As part of our regular business operations, we (being Ledn Inc. along with its affiliates and subsidiaries) collect personal information from you to provide you with our services. Our company’s culture is centered on transparency, integrity, fairness and adherence to the rule of law. These values guide everything that we do, including how we gather and use your personal data and information.
We will only use your personal information in accordance with this policy unless otherwise required by applicable law. We take steps to ensure that the personal information that we collect about you is adequate, relevant, not excessive, and used for limited purposes. We only collect the necessary information to originate, administer and process our services (including as necessary to comply with our legal and regulatory obligations).
What is personal information?
Personal information. Personal information is typically data that identifies an individual or relates to an identifiable individual. This includes information we can reasonably use to, directly or indirectly, identify you, such as your name, mailing address, email address, telephone number, Internet protocol (IP) address used to connect your computer to the Internet, username or other similar identifier, billing and account information, social insurance number, and any other identifier we may use to contact you.
Non-personal information. Non-personal information does not directly or indirectly reveal your identity or directly relate to an identifiable individual. Examples of non-personal information are statistical or aggregate data. Statistical or aggregated data does not directly identify a specific person, but we may derive non-personal statistical or aggregated data from personal information. For example, we may aggregate personal information to calculate the percentage of users accessing a specific page on our website.
Non-personal information also includes technical information such as your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, or information about your internet connection, the equipment you use to access our website, and usage details. We also collect non-personal details about your website interactions, including the full Uniform Resource Locators (URLs), clickstream to, through and from our website (including date and time), pages, products and services you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from a page, or any phone number used to call our customer service number.
How do we collect information about you?
We use three different methods to collect your information.
First, we collect information when you provide it to us through our direct interactions with you, for example, by filling in forms or corresponding with us through our website or by phone, email, videocall, videoconference, instant messaging app, or otherwise. You also provide us with information when you interact with us through public websites, including social media and social networking websites.
Second, we collect information through cookies and other automated technologies or interactions, as you navigate through our website. Information collected automatically may include usage details, IP addresses, and information collected through cookies, web beacons, and other tracking technologies.
Third, we also collect information about you from third parties, as required or permitted by applicable law. Third-party sources may include public databases, credit bureaus, identity verification partners, resellers and channel partners, support channel partners, joint marketing partners, and social media platforms. Additionally, we receive personal information when you link a third-party service to us. Such linkage may include interactions with our social media sites. Please remember that third-party websites are governed by their own privacy policies, and you should review those privacy policies before using those sites.
3.2. Information you provide to us.
We collect information from you by asking you directly for it, this includes when you interact with one of our representatives or when you fill certain forms on our website.
To establish an account and access our services, we will ask you to provide us with some information about yourself. This information is either required by law (e.g., to verify your identity), necessary to provide the requested services (e.g., you will need to provide your wallet address if you would like to link that wallet to your Ledn account), or is relevant for certain specified purposes, described in greater detail below. As we add new features and services, you may be asked to provide additional information. We may ask you for information when you enter a contest or promotion sponsored by us, and when you report a problem with our website. We may also ask you for additional information, or to confirm the information you previously provided to us, if you make an unusual transaction or make an unusual request.
Please note that we may not be able to serve you as effectively or at all or offer you our services if you choose not to share certain information with us. Any information you provide to us that is not required is voluntary. For example, you may provide us with additional personal information if you select to designate beneficiaries to your account or if you safelist certain wallet addresses.
We may collect the following types of information from you.
(a) Personal identification information: such as your full legal name, date of birth, nationality, gender, signature, utility bills, photographs, phone number, home address, information about family members, and email.
(b) Formal identification information: including government issued identity document such as passport, driver license, national or state identity card, tax identification number, social insurance number (or any comparable identification number issued by a government), social security card, passport number, driver license details, national identity card details, visa information, and/or any other information deemed necessary to comply with our legal obligations under financial, anti-money laundering or counter terrorism financing laws.
(c) Employment information: including employment or occupation industry, office location, job title, and/or description of role, employer identification number (or comparable number issued by a government)
(d) Additional information: including responses to questions that we are specifically required to ask or information that we are required to obtain in order to meet our regulatory, compliance or other legal obligations, such as questions about the source and the intended use of any funds or digital assets; proof of legal formation (e.g., articles of incorporation), personal identification information for all material beneficial owners; bank account information, payment card account number, transaction history, trading data; information about the transactions you made or intend to make.
(e) Other information: our compliance team may request additional information from you, as may be required for compliance with law, regulations or our internal policies. This may include information relating to health, travel history, relationship/marital status and criminal convictions or charges.
3.3. Information we collect through cookies.
Cookies (or browser cookies) are small text files sent from a site to the hard drive of your device (e.g., computer or phone) to store bits of information related to you. First-party cookies are put on your device directly by our website, which allows us to collect analytical data and provide other useful functions that create a good user experience.
Cookies are very helpful and may be used for various different purposes. These purposes include, among other things, allowing you to navigate between pages efficiently, enabling automatic activation of certain features, remembering your preferences and making the interaction between you and the website quicker, easier and smoother.
Certain features of our website may use local stored objects (sometimes referred to as flash cookies) to collect and store information about your preferences and navigation to, from, and on our website. Flash cookies are not managed by the same browser settings that are used for browser cookies.
Pages of our website and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that allow us, among other things, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).
3.4. Third party cookies.
3.5. Publicly available information.
Anyone can see the balance and transaction history of any public digital asset address (public key). We, and any other person who can match your digital asset address to other information about you, may be able to identify you from a blockchain transaction. This is because information published on a blockchain can be correlated with information that we and others may have. This may be the case even if we, or they, were not involved in the blockchain transaction. Furthermore, by using data analysis techniques on a given blockchain, it may be possible to identify other information about you. As part of our security, anti-fraud and/or identity verification and authentication checks, we may conduct such analysis to collect and process such information about you. You acknowledge and agree to allow us to perform such practices.
3.6. Online tracking and do not track signals.
Our services are not meant for persons under the age of majority or younger than 18 years. We do not knowingly or intentionally collect personal information from such persons. If we learn that we have inadvertently gathered personal information about such a person, we will take legally permissible measures to remove that information from our records. We will require such a user to close his or her account and will not allow the use of our products and services. If you are the parent or guardian of a minor and you become aware that he or she has provided personal information to us, please contact us at email@example.com.
Why do we collect your information and how do we use it?
4.1. To maintain legal and regulatory compliance.
Most of our services are subject to laws and regulations requiring us to collect, use, and store your personal information in certain ways. For example, we must identify and verify customers using our services in order to comply with anti-money laundering and counter terrorism financing laws across the jurisdictions in which we operate. This may include the collection and storage of your photo identification and other documents you provide to us.
In addition, we use third parties to verify your identity by comparing the personal information you provide against third-party databases and public records. We may require you to provide additional information which we may use in collaboration with service providers acting on our behalf to verify your identity or address, and/or to manage risk as required under applicable law. If you do not provide personal information required by law, we may have to close your account.
4.2. To protect you and us.
We process your personal information in order to administer and protect our business, prevent and mitigate fraud, criminal activity, or misuses of our services, and to ensure the security of our systems, architecture and networks, and to protect you against account compromise or funds loss.
4.3. Enforce the terms of our agreements.
We process and use your personal information to actively monitor, investigate, prevent, and mitigate any potentially prohibited or illegal activities, enforce our agreements with you and third parties, and/or prevent and detect violations of our posted user agreements and terms of service. In addition, we may process your information in order to collect fees based on your use of our services.
4.4. To provide you with our services and keep you informed.
We process your personal information to provide our services to you. For example, when you want to store digital assets on our platform, we require certain information such as your identification, contact information, and payment information. We generally cannot provide you with our services without such information. Third parties such as identity verification services may also access and/or collect your personal information when providing identity verification and/or fraud prevention services.
We send administrative or account-related information to you to keep you updated about our services, inform you of relevant security issues or updates, or provide other transaction-related information. Without such communications, you may not be aware of important developments relating to your account that may affect how you can use our services. You may not opt-out of receiving critical service communications, such as emails or mobile notifications sent for legal or security purposes.
4.5. To provide you with customer service and support and for quality control.
We process your personal information when you contact us to resolve any questions, disputes, collect fees, or to troubleshoot problems. Without processing your personal information for such purposes, we cannot respond to your requests and ensure your uninterrupted use of our services. We also process your personal information for quality control and staff training to make sure we continue to provide you with accurate information and quality services.
4.6. To engage in marketing and promotional activities. We may send you marketing communications (e.g., emails or mobile notifications) to inform you about our events or our partner events; to deliver targeted marketing; and to provide you with promotional offers. Our marketing will be conducted in accordance with your marketing preferences and as permitted by applicable law.
4.7. To enhance your experience and for development purposes.
We process your personal information to better understand the way you use and interact with our services. In addition, we use such information to customise, measure, and improve our services and to develop new services. This processing is essential to ensure your continued enjoyment and satisfaction.
We process your personal information to provide a personalized experience, and implement the preferences you request. For example, you may choose to provide us with access to certain personal information stored by third parties. Without such processing, we may not be able to ensure your continued enjoyment of part or all of our services.
What are the legal bases that allow us to collect and process your information?
At the time that your personal information is collected, we rely on the following legal bases for processing your information. We will generally only collect or process your data where we are legally required to, where processing is necessary to perform any contracts we entered with you (or to take steps at your request prior to entering into a contract with you), for our legitimate interests to operate our business or to protect our or your property, rights, or safety, or where we have obtained your consent to do so. When we collect or process your personal information based on our legitimate interests, we ensure that we consider and balance any potential impact on you and your rights under privacy protection laws. We value you and your privacy rights and interests.
With whom do we share your information?
6.1. Our Affiliates.
6.2. Service Providers.
We engage, and to the extent permissible by applicable law we may share your personal information with, financial, accounting, legal, marketing, communication and technology companies to provide services such as data processing, proof-of-reserves attestations, administrative services, regulatory support, legal services, liquidity services, bank services, cloud storage, authentication support, payment processing, technical support, sales, client support, data hosting, marketing analytics auditors, accountant , cryptocurrency exchange and custodians, cryptocurrency forensic analysis services.
6.3. Regulatory and Government Authorities.
We may share your personal information with law enforcement, regulatory agencies, and self-regulatory agencies to help prevent fraud, for legal proceedings, or as otherwise required by law. Large transactions of digital assets may be subject to certain automatic reporting obligations. For example, we may report your transaction to the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) in order to meet and comply with our reporting obligations under the Proceeds of Crime (Money laundering) and Terrorist Financing Act and associated regulations. We are also legally obligated to report certain transactions if we have reasonable grounds to suspect that the transaction or attempted transaction is related to the commission of a money laundering offence or a terrorist activity financing offence.
Why do we share your information with others?
We may share your information in order to be able to process certain transactions. We may disclose personal information to third parties in order to administer or process a transaction, product or service you have authorized or requested, or in the context of facilitating the execution of a transaction. This includes sharing your information with financial institutions with which we partner to process payments which you have authorized.
We may share your information in order to meet our legal obligations, including our know-your-customer and anti-money-laundering obligations. We are required to validate our clients’ identities by applicable laws and regulatory requirements and rely on third-party services to perform these validations. Personal information that you provide to us during the account opening process is passed to these service providers at account opening and on an ongoing basis thereafter.
We may share your information in order to protect our legal rights. We may disclose or transfer information we collect upon account closing where you have a deficient balance.
We may also share or transfer your personal information, in accordance with applicable law, to a buyer of our company, or substantially all of its assets. You acknowledge that such transfers may occur, and that any purchaser of or successor to our business or its assets may continue to collect, use and disclose your information as set forth in this policy.
Where do we store and process your personal information?
We may transfer your personal information outside your home jurisdiction to our subsidiaries, service providers and business partners who are engaged on our behalf. To the extent that we transfer your personal information outside of your home jurisdiction, we will ensure that the transfer is lawful and that all persons to whom we transfer such data are obliged to comply with all applicable laws, rules and regulations.
How do we protect your personal information?
We are strongly committed to keeping your personal information safe. This commitment exists throughout the lifecycle of your personal data, starting with the design of our services. We protect your personal information by maintaining physical, electronic, and procedural safeguards in compliance with the applicable laws and regulations. For example, we use computer safeguards such as firewalls and data encryption, we enforce physical access controls to our physical sites and files, and we authorize access to personal information only for those employees who require it to fulfill their job responsibilities.
However, we cannot guarantee that loss, misuse, unauthorized acquisition, or alteration of your data will not occur. Please recognize that you play a vital role in protecting your own personal information. When registering for an account with us it is important to choose a password of sufficient length and complexity, to not reveal this password to any other person, and to immediately notify us if you become aware of any unauthorized access to or use of your account.
Our data retention policy.
Your privacy rights.
11.1. Right to Access.
You may request we provide you a copy of the personal information we hold about you and certain information about our processing of this information.
It is important to us that your personal information is up to date. We will take all reasonable steps to make sure that your personal information remains accurate, complete and up to date. If the personal information we hold about you is inaccurate or incomplete, you are entitled to have it rectified. If we have disclosed your personal information to others, we will let them know about such rectification where possible. If you ask us, if possible and lawful to do so, we will also inform you with whom we have shared your personal information so that you can contact them directly.
11.3. Right to Erasure.
You may request we delete your personal information from our records subject to certain exceptions. For example, we may deny your request if retaining your personal information is required under certain circumstances, including but not limited to complying with a legal obligation; establishing, exercising or defending legal claims; or performing a task in the public interest or in the exercise of official authority.
11.4. Right to Data Portability.
You may request we transfer a machine-readable copy of your personal information to you or a third party of your choice. We will provide you, or a third party, your personal information in a machine-readable format. This right only applies to personal information you have consented for us to use.
11.5. Right to Restrict Processing.
You may request we restrict or suppress the processing of your personal information under certain circumstances, for example: to establish the accuracy of the personal information; where the processing is unlawful, but you do not want your personal information erased; where we no longer need to process your personal information, but the information must be retained for legal reasons; and where you have objected to our processing your personal information, but we need to determine whether our legitimate interest overrides your objection.
11.6. Right to Object.
You may object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights. You also may object to our process of your personal information for direct marketing purposes.
11.7. Right to Withdraw Consent.
You may withdraw your consent at any time where we are relying on it to process your personal information. Withdrawing your consent does not affect the lawfulness of our processing of your personal information prior to such withdrawing.
11.8. Right not to sell.
We will never sell or rent your personal information to any third parties without your explicit consent.
11.9. Jurisdictional specific privacy rights.
Depending on the jurisdiction where you reside, you may have certain additional statutory rights over the personal information we collect about you. You may exercise these rights at any time by contacting us. Note that we may refuse to grant your requests in whole or in part as permitted by applicable law.
Attn.: Privacy Officer, Ledn Inc.
Mail: 225 King Street West, Suite 1000, Toronto, Ontario, Canada M5V 3M2
If you are an individual residing in the European Union, you may also contact our local representative, at firstname.lastname@example.org, who is based in Spain and who has been appointed as Ledn’s representative in the European Union on matters related to the processing of personal information that takes place in the European Union.
We try to respond to requests within thirty (30) days. Occasionally, it may take us longer than that if your request is particularly complex, if you have made several requests, or if we require additional information from you to process your request. In this case, we will notify you within the thirty-day period and keep you updated. If you have an account with us, we may deliver our response to that account. If you do not have an account with us, we will deliver our response by mail or electronically. If we cannot comply with your request, we will provide a detailed explanation of why we cannot comply.
We are committed to resolve any complaints about our processing of your personal information in a fair and equitable manner that takes into account your privacy rights and interests. Where you are not satisfied with the actions we take to rectify a matter, or with the explanations given, you will be informed of your further rights including the right to file a complaint with the appropriate regulatory agency and body, and will be given clear direction as to how to do so.
Last Updated: 3/31/2021