Effective Date: March 30, 2026
Operated by Protect Safety Solutions Ltd. operating as SomPay
Protect Safety Solutions Ltd. operating as SomPay ("SomPay", "Company", "we", "us", or "our") respects your privacy and is committed to protecting your personal information.
This Privacy Policy explains how we collect, use, disclose, store, process, retain, and protect information obtained through the SPUSD ecosystem, including the SPUSD Wallet, SPUSD Send, SPUSD Swap, redemption services, websites, applications, customer support channels, merchant services, and related products.
The purpose of this Privacy Policy is to help users understand:
By creating an account, accessing our platform, opening a wallet, completing identity verification, initiating transactions, or otherwise using SPUSD services, you consent to the practices described in this Privacy Policy.
SPUSD is a digital dollar stablecoin ecosystem owned, operated, administered, and maintained by Protect Safety Solutions Ltd. operating as SomPay.
SPUSD is intended to maintain a value equivalent to USD Coin (USDC) and provides users with access to digital wallet services, transfers, redemption services, digital asset conversion services, merchant payment solutions, and related financial technology services.
Because SPUSD operates within a regulated financial environment, certain information must be collected to comply with Canadian legal, regulatory, compliance, fraud prevention, and security requirements.
SomPay is committed to handling personal information responsibly and in accordance with applicable privacy legislation.
We strive to ensure that personal information is:
Privacy protection is incorporated into our operational procedures, compliance framework, technology systems, and security controls.
Depending on the services you use, we may collect several categories of information.
The information collected may be provided directly by you, generated through your use of our services, received from third parties, or collected automatically through our systems.
To establish and maintain your account, we may collect:
We may also collect historical information necessary to verify identity and comply with legal obligations.
Failure to provide required information may prevent us from providing services.
To comply with Canadian regulatory requirements, we may collect information used to verify your identity.
This may include:
Identity verification information may be collected directly by SomPay or through approved third-party verification providers.
Verification requirements may change over time based on regulatory requirements, risk assessments, or operational needs.
We may collect information relating to financial transactions and payment activity.
This may include:
We collect this information to facilitate services, comply with legal obligations, and protect against fraud.
SPUSD services involve digital wallet functionality.
We may collect and maintain records relating to:
Blockchain transactions may be publicly visible on distributed ledger networks.
While blockchain data may be publicly accessible, SomPay treats information linking blockchain activity to individual users as confidential and subject to this Privacy Policy.
Where a user operates a business account, we may collect additional information including:
Business users may be required to provide updated information periodically.
To meet regulatory obligations, SomPay may collect information relating to compliance reviews and risk assessments.
This may include:
This information assists us in preventing fraud, money laundering, terrorist financing, sanctions violations, and other unlawful activities.
When you use SPUSD services, our systems may automatically collect technical information.
This may include:
Technical information helps us maintain platform security, detect fraud, improve performance, and diagnose technical issues.
We may collect information relating to communications between users and SomPay.
This may include:
These records may be retained to improve services, investigate disputes, respond to inquiries, and satisfy legal obligations.
Certain information may be collected automatically when users interact with our websites, applications, and services.
This may include:
Automatic collection technologies help us improve functionality, security, performance, and user experience.
We may receive information from third parties including:
Information received from third parties may be combined with information already maintained by SomPay.
We collect information for legitimate business purposes including:
We only collect information that we reasonably believe is necessary for these purposes.
SomPay uses personal information only for legitimate business, operational, compliance, security, and legal purposes.
Information collected through SPUSD services may be used to:
SomPay does not sell personal information to third parties.
Where required by applicable law, SomPay collects and processes personal information on one or more of the following legal bases:
Users acknowledge that certain information must be collected and processed in order for SomPay to provide regulated financial services.
Failure to provide required information may limit or prevent access to SPUSD services.
As part of its compliance program, SomPay may collect, review, maintain, and disclose information required under applicable Canadian anti-money laundering and anti-terrorist financing laws.
Users acknowledge that SomPay may be required to:
SomPay may disclose information where required by applicable law without providing advance notice to affected users.
Nothing in this Privacy Policy limits SomPay's obligations under Canadian law.
SomPay may share information with authorized third parties when necessary to provide services, satisfy legal obligations, maintain security, or prevent fraud.
Information may be shared only to the extent reasonably necessary for the purpose involved.
Recipients may include:
All third parties receiving information are expected to maintain appropriate confidentiality and security measures.
SomPay may work with banks, financial institutions, payment processors, and settlement providers.
To facilitate services, SomPay may share information including:
Banking partners may also collect and process information independently in accordance with their own privacy policies.
SomPay is not responsible for privacy practices of independent financial institutions.
SomPay may use third-party identity verification providers to assist with KYC and compliance obligations.
Verification providers may receive:
Verification providers may compare information against trusted databases and other sources to validate identity.
Verification providers are contractually required to protect personal information in accordance with applicable legal requirements.
SomPay may use specialized compliance providers to support:
These providers may process personal information necessary to perform their services.
Compliance reviews may occur before, during, or after transactions.
SomPay may share information with security and fraud prevention providers to help protect users and the SPUSD ecosystem.
Information may be used to:
Users acknowledge that security reviews may occur without notice.
SomPay may disclose information to law enforcement agencies, courts, regulators, government authorities, and other authorized parties where:
SomPay reserves the right to cooperate with lawful investigations involving suspected criminal activity.
SomPay may disclose information to regulatory authorities where required or permitted by law.
Regulatory disclosures may involve:
Users acknowledge that regulatory reporting obligations may require disclosures without user consent.
If SomPay undergoes:
personal information may be transferred as part of that transaction.
Any successor entity will remain subject to obligations relating to the protection of personal information.
Certain service providers used by SomPay may be located outside Canada.
As a result, information may be stored, processed, or accessed in jurisdictions outside Canada.
These jurisdictions may have privacy laws that differ from Canadian privacy laws.
Where information is transferred internationally, SomPay takes reasonable steps to ensure appropriate safeguards are implemented.
Users acknowledge that information may be subject to lawful access by foreign governments, courts, regulators, or law enforcement agencies.
SomPay retains information only for as long as reasonably necessary to:
Retention periods may vary depending on the type of information involved.
Certain records may be retained following account closure where required by law or legitimate business needs.
Users may request closure of their accounts, subject to regulatory obligations and outstanding compliance requirements.
Account closure does not automatically result in deletion of all information.
SomPay may retain records following account closure where necessary to:
Certain records may remain archived after active account closure.
SomPay uses administrative, technical, physical, and organizational safeguards designed to protect personal information.
Safeguards may include:
While SomPay takes reasonable steps to protect information, no system can guarantee absolute security.
Users are responsible for maintaining the security of their own devices, passwords, authentication methods, and account credentials.
Users play an important role in protecting their personal information and maintaining the security of the SPUSD ecosystem.
Users are responsible for:
Users should immediately notify SomPay if they suspect:
Failure to take reasonable security precautions may increase the risk of unauthorized access and financial loss.
Subject to applicable legal limitations, users may request access to personal information maintained by SomPay.
Requests may include:
Requests must be submitted through approved channels.
SomPay may verify identity before providing access to information.
Certain information may be withheld where permitted or required by law.
SomPay strives to maintain accurate records.
Users may request correction of inaccurate, incomplete, or outdated personal information.
Correction requests may require supporting documentation.
Where appropriate, SomPay will update information within a reasonable period of time.
Certain records may be maintained in their original form where required for legal, regulatory, compliance, audit, or evidentiary purposes.
Where information processing is based upon consent, users may withdraw consent subject to legal, contractual, and regulatory limitations.
Withdrawal of consent may impact SomPay's ability to provide services.
Certain information may continue to be processed where:
Users acknowledge that some regulatory obligations continue regardless of withdrawal of consent.
SomPay may use cookies, web beacons, analytics technologies, and similar tools to improve platform functionality and user experience.
These technologies may be used to:
Users may manage certain cookie settings through their browser settings.
Disabling cookies may affect platform functionality.
SomPay may collect information relating to platform performance and usage.
Analytics information may include:
Analytics information helps SomPay:
Analytics information is generally used in aggregate form whenever possible.
SomPay may occasionally send communications relating to:
Users may opt out of certain promotional communications.
However, users may continue receiving communications necessary to:
Service-related communications cannot always be disabled.
SPUSD services are intended exclusively for individuals who are at least 18 years of age.
SomPay does not knowingly collect personal information from minors.
If SomPay becomes aware that information relating to a minor has been collected in violation of this policy, reasonable steps may be taken to delete such information where appropriate.
Parents or guardians who believe information relating to a minor has been collected should contact SomPay immediately.
SPUSD services may contain links to third-party websites, applications, products, or services.
Third-party websites and services operate independently from SomPay.
SomPay does not control and is not responsible for:
Users should review the privacy policies of third-party providers before providing information.
Accessing third-party services is done at the user's own risk.
SomPay maintains procedures designed to identify, investigate, manage, and respond to security incidents.
In the event of a suspected or confirmed privacy breach, SomPay may:
The timing and nature of notifications may depend on applicable legal requirements and the circumstances of the incident.
To maintain platform security, SomPay may conduct:
Security monitoring may occur continuously and without advance notice.
Users acknowledge that security controls are necessary to protect the SPUSD ecosystem.
SPUSD services may be accessed from locations outside Canada.
Users accessing services from outside Canada do so voluntarily and are responsible for ensuring compliance with local laws.
Regardless of user location, information collected through SPUSD services may be processed in accordance with this Privacy Policy.
SomPay makes no representation regarding the legality of access from any particular jurisdiction.
SomPay reserves the right to modify this Privacy Policy from time to time.
Changes may occur due to:
Updated versions will be posted through appropriate channels.
Continued use of SPUSD services following publication of updates constitutes acceptance of the revised Privacy Policy.
Users who have questions, concerns, or complaints regarding privacy matters may contact SomPay.
SomPay will make reasonable efforts to investigate and respond to privacy-related concerns in a timely manner.
Users may also have the right to contact applicable privacy regulators where permitted by law.
Protect Safety Solutions Ltd. operating as SomPay
Fort McMurray, Alberta, Canada
Website: https://sompay.io
SPUSD Platform: https://spusd.sompay.io
Support: support@sompay.io
Examples of information collected may include:
Examples of permitted uses include:
By using SPUSD services, you acknowledge that:
END OF SPUSD PRIVACY POLICY