OmniRemit Privacy Policy and Consent Notice

Last Updated: 8 Dec 2025

Please read this Privacy Policy carefully and keep a copy for your records.

This Privacy Policy ("Policy") explains how OmniRemit Inc. and its affiliates ("OmniRemit", "we", "us") collect, use, disclose and protect your personal information when you use our services.

This Policy applies to your use of:

• OmniRemit websites
• OmniRemit mobile applications
• OmniRemit money transfer and related services ("Services")

By using our Services, you consent to the collection, use and disclosure of your information as described in this Policy.

If you do not agree, please discontinue using our Services.

---

Important Consents

By agreeing to this Policy, you expressly consent to:

• Collection and processing of personal and sensitive information

Including identity document scans and biometric verification where applicable.

• Disclosure of information to identity verification and compliance service providers

Used for KYC / AML, sanctions screening, and compliance verification.

• Cross-border data transfer

Your information may be processed in countries other than your residence.

• Receiving marketing and service-related communications

(You may opt-out at any time.)

If you do not wish to consent, please do not use OmniRemit Services.

---

1. Scope

This Policy describes:

1. the information we collect
2. how we use it
3. to whom we disclose it
4. how you can control, access or correct your information
5. your privacy rights and how to contact us

This Policy applies to personal information under our control, including information handled by service providers acting on our behalf.

---

2. Information We Collect

We may collect the following categories of information:

2.1 Information you provide

Examples:

• name
• email address
• phone number
• date of birth
• government-issued ID details
• selfie or video verification (where applicable)
• bank account or payment account details

If you contact us, we may keep records of that communication.

2.2 Information about recipients

To complete your transfers we collect:

• recipient name
• recipient contact details
• recipient bank information

This information is used only to complete your transaction and meet regulatory requirements.

2.3 Information collected automatically

Including:

• device identifiers
• IP address
• usage data
• browser and device information
• mobile OS version
• transaction activity
• pages you visit

2.4 Information from third parties

Including:

• identity verification providers
• sanctions screening providers
• KYC providers
• analytics service providers
• partners involved in FX, settlement or payouts

2.5 Location data

We may use location-based data to help prevent fraud and meet regulatory requirements. You may disable location services on your device, although some features may not function.

2.6 Sensitive personal information

We may collect sensitive information where required by law or compliance policies, including biometric identity verification.

---

3. Cookies and Tracking

We use cookies and similar technologies to:

• operate our Services
• personalize user experience
• prevent fraud
• perform analytics

You may block cookies in your browser, but certain Services may not operate properly.

---

4. How We Use Personal Information

We use information for the following purposes:

1. verifying identity and onboarding
2. processing transfers
3. fraud monitoring and compliance (AML, KYC, sanctions)
4. preventing illegal activities
5. providing support
6. sending service updates and notifications
7. meeting regulatory reporting requirements
8. improving our website, app, and services
9. trend and risk analysis

If we cannot collect necessary information, we may be unable to provide Services.

---

5. Disclosure of Information

We disclose information only as required for legitimate purposes including:

(a) identity verification & KYC providers

(including automated compliance systems)

(b) sanctions screening providers

(e.g., Neterium, WorldCheck, etc.)

(c) payout and settlement partners

(in the country of destination)

(d) payment processors

(e) regulators, financial intelligence units and law enforcement

where required by law

(f) service providers under contract

who must process data on our behalf and not for their own purposes

(g) other parties with your explicit consent

We do not sell your personal information.

---

6. International Transfers

Your personal information may be stored and processed outside your country of residence, including jurisdictions where privacy laws may differ.

We take steps to protect transferred data, including contractual safeguards.

---

7. Storage and Security

We implement administrative, technical and physical safeguards designed to protect the confidentiality and integrity of your data.

However, no system is completely secure and we cannot guarantee absolute security.

---

8. Data Retention

We retain information only for:

• the period required by law,
• regulatory requirements,
• tax and reporting rules,
• anti-money laundering requirements

Retention periods may vary by jurisdiction.

---

9. Marketing

You may receive:

• service updates
• marketing communications

You may opt-out by following the unsubscribe instructions in any message.

---

10. Your Rights

Subject to applicable law, you may have rights to:

• access your information
• request correction
• request deletion
• withdraw consent (where applicable)

Requests may be subject to identity verification.

---

11. Children

OmniRemit Services are not intended for individuals under 18. We do not knowingly collect personal information from minors.

If we learn a user is under 18, we will delete the account.

---

12. Changes to this Policy

We may update this Policy periodically. Your continued use of the Services constitutes acceptance of changes.

---

13. Contact Us

If you have questions regarding this Policy or wish to request access to your information, please contact:

privacy@omniremit.ca