Privacy Policy

At DicePay Canada, we are committed to protecting your privacy. This policy explains how we collect, use, and protect your personal information.

1. INTRODUCTION

At DicePay Canada ('DICE' or the 'Company'), we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, protect, and share your personal information. You accept or consent to this Privacy Policy when you sign up for Dice services, ensuring you expressly consent to provide us with your personal information. This policy follows best practices and aligns with the General Data Protection Regulation (GDPR). Data privacy has become a major priority following various breaches globally, exposing public personal data and resulting in financial loss or reputational damage. When organizations infringe on Data Subjects' privacy rights, various fines are imposed under national laws and regulations such as GDPR. Hence the need for a data privacy governance framework guiding the management of Personally Identifiable Information (PII) of Data Subjects (customers).

1.1 Objectives of this document

The objectives of this framework are:

  • Provide an enabling environment for the management of data subject information
  • Identify and highlight requirements of relevant regulations guiding data privacy.
  • Identify roles and responsibilities of participants in the data privacy ecosystem
  • Provide general guidelines for the implementation of processes involving sensitive data subject information

2.0 DATA GOVERNANCE

Data governance helps DICE align data management efforts with business objectives, support regulatory compliance, and manage inherent risks in data processing. This data includes personal information, intellectual property, trade secrets, and business data.

In accordance with GDPR requirements, DICE will appoint a Data Protection Officer (DPO) who must be a senior executive to oversee the organization's data protection activities and its compliance with GDPR.

3.0 PRINCIPLES OF PERSONAL DATA PROCESSING

This policy is based on the following principles:

Lawful, fair, and transparent process
Specific and legitimate purposes for collection and processing
Limitation to data necessary to achieve purposes
Accuracy of data
Data retention based on regulation
Data security

3.1 Data Categories

Personal Data: (e.g., name, home address, location data, email address, account number, social security number, tax identification number, etc.)

Previously Collected Data: This is also called secondary processing and takes place when data previously collected for a particular purpose is used or processed for another purpose without the knowledge or new consent of the data subjects.

Processing: Processing of personal data is any operation or set of operations performed on personal data, whether by manual or automatic means. These include collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure, transmission, dissemination, blocking, erasure or destruction.

3.2 Required Information

To open an account with us or use our services, you must provide:

  • Your legal name
  • Gender
  • Address
  • Phone number
  • Email
  • Date and place of birth
  • Nationality
  • Identification document details
  • Financial history
  • Source of funds
  • Bank statements
  • Bank details
  • Purpose of transaction

This information may vary depending on the nature of your business and the service you require. To fund your account or make certain payments through us, you must provide your bank details. We will also require other commercial or identification information for high-value transactions.

Photographs: We may ask you to upload a photo of yourself (for example, your ID photo). Your face must be recognizable for verification purposes.

3.3 Reason why we collect your information

We use your information to provide services which may include:

1

Verify your identity during account creation

2

Authorize and process transactions

3

Monitor and improve our services

4

Protect against and prevent fraud

5

Provide customer support services

6

Communicate about products and services

7

Meet legal and regulatory requirements

8

Maintain business and transaction records

9

Measure and improve website performance

Dice will only use your personal information for the purposes for which it was collected, unless it needs to be used for another reason compatible with the original purpose.

3.5 Individual Rights of Access and Rectification

Access to their personal data
Rectify their personal data or have it rectified
Stop or withdraw consent to the processing of their data
Be informed of the purposes for which their personal data is processed
Be informed of the period during which personal data will be retained
Object to the use of their personal data for direct marketing purposes

3.6 Lawful Reasons for Data Collection

We collect data based on these legal grounds:

1
Consent of the data subject
2
Employment offer
3
Contract performance
4
Legal obligations
5
Protection of vital interests
6
Public interest mission
7
Legitimate interests of Dice

3.7 Customer Diligence

3.7.1
3.7.1 Third Party Websites

Dice's website may include links to third-party websites. Note that these websites are operated by third-party organizations and Dice is not responsible for their operations, including their data protection practices. You are therefore required to review their privacy statements before providing them with personal information.

3.7.2
3.7.2 Transaction Information

When you send or request money, we may ask you to provide information about the transaction, including the amount and type of transaction and the identity of the recipient. We also collect the IP (Internet Protocol) address of the computer or device you use to send or request money to help authenticate your identity and detect unauthorized activity.

3.7.3
3.7.3 Customer Information from Third Parties

We also use third-party service providers (payment partners and anti-fraud agencies) to verify user information. For certain high-volume users, we may also conduct background checks, including a credit report (if and where permitted by law).

3.7.4
3.7.4 Communications

Communication with our customer support may result in the communication (emails, phone conversations, tweets, etc.) being retained in your account records as evidence of business transactions.

3.7.5
3.7.5 Questionnaires, Surveys, Contests

Dice may periodically conduct voluntary surveys where demographic data may be collected. Before participating in any survey, notice of the reason and use of the data will be provided.

3.7.6
3.7.6 How We Share Information

We work with third-party service providers who perform important functions allowing us to provide our services to you. We do not sell or rent any of your personal information to third parties for marketing purposes without your explicit consent.

3.8 Data Protection and Storage

Dice uses firewalls, data encryption, and strict physical access controls. Access to personal information is limited to employees who need it for their job responsibilities and who are committed to confidentiality.

Account Security

Users are responsible for protecting their password. Dice representatives will never ask for your password. Change it immediately if you suspect unauthorized access.

3.9 Accessing and Modifying Your Information

You can review and update your information at any time by logging into the Dice Empire website. If you close your account, we retain account information for 10 years to comply with data retention laws and prevent fraud.

4.0 DATA BREACH

A data breach is a security breach resulting in the destruction, loss, or unauthorized access to personal data. DICE will:

Register:Maintain a register of all data breaches, fully detailing the facts, its effects, and corrective measures taken.
Notification to Data Subject:When the data breach is likely to result in a high risk to the rights and freedoms of the data subject, DICE will communicate the data breach to the data subject without undue delay.
Notification to Supervisory Authority:Notify the supervisory authority of the breach, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons.
Corrective Action:Take immediate corrective measures to mitigate the effects of the breach and prevent its recurrence.

5.0 CUSTOMER AUTHORIZATIONS

By using DicePay, you consent to the disclosure of information to law enforcement, government agencies, and processing partners, as required for legal compliance and fraud prevention. This includes:

Fraud Prevention and Risk Management

To help prevent fraud or assess and manage risk.

Customer Service

For customer service purposes, including helping manage your accounts or resolve disputes.

Legal Compliance

To help DICE comply with its verification requirements regarding anti-money laundering and counter-terrorist financing (AML/CTF).

Service Providers

To allow service providers under contract with us to support our business operations, such as fraud prevention, bill collection, marketing, customer service, and technology services.

Mergers and Acquisitions

In cases where DICE intends to merge with or be acquired by another company, in which case the successor would access customer data.

6.0 CHANGES TO THIS POLICY

This privacy policy may be revised as features are added. We will provide 30 days notice on our website or via email for revised policies. Continued use after the effective date constitutes consent to all changes.