Legal

Privacy Policy

Avermo Financial Services Inc.  �  Last updated: April 2026  �  Effective: April 1, 2026

Overview

Avermo Financial Services Inc. ("Avermo", "we", "our", "us") is committed to protecting the privacy and security of your personal and business information. This Privacy Policy explains how we collect, use, share, and safeguard your data when you use our platform and services.

This policy applies to all users of Avermo's services, including FX Exchange, Virtual Accounts, Crypto Exchange, Payment Gateway, and our website at avermo.ca. By using our services, you agree to the practices described in this policy.

Avermo is registered as a Money Services Business (MSB) under FINTRAC (Canada) and is subject to the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and its Regulations, as well as the Personal Information Protection and Electronic Documents Act (PIPEDA).

Information We Collect

Information you provide to us

  • Business & Identity Information: Company name, registration number, registered address, business type, and ownership structure. Government-issued ID documents, proof of address, and source of funds documentation for beneficial owners.
  • Contact Information: Name, email address, phone number, and mailing address of authorized representatives.
  • Financial Information: Bank account details, transaction history, expected volumes, and payment method information needed to provide our services.
  • Communications: Records of correspondence with our support and compliance teams.

Information collected automatically

  • IP addresses, browser type, operating system, and device identifiers
  • Pages visited, time spent, referring URLs, and click patterns on our website and platform
  • Transaction metadata (timestamps, amounts, currencies, counterparty details)
  • Session and authentication logs

How We Use Your Information

We use the information we collect for the following purposes:

  • Service delivery: Processing transactions, maintaining accounts, and providing the FX, Virtual Account, Crypto, and Payment Gateway services you have requested.
  • KYC & AML compliance: Verifying identities, assessing risk, screening against sanctions lists, and fulfilling our legal obligations under FINTRAC and PCMLTFA.
  • Account management: Sending transaction confirmations, statements, account updates, and operational notices.
  • Security: Detecting, preventing, and investigating fraud, unauthorized access, and other illegal activities.
  • Service improvement: Analyzing usage patterns to improve our platform, fix bugs, and develop new features.
  • Legal obligations: Complying with applicable laws, regulations, court orders, and regulatory requests, including mandatory reporting to FINTRAC.

We do not use your data for unsolicited marketing without your explicit consent. You can opt out of marketing communications at any time.

Sharing & Disclosure

Avermo does not sell your personal or business data to third parties. We may share information in the following limited circumstances:

  • Regulatory authorities: FINTRAC, law enforcement, or other authorities as required by law, including mandatory suspicious transaction reporting (STR) and large cash transaction reporting (LCTR).
  • Service providers: Trusted third-party vendors who assist with KYC/AML screening, payment processing, data hosting, or security � all bound by confidentiality agreements and data processing terms consistent with this policy.
  • Banking & payment partners: Counterparty banks and payment networks required to execute your transactions (e.g., correspondent banks, card networks, blockchain validators).
  • Business transfers: In the event of a merger, acquisition, or asset sale, your data may be transferred as part of that transaction, with equivalent privacy protections.

Data Retention

We retain your data for as long as your account is active and for a minimum of seven (7) years following the end of our business relationship, as required by FINTRAC and Canadian financial regulations.

Transaction records, KYC documents, and AML reports are retained for the legally required period. After this period, data is securely deleted or anonymized unless further retention is required for legal proceedings.

Security

Avermo implements industry-standard security measures to protect your information:

  • All data in transit is encrypted using TLS 1.3
  • All data at rest is encrypted using AES-256
  • Multi-factor authentication (MFA) is required for platform access
  • Role-based access controls limit internal data access to authorized personnel
  • Regular security audits and penetration testing
  • Data is hosted in Canadian data centers aligned with SOC 2 Type II principles

No system is completely immune to threats. In the event of a data breach that poses a risk to you, we will notify you and relevant authorities as required by law.

Your Rights

Subject to applicable law and regulatory requirements, you have the right to:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your data, subject to our legal retention obligations.
  • Portability: Receive your data in a structured, machine-readable format.
  • Objection: Object to certain uses of your data, including direct marketing.

To exercise these rights, contact us at privacy@avermo.ca. We will respond within 30 days.

Cookies & Tracking

Our website uses cookies and similar technologies for functionality, security, and analytics. These include:

  • Essential cookies: Required for login sessions and security. Cannot be disabled.
  • Analytics cookies: Help us understand how the site is used (e.g., page views, error tracking). You can opt out via your browser settings.
  • Preference cookies: Remember your language and display settings.

We do not use third-party advertising cookies or sell behavioral data to ad networks.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services or legal requirements. When we make material changes, we will notify you by email or by posting a notice on our platform at least 14 days before the change takes effect. Continued use of our services after the effective date constitutes acceptance of the updated policy.

Contact Us

If you have questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us:

If you are unsatisfied with our response, you have the right to lodge a complaint with the Office of the Privacy Commissioner of Canada (OPC) at priv.gc.ca.