Effective Date: March 1, 2026 | Last Updated: March 1, 2026

We respect your privacy and are committed to processing your personal data in accordance with this Privacy Policy and applicable Canadian privacy laws. This Privacy Policy applies to all websites (the "Sites"), mobile applications, and other online services on which we post this Privacy Policy (collectively, the "Services"), as well as other information we collect about you offline.

As used in this Privacy Policy, "Euro Exchange Canada", "we", "our" or "us" refers to Euro Exchange Canada Inc.

Nothing in this Privacy Policy is intended to limit your statutory rights, including your right to a remedy or means of enforcement.

This Privacy Policy describes how we collect, use, and disclose information about you. Without limitation, we may collect information about you if you are a prospective customer or partner, an individual who uses our Services on their own behalf or on behalf of our customer, an individual who accesses our Services in connection with receiving payments (on their own behalf, or on behalf of their employer), or a visitor to our website.

This Privacy Policy does not describe how Euro Exchange Canada uses information that our customers provide to us (e.g., about their own payees, suppliers, or employees) to process on their behalf. For detailed privacy information related to a Euro Exchange Canada customer who uses our products and services as the controller, please contact our customer directly. We are not responsible for the privacy or data security practices of our customers, which may differ from those explained in this Privacy Policy.

By accessing and/or using any of the Services, you acknowledge that we may collect and process information about you as set forth in this Privacy Policy.

Specifically, this Privacy Policy describes our practices regarding:

1. Data Collection
2. Data Uses
3. Data Location and Consent to Transfer
4. Data Retention
5. Data Disclosure
6. Cookies and Tracking Technologies
7. Third-Party Websites and Services
8. Communications
9. Data Security
10. Choices and Data Subject Rights
11. Additional Information and Contact Details

1. Data Collection

How We Collect

We collect, receive, and process information about you through:

• Your interaction with us or our Services;
• Our customers, such as when they provide us with information about employees authorized to use the Services under their account, or information about their suppliers and other vendors;
• Third-party services and providers, such as business partners, credit bureaus, social media tools, analytics and other publicly available sources; and
• Events we organize or take part in, and other business initiatives.

Data You Provide to Us Directly

You may provide information directly to us, such as when you register for an account, complete your user profile, register for an event, fill out a survey, request certain features, use features that require your information, communicate with us, or otherwise interact with us. The information you provide may include:

• Contact information, such as full name, email address, and phone number;
• Business information, such as name of your employer, title/role and business address;
• Account log-in information such as email address and password;
• Financial information, such as Social Insurance Number (SIN), Business Number (BN), bank account number, transit number, institution number or SWIFT code and payment preferences;
• Other information about you, such as social media accounts; and
• Other information you provide, such as when communicating with us for support purposes.

We may also collect certain information for compliance purposes, such as through our Know Your Customer ("KYC") process, to comply with the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and FINTRAC regulations. This may include date of birth, address, Social Insurance Number, government-issued identification, personal bank statements or other documentation serving as proof of identity or valid address.

Information We Collect Automatically

We and our third-party vendors may use cookies, web beacons, and other tracking technologies to collect information about the computers or devices you use to access the Site, including browser type, ISP or operating system, domain name, access time, referring or exit pages, page views, IP address, unique device identifiers, and the type of device you use. We may also track when and how frequently you access or use the Services.

Most web browsers automatically accept cookies, but your browser may allow you to decline cookies. If you disable cookies, the Services may not function properly. For more information, see allaboutcookies.org.

Information We Collect From Other Sources

We may also collect information about you from unaffiliated parties, such as your organization providing contact information, company titles and roles. We may also collect information from third parties such as data enhancement providers.

2. Data Uses

We use information we collect about you for the following purposes:

• To facilitate, operate, and provide Services to our customers;
• To authenticate the identity of our users;
• To facilitate and manage access to and use of our Services;
• To provide customer care, assistance and technical support;
• To further develop, customize and improve the Services;
• To facilitate and optimize our marketing and advertising;
• To contact you with service-related or promotional messages;
• To support and enhance our data security measures;
• To create aggregated statistical and research data;
• To enforce and apply our agreements;
• To comply with our legal, regulatory, compliance and contractual obligations, including PCMLTFA, PIPEDA, and applicable provincial privacy legislation; and
• To comply with FINTRAC reporting requirements including Suspicious Transaction Reports (STRs), Large Cash Transaction Reports (LCTRs), and Electronic Funds Transfer Reports (EFTRs).

We may combine information collected from you with information obtained from affiliates and/or non-affiliated third parties. We may aggregate and/or anonymize information collected through the Services for any purpose.

3. Data Location and Consent to Transfer

We and vendors on our behalf manage, store and process information about you in Canada, and in other locations as reasonably necessary for the proper performance and delivery of our Services, or as may be required by law.

Where personal information is transferred outside of Canada, we take reasonable steps to ensure it receives a comparable level of protection as it would under Canadian privacy legislation, including through contractual arrangements with our service providers.

4. Data Retention

We retain information about you for as long as reasonably necessary to achieve the stated purposes of collection. Under PCMLTFA requirements, we are required to retain certain records for a minimum of five (5) years.

Except as required by applicable law, we will not be obligated to retain information for any particular period, and we are free to securely delete it at any time. Contact us at info@eurocanada.com with questions about data retention.

5. Data Disclosure

Legal Compliance; Safety: We may disclose information in response to a subpoena, search warrant or court order, or in compliance with applicable Canadian laws and regulations, if we believe in good faith that we are legally compelled to do so, or disclosure is appropriate in connection with efforts to investigate actual or suspected illegal activity, fraud, or other wrongdoing.

FINTRAC: As required under the PCMLTFA, we disclose information to the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) including Suspicious Transaction Reports, Large Cash Transaction Reports, Electronic Funds Transfer Reports, and Terrorist Property Reports.

Vendors: We engage vendors to support the operation of our business. These may include hosting services, data analytics, cyber security, fraud detection, banks, financial institutions, credit bureaus, billing and payment processing, web analytics, and our legal, tax, financial and compliance advisors.

Change of Control: Should Euro Exchange Canada undergo any change in control or ownership, personal data may be shared with the parties involved in such an event.

Disclosure with Consent: Euro Exchange Canada may also disclose information about you with your consent or at your direction.

Aggregated/De-Identified Data: We may disclose information that has been aggregated or de-identified.

6. Cookies and Tracking Technologies

Euro Exchange Canada and its vendors use cookies and other technologies on our Sites for performance, tracking, analytics, and personalization purposes. We use the following categories of cookies:

• Strictly Necessary Cookies: Required for site functionality. Cannot be opted out of.
• Functional Cookies: Enable additional functionality and remember your preferences.
• Analytics or Performance Cookies: Assist with analyzing site use and improving performance.
• Advertising Cookies: Track activity to understand interests and direct marketing.

Opting Out: Manage cookie preferences through your browser settings. For interest-based advertising opt-out, visit youradchoices.ca.

7. Third-Party Websites and Services

Our Services may include links to third-party websites and integrations with third-party services. Such websites and services are governed by their own terms and privacy policies, not this Privacy Policy.

8. Communications

Service Communications: We may contact you with important information regarding our Services, such as notifications of changes, payment issues, or password reset instructions.

Promotional Communications: We may notify you about new features, events, webinars, or special opportunities. We may provide such notices through any contact means available to us.

9. Data Security

We implement technical, organizational, and administrative systems to secure your personal data. However, we cannot guarantee complete immunity from wrongdoings, malfunctions, or unauthorized access. Please take appropriate measures to protect your credentials.

10. Choices and Data Subject Rights

Marketing Communications: Unsubscribe from marketing emails by following directions in those emails, or contact us at info@eurocanada.com.

Rights Under Canadian Law: Under PIPEDA and applicable provincial privacy legislation, you have the following rights:

• The right to know what personal information we hold about you and how it is used;
• The right to access your personal data;
• The right to request correction of inaccurate or incomplete information;
• The right to withdraw consent for non-mandatory uses;
• The right to file a complaint with the Office of the Privacy Commissioner of Canada.

To exercise your rights, contact us at privacy@eurocanada.com. We will respond within 30 days. We do not charge a fee unless the request is excessive or manifestly unfounded.

11. Additional Information and Contact Details

Updates: We may update this Privacy Policy from time to time. The amended version will be effective as of the date published.

Children: Our Services are not designed for children under 18. We do not knowingly collect personal data from children. Contact us at info@eurocanada.com if you believe we hold such data.

Contact: For questions, concerns or complaints regarding this Privacy Policy or your personal data, contact our Privacy Officer:

Euro Exchange Canada Inc.
Privacy Officer
Email: privacy@eurocanada.com
Toronto, Ontario, Canada

If unsatisfied with our response, you have the right to file a complaint with the Office of the Privacy Commissioner of Canada.

1. Compliance Program

Our program includes: Appointed Compliance Officer, written policies and procedures, comprehensive risk assessment, ongoing training, and two-year effectiveness reviews.

2. Client Due Diligence

• Verification of all clients, authorized representatives, and beneficial owners
• Source of funds documentation for all transactions
• Enhanced due diligence for higher-risk clients
• Ongoing monitoring and periodic updating

3. Transaction Reporting

• Suspicious Transaction Reports (STRs)
• Large Cash Transaction Reports (LCTRs): $10,000+
• Large Virtual Currency Transaction Reports (LVCTRs): $10,000+
• Electronic Funds Transfer Reports (EFTRs): $10,000+

4. Sanctions & Blockchain Analytics

• Screening against Canadian, UN, and OFAC sanctions lists
• Blockchain analytics for digital asset risk assessment
• Wallet verification and Travel Rule compliance

5. Contact

Euro Exchange Canada Inc. — Compliance
Email: compliance@eurocanada.com