Do you support both send and receive?

Yes — Interac e-Transfer, EFT, and Wire are all designed for bidirectional send & receive flows. International transfers support outbound sends to 150+ countries with full tracking.

What currencies do you support?

We currently support CAD, USD, and EUR wallets for sending and receiving. For other currencies, we reach 150+ countries via SWIFT and local rails — you send from your wallet and we deliver in the recipient's local currency.

How fast are transfers?

Interac e-Transfer: typically under 30 minutes. EFT: 1–2 business days. Wire: 1–3 business days. SEPA: 1 business day (instant available). All transfers include real-time status tracking.

What does financial hub mean?

A platform that can add services as modules over time while keeping one consistent flow, tracking, and confirmation model. Think of it as your financial operating system — payments today, more tomorrow.

Is your platform safe?

Yes. FX Wallet is a FINTRAC-registered MSB (C100000126) that complies with the Proceeds of Crime (Money Laundering) and Terrorist Financing Act. Your account is protected by bank-grade encryption (AES-256), multi-factor authentication, and 24/7 automated transaction monitoring. We maintain strict internal controls and conduct regular third-party security audits to safeguard your information and transactions.

We believe in full transparency. All applicable fees are clearly disclosed during onboarding and before you confirm any transaction — so there are never any surprises. You'll always see the exact cost before you send.

Data Retention and Disposal Policy

Policy Owner: Chief Compliance Officer / Chief Information Security Officer

Applies To: All FX Wallet Inc. employees, contractors, third-party service providers, and systems.

1. Purpose

The purpose of this Data Retention and Disposal Policy (the "Policy") is to establish standard practices for the retention, storage, and secure destruction of data collected, processed, and maintained by FX Wallet Inc. ("FX Wallet" or the "Company").

This Policy ensures that FX Wallet complies with applicable Canadian privacy laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA), anti-money laundering regulations under the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) enforced by FINTRAC, and the security expectations of our integration partners (such as Plaid, Peoples Trust, and other Payment Service Providers).

2. Scope

This Policy applies to all data — both electronic and physical — generated, received, or maintained by FX Wallet in the course of its business operations. This includes, but is not limited to:

Customer Personal Information (PII) and financial data.
Transaction records and Anti-Money Laundering (AML) / Know Your Customer (KYC) documentation.
Employee records.
Corporate financial and tax records.
System logs, audit trails, and security data.

3. Core Principles

FX Wallet adheres to the following core data lifecycle principles:

Purpose Limitation: Data is retained only for as long as necessary to fulfill the business purpose for which it was collected, or as required by law.
Legal and Regulatory Compliance: Data retention periods are dictated by statutory requirements (e.g., FINTRAC, CRA). Where multiple retention periods apply to the same data, the longest legally mandated period shall govern.
Secure Storage: All retained data, especially PII and financial information, is protected using industry-standard encryption (e.g., TLS 1.2+ in transit, AES-256 at rest) and strict Role-Based Access Control (RBAC).
Secure Disposal: Data that has reached the end of its retention period is securely and irreversibly destroyed to prevent unauthorized recovery.

4. Data Retention Schedule

The following schedule outlines the minimum and maximum retention periods for specific categories of data maintained by FX Wallet.

Data Category	Description	Retention Period	Regulatory / Business Driver
AML/KYC Records	Client identification documents, risk assessments, and beneficial ownership records.	5 years following the closure of the account or end of the business relationship.	FINTRAC (PCMLTFA)
Transaction Records	Records of electronic funds transfers, large cash transactions, and suspicious transaction reports (STRs).	5 years from the date the transaction occurred or the report was filed.	FINTRAC (PCMLTFA)
Corporate Financial & Tax Records	General ledgers, tax returns, invoices, and accounting records.	6 years from the end of the last tax year to which they relate.	Canada Revenue Agency (CRA)
Customer Financial Data (Plaid/Open Banking)	Bank account balances, routing numbers, and transaction history retrieved via APIs (e.g., Plaid).	Retained only as long as the user maintains an active account, or until consent is revoked.	PIPEDA / Partner Agreements
System & Security Logs	Access logs, authentication records, and network traffic logs.	1 year minimum, up to 3 years for critical security audit trails.	Security Best Practices (SOC 2)
Employee Records	Payroll, tax forms, and employment contracts.	6 years following termination of employment.	CRA / Provincial Labour Laws

5. Data Disposal and Destruction Procedures

When data reaches the end of its designated retention period, or when a valid data deletion request is received from a customer (and no legal retention requirement overrides the request), FX Wallet shall securely dispose of the data.

5.1 Electronic Data Disposal

Databases and Cloud Storage: Electronic records stored in AWS (e.g., RDS, S3) will be permanently deleted using secure deletion commands. Where applicable, cryptographic erasure (crypto-shredding) will be utilized by deleting the encryption keys associated with the specific data.
Backups: Data marked for deletion will age out of the automated backup cycle. Backups are retained for a maximum of 90 days. If data must be purged from active backups immediately due to a legal mandate, a manual purge process will be initiated.
Hardware Sanitization: Any physical storage media (e.g., hard drives, laptops) scheduled for retirement or reassignment will undergo secure wiping (e.g., NIST 800-88 standards) or physical destruction by a certified third-party vendor.

5.2 Physical Data Disposal

Any paper records containing PII, financial data, or confidential corporate information must be securely shredded using cross-cut shredders before disposal.
Secure disposal bins are provided in FX Wallet office locations for the temporary storage of sensitive documents pending professional shredding.

6. Exceptions and Legal Holds

In the event of pending or reasonably anticipated litigation, regulatory investigation, or legal dispute, the Chief Compliance Officer may issue a "Legal Hold."

A Legal Hold suspends the normal disposal procedures for the affected records.
No employee or system may delete, alter, or destroy data subject to a Legal Hold until the hold is officially lifted by the Chief Compliance Officer or legal counsel.

7. Policy Enforcement and Review

Audits: The Chief Information Security Officer (CISO) and Chief Compliance Officer (CCO) will conduct annual reviews of data repositories to ensure compliance with this retention schedule and verify that automated deletion scripts are functioning correctly.
Policy Review: This Policy will be reviewed and updated at least annually, or more frequently if required by changes in Canadian law (e.g., PIPEDA amendments, CPPA) or partner security requirements.
Violations: Failure to comply with this Policy may result in disciplinary action, up to and including termination of employment or contract.

8. Contact

If you have questions about this Policy or wish to exercise your data rights, please contact:

FX Wallet Inc.
Privacy and Compliance Team
2300 Yonge St, Suite 1600
Toronto, ON M4P 1E4
Email: [email protected]