1. Introduction
Himate ("we", "us", "our", or "Company") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information in accordance with GDPR, PIPEDA, and industry best practices.
2. Information We Collect
We collect information you provide directly, including:
- Account registration data (name, email, phone, business details)
- Transaction information (invoices, payment amounts, crypto holdings)
- KYB/KYC verification documents
- Communication records
- Device and usage data via cookies and analytics
3. Legal Basis for Processing (GDPR)
We process your data based on:
- Contractual necessity (providing our services)
- Legal obligations (AML/KYC compliance, FINTRAC requirements)
- Legitimate interests (fraud prevention, security)
- Explicit consent (marketing communications)
4. Data Security
We implement industry-standard security measures:
- End-to-end encryption for sensitive data
- Secure API authentication and rate limiting
- Regular security audits and penetration testing
- Compliance with PCI DSS standards for payment data
- ISO 27001 information security management
5. Your Rights
Under GDPR and PIPEDA, you have the right to:
- Access your personal data
- Correct inaccurate information
- Request deletion (subject to legal holds)
- Restrict processing
- Data portability
- Withdraw consent at any time
6. Retention
We retain personal data for as long as necessary to provide services and comply with legal obligations (typically 7 years for financial records under FINTRAC requirements).
7. Contact Us
For privacy inquiries: [email protected]
Last updated: March 2026