Paays Privacy Policy

Last update: January 17, 2023

This is the privacy policy (“Policy”) for Paays Financial Technologies Inc. (“Paays”, “we”,  “us” or “our”). It outlines what personal information is collected by Paays from  individuals who interact with or use the services available through the ID Verifier by  Paays applications, or other applications that link to this Policy (the “Apps”), or the Paays website at www.paays.com, or other websites that link to this Policy (collectively,  the “Websites”) (the Apps and Websites referred to collectively as the “Platform”), how  that information may be used, and with whom it may be shared.

By visiting the Platform, using the services available through the Platform (the  “Services”), or providing us with personal information you consent to Paays collecting,  storing, using and disclosing your personal information in accordance with the terms of  this Policy. Updates to the Policy will be posted on the Platform. 

The Platform and Services are made available for, and intended for use by, Canadian  residents only. If you are not a resident of Canada, you may not visit or use the Platform  or apply for or use the Services.

If you do not agree with the terms of this Policy, do not access or use the Platform,  apply for or use the Services, or provide us with personal information. If you are under  the age of majority in the province where you reside, you may not access or use the  Platform or our services or submit personal information to Paays.

1. About Paays

Paays provides digital finance and authentication Services to Automotive, Real-estate,  Mortgage and Accounting businesses in Canada (collectively, “Clients”). Paays collects  personal information relating to current, prospective and former Clients and their  authorized employees, representatives and agents (collectively, “Representatives”) in  order to manage our relationship with Clients, and to promote, offer, provide and  administer our Platform and Services. We refer to this personal information as Client Personal Information. Paays is accountable for and in control of Client Personal  Information under applicable privacy laws.

In providing Services to Clients, Paays may collect and otherwise process personal  information relating to our Clients’ customers (“End Users”). When Paays collects  personal information about End Users (referred to as “End User Personal Information”)  we do so as a service provider to the Client. The Client remains accountable for and in  control of their End User Personal Information.

2. Personal Information: Collection, Retention and Use

The type of Personal Information that Paays collects depends on the nature of your  interaction and relationship with us. 

With respect to Clients and their Representatives, we may collect name, title, and  business contact information, such as business address, telephone number and email  address. 

With respect to End Users, the End User Personal Information we or our service  providers collect will depend on the nature of the Services that our Client has requested  from us, but may include:

  • Your name and contact information
  • Country of residence
  • A digital copy of your Canadian provincial or territorial driver’s license (and  information extracted from it, including name, date of birth and ID number) and a selfie  photo. Note that this only applies to ID Verifier by Paays (“IDV”). Use of IDV is through  integrations with our verification partners Berbix or Yoti (“Verification Partners”). The  collection and use of this information by Verification Partners is subject to their  respective privacy policies available at https://terms.berbix.com/terms/privacy and  https://www.yoti.com/privacy/.

We also collect information from our fraud detection and identity verification vendors  (see section 4 below). 

We use Client Personal Information to manage our Client relationships and for  marketing purposes. Representatives may opt-out of email- based marketing  communications at any time by using the unsubscribe link in the email message or  sending an email with “Unsubscribe” to the email address provided in the marketing  communication.  

We use End User Personal Information only for the purposes of providing our Services  to our Client, which may include soliciting feedback on behalf of the Client regarding  your experience using the IDV services. End User Personal Information that we process is under our Client’s control. If you have any questions about how a Client handles End  User Personal Information you must contact the Client directly.

If you use IDV, Paays has partnered with Verification Partners to provide this service. When you submit your ID document, the Verification Partner will extract data from it and  share it with us (and we share it with the Client). If you are asked to submit a selfie the Verification Partner uses biometric technology to check that the selfie is of a real person  and that your selfie matches the photo on the ID document. The Verification Partner then sends us the results of the checks. For more information about how our Verification  Partners handle your information, see the Berbix privacy policy at https://terms.berbix.com/terms/privacy and the Yoti privacy policy at https://www.yoti.com/privacy/.  

We retain Client Personal Information only for as long as necessary to fulfill the  purposes for which it was collected, to meet our legitimate business requirements, and  as otherwise permitted or required by law. We retain End User Personal Information only for as long as necessary to perform our  Services for Clients.

3. Information Collected Automatically

When you visit or interact with the Platform certain information is collected automatically  through cookies or similarly purposed technologies, including technical and statistical  information such as your IP address, your location based on your IP address, mobile device identifiers, operating system, and page views and duration.

The primary use of this information by Paays is to detect and reduce instances of fraud  or organized DDOS attacks against the Platform. The information collected may also be  used by Paays for its business operations and planning, including the operation and  improvements to the Platform, debugging, product research, evaluation, and development.

4. Disclosure of your Information

Our Clients control the End User Personal Information that we process when performing  Services on their behalf. End User Personal Information will be shared with and made  accessible to the applicable Client.  

Fraud detection. We share information with vendors that provide fraud detection services. The information shared with these vendors includes email address, device ID, IP address and geolocation information. Using this information, these vendors will generate and share with Paays a risk score or flag. These vendors process your information in accordance with their own privacy policies (see: https://risk.lexisnexis.com/group/processing-notices/emailage and https://www.maxmind.com/en/privacy-policy).

Identity verification. We share information with TransUnion in order to verify End User identity. TransUnion will let us know if the information that we share about an End User  matches the information that they have about that individual in their records. For IDV, we do not obtain credit reports or scores from Transunion. For information about TransUnion’s personal information practices, see https://www.transunion.ca/legal/privacy-policy.

Anti-money laundering (AML). Certain Clients for IDV may request Paays to check an  End User’s information against AML databases (Watchlists, Politically Exposed Persons (PEP) lists, UN Sanctions lists, and Adverse Media lists). To perform these checks, we may share your information with Comply Advantage (“Comply”). Comply will let us know if the information we share about an End User matches that on any of the above mentioned lists, and this information will be shared with our Clients. For information about Comply’s personal information practices, see https://complyadvantage.com/privacy-notice/.

IDV: If you complete the IDV process, a verification report is sent to the Client who  initiated the IDV request, confirming the authenticity of your identity document(s) submitted. This report may contain a digital copy of your Driver’s License, along with other text-based identity information, extracted and verified by IDV. This information is passed only to the Client who initiated the request.

Our employees, representatives and agents will have access to your Personal  Information as necessary in connection with their responsibilities. 

In connection with providing the IDV service, Paays may share your Personal Information with companies providing related services to Paays, such as data hosting and processing, analytics, marketing, fraud detection and prevention, identity verification. Some of these service providers may be located outside of Canada, including the United States.

Paays may share with any third party that we deem appropriate, aggregate anonymized information regarding the Platform and users of the Platform, such as demographic information about, and geographic territory of, end users (as a group), customer preferences (as a group), technical performance and usage statistics. These third  parties may include, for example, business partners or companies who assist Paays in providing or supporting the Paays platform.

Paays may share Personal Information where permitted or required by law (including as required by foreign laws applicable to Paays service providers), if we believe we are required to do so in order to comply with an order of a court of competent jurisdiction or other legal requirements of any governmental authority, if we believe doing so would potentially mitigate our liability in an actual or potential lawsuit, if we believes it is necessary to protect our rights or property, or if Paays sells all or part of its assets, or enters into a similar business transaction to a third party.

5. Data Protection and Security

Paays takes your privacy and the protection of your Personal Information seriously and takes commercially reasonably measures to ensure its security. However, no transmission of Personal Information over the Internet can be guaranteed to be uninterrupted or completely secure, and accordingly Paays cannot, and does not, guarantee that your Personal Information will not be unlawfully accessed by a third party. PAAYS DOES NOT WARRANT THE SECURITY OF ANY INFORMATION YOU TRANSMIT ELECTRONICALLY, AND YOU DO SO AT YOUR OWN RISK.

6. Governing Law and Jurisdiction

Paays is domiciled in and provides its services from the Province of Ontario. Consumers from countries and jurisdictions outside of Canada are advised that this Policy, and the collection, retention, and use of your Personal Information, shall be construed in accordance with and governed by the laws of the Province of Ontario and the federal laws of Canada as applicable.

You are also advised that Personal Information is retained in cloud-based servers which may be located in Canada, the U.S.A. and other jurisdictions. The laws of these jurisdictions may offer less stringent privacy and consumer rights than the jurisdiction in which you reside.

7. Changes to this Policy

Paays may revise this Policy from time to time. The updated Policy will be published on the Platform and identified by the publication date. Please review the Policy frequently during your use of the Platform and Paays Services to ensure that you are aware of the most up to date Policy. Your continued use of the Platform or the Services following the publication of an update to this Policy confirms your acceptance of the then updated Policy terms.

8. Opting out of Marketing Communications

Client Representatives can opt-out of marketing communications by using the unsubscribe link in the email or by sending an email with “Unsubscribe” in the subject line to the email address provided in the communication.

9. Your rights

Representatives have the right to request access to or correction of their Personal Information in our custody or control by writing to us at the email address below. We will take appropriate steps to verify your identity before providing access or making corrections. Representatives may also have the right, subject to contractual and legal restrictions and reasonable notice, to withdraw their consent to our collection, use and disclosure of their Personal Information, and in certain circumstances, to request deletion of their Client Personal Information. However, if a Representative withdraws their consent, we may no longer be able to provide our Services.

End Users may also have similar rights with respect to their End User Personal Information. However, since End User Personal Information is under the control of the applicable Client, End Users must contact the relevant Client in order to exercise these rights.

10. Contact Paays

Should you have any questions regarding this Policy or the processing of Client Personal Information, please contact Paays’s Chief Privacy Officer at Paays Financial Technologies Inc., 41 Industrial Street, Suite 203, Toronto, ON, M4G 0C7 or paayssupport@paays.com.

Should you have any questions regarding the processing of End User Personal Information please contact the Client directly.


1. Applies only to PreQ ID Verifier. Use of PreQ ID Verifier is through an integration with our verification partner Yoti. In addition to consenting to the Paays Privacy Policy, each user of PreQ ID Verifier also consents to Yoti’s Privacy Policy. Digital copies of Driver’s Licenses are stored on secure Yoti servers. Yoti is AICPA SOC2 and ISO 27001 Certified, and trusted by regulators for adhering to the highest standards of security.