Last updated: June 2025
Payone ("we", "us", "our") is a Canadian payment solutions provider specialising in Interac e-Transfer processing for businesses including cryptocurrency OTC desks, e-commerce merchants, and other online platforms. This Privacy Policy explains how we collect, use, store, and protect personal and business information in the course of providing our payment services. We are committed to complying with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy legislation.
We collect information necessary to provide payment processing services and meet our legal and regulatory obligations. This includes:
We collect and use your information for the following purposes:
As an Interac payment processor, we handle sensitive financial transaction data on behalf of our merchants. Transaction details — including sender information, transfer amounts, and Interac reference numbers — are processed and stored in accordance with applicable Canadian financial regulations. This data is used solely for settlement, reconciliation, dispute resolution, and regulatory reporting. Payone does not sell, rent, or share transaction data with third parties for marketing purposes.
Merchants operating in the cryptocurrency and digital asset space (including OTC desks) are subject to enhanced due diligence as required under PCMLTFA and FINTRAC guidance. Information collected during onboarding and ongoing monitoring — including transaction volumes, customer identification records, and source of funds documentation — may be retained and reported to regulators where required by law. Payone does not store or manage cryptocurrency wallets or digital assets; our role is limited to facilitating the CAD Interac payment leg of transactions.
We do not sell your personal or business information. We may share information in the following circumstances:
We implement industry-standard technical and organisational security measures to protect your information, including encryption in transit and at rest, role-based access controls, and regular security assessments. While we take every reasonable precaution, no system is completely immune to security risks. In the event of a data breach affecting your information, we will notify you as required by applicable law.
We retain personal and business information for as long as necessary to provide our services and fulfil our legal obligations. Specifically:
Our website uses cookies and similar technologies to maintain session state, analyse traffic, and improve your browsing experience. We do not use cookies to track you across third-party websites for advertising purposes. You may adjust cookie preferences through your browser settings; however, disabling certain cookies may affect website functionality.
Under PIPEDA and applicable Canadian privacy law, you have the right to:
Please note that certain information may be exempt from access or deletion requests where retention is required by law (e.g. AML/FINTRAC records). To exercise your rights, contact us via our Contact page.
Our website may contain links to third-party sites. We are not responsible for the privacy practices or content of those sites and encourage you to review their privacy policies independently.
We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or industry best practices. Material changes will be communicated via email or a notice on our website. The "Last updated" date at the top of this page indicates when the policy was most recently revised.
For privacy-related inquiries, requests, or complaints, please contact our Privacy Officer via our Contact page or email support@payone.ca.