Kurncy

Privacy Policy

Last Updated: May 16th 2025

1. Who We Are

Kurncy Solutions Inc. ("Kurncy", "we", "our", or "us") is a Canadian-based technology company that offers non-custodial cryptocurrency wallet services and API integrations for fiat-crypto interoperability, built on the Kaspa blockchain. We do not store or control your crypto assets.

2. Scope of This Policy

This Policy applies to:

  • Visitors of our website and app
  • Users of our wallet and API services
  • Partners or developers integrating Kurncy’s APIs

It does not apply to third-party services (e.g., fiat partners or exchanges), who have their own privacy policies.

3. What Data We Collect

a. Personal Information (KYC-compliant, when required)

  • Only collected when using fiat gateways or required by law (e.g., FINTRAC/AMF obligations):
  • Full name
  • Date of birth
  • Government-issued ID
  • Address
  • Phone number
  • Email address

b. Technical Information

  • Used for analytics, fraud prevention, and debugging:
  • Device information (OS, browser, device ID)
  • Log data (usage times, error reports)

c. Wallet Interaction Metadata

  • Collected only in anonymized or aggregated form unless you’ve provided identifiable info via KYC:
  • Transaction hashes, fee amounts, currency pairs (e.g., KAS ↔ CAD)
  • API usage data (for partners)

4. How We Use Your Information

  • To provide, operate, and improve our Services
  • To verify identity where KYC/AML is required
  • To comply with legal obligations under Canadian law
  • To detect, prevent, and investigate fraud and abuse
  • To communicate important updates (e.g., changes to Terms or Privacy Policy)
  • For internal analytics and platform enhancement
  • With your consent: marketing, promotions, or product announcements

5. Sharing of Information

We never sell your personal data.

We may share data only with:

  • Regulators: FINTRAC, AMF, CRA when legally compelled
  • Compliance Providers: KYC verification partners (e.g., SumSub, Veriff)
  • Technology Providers: Hosting, analytics, bug tracking
  • Business Partners: Only when required for transaction processing or API integration
  • Law Enforcement: When legally required to respond to subpoenas, court orders, or legal investigations

All partners are contractually obligated to protect your data in accordance with this policy and Canadian law.

6. Cookies and Analytics

  • Understand usage patterns
  • Improve performance and security
  • Provide localized experiences

You can manage cookie preferences through your browser settings.

7. Data Storage and Retention

  • All personal data is stored on servers in Canada or jurisdictions compliant with PIPEDA and Québec’s Bill 64.
  • We retain your information only as long as necessary for the purposes described or as required by law (e.g., 5–7 years for FINTRAC reporting obligations).
  • Technical and analytics data may be retained in aggregate form.

8. Security

  • End-to-end encryption for data in transit and at rest
  • Access controls and audit trails
  • Anonymization/pseudonymization of data where possible

However, no system is 100% secure. You are responsible for securing your own device, wallet credentials, and seed phrases.

9. Your Rights

  • Access the personal data we hold about you
  • Request correction of inaccurate or outdated data
  • Withdraw consent (where applicable)
  • Request deletion (subject to legal limitations)
  • File a complaint with the Office of the Privacy Commissioner of Canada (OPC) or Commission d'accès à l'information (Québec)

You may exercise these rights by contacting: privacy@kurncy.com

10. Children’s Privacy

Our Services are not intended for individuals under 18 years old. We do not knowingly collect data from minors.

11. Changes to This Policy

We may update this Privacy Policy periodically. If material changes are made, we will notify you via our website or app. Continued use of the Services constitutes your acceptance of the revised Policy.

12. Contact Us

For any questions, concerns, or privacy-related requests:

13. Legal Basis for Processing (If Applicable in EEA or U.S.)

If you are located in the EEA or U.S., we process your data based on:

  • Consent
  • Legal obligations
  • Performance of a contract
  • Legitimate interests (e.g., fraud prevention)