Privacy Policy

Introduction

Welcome to Bleyt Finance Limited (“Bleyt,” “we,” “us,” or “our”). We are a company incorporated in Alberta, Canada, providing payment remittance and cross-border financial services. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our platform, mobile application, website, and related services (collectively, the “Services”).

By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our Services.

This Privacy Policy should be read together with our Terms and Conditions, which govern your use of our Services.

Information We Collect

We collect information in several ways to provide and improve our Services:

Personal Information You Provide

• Account Registration: Full name, date of birth, email address, phone number, residential address, and nationality.
• Identity Verification (KYC): Government-issued identification documents (passport, driving licence, national ID card), proof of address documents, biometric data (selfie or video for liveness verification), and other documents required to verify your identity.
• Financial Information: Bank account details, payment card information, source of funds declarations, and employment or income information where required.
• Transaction Information: Details of transfers you initiate, including recipient names, account numbers, transfer amounts, currencies, and purposes of payment.
• Communications: Information you provide when contacting our customer support team, including the content of messages, emails, and any attachments.

Information Collected Automatically

• Device Information: Device type, operating system, unique device identifiers, browser type and version, and mobile network information.
• Usage Data: Pages visited, features used, time spent on the platform, click patterns, and navigation paths.
• Location Data: Approximate geographic location derived from your IP address or, with your consent, more precise location data from your mobile device.
• Log Data: IP address, access times, referring URLs, and system activity logs.

Information from Third Parties

• Identity Verification Partners: Results from identity verification and fraud prevention services.
• Financial Partners: Transaction confirmations and status updates from banks and payment processors.
• Credit Reference Agencies: Information obtained for the purpose of identity verification and fraud prevention.
• Public Sources: Information from publicly available databases, sanctions lists, and politically exposed persons (PEP) lists.

How We Use Your Information

We use the information we collect for the following purposes:

• Service Delivery: To create and manage your account, process transactions, facilitate cross-border payments, and provide customer support.
• Identity Verification and Compliance: To verify your identity in accordance with Know Your Customer (KYC) requirements, comply with Anti-Money Laundering (AML) regulations, and fulfil our obligations under applicable laws including those enforced by FINTRAC, the FCA, and other regulatory bodies.
• Fraud Prevention and Security: To detect, prevent, and investigate fraud, unauthorized access, and other illegal activities. To protect the security and integrity of our platform and your account.
• Transaction Monitoring: To monitor transactions for suspicious activity as required by law and to ensure compliance with sanctions regulations.
• Communications: To send you transaction confirmations, service updates, security alerts, and administrative messages. With your consent, to send you marketing communications about our products and services.
• Product Improvement: To analyse usage patterns, improve our platform and services, develop new features, and enhance user experience.
• Legal Obligations: To comply with legal and regulatory requirements, respond to lawful requests from authorities, and enforce our Terms and Conditions.

Legal Basis for Processing

We process your personal information on the following legal bases:

• Consent: Where you have given us explicit consent to process your personal information for specific purposes, such as marketing communications and biometric verification.
• Contract Performance: Where processing is necessary to perform our contract with you, including providing our remittance and payment services.
• Legal Obligations: Where processing is necessary to comply with our legal and regulatory obligations, including KYC/AML requirements, tax reporting, and responding to lawful requests from authorities.
• Legitimate Interests: Where processing is necessary for our legitimate interests or those of a third party, provided these are not overridden by your rights. This includes fraud prevention, platform security, and service improvement.

Information Sharing and Disclosure

We may share your personal information with the following categories of recipients:

• Payment Partners and Financial Institutions: Banks, payment processors, and financial intermediaries involved in processing your transactions, including Clear Junction, TagPay, Paga, and other partners necessary to complete your transfers.
• Identity Verification Providers: Third-party services that assist us in verifying your identity and conducting background checks.
• Regulatory Bodies: Government agencies and regulators, including the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), the Financial Conduct Authority (FCA), and equivalent bodies in jurisdictions where we operate, as required by law.
• Law Enforcement: Where required by law, court order, or governmental regulation, or where disclosure is necessary to protect our rights, property, or safety, or that of our users or the public.
• Professional Advisors: Lawyers, auditors, accountants, and other professional advisors who require access to your information to provide their services to us.
• Service Providers: Third-party companies that provide services on our behalf, such as cloud hosting, data analytics, customer support tools, and email delivery. These providers are contractually obligated to protect your information and use it only for the purposes we specify.

We do not sell your personal information to third parties. We do not share your information for third-party marketing purposes without your explicit consent.

International Data Transfers

As a cross-border payments platform operating across multiple jurisdictions, your personal information may be transferred to and processed in countries other than your country of residence. This includes Canada, the United Kingdom, Nigeria, and other countries where our partners and service providers operate.

When we transfer your data internationally, we take appropriate steps to ensure that your information receives an adequate level of protection. These measures include implementing standard contractual clauses, relying on adequacy decisions where available, and ensuring our partners maintain appropriate security standards.

By using our Services, you acknowledge and consent to the transfer and processing of your personal information in these jurisdictions. We are committed to ensuring your data is protected regardless of where it is processed.

Data Retention

We retain your personal information for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, regulatory, accounting, and reporting requirements.

Specifically, we are required by Canadian anti-money laundering regulations to retain certain records, including identity verification documents and transaction records, for a minimum of five (5) years after the end of our business relationship with you or after the date of the last transaction, whichever is later.

When your information is no longer required for our purposes or legal obligations, we will securely delete or anonymize it. In some cases, we may retain anonymized or aggregated data for analytical purposes, which cannot be used to identify you.

Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Right of Access: You may request a copy of the personal information we hold about you.
• Right to Rectification: You may request that we correct any inaccurate or incomplete personal information.
• Right to Erasure: You may request that we delete your personal information, subject to our legal and regulatory retention obligations.
• Right to Restrict Processing: You may request that we limit the processing of your personal information in certain circumstances.
• Right to Data Portability: You may request to receive your personal information in a structured, commonly used, and machine-readable format.
• Right to Object: You may object to the processing of your personal information where we rely on legitimate interests as our legal basis.
• Right to Withdraw Consent: Where we rely on your consent to process your information, you may withdraw that consent at any time. This will not affect the lawfulness of any processing carried out before your withdrawal.
• Right to Opt Out of Marketing: You may opt out of receiving marketing communications from us at any time by using the unsubscribe link in our emails or by contacting us directly.

To exercise any of these rights, please contact us using the details provided in the Contact Information section below. We will respond to your request within the timeframe required by applicable law. Please note that some rights may be limited where we have a legal obligation to retain or process your information.

Security Measures

We take the security of your personal information seriously and implement appropriate technical and organisational measures to protect it against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption: We use industry-standard encryption protocols (TLS/SSL) to protect data in transit and encryption at rest for sensitive information stored on our systems.
• Access Controls: Access to personal information is restricted to authorized personnel on a need-to-know basis. We implement role-based access controls and multi-factor authentication for our internal systems.
• Monitoring and Auditing: We continuously monitor our systems for suspicious activity and conduct regular security audits and vulnerability assessments.
• Incident Response: We maintain an incident response plan to promptly address any data security incidents. In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant authorities as required by law.

While we strive to protect your personal information, no method of electronic transmission or storage is completely secure. We encourage you to take steps to protect your account, including using a strong password and keeping your login credentials confidential.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our platform, analyse usage patterns, and deliver relevant content. Cookies are small text files stored on your device when you visit our website or use our application.

The types of cookies we use include:

• Essential Cookies: Necessary for the operation of our platform, including authentication, security, and session management. These cannot be disabled.
• Analytics Cookies: Help us understand how users interact with our platform, allowing us to improve functionality and user experience. These may include third-party analytics tools such as Google Analytics.
• Functional Cookies: Enable enhanced functionality and personalisation, such as remembering your preferences and settings.

You can manage your cookie preferences through your browser settings. Please note that disabling certain cookies may affect the functionality of our Services.

Third-Party Links

Our platform may contain links to third-party websites, services, or applications that are not operated by us. We are not responsible for the privacy practices or content of these third parties. We encourage you to review the privacy policies of any third-party services before providing your personal information.

Children's Privacy

Our Services are not intended for individuals under the age of eighteen (18). We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information as promptly as possible. If you believe a child has provided us with personal information, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by email, in-app notification, or by posting a prominent notice on our website prior to the changes taking effect.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our Services after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We will endeavour to respond to your inquiry within a reasonable timeframe and in accordance with applicable data protection laws.