Log in
Sign up

Policies

Customer Agreement and Terms of Service

Glasial Remittance Ltd
Incorporation Number: BC1418776
Registered Address: 19628 55A AVENUE, SUITE 28, LANGLEY BC V3A 3X2, CANADA

1. Purpose of this Policy

Glasial Remittance Ltd (“the Company,” “we,” “us”) is fully committed to protecting the privacy and security of individuals who interact with our services. This Privacy Policy describes in detail how we collect, use, disclose, retain, and safeguard your personal information. By accessing our website www.glasial.com (“the Website”) or by creating and maintaining an account with us, you acknowledge that you have read, understood, and agreed to the practices outlined in this Privacy Policy. If you do not agree, you must immediately discontinue the use of our Platform.

2. Key Definitions

  • Company – Glasial Remittance Ltd, a Canadian-registered entity authorized to provide virtual currency exchange services.
  • Platform – The Company’s Website, APIs, software, and related digital services accessible online.
  • Customer – Any individual who has successfully registered for an account, undergone identity verification, and accepted the Company’s Customer Agreement.
  • Personal Data / Personal Information – Any information that relates to an identifiable individual, including but not limited to name, identification number, email, address, financial details, and digital identifiers.
  • Processing – Any operation performed on Personal Data, whether automated or manual, including collection, storage, use, transfer, or deletion.

3. Scope and Application

This Privacy Policy applies to:

  • All visitors to the Company’s Website.
  • All registered Customers using the Platform.
  • All data subjects whose Personal Data is collected, processed, or stored by the Company in connection with its business activities.

 

This Policy is consistent with:

  • The Personal Information Protection and Electronic Documents Act (PIPEDA, Canada).
  • The Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA), where customer identification data is required for compliance.
  • The General Data Protection Regulation (EU 2016/679) for Customers residing in the European Union.
  • Other applicable international privacy standards.

4. Collection of Personal Data

We collect Personal Data through a variety of lawful methods:

Direct Interactions

  • Information you provide when registering for an account, completing verification steps, or updating your profile.
  • Details shared when contacting our support team via email, chat, or other channels.

Third-Party and Indirect Sources

  • Data received from financial institutions, credit reporting agencies, identity verification vendors, and government registries.
  • Publicly available data, such as information from corporate registries or professional networking sites.

Automated Digital Interactions

  • Technical information gathered via cookies, log files, web beacons, and other technologies.
  • Metadata, including IP address, device identifiers, browser type, and geolocation information.

5. Categories of Data Processed

We may process the following categories of Personal Data for lawful business and regulatory purposes:

  • Identity Data: Full name, date and place of birth, nationality, citizenship, government-issued ID details.
  • Contact Data: Home and mailing address, phone number, email address.
  • Financial Data: Bank account numbers, payment details, digital wallet addresses, transaction records, and proof of funds.
  • Regulatory Compliance Data: Source of funds, income details, tax residency information, sanctions screening results.
  • Biometric Data: Facial recognition images, liveness checks, and other security authentication features.
  • Technical Data: Device type, operating system, IP address, browser data, cookies, access logs, and geolocation.
  • Preference Data: Usage patterns, chosen services, and communication preferences.

6. Purposes of Processing

Your Personal Data may be used for the following purposes:

  • To verify your identity and comply with AML/CTF regulations.
  • To provide access to the Platform and deliver requested services.
  • To process payments, deposits, withdrawals, and currency exchanges.
  • To maintain account security, prevent fraud, and detect suspicious activity.
  • To improve service functionality and user experience.
  • To comply with tax, legal, and regulatory reporting requirements.
  • To respond to customer inquiries, feedback, or complaints.
  • To deliver marketing communications (only where consent is provided).

7. Security Measures

We take privacy and security extremely seriously and apply strict technical and organizational safeguards, including:

  • Encryption of data in transit and at rest.
  • Firewalls, intrusion detection, and monitoring systems.
  • Multi-factor authentication for customer logins.
  • Strict access controls and role-based authorization within Company systems.
  • Regular audits and penetration testing conducted by independent security specialists. No system is fully immune from cyber threats, but we apply industry-leading measures to minimize risk.

8. Retention of Personal Data

We retain Personal Data only for as long as necessary to fulfill its purpose or as required by law. In particular:

  • Data required for AML/CTF purposes may be retained for at least five (5) years after the end of the customer relationship, in accordance with PCMLTFA.
  • If data is no longer required, it will be securely deleted or anonymized.
  • Retention periods may vary depending on the type of data, regulatory obligations, and legal disputes.

9. Transfer of Personal Data

To deliver our services effectively, we may share Personal Data with:

  • Subsidiaries and affiliates of the Company.
  • Third-party service providers (e.g., KYC vendors, payment processors, IT infrastructure providers).
  • Regulators, supervisory authorities, and law enforcement agencies, where required.


Cross-border transfers may occur when using international service providers. In such cases, we ensure that safeguards such as standard contractual clauses or other recognized legal mechanisms are in place to protect your information.

9. Transfer of Personal Data

To deliver our services effectively, we may share Personal Data with:

  • Subsidiaries and affiliates of the Company.
  • Third-party service providers (e.g., KYC vendors, payment processors, IT infrastructure providers).
  • Regulators, supervisory authorities, and law enforcement agencies, where required.

 

Cross-border transfers may occur when using international service providers. In such cases, we ensure that safeguards such as standard contractual clauses or other recognized legal mechanisms are in place to protect your information.

10. Customer Rights

Subject to applicable law, Customers have the following rights regarding their Personal Data:

  • Access and Information – To obtain confirmation of whether data is processed and to receive a copy.
  • Rectification – To request correction of inaccurate or incomplete information.
  • Erasure (“Right to be Forgotten”) – To request deletion of Personal Data when it is no longer required, unless retention is mandated by law.
  • Restriction of Processing – To request limitation of processing where there is a dispute regarding accuracy or lawfulness.
  • Data Portability – To obtain a machine-readable copy of data or request transfer to another service provider.
  • Objection – To object to processing based on legitimate interests, including direct marketing.
  • Consent Withdrawal – Where processing is based on consent, to withdraw that consent at any time.
  • Automated Decision-Making – To request human review of automated decisions that significantly affect them.

11. Marketing Communications

  • Marketing emails or promotional messages will only be sent where the Customer has provided explicit consent.
  • Customers may opt out of marketing at any time by using the “unsubscribe” link or by contacting support.
  • Opting out will not affect essential service-related communications.