PRIVACY POLICY

This Privacy Policy is issued by iWallet Inc. on behalf of itself, its subsidiaries and its affiliates (together, “iWallet”, www.iwallet.com, “we”, “us” and “our”) and is addressed to individuals outside our organization with whom we interact, including customers, visitors to our Sites, and other users of our services (together, “you”). To ensure transparency this Privacy Policy describes our information handling practices when you access our website located at www.iwallet.com and/or when you use the iWallet mobile app or third party applications relying on such an API, and related services (referred to collectively hereinafter as "Services").

If you do not want iWallet to collect, store, use, or share your data in the ways described in this Privacy Policy, you may not use iWallet’ s Services. If you have any questions about this Privacy Notice, please contact us athello@iwallet.com.

ACCEPTANCE OF PRIVACY POLICY
By accessing and using our Services, you signify acceptance to the terms of this Privacy Policy and consent to the collection, use, and disclosure of your personal information as described below. If you do not agree with or you are not comfortable with any aspect of this Privacy Policy, you should immediately discontinue access or use of our Services.

CHANGES TO THIS PRIVACY POLICY
We reserve the right to modify this Privacy Policy at any time, and when required by law, we will notify you of changes to this Privacy Policy. If we make any material changes we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on our Services prior to the change becoming effective.

iWallet may provide additional "just-in-time" disclosures or additional information about the data collection, use and sharing practices of specific Services. These notices may supplement or clarify iWallet's privacy practices or may provide you with additional choices about how iWallet processes your personal information.

1. THE DATA WE COLLECT ABOUT YOU

Personal Data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of Personal Data about you which we have grouped together as follows:
1. Identity Data, including first name, maiden name, last name, username or similar identifier, title, and gender.
2. Contact Data, including your address (es), email address (es) and telephone number(s).
3. Financial Data, including bank account details.
4. Transaction Data, including interactions you may have had with us.
5. Technical Data, including internet protocol (IP) address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website(s).
6. Profile Data, including your CV, professional background and career history.
7. Usage Data, including information about how you use our website, products and services.
8. Marketing and Communications Data, including your preferences in receiving marketing from us and third parties and your communication preferences.

We may also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data may be derived from your Personal Data but is not considered Personal Data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect aggregated data with your Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data which will be used in accordance with this Privacy Policy & Cookie Policy.

We do not intend to collect the following special categories of Personal Data about you: your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data.

Here are some specific examples of the types of Personal Data iWallet may collect and how we may use it:

When you create an account or use iWallet Services, we, or our affiliates or our vendors acting on our behalf may collect the following types of data to meet our legal obligations: your name, date of birth, social security number, driver number ID, personal ID, address, phone, email, full bank account details and/or credit card numbers that you link to your iWallet account or input when you use iWallet Services. iWallet will use this information to fulfill your requests and provide the relevant Services.

If you seek permissions to raise Digital Currency buy and sell limits associated with your iWallet Account, we may require you to provide additional data which we may use in collaboration with service providers acting on our behalf to verify your identity or address, and/or to manage risk as required under applicable law. This information may include your date of birth, taxpayer or government identification number, a copy of your government-issued identification, or other personal information. We may also obtain information about you from third parties such as credit bureaus and identity verification services.

You may choose to provide us with access to certain Personal Data stored by third parties such as social media sites (such as Facebook and Twitter). The information we have access to varies by site and is controlled by your privacy settings on that site and your authorization.

IF YOU FAIL TO PROVIDE PERSONAL DATA

Where we need to collect Personal Data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may cancel a service you receive from us but we will notify you if this is the case at the time.

(2) HOW WE COLLECT YOUR PERSONAL DATA

We use different methods to collect data from and about you including through:

(i) Direct interactions. You may give us your Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise.

(ii) Automated technologies. As you interact with our website(s), we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this Personal Data by using cookies, server logs and other similar technologies.

(iii) Third parties or publicly available sources. We may receive Personal Data about you from various third parties and public sources such as Technical Data from analytics, technology and hosting providers, Identity and Contact Data from business networks, data brokers or aggregators and from publicly availably sources.

(iv) Relationship data: We may collect or obtain your Personal Data in the ordinary course of our relationship with you (e.g., we provide a service to you, or to your employer).

(v) Credit Bureaus, Public Databases & ID Verification Partners: We may obtain Personal Data about you from public databases and ID verification partners for purposes of verifying your identity. ID verification partners use a combination of government records and publicly available information about you to verify your identity. Such information includes your name, address, job role, public employment profile, credit history, status on any sanctions lists maintained by public authorities, and other relevant data. We may obtain such information to comply with our legal obligations, such as anti-money laundering laws. In some cases, we may process additional data about you based on public interest grounds to ensure our Services are not used fraudulently or for other illicit activities.

(vi) Resellers, Channel Partners, Joint Marketing Partners, and Social Media Platforms: We may collect Personal Data about your publicly available social media profile, interests or preferences, and page-view information from some business partners with which we operate co-branded services or joint offerings. There are multiple purposes for collecting this information. First, we process such information to better understand you and/or maintain and improve the accuracy of the records we hold about you as well as to position, promote or optimize our Services. In addition, we may also use this information in conjunction with your browsing habits / preferences (as obtained from our data partners) and your contact details, professional information and iWallet transaction history to deliver targeted advertising and marketing to you, where permitted by applicable law and in accordance with your advertising / marketing preferences. Second, we also process such information to provide support to you as part of our contractual obligations to you. Lastly, we process such information in the public interest because it helps us monitor, prevent and detect fraud.

Once we obtain such information from third parties, we do not subsequently share it with any other third parties except as described in this Policy. This information is shared with iWallet's processors and corporate group as necessary to perform the Services.

(3) HOW WE USE YOUR PERSONAL DATA

We only use your Personal Data when the law allows us to. Generally, we will use your Personal Data in the following circumstances:

(i) Where we need to perform a contract we are about to enter into or have entered into with you.

(ii )Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.

(iii) Where we need to comply with a legal or regulatory obligation.

(iv) When you have expressly consented to us processing your Personal Data. Where consent is relied on, you have the right to withdraw it at any time by contacting us.

(v) Where the processing is necessary to protect the vital interests of any individual; or

(vi) Where we have a legitimate interest in the processing of your Personal Data. The balancing test we have conducted in each case is as follows: (a) we have ensured that the Processing is lawful, proportionate, and conducted in accordance with the terms of this Policy; (b) we have ensured that we have a legitimate business need to perform the Processing; and (c) we have ensured that there is no material likelihood of any adverse impact on your interests, fundamental rights, or freedoms, as a result of the Processing.

(4) PURPOSES FOR WHICH WE MAY PROCESS YOUR PERSONAL DATA

We may process your Personal Data for the following purposes, subject to applicable law:

1. Our Sites: operating and managing our Sites; providing content to you; displaying advertising and other information to you; communicating and interacting with you via our Sites; and notifying you of changes to any of our Sites, or our Services.

2. Members: communicating with you regarding your Membership (or prospective Membership), where applicable, and to keep you up to date with new developments at iWallet.

3. Communications: communicating with you via any means (including via email, telephone, text message, social media, post or in person) information in which you may be interested (e.g., new product offerings, information relevant to you as an iWallet client), subject to ensuring that such communications are provided to you in compliance with applicable law; maintaining and updating your contact information where appropriate; and obtaining your prior, opt-in consent where required.

4. Communications and IT operations: management of our communications systems; operation of IT security systems; and IT security audits.

5. Financial management: sales; finance; corporate audit; and vendor management.

6. Surveys: engaging with you for the purposes of obtaining your views on our Services.

7. Security: physical security of our premises (including records of visits to our premises; and CCTV recordings); and electronic security (including login records and access details).

8. Investigations: detecting, investigating and preventing breaches of policy, fraud, and violations of law, in accordance with applicable law.

9. Legal proceedings: establishing, exercising and defending legal rights.

10. Legal compliance: compliance with our legal and regulatory obligations under applicable law.

11. Improving our Sites, Services: identifying issues with our Sites, or our Services; planning improvements to our Sites, or our Services; and creating new Sites, or Services.

12. Recruitment and job applications: recruitment activities; advertising of positions; interview activities; analysis of suitability for the relevant position; records of hiring decisions; offer details; and acceptance details.

13. Aggregate your information on an anonymous basis with other data for data analytical and reporting purposes.

14.(5) DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES

15. We may disclose your Personal Data to other entities within iWallet, for legitimate business purposes (including operating our Sites, and providing Services to you), in accordance with applicable law. In addition, we may disclose your Personal Data to:

16. You and, where appropriate, your appointed representatives;

17. Legal and regulatory authorities, upon request, or for the purposes of reporting any actual or suspected breach of applicable law or regulation;

18. Accountants, auditors, lawyers and other outside professional advisors to iWallet, subject to binding contractual obligations of confidentiality;

19. Third party Processors (such as payment services providers; survey partners, marketing outreach providers, cloud service providers, etc.), located anywhere in the world;

20. Any relevant party, law enforcement agency or court, to the extent necessary for the establishment, exercise or defence of legal rights;

21. Any relevant party for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties;

22. Any relevant party if we believe disclosure is necessary and appropriate to prevent physical, financial, or other harm, injury, or loss;

23. Any relevant third party acquirer(s), in the event that we sell or transfer all or any relevant portion of our business or assets (including in the event of a reorganization, dissolution or liquidation); and

24. Any relevant third party provider, where our Sites use third party advertising, plugins or content. If you choose to interact with any such advertising, plugins or content, your Personal Data may be shared with the relevant third party provider. We recommend that you review that third party’s privacy policy before interacting with its advertising, plugins or content.

25. Business partners, third party suppliers and our subcontractors (including delivery companies, payment providers and fraud prevention providers) to enable us to provide our Services, operate our websites and app and to detect and prevent fraudulent transactions.

26. Analytics and search engine providers that assist us in the improvement and optimization of our website.

27. To protect the rights, property, or safety of us, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

If we engage a third-party Processor to process your Personal Data, the Processor will be subject to binding contractual obligations to: (i) only process the Personal Data in accordance with our prior written instructions; and (ii) use measures to protect the confidentiality and security of the Personal Data; together with any additional requirements under applicable law.

iWallet may use Dwolla Inc., ("Dwolla") to provide certain payment services and to verify your Dwolla Platform Account balance prior to approving a transaction. iWallet only shares your information with Dwolla in accordance with this Privacy Policy. Information shared with Dwolla is treated by Dwolla in accordance with its Privacy Policy, at https://www.dwolla.com/legal/privacy/.

(6) HOW PERSONAL DATA IS SHARED WITH THIRD-PARTY SITES AND SERVICES

Please note that merchants you interact with may have their own privacy policies, and iWallet is not responsible for their operations, including, but not limited to, their information practices. Information collected by third parties, which may include such things as contact details or location data, is governed by their privacy practices. We encourage you to learn about the privacy practices of those third parties.

If you authorize one or more third-party applications to access your iWallet Account, then information you have provided to iWallet may be shared with those third parties. Unless you provide further authorization, these third parties are not allowed to use this information for any purpose other than to facilitate your transactions using iWallet Services.

(7) OPTING OUT

We offer you the opportunity to receive marketing information from us. We will normally send direct marketing by email if we have your email address, but may choose to contact you via other methods, if you have provided your consent for us to market to you using these methods. If you consented to receive marketing communications when you registered and created a customer account, you can tell us that you do not wish to receive any more at any time by selecting the ‘unsubscribe’ option in the marketing communications we send or at any time by changing your account preferences.

(8) COOKIES

When you visit a Site we may place Cookies onto your device, or read Cookies already on your device, subject always to obtaining your consent, where required, in accordance with applicable law. We use Cookies to record information about your device, your browser and, in some cases, your preferences and browsing habits. We may Process your Personal Data through Cookies and similar technologies.

(9) INTERNATIONAL TRANSFERS OF PERSONAL DATA

As a global entity, iWallet may store, transfer, and otherwise process your Personal Data in countries outside of the country of your residence, including the United States and possibly other countries.

iWallet participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. iWallet is committed to subjecting all Personal Data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Frameworks applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerces Privacy Shield List at https://www.privacyshield.gov.

iWallet is responsible for the processing of Personal Data it receives under the Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf. Pursuant to the Privacy Shield Principles, iWallet will use Personal Data only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. We will take all reasonable steps to ensure that Personal Data we process is limited to only what is relevant to the purposes for which it was collected and that it is accurate, complete, and up-to-date.

iWallet complies with the Privacy Shield Principles for all onward transfers of Personal Data from the EU, including the onward transfer liability provisions. Consequently, before iWallet shares your information with any third party that is not also certified under the E.U.-U.S. Privacy Shield Framework, iWallet, Inc. will enter into a written agreement that the third party provides at least the same level of privacy safeguard as required under those Frameworks, and assures the same level of protection for the Personal Data as required under applicable data protection laws.

iWallet, Inc. commits to resolve European data subjects' complaints about their privacy and our collection, use or disclosure of their Personal Data in compliance with the EU-U.S. Privacy Shield Principles. European data subjects with inquiries or complaints regarding this Privacy Policy should first contact iWallet at hello@iwallet.com.

If you are a European data subject with an unresolved complaint or dispute arising under the requirements of the Privacy Shield Framework, we agree to refer your complaint under the Framework to an independent dispute resolution mechanism. Our independent dispute resolution mechanism is the International Centre for Dispute Resolution ("ICDR"), operated by the American Arbitration Association ("AAA"). For more information and to file a complaint, you may contact the International Centre for Dispute Resolution by phone at +1.212.484.4181, or by visiting the website http://info.adr.org/safeharbor.

We are also subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission with respect to the Framework. Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel. In certain situations, iWallet may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

(10) HOW WE PROTECT AND STORE PERSONAL DATA

We understand how important your privacy is, which is why iWallet maintains (and requires its service providers to maintain) appropriate physical, technical and administrative safeguards to protect the security and confidentiality of the Personal Data you entrust to us.

Critical parts of our Services employ the highest level of security standards, from HTTPS SSL, encryption-at-rest to password encryption. These measures are intended to prevent the loss, misuse, and alteration of the information that we obtain from you.

We may store and process all or part of your personal and transactional information, including certain payment information, such as your encrypted bank account and/or routing numbers, in the United States and elsewhere in the world where our facilities or our service providers are located. We protect your Personal Data by maintaining physical, electronic, and procedural safeguards in compliance with the applicable laws and regulations.

For example, we use computer safeguards such as firewalls and data encryption, we enforce physical access controls to our buildings and files, and we authorize access to Personal Data only for those employees who require it to fulfill their job responsibilities.

However, we cannot guarantee that loss, misuse, unauthorized acquisition, or alteration of your data will not occur. Please recognize that you play a vital role in protecting your own Personal Data. When registering with our Services, it is important to choose a password of sufficient length and complexity, to not reveal this password to any third-parties, and to immediately notify us if you become aware of any unauthorized access to or use of your account.

Furthermore, we cannot ensure or warrant the security or confidentiality of information you transmit to us or receive from us by Internet or wireless connection, including email, phone, or SMS, since we have no way of protecting that information once it leaves and until it reaches us. If you have reason to believe that your data is no longer secure, please contact us at the email address, mailing address or telephone number listed at the end of this Privacy Policy.

(11) DATA ACCURACY

We take every reasonable step to ensure that:

1. Your Personal Data that we process are accurate and, where necessary, kept up to date; and

2. Any of your Personal Data that we process that are inaccurate (having regard to the purposes for which they are processed) are erased or rectified without delay.

From time to time we may ask you to confirm the accuracy of your Personal Data.

(12) DATA RETENTION

We will only retain your Personal Data for as long as we believe necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, reporting or audit requirements. To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Details of retention periods for different aspects of your Personal Data are available by contacting us jim@iwallet.com.

(13) YOUR LEGAL RIGHTS

Under certain circumstances, you have rights under data protection laws in relation to your Personal Data. These include rights:

1. To request access to your Personal Data (commonly known as a “data subject access request”). This enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it.

2. To request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

3. To request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your Personal Data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

4. To object to processing of your Personal Data. This is where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your Personal Data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

5. To request restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of your Personal Data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

6. To request the transfer of your Personal Data to you or to a third party. We will provide to you, or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

7. To withdraw consent. This occurs at any time where we are relying on consent to process your Personal Data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

If you wish to exercise any of the rights set out above, please contact us jim@iwallet.com.

(14) TERMS OF USE

All use of our Sites, or our Services is subject to our Terms of Use. We recommend that you review our Terms of Use regularly, in order to review any changes we might make from time to time.

(15) NOTE REGARDING CHILDREN (UNDER 18 YEARS OF AGE)

Please note that we do not knowingly permit or solicit information from individuals under eighteen (18) years of age. In addition we do not knowingly market our products or Services to individuals under eighteen (18) years of age. You may use our Services only with involvement and permission of a parent or guardian.

(16) DIRECT MARKETING

We may process your Personal Data to contact you via email, telephone, direct mail or other communication formats to provide you with information regarding services that may be of interest to you. If we provide services to you, we may send information to you regarding our services, upcoming promotions and other information that may be of interest to you, using the contact details that you have provided to us and always in compliance with applicable law.

You may unsubscribe from our promotional email list at any time by simply clicking on the unsubscribe link included in every promotional email we send. After you unsubscribe, we will not send you further promotional emails, but we may continue to contact you to the extent necessary for the purposes of any services you have requested.

(17) CALIFORNIA PRIVACY RIGHTS

If you are a California resident, you have the right to request information from us regarding the manner in which we share certain categories of your Personal Data with third parties for the third parties' direct marketing purposes. California law provides that you have the right to submit a request to us at our designated address and receive the following information: (a) the categories of information we disclosed to third parties for the third parties' direct marketing purposes during the preceding calendar year; and (b) the names and addresses of third parties that received such information, or if the nature of their business cannot be determined from the name, then examples of the products or services marketed.

You are entitled to receive a copy of this information in a standardized format and the information will not be specific to you individually. You may make such a request by emailing hello@iwallet.com.

(18) CONTACT DETAILS

For the purposes of this Policy, iWallet is the Controller.

You may contact us at via post, telephone, fax, email or via our online Contact Us form.

If you have any comments, questions or concerns about any of the information in this Policy, or any other issues relating to the Processing of Personal Data carried out by us, or on our behalf, please contact us at hello@iwallet.com or by calling us at 1-866-376-4880.