resolve their request.

13.3. Other Rights

Under the GDPR, persons residing in the European Economic Area (‘EEA) may also be entitled to, at any time:
  • Withdraw consent to our use of your information for marketing purposes.
  • Object to the processing of your personal data, where we collect personal data on the basis of legitimate interests; and
  • Request your personal information be transferred to yourself or a third party without hindrance in a commonly used format.
  • You may also wish to make a complaint about the way we have handled your personal information or other interference with your privacy rights.


You can exercise any of these rights at any time by contacting us (see ‘Contact Details’, below) or your relevant privacy or data protection authority.

14. Additional EU GDPR Matters

This information is relevant for Merchants and individuals who use our Services and are currently residing in the European Economic Area.

14.1. Lawful Bases for Processing Personal Data

At least one of the lawful bases set out in Article 6 of the GDPR must apply in relation to a given processing activity. The lawful bases for PS’s processing activities are as follows:
  • Customer Information – Collection is necessary for the performance of a contract (to provide you with our services) or for legitimate business interests.
  • Individual Information – Collection is necessary for the performance of a contract (to provide you with our services) or for legitimate business interests.
  • Customer Collected Information – Refer to your Merchant Administrator.
  • Customer Enquiry/Support Records – Collected for our legitimate interests, namely, to record your query, to be able to provide you with support and continuity in our customer service.


14.2. Data Protection Officer/EU Representative

PS has appointed an external Data Protection Officer (DPO) and EU Representative to help ensure that we meet our obligations under the GDPR.

If you have any queries, questions, concerns or wish to make a complaint regarding how we deal with your personal information please contact us (see ‘Contact Us’, below)

15. Contact Details

If you have any queries, questions, concerns or wish to make a complaint regarding how we deal with your personal information please contact us:

Email: privacy@paysprint.ca
Phone (North America): (437) 925 8344
Phone (Others): 888-469-0999


Mail to the following address:
Privacy Officer
PaySprint by Express Ca Corp
10 George St. North, Brampton. ON
L6X1R2. ON. Canada


We will endeavour to respond to your request as soon as reasonably possible.

For Australian visitors, the Office of the Information Commissioner is a great resource.

16. Definitions

In this Policy, these terms have the following meanings given:

Authorized Users are users who are granted permission to access the Services by either (i) a Customer, (ii) a Merchant Administrator, or (iii) another Authorized User that has been given the permissions to add additional Authorized Users by a Merchant Administrator.

Customer means any Merchant or individual who establishes an account with PS or uses a Service.

Data Controller has meaning given to it in the GDPR.

GDPR means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of Personal Data, and repealing Directive 95/46/EC.

Merchant Administrator means any user who has been granted permission to manage, access or make decisions concerning a Customer’s Account by the owner of that Customer Account.

Personal Information includes the following:

‘Personal data’ as defined in the GDPR.

‘Personally, identifiable information’ as defined in US data breach notification laws.

‘Personal information’ as defined in the Privacy Act 1988 (Cth)

‘Personal information’ as defined in the Personal Information Protection and Electronic Documents Act (Canada)

Sub-processor has the meaning given to it in the GDPR.

PaySprint (PS) or PS means PaySprint by Express Ca Corp, which includes the trading name, “PaySprint”, and all subsidiaries and affiliates of Express Ca Corp. For a complete list of Express Ca Corp’s subsidiaries, associates, or affiliated companies, kindly send email to info@paysprint.ca.