Privacy Policy
Introduction
TrovexiCore Canada Technologies Inc. ("TrovexiCore," "we," "our," or "us") is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you use our website, mobile applications, and cryptocurrency investment services.
We comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) and all applicable Canadian privacy legislation. This policy applies to all users of TrovexiCore services, including prospective clients, active account holders, and visitors to our digital properties. By using our platform, you consent to the collection and use of information as described herein. If you do not agree with this policy, please do not access or use our services.
This Privacy Policy is effective as of May 1, 2026. We reserve the right to update this document periodically to reflect changes in our practices, technology, legal requirements, or business operations. Any material changes will be communicated via email or prominent notice on our website.
What Information We Collect
We collect several categories of information to provide, maintain, and improve our services. Personal identification information includes your full legal name, date of birth, residential address, email address, telephone number, and government-issued identification (such as a driver's licence or passport) collected during account registration and KYC verification. This information is mandatory under FINTRAC regulations.
Financial information includes your bank account details, transaction histories, investment amounts, withdrawal requests, and trading activity. We also collect device information such as IP addresses, browser types, operating systems, and mobile device identifiers when you access our platform. Usage data—including pages viewed, features accessed, timestamps, and interaction patterns—helps us optimize user experience and detect fraudulent activity.
With your consent, we may collect optional information such as employment details, investment objectives, risk tolerance assessments, and communication preferences. You may choose not to provide optional information, but this may limit certain features or personalization options.
How We Use Your Information
We use your personal information for several core purposes. Account management and KYC verification ensure compliance with FINTRAC and AML regulations. We verify your identity, assess risk profiles, and monitor accounts for suspicious activity as required by Canadian law. Your information enables us to execute trades, process deposits and withdrawals, calculate returns, and maintain accurate financial records.
Communication purposes include sending account statements, performance reports, security alerts, customer support responses, and service updates. We use your contact information to respond to inquiries, provide technical assistance, and notify you of material changes to our terms or policies. Marketing communications—such as newsletters, educational content, and promotional offers—are sent only with your explicit consent and may be unsubscribed from at any time.
We analyze aggregated and anonymized usage data to improve platform functionality, develop new features, optimize trading algorithms, and conduct internal research. Security monitoring involves detecting and preventing fraud, unauthorized access, money laundering, and other illegal activities. Legal compliance uses include responding to court orders, regulatory investigations, tax reporting obligations, and law enforcement requests.
Sharing With Third Parties
TrovexiCore does not sell, rent, or trade your personal information to third parties for their marketing purposes. We share information only in the following limited circumstances. Service providers—including payment processors, KYC verification vendors, cloud hosting providers, and IT security firms—receive access to information necessary to perform contracted services on our behalf. These providers are bound by strict confidentiality agreements and may use your data only as directed by TrovexiCore.
Cryptocurrency exchanges (Bitbuy, Newton, Wealthsimple Crypto, Coinbase, and Kraken) receive transaction instructions and minimum necessary account information to execute trades on your behalf. Financial institutions holding client funds in segregated accounts receive deposit and withdrawal instructions. These entities operate under their own privacy policies and regulatory obligations.
Regulatory and law enforcement agencies may receive information pursuant to legal obligations. We disclose data when required by FINTRAC reporting rules, court orders, subpoenas, search warrants, or other valid legal processes. We cooperate with investigations into money laundering, terrorist financing, fraud, and other criminal activities. In the event of a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred to a successor entity, subject to continued privacy protections.
Your Rights Under PIPEDA
Canadian privacy law grants you significant rights over your personal information. You have the right to access your data—request a copy of all personal information we hold about you, subject to limited exceptions for proprietary algorithms or information subject to solicitor-client privilege. You may correct inaccurate or incomplete information by contacting our Privacy Officer. We will update records promptly and notify relevant third parties where appropriate.
You have the right to withdraw consent for certain uses of your information, such as marketing communications or optional data collection. Note that withdrawal of consent for mandatory KYC information will require account closure, as we cannot legally operate your account without it. You may request deletion of your personal information after account closure, subject to legal retention requirements. We retain transaction records for seven years as required by tax and AML regulations.
If you believe we have violated your privacy rights, you may file a complaint with our Privacy Officer. We will investigate and respond within 30 days. If you remain unsatisfied, you have the right to escalate your complaint to the Office of the Privacy Commissioner of Canada (OPC) at www.priv.gc.ca or by calling 1-800-282-1376. The OPC is an independent federal oversight body with authority to investigate privacy complaints and recommend corrective action.
Data Retention
We retain your personal information only as long as necessary to fulfill the purposes outlined in this policy and comply with legal obligations. Active account data is retained for the duration of your relationship with TrovexiCore. After account closure, we retain transaction records, KYC documentation, and communications for seven years as required by the Income Tax Act, FINTRAC regulations, and limitation periods for legal claims.
Marketing communications and optional data not subject to retention requirements are deleted within 90 days of account closure or consent withdrawal. Aggregated, anonymized analytics data that cannot be linked back to individuals may be retained indefinitely for research and product development. All retained data is subject to the same security protections described in this policy.
Cookies and Tracking
Our website and mobile applications use cookies, web beacons, and similar technologies to enhance functionality and collect usage data. Essential cookies enable core features such as secure login, session management, and transaction processing. These cannot be disabled without impairing platform functionality. Analytics cookies—including Google Analytics—track page views, session duration, and navigation patterns to help us optimize user experience. You may opt out via browser settings or the Google Analytics opt-out plugin.
Advertising cookies are not used on TrovexiCore platforms. We do not serve third-party ads or allow external ad networks to track users. Most web browsers allow you to manage cookie preferences through settings menus. Note that disabling essential cookies may prevent you from accessing certain features or completing transactions. Mobile app users can manage tracking permissions through device settings.
International Data Transfers
Your personal information is primarily stored on servers located in Canada, operated by certified cloud service providers with ISO 27001 and SOC 2 accreditation. However, some service providers—such as certain KYC verification vendors and cryptocurrency exchanges—may process data on servers located in the United States or other jurisdictions. These transfers occur only when necessary to deliver services and are governed by contractual clauses requiring equivalent privacy protections.
When data is transferred outside Canada, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, participation in recognized certification frameworks, or explicit user consent. You acknowledge and consent to these transfers by using TrovexiCore services. If you have concerns about international data flows, please contact our Privacy Officer.
Security
We employ industry-standard technical and organizational measures to protect your personal information from unauthorized access, disclosure, alteration, and destruction. Data in transit is encrypted using TLS 1.3 protocols. Data at rest is encrypted using AES-256 encryption. Access to personal information is restricted to authorized employees and service providers on a need-to-know basis, governed by role-based access controls and multi-factor authentication.
Our infrastructure undergoes regular penetration testing, vulnerability assessments, and third-party security audits. We maintain incident response protocols, disaster recovery plans, and business continuity measures. Employee training programs cover privacy obligations, phishing awareness, and data handling procedures. While we strive to protect your information, no system is completely secure. You are responsible for maintaining the confidentiality of your login credentials and promptly notifying us of any suspected unauthorized access.
Children's Privacy
TrovexiCore services are not intended for individuals under the age of 18 (or 19 in provinces where that is the age of majority). We do not knowingly collect personal information from minors. If we become aware that a user is underage, we will immediately terminate the account and delete associated data, subject to legal retention requirements. Parents or guardians who believe their child has provided information to TrovexiCore should contact our Privacy Officer immediately.
Contact Our Privacy Officer
For questions, concerns, or requests related to this Privacy Policy or your personal information, please contact our designated Privacy Officer: TrovexiCore Canada Technologies Inc., Privacy Officer, 100 King Street West, Suite 5600, Toronto, ON M5X 1E2. Email: [email protected]. Phone: +1 (416) 947-9810. We will respond to all inquiries within 30 days and work diligently to address your concerns in accordance with PIPEDA requirements.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. Material changes will be communicated via email to the address associated with your account and through a prominent notice on our website or mobile app. Your continued use of TrovexiCore services after such notification constitutes acceptance of the updated policy. We encourage you to review this page periodically for the latest information on our privacy practices.