1. Controller Of Your Data
For mavenpay.com: Maven Pay Inc. (Canada) is the data controller. Privacy Officer: compliance@mavenpay.com.
For mavenpayconcierge.com: Maven Pay Concierge Private Limited (Singapore) is the data controller for concierge fulfillment. Maven Pay Inc. remains the controller for payment data.
2. Data Collected
Account: email, six-digit code secret (encrypted), account_kind, signin credentials (hashed).
KYC: government ID, address, ultimate-controller info per FINTRAC + MAS rules.
Transactions: amount, currency, counterparty, timestamps, jurisdictions.
Telemetry: device, IP, client agent. Used only for fraud + sanctions screening.
3. Reason For Collection
Operate the regulated payment rail (FINTRAC + MAS + cross-border requirements).
Detect and prevent fraud, sanctions evasion, and money laundering.
Keep your account secure (rate limiting, suspicious-pattern detection).
4. Your Rights
Access — see the data on file about you.
Rectification — correct anything inaccurate.
Erasure — ask us to delete (subject to AML retention obligations).
Portability — get a copy in a portable format.
Objection — opt out of any processing not strictly necessary for the service.
Email compliance@mavenpay.com to exercise any of these.
5. Retention
KYC + transaction data: 7 years after account closure (FINTRAC + MAS rules).
Marketing data: until you opt out (or 24 months of inactivity).
6. International Transfers
EU + UK: GDPR-compliant Standard Contractual Clauses cover transfers to our Canadian + Singapore + Hong Kong + UAE + US entities.
EU representative: appointed under GDPR Art. 27 — see compliance@mavenpay.com for the current designation.
