Financial Data & Cookie Notice

Axiom uses cookies and similar technologies to enhance your trading experience, analyze platform performance, provide personalized market insights, and deliver relevant financial communications. We collect data to optimize our cryptocurrency trading services, improve security measures, and ensure regulatory compliance. By accepting, you consent to our data collection practices for trading platform functionality, market analysis, portfolio management, and secure financial transactions. Your privacy and data security are our priority.

Privacy Policy

Last Updated: December 15, 2024

1. Introduction

Northern Peak Trading Inc. ("Axiom," "we," "us," or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our cryptocurrency trading platform and related services.

By accessing or using Axiom's services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use our services.

Important:Cryptocurrency trading involves significant risk. This Privacy Policy is part of our commitment to transparency and regulatory compliance in the digital asset trading space.

2. Information We Collect

2.1 Personal Information

We collect personal information that you provide directly to us when you create an account, verify your identity, or use our services. This includes:

  • Identity Information:Full legal name, date of birth, nationality, government-issued identification documents (passport, driver's license, national ID card), and photographs for identity verification
  • Contact Information:Email address, phone number, residential address, and mailing address
  • Financial Information:Bank account details, payment card information, transaction history, trading patterns, wallet addresses, and cryptocurrency holdings
  • Employment Information:Occupation, employer name, source of funds, and annual income range
  • Tax Information:Tax identification numbers, Social Insurance Number (SIN), and tax residency status as required by applicable regulations

2.2 Technical and Usage Information

We automatically collect certain information when you access our platform:

  • Device Information:IP address, browser type and version, operating system, device identifiers, and mobile network information
  • Usage Data:Pages visited, features used, time spent on platform, trading activity, search queries, and interaction with our services
  • Location Data:General geographic location based on IP address and precise location if you grant permission
  • Cookies and Tracking Technologies:Information collected through cookies, web beacons, and similar technologies to enhance user experience and platform security

2.3 Information from Third Parties

We may receive information about you from third-party sources, including:

  • Identity verification services and Know Your Customer (KYC) providers
  • Credit bureaus and fraud prevention services
  • Blockchain analytics providers for transaction monitoring
  • Payment processors and financial institutions
  • Public databases and government registries
  • Marketing partners and analytics providers

3. How We Use Your Information

We use the collected information for various purposes related to providing, maintaining, and improving our cryptocurrency trading services:

3.1 Service Provision and Account Management

  • Creating and managing your trading account
  • Processing cryptocurrency transactions and trades
  • Facilitating deposits, withdrawals, and transfers
  • Providing customer support and responding to inquiries
  • Sending service-related notifications and updates
  • Managing your preferences and account settings

3.2 Regulatory Compliance and Security

  • Verifying your identity and conducting KYC/AML (Anti-Money Laundering) checks
  • Complying with legal obligations under Canadian securities laws, FINTRAC regulations, and international financial regulations
  • Detecting, preventing, and investigating fraud, money laundering, terrorist financing, and other illegal activities
  • Monitoring transactions for suspicious activity and reporting to relevant authorities
  • Maintaining records as required by financial services regulations
  • Responding to legal requests, court orders, and regulatory inquiries

3.3 Platform Improvement and Analytics

  • Analyzing usage patterns to improve platform functionality and user experience
  • Developing new features and services based on user behavior
  • Conducting research and analytics on trading trends and market dynamics
  • Testing and optimizing platform performance and security measures
  • Personalizing your experience based on your preferences and trading history

3.4 Marketing and Communications

  • Sending promotional materials about new features, products, and services (with your consent)
  • Providing educational content about cryptocurrency trading and blockchain technology
  • Conducting surveys and gathering feedback to improve our services
  • Informing you about platform updates, security alerts, and important changes

4. Information Sharing and Disclosure

We may share your information with third parties under the following circumstances:

4.1 Service Providers and Business Partners

We engage trusted third-party service providers to support our operations, including:

  • Identity verification and KYC/AML compliance providers
  • Payment processors and banking partners
  • Cloud storage and hosting services
  • Customer support and communication platforms
  • Analytics and data processing services
  • Security and fraud prevention services
  • Marketing and advertising partners

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.2 Legal and Regulatory Requirements

We may disclose your information when required by law or in response to:

  • Court orders, subpoenas, or other legal processes
  • Requests from law enforcement agencies or regulatory authorities
  • FINTRAC (Financial Transactions and Reports Analysis Centre of Canada) reporting obligations
  • Canadian securities regulators and provincial securities commissions
  • Tax authorities and revenue agencies
  • International regulatory bodies for cross-border transactions

4.3 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change and provide options regarding your information.

4.4 Blockchain Transparency

Please note that cryptocurrency transactions are recorded on public blockchains. While wallet addresses do not directly identify individuals, transaction details including amounts, timestamps, and wallet addresses are publicly visible and permanently recorded on the blockchain.

4.5 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing, such as when participating in promotional campaigns or connecting third-party services to your account.

5. Data Security Measures

We implement comprehensive security measures to protect your personal information and cryptocurrency assets:

5.1 Technical Security

  • Encryption:All sensitive data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption
  • Multi-Factor Authentication:Required for account access and sensitive operations
  • Cold Storage:Majority of cryptocurrency assets stored in offline, air-gapped cold wallets
  • Hot Wallet Security:Multi-signature wallets and hardware security modules for operational funds
  • Network Security:Firewalls, intrusion detection systems, and DDoS protection
  • Regular Security Audits:Third-party penetration testing and vulnerability assessments

5.2 Operational Security

  • Strict access controls and role-based permissions for employee access
  • Background checks and security training for all personnel
  • Incident response procedures and disaster recovery plans
  • Regular security awareness training and phishing simulations
  • Segregation of duties and dual-control procedures for critical operations
  • Comprehensive logging and monitoring of system activities

5.3 Compliance and Governance

  • Adherence to industry best practices and security standards
  • Regular compliance audits and regulatory examinations
  • Data protection impact assessments for new features and services
  • Privacy by design principles in system development
  • Vendor security assessments for third-party service providers

Security Notice:While we implement robust security measures, no system is completely secure. You are responsible for maintaining the confidentiality of your account credentials and should immediately notify us of any unauthorized access or security concerns.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy and to comply with legal and regulatory requirements:

6.1 Active Account Data

While your account is active, we retain all information necessary to provide our services, including transaction history, identity verification documents, and account preferences.

6.2 Regulatory Retention Requirements

Under Canadian financial regulations and FINTRAC requirements, we must retain certain records for specific periods:

  • Identity verification records: Minimum 5 years after account closure
  • Transaction records: Minimum 5 years from transaction date
  • Suspicious transaction reports: Minimum 5 years from reporting date
  • Account opening records: Minimum 5 years after account closure
  • Correspondence and communications: As required by applicable regulations

6.3 Account Closure

When you close your account, we will:

  • Deactivate your account and prevent further transactions
  • Retain records as required by law and regulation
  • Delete or anonymize information not subject to retention requirements
  • Maintain blockchain transaction records (which are immutable and publicly visible)

6.4 Data Deletion Requests

You may request deletion of your personal information, subject to our legal and regulatory obligations. We will respond to deletion requests within 30 days and explain any limitations on deletion based on legal requirements.

7. Your Privacy Rights

Under Canadian privacy laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA), you have the following rights:

7.1 Access and Portability

  • Request access to your personal information we hold
  • Receive a copy of your data in a structured, commonly used format
  • Request transfer of your data to another service provider (where technically feasible)

7.2 Correction and Update

  • Correct inaccurate or incomplete personal information
  • Update your contact details and account preferences
  • Challenge the accuracy of information we hold about you

7.3 Deletion and Restriction

  • Request deletion of your personal information (subject to legal retention requirements)
  • Restrict processing of your information in certain circumstances
  • Object to processing based on legitimate interests

7.4 Consent Management

  • Withdraw consent for marketing communications at any time
  • Opt-out of non-essential data collection and processing
  • Manage cookie preferences and tracking technologies

7.5 Complaint and Appeal

  • File a complaint with our Privacy Officer regarding data handling practices
  • Appeal decisions regarding your privacy rights requests
  • Lodge a complaint with the Office of the Privacy Commissioner of Canada

7.6 Exercising Your Rights

To exercise any of these rights, please contact our Privacy Officer using the contact information provided at the end of this policy. We will respond to your request within 30 days and may require identity verification to protect your information.

8. International Data Transfers

Axiom operates primarily in Canada, but cryptocurrency trading is inherently global. Your information may be transferred to and processed in countries outside Canada:

8.1 Cross-Border Transfers

We may transfer your personal information to:

  • Service providers located in the United States and other jurisdictions
  • Cloud storage facilities in various geographic regions
  • International payment processors and banking partners
  • Global blockchain networks and cryptocurrency exchanges

8.2 Transfer Safeguards

When transferring data internationally, we implement appropriate safeguards:

  • Standard contractual clauses approved by privacy regulators
  • Data processing agreements with third-party service providers
  • Adequacy decisions recognizing equivalent privacy protections
  • Encryption and security measures during data transmission
  • Regular assessments of third-party data protection practices

8.3 Blockchain Considerations

Cryptocurrency transactions are recorded on decentralized blockchain networks that operate globally. Once recorded, blockchain data cannot be deleted or modified, and transaction information may be accessible from any jurisdiction.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience and improve our services:

9.1 Types of Cookies We Use

  • Essential Cookies:Required for platform functionality, authentication, and security
  • Performance Cookies:Collect information about platform usage and performance
  • Functional Cookies:Remember your preferences and personalize your experience
  • Analytics Cookies:Help us understand user behavior and improve our services
  • Marketing Cookies:Used to deliver relevant advertisements and measure campaign effectiveness

9.2 Third-Party Tracking

We may use third-party analytics and advertising services that place cookies on your device:

  • Google Analytics for website traffic analysis
  • Marketing platforms for campaign tracking and optimization
  • Social media pixels for audience targeting and measurement
  • Fraud prevention services for security monitoring

9.3 Managing Cookies

You can control cookies through your browser settings and our cookie preference center. Note that disabling certain cookies may limit platform functionality and your ability to use some features.

10. Children's Privacy

Axiom's services are not intended for individuals under the age of 18. We do not knowingly collect personal information from minors. If you are under 18, you may not create an account or use our services.

If we become aware that we have collected personal information from a minor without proper parental consent, we will take immediate steps to delete such information and terminate the account.

Parents or guardians who believe their child has provided personal information to us should contact our Privacy Officer immediately.

11. Third-Party Links and Services

Our platform may contain links to third-party websites, applications, or services that are not operated by Axiom. This Privacy Policy does not apply to third-party services, and we are not responsible for their privacy practices.

We encourage you to review the privacy policies of any third-party services before providing personal information or engaging in transactions. Third-party services may have different data collection, use, and sharing practices.

When you connect third-party services to your Axiom account (such as external wallets or trading tools), you authorize us to share certain information as necessary to provide the integrated functionality.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this policy
  • Notify you via email or prominent notice on our platform
  • Provide a summary of significant changes
  • Request your consent if required by applicable law
  • Maintain previous versions for your reference

Your continued use of our services after the effective date of changes constitutes acceptance of the updated Privacy Policy. If you do not agree with the changes, you should discontinue use of our services and close your account.

We recommend reviewing this Privacy Policy regularly to stay informed about how we protect your information.

13. Regulatory Compliance

Axiom is committed to compliance with applicable privacy and financial regulations:

13.1 Canadian Regulations

  • PIPEDA:Personal Information Protection and Electronic Documents Act
  • FINTRAC:Proceeds of Crime (Money Laundering) and Terrorist Financing Act
  • Provincial Securities Laws:Compliance with securities regulations in operating jurisdictions
  • Consumer Protection Laws:Adherence to consumer protection and fair trading practices

13.2 International Standards

  • Financial Action Task Force (FATF) recommendations for virtual asset service providers
  • International Organization of Securities Commissions (IOSCO) principles
  • ISO/IEC 27001 information security management standards
  • Payment Card Industry Data Security Standard (PCI DSS) for payment processing

13.3 Industry Best Practices

We follow cryptocurrency industry best practices and participate in industry associations to promote responsible trading practices and consumer protection.

Contact Our Privacy Officer

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Privacy Officer:

Northern Peak Trading Inc.
Privacy Officer
185 Wellington Street West, Suite 1600
Toronto, M5V 3X7, Canada
416-868-3000
info@axiomtrading.ca

Response Time:We will respond to all privacy inquiries within 30 days. For urgent security concerns, please mark your communication as "URGENT - SECURITY" for priority handling.

14. Additional Information

14.1 Privacy Commissioner Contact

If you are not satisfied with our response to your privacy concerns, you may contact the Office of the Privacy Commissioner of Canada:

  • Website: www.priv.gc.ca
  • Toll-free: 1-800-282-1376
  • Email: info@priv.gc.ca

14.2 Language

This Privacy Policy is provided in English. If there is any conflict between the English version and any translation, the English version shall prevail.

14.3 Severability

If any provision of this Privacy Policy is found to be invalid or unenforceable, the remaining provisions shall continue in full force and effect.