Canfi Professional data security and privacy framework.

Article 1: Identification of Data Controller This policy defines the data processing protocols maintained by Canfi ("the Platform", "we", or "our").

Registered Office: Suite 2700, 161 Bay Street, Toronto, ON M5J 2S1, Canada.

Regulatory Framework: We operate in strict compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA).

Article 2: Categories of Personal Information Collected In accordance with the principle of data minimization, we collect:

Identity Metrics: Full legal name, date of birth, and residency status for mandatory KYC/AML verification.

Financial Telemetry: Source of funds, digital asset wallet addresses (public keys), and transaction history.

Digital Footprint: IP addresses, hardware specifications, and interaction logs with our analytical interfaces.

Article 3: Purpose and Basis for Processing Our collection and use of information are grounded in:

Service Delivery: Essential for account management and providing technical infrastructure.

Legal Obligations: Compliance with Canadian Anti-Money Laundering (AML) and FINTRAC reporting standards.

Security Interests: Proactive fraud prevention and enhancement of network integrity.

Consent: For non-essential analytical cookies and personalized market updates.

Article 4: Security and Data Sovereignty

Encryption: All data at rest is stored using AES-256 cryptographic protocols.

Transmission: Secured via TLS 1.3 end-to-end encryption for all data streams.

Hosting: Data is hosted on high-security servers, ensuring protection under strict Canadian data residency standards.

Article 5: Your Rights and Access Under PIPEDA, you possess the following rights regarding your personal information:

Right to request access to and correction of your data.

Right to withdraw consent for data processing.

Right to lodge a formal complaint with the Office of the Privacy Commissioner of Canada (OPC).