Privacy policy

Last update : 01 Apr, 2026

Public version for website and mobile app store publication

Effective date: 1 April 2026

Legal entity: Dang Technologies Inc.

Trade name: Parapay

Contact: info@parapay.com

Website: www.parapay.com

1. Introduction

This Privacy Policy describes how Dang Technologies Inc. doing business as Parapay ("Parapay", "we", "us", or "our") collects, uses, discloses, retains, and protects personal information in connection with our financial products and services. Parapay operates as a Canadian money services business and may support app based payments, stored value or wallet functionality, card related services, transfers, foreign exchange, and virtual currency related services. As such, Parapay is required to comply with:

  • The Personal Information Protection and Electronic Documents Act (PIPEDA), Canada's federal privacy law governing private sector collection, use, and disclosure of personal information.
  • Applicable provincial privacy legislation, where relevant.
  • The Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and its associated regulations, which require identity verification, recordkeeping, ongoing monitoring, and reporting obligations as administered by FINTRAC.
  • Additional cybersecurity, data protection, payment, and financial industry standards that apply to app based payment products, wallet functionality, card programs, and related payments infrastructure.
This Privacy Policy explains:
  • What personal information we collect.
  • How and why we use it.
  • When we may disclose it.
  • How we safeguard it.
  • How long we retain it.
  • Your rights and choices under Canadian privacy law.

By accessing our website, using our services, or submitting personal information to us, you acknowledge and agree to the practices described in this Privacy Policy.

2. Scope

This Privacy Policy applies to all products, platforms, technologies, and services offered by Parapay in the course of operating its website, mobile application, and related financial service infrastructure. This includes, but is not limited to:

  • App based financial accounts and related stored value or wallet functionality.
  • Payment, transfer, payout, and related transaction services.
  • Card related features, whether prepaid, virtual, or physical, where offered.
  • Foreign exchange and virtual currency related services where supported.
  • Identity verification and customer onboarding processes, including Know Your Customer and Know Your Business requirements.
  • Transaction processing, payment initiation, and card or banking partner interactions.
  • Anti money laundering and anti terrorist financing compliance activities, ongoing monitoring, sanctions screening, and fraud prevention operations.
  • Customer support interactions, communications, and dispute resolution.
  • Websites, mobile applications, APIs, and any other online interfaces operated by or on behalf of Parapay.

This Privacy Policy governs the handling of personal information related to individual customers, business clients, beneficial owners, authorized representatives, and users who interact with Parapay in any capacity. It applies regardless of whether users access our services through a browser, mobile device, integrated partner platform, or other digital channel.

This Privacy Policy does not apply to aggregated or anonymized information that cannot reasonably identify an individual.

3. Information We Collect

As part of providing payment services, financial functionality, identity verification, and regulatory compliance functions, Parapay may collect several categories of personal and business information. The types of information we collect include the following:

A. Personal Information

This includes information used to identify or contact an individual, such as:

  • Full legal name
  • Date of birth
  • Residential and mailing address
  • Phone number and email address
  • Government issued identification details
  • Selfie or biometric verification results processed by an identity verification provider where required

This information is collected to meet onboarding, identity verification, and legal compliance obligations.

B. Business Information

For corporate or business clients, we may collect:

  • Incorporation and registration documents.
  • Business address and contact information.
  • Corporate structure and authorized signatories.
  • Beneficial ownership information.
  • Tax identification numbers and regulatory identifiers where relevant.

This information is required for business verification and anti money laundering due diligence.

C. Transactional and Financial Information

To operate app based accounts, wallet functionality, card features, and payment services, we may collect:

  • Payment transfers, loads, withdrawals, and payouts.
  • Merchant details, transaction locations, currency, and amounts.
  • Card usage information, including authorizations, settlements, refunds, and chargebacks where applicable.
  • Account balances, funding sources, linked payment methods, wallet addresses, and related account history.

This information is necessary for providing financial services, preventing fraud, and meeting legal and regulatory obligations.

D. Technical and Device Information

When you access Parapay platforms, we automatically collect certain technical information, including:

  • IP address and geolocation indicators.
  • Device identifiers, browser type, and operating system.
  • Session logs, clickstream data, and usage analytics.
  • Cookies and similar tracking technologies.
  • Application version, crash logs, and related diagnostics.

This information supports security monitoring, fraud detection, and performance optimization.

E. Compliance and Risk Assessment Information

To comply with Canadian AML and ATF regulations and industry standards, we may collect and generate:

  • Sanctions screening results.
  • Politically Exposed Person and related risk information.
  • Adverse media findings and risk indicators.
  • Fraud risk scoring and transaction monitoring alerts.
  • Ongoing monitoring information, including enhanced due diligence results where required.

This information is required by law, by regulatory guidance, or by our legitimate need to protect the platform and its users.

4. Legal Basis for Processing

Parapay processes personal information only where permitted under applicable Canadian privacy laws, including PIPEDA, relevant provincial laws, and regulatory obligations under the PCMLTFA and FINTRAC guidance. We rely on the following legal bases:

A. Consent

We collect and process personal information with your knowledge and consent, except where otherwise permitted or required by law. Consent is obtained during account creation, onboarding, or when you voluntarily provide information.

B. Contractual Necessity

We process information as necessary to:

  • Open and maintain accounts.
  • Verify identity and eligibility.
  • Provide payment, wallet, card, transfer, foreign exchange, and related financial services.
  • Process transactions and fulfill the terms of service.

Without this processing, we would be unable to deliver our services.

C. Legal and Regulatory Obligations

As a regulated financial services business, Parapay may be required by law to:

  • Conduct identity verification.
  • Maintain KYC and KYB records.
  • Perform sanctions and related screening.
  • Monitor transactions.
  • Report suspicious transactions and other reportable matters to FINTRAC or other competent authorities.

These activities are mandatory and cannot be opted out of.

D. Legitimate Interests

We process certain information to support:

  • Fraud detection and financial crime prevention.
  • Platform and account security.
  • System monitoring and performance optimization.
  • Internal audit, compliance reviews, and risk assessment.

These interests are balanced against user privacy rights and supported by appropriate safeguards.

E. Processing by Trusted Third Parties in Relevant Jurisdictions

While personal information is protected through secure systems and controlled vendor arrangements, certain operational, technology, compliance, analytics, or verification functions may require processing by vetted and contractually bound service providers located in jurisdictions outside Canada.

Such processing may include identity verification, screening, infrastructure support, platform operations, transaction routing, payment processing, card functionality, settlement support, analytics, or secure development functions.

All such processing is governed by contractual safeguards, encryption, limited access permissions, and controls designed to protect personal information in accordance with applicable Canadian requirements regarding cross border data handling.

5. Use of Personal Information

Parapay uses personal information only for purposes that a reasonable person would consider appropriate in the circumstances, as required under PIPEDA and applicable provincial laws. As a financial services business, we use personal and business information for the following purposes:

A. Identity Verification and Due Diligence

We use personal and business information to:

  • Verify the identity of individuals and businesses.
  • Authenticate documents and verification information.
  • Confirm beneficial ownership.
  • Assess onboarding risk.
  • Determine eligibility for our services.

These activities may be required by law and by applicable financial crime compliance obligations.

B. Compliance with Legal Obligations

We process information to fulfill mandatory obligations including:

  • Sanctions and Politically Exposed Person screening.
  • Ongoing monitoring and risk scoring.
  • Enhanced due diligence where required.
  • Recordkeeping and retention requirements.
  • Mandatory reporting to FINTRAC or other competent authorities where applicable.

These activities cannot be opted out of where required by law.

C. Provision of Financial Services

We use information to:

  • Operate app based accounts and related service functionality.
  • Support wallet or stored value functions where offered.
  • Issue, enable, or support card related services where offered.
  • Process payments, transfers, payouts, exchanges, and settlements.
  • Validate and authorize transactions.
  • Maintain accurate account and transaction records.

Information processed in this category is necessary to provide core financial services.

D. Fraud Detection, Prevention, and Financial Crime Controls

We use personal and technical data to:

  • Detect suspicious activity.
  • Prevent account takeover, misuse, or unauthorized transactions.
  • Monitor system integrity and platform security.
  • Conduct investigations related to fraud or regulatory risk.

This processing supports legal obligations and our legitimate interest in maintaining secure financial operations.

E. Customer Support and Service Improvement

We use information to:

  • Respond to inquiries and resolve issues.
  • Provide notifications regarding accounts, transactions, or service updates.
  • Improve products, services, and user experience.
  • Support testing, reliability monitoring, and quality assurance.
F. Regulatory Reporting, Audit, and Governance

We use information for:

  • Internal and external audits.
  • Regulatory inspections and compliance reviews.
  • Legal claims, dispute resolution, and enforcement of agreements.
  • Reporting required by FINTRAC, banking partners, card partners, or other authorities.
6. Sharing Personal Information

Parapay shares personal information only where necessary to provide our services, fulfill legal and regulatory obligations, prevent fraud, or operate our platform securely. We do not sell personal information. Information may be shared with the following categories of authorized third parties:

A. Banking and Financial Institution Partners

We may share limited personal and transactional information with banking partners and financial institutions involved in:

  • Maintaining account or settlement functionality.
  • Issuing cards or supporting wallet related services.
  • Processing deposits, loads, transfers, payouts, and settlements.

These partners require this information to fulfill their regulatory and operational responsibilities.

B. Card Networks and Payment Processors

We may share data related to:

  • Card authorizations and settlements.
  • Merchant interactions.
  • Payment routing and clearing.

Card networks and processors require this information to enable secure payment transactions and comply with network rules.

C. Identity Verification and Sanctions Screening Providers

To comply with identity verification and financial crime requirements, we may share information with trusted, audited service providers that support:

  • Document verification.
  • Biometric comparison or liveness checks.
  • Sanctions and PEP screening.
  • KYC and KYB compliance checks.

These partners process data strictly for compliance, authentication, and fraud prevention purposes.

D. Fraud Detection, Risk Scoring, and Analytics Partners

We may share certain technical, transactional, or behavioral indicators with fraud prevention and analytics providers that support:

  • Fraud detection and mitigation
  • Transaction monitoring
  • Risk scoring
  • Account security operations

These providers help maintain the integrity of our platform and reduce financial crime risk.

E. Technology and Infrastructure Providers

We may share limited information with infrastructure partners who support system operations, including providers supporting backend systems, operational monitoring, secure platform infrastructure, analytics, diagnostics, or related technical functions.

These partners operate under contractual data protection obligations and controlled access arrangements.

F. Regulatory Bodies, Including FINTRAC

We are required by law to disclose certain information to FINTRAC and other regulators where mandated under applicable legislation.

G. Law Enforcement and Legal Authorities

We may disclose information to law enforcement, courts, or government authorities when:

  • Required under a lawful order, subpoena, warrant, or similar legal process.
  • Necessary to investigate fraud, financial crime, misuse, or safety concerns.
  • Needed to protect the rights, property, or security of Parapay or its users.

We review requests to ensure they comply with applicable legal standards.

7. Data Storage and International Processing

Parapay stores personal information using secure systems and service provider arrangements designed to meet financial industry security and availability standards.

Although operational arrangements may involve storage or access controls centered in Canada or other approved environments, certain operational, compliance, analytics, identity verification, and technology functions may require limited processing by carefully vetted third party service providers located in other jurisdictions. These providers perform essential services on behalf of Parapay, and only the minimum necessary information is made accessible to them.

A. Primary Storage and Controlled Environments

Customer and business information is stored in secure environments subject to controls such as:

  • Encryption in transit and at rest where appropriate.
  • Access controls based on least privilege.
  • Network protections and monitoring.
  • Regular security reviews and assessments.
B. International Processing by Trusted Service Providers
C. Safeguards for International Processing

Cross border processing is protected through:

  • Contractual data protection agreements aligned with Canadian privacy requirements
  • Encryption and secure transmission protocols
  • Role based and limited permission access controls
  • Vendor due diligence and security assessments
  • Operational and compliance oversight

These measures are designed to help ensure that personal information processed outside Canada receives a level of protection appropriate to the nature of the information and the relevant risks.

8. Security Measures

Parapay maintains a security program designed to protect personal information against loss, unauthorized access, misuse, alteration, and disclosure. Our safeguards are designed to align with PIPEDA, financial industry expectations, and applicable regulatory guidance for payments and financial services businesses. These measures include administrative, technical, and physical controls such as:

A. Administrative Safeguards

We implement policies, procedures, and governance measures to support secure handling of personal information, including:

  • Access control and authorisation policies
  • Employee security and compliance training
  • Confidentiality obligations and role based permissions
  • Vendor due diligence and oversight programs
  • Incident response and breach management protocols
  • Internal audit and compliance reviews
B. Technical Safeguards

Technical protections may include:

  • Encryption in transit and at rest
  • Multi factor authentication for relevant administrative or account access
  • Secure system architecture and hardened infrastructure
  • Firewalling, network protections, and intrusion detection or monitoring
  • Continuous monitoring for anomalous or suspicious activity
  • Regular vulnerability assessments and penetration testing
  • Tokenization for sensitive data where appropriate
C. Physical Safeguards

Physical protections may include:

  • Secure data center or hosting environments with controlled access.
  • Environmental controls, monitoring, and redundancy.
  • Hardware access restrictions and secure device management.
D. Safeguards for Third Party Processing

When trusted service providers process data on our behalf, we require:

  • Contractual data protection obligations.
  • Encryption and secure transmission standards.
  • Restricted, role based access controls.
  • Appropriate audit, assurance, or security review measures.
  • Ongoing oversight and periodic risk evaluation.

These controls are intended to help ensure that personal information handled by third parties receives a high level of protection.

9. Data Retention

Parapay retains personal information only for as long as necessary to fulfill the purposes for which it was collected, to comply with legal and regulatory obligations, and to support legitimate operational needs. Retention periods differ based on the type of information and applicable laws.

A. Identity Verification and KYC or KYB Records

In accordance with applicable legal and regulatory requirements, Parapay may be required to retain identity verification records, KYC or KYB documentation, beneficial ownership information, and related due diligence materials for the period required by law.

B. Transaction and Financial Records

Transactional information, including payments, loads, withdrawals, card activity, settlement data, and monitoring alerts, may be retained to:

  • Meet statutory reporting requirements.
  • Support dispute resolution.
  • Maintain accurate accounting and reconciliation.
  • Fulfill obligations to card networks, banking partners, and other financial institution partners.
C. Compliance, Monitoring, and Reporting Records

Suspicious transaction reports, risk assessments, ongoing monitoring logs, screening results, and related compliance records may be retained as required under legal, regulatory, or internal compliance requirements.

D. Operational and Business Records

Information used for customer support, service improvement, system monitoring, or internal governance is retained only for as long as necessary to:

  • Fulfill operational requirements.
  • Maintain platform integrity.
  • Enforce agreements.
  • Manage risk and security.

Where possible, data is anonymized or pseudonymized once it is no longer needed in identifiable form.

E. Legal Holds and Extended Retention

If Parapay is involved in an audit, investigation, regulatory inquiry, or legal claim, certain information may be retained beyond standard retention periods until the matter is resolved.

F. Deletion and Secure Disposal

Once retention periods expire and data is no longer required, Parapay securely deletes, anonymizes, or destroys the information using methods appropriate to the nature of the data and the systems involved.

10. Cookies and Tracking Technologies

Parapay uses cookies and similar tracking technologies to support the secure and efficient operation of our platforms, enhance user experience, and support fraud prevention, analytics, and service functionality.

A. Types of Cookies We Use
i. Essential Cookies

These cookies are required for the website and platform to function properly. They enable:

  • Secure login and session management.
  • Core account, payment, or service features.
  • Fraud prevention and authentication processes.

These cookies cannot be disabled because they are necessary for service delivery and platform security.

ii. Analytics and Performance Cookies

These cookies help us understand how users interact with our website and applications, including:

  • Page performance and loading times.
  • Clickstream data and navigation patterns.
  • Device and browser information.

Analytics cookies help us improve platform functionality and user experience.

iii. Security and Fraud Prevention Cookies

These cookies support:

  • Detection of unusual or high risk behavior.
  • Prevention of unauthorized access.
  • Continuous monitoring for fraud and abuse.

They play a critical role in maintaining the safety and integrity of financial services.

B. Third Party Tracking Technologies

Some analytics, verification, security, or infrastructure tools used by Parapay may deploy their own cookies or device identifiers. These technologies may support:

  • Identity verification.
  • Transaction risk analysis.
  • Platform monitoring and diagnostics.

Any third party cookie usage is governed by contractual and technical safeguards.

C. Your Choices and Cookie Controls

You may manage or disable cookies through your browser settings. However:

  • Disabling essential or security cookies may prevent the platform from functioning correctly.
  • Some features, such as logging in or completing transactions, may not be available if cookies are disabled.
  • You may also clear existing cookies at any time using your browser or device controls.
11. Your Privacy Rights

As an individual whose personal information is handled by Parapay, you have certain rights under PIPEDA and applicable provincial privacy laws. These rights allow you to understand and control how your information is collected, used, and disclosed. Because Parapay operates in a regulated financial services context, some rights are subject to regulatory limitations, including mandatory recordkeeping requirements.

You may exercise the following rights, subject to identity verification and applicable legal exceptions:

A. Right to Access

You may request access to the personal information we hold about you, including:

  • What information we have collected.
  • How it has been used.
  • With whom it has been shared.

We will provide access unless restricted by law, including where access would interfere with a legal or regulatory process.

B. Right to Correction

You may request that we correct or update any inaccurate, incomplete, or outdated personal information.

C. Right to Deletion, Subject to Legal Retention Rules

You may request deletion of your personal information. However, we may be unable to delete records that must be retained under legal or regulatory requirements, including identity verification records, transaction records, screening results, and compliance monitoring materials.

D. Right to Withdraw Consent

Where processing is based on consent, you may withdraw your consent at any time. Withdrawal does not apply to:

  • Mandatory compliance processing.
  • Legal and regulatory obligations.
  • Required operational processing tied to service delivery.

Where withdrawal affects your ability to use the service, we will inform you.

E. Right to Information About Data Use

You may request additional details about:

  • How your personal information is processed.
  • The purposes for which it is used.
  • The categories of third parties with whom it is shared.
  • Cross border processing and related safeguards.

We will provide this information unless restricted by legal or supervisory requirements.

F. How to Exercise Your Rights

To submit a request, you may contact us at:

  • Email: info@parapay.com
  • Website: www.parapay.com

We may require identity verification before responding to your request to protect your account and personal information.

12. Additional Regional Rights

Although Parapay primarily operates under Canadian privacy and financial regulatory requirements, certain users may be entitled to additional rights based on their location or applicable legislation. Where relevant and required by law, Parapay may recognize additional rights under laws such as GDPR or other applicable privacy regimes. Any such rights remain subject to legal limitations, including financial crime, compliance, and recordkeeping obligations.

13. Children's Privacy

Parapay's services are intended for adults who are legally able to enter into financial and contractual relationships. Our products, onboarding processes, and services are not designed for or directed to individuals under the age of 18.

We do not knowingly:

  • Collect personal information from minors.
  • Offer financial products to minors.
  • Permit the use of our services by individuals under 18.

If we become aware that personal information has been collected from a person under 18 in a way not permitted by law, we will review the matter and take appropriate action, subject to any legal or fraud prevention retention obligations.

14. Changes to This Policy

Parapay may update or modify this Privacy Policy from time to time to reflect changes in our services, legal or regulatory requirements, industry practices, or operational needs. When updates are made, we will revise the Last Updated date at the top of the Policy.

We may also provide additional notice of significant changes through:

  • Email notifications.
  • Platform alerts or banners.
  • Other reasonable communication methods.

Your continued use of Parapay's services after any changes take effect will constitute your acceptance of the updated Privacy Policy. If you do not agree with the revised Policy, you must discontinue using our services.

15. Contact Information

If you have questions, concerns, or requests relating to this Privacy Policy or the handling of your personal information, you may contact us using the methods below. We will respond in accordance with applicable privacy and financial regulatory requirements.

Parapay
Dang Technologies Inc.
2300-2850 Shaughnessy St, #319
Port Coquitlam, BC V3C 6K5
Canada

Email: info@parapay.com
Website: www.parapay.com

Certain personal information may be processed outside Canada by trusted service providers where reasonably necessary to support platform operations, onboarding, payments, security, compliance, communications, and infrastructure. These providers may process limited identity, account, transaction, device, authentication, screening, or support related information depending on the service provided.

  • Service providers in the United States supports digital wallet and exchange functionality, card issuing and payments infrastructure, blockchain payments and settlement services, authentication messaging, on chain AML monitoring, wallet screening, sanctions exposure analysis, investigations tooling, and cloud infrastructure, including hosting, databases, networking, app services, and related security environments. These providers may process limited account, transaction, device, authentication, or compliance related information as needed to perform those services.
  • Service providers in the United Kingdom support KYC and KYB onboarding, identity verification, document verification, liveness checks, sanctions screening, and related fraud and AML tooling. These providers may process identity, verification, and compliance related information as needed to perform those services.
App Store Google Play

Support

info@parapay.com
Solutions
Personal Business Payment Methods
Legal
Terms & ConditionsPrivacy PolicyUser Agreement

  1. 2300-2850 SHAUGHNESSY ST, #319 PORT COQUITLAM BC V3C 6K5, CANADA

  2. Dang Technologies Inc. (Canada) is registered with FINTRAC as a Money Services Business (MSB). Registration No.: [BC1399004]

© 2026 Parapay - All Rights Reserved