Contact the Cryptonix sales team
Our team is ready to guide your business through every step of its crypto adoption journey.
Book a demo with Cryptonix
Schedule a session with our team and discover how Cryptonix's crypto payments ecosystem can meet your business needs.
Register

    *
    Allready have an account? Please Login
    Thank you for reaching out!

    Our team will contact you within one business day to begin the integration process.

    Contact us
    Businesses
    Integration Methods
    Tools

    Privacy Policy

    Last review: February 26, 2026

      1. Introduction

      This Privacy Policy explains how Piastra Pay Inc., a corporation incorporated under the laws of Canada, and 3-102-941161 S.R.L., a company incorporated in Costa Rica (collectively referred to as “Cryptonix”, “we”, “us”, or “our”), collect, use, process, store and disclose personal information obtained from clients and users of our website and services (“you”).

      Cryptonix operates as a group of independent legal entities providing integrated virtual asset processing and settlement services. Depending on the nature of the service provided, different entities within the Cryptonix structure may act as independent data controllers in accordance with their respective regulatory and legal obligations.

      This Privacy Policy applies to the website www.cryptonix.com (the “Website”) and to all services provided under the Cryptonix brand (the “Services”).

      The information we collect may include personal data of clients, directors, shareholders, ultimate beneficial owners (UBOs), authorized representatives and contact persons of corporate clients, payment recipients, and information related to the use of our services, including transaction metadata and compliance-related data (collectively, the “Data”).

      This Privacy Policy incorporates and complies with the Personal Information Protection and Electronic Documents Act (PIPEDA) of Canada, the applicable data protection legislation of Costa Rica (including Law No. 8968 on the Protection of the Person against the Processing of Personal Data), and other applicable data protection laws relevant to our operations.

      By accessing the Website, using the Services, or entering into a Service Agreement with us, you acknowledge and agree to the terms of this Privacy Policy.

      The Company is responsible for personal information under its control and has designated a Privacy Officer responsible for ensuring compliance with this Policy and applicable privacy legislation.

      For matters relating to personal information processed by Piastra Pay Inc., the designated Privacy Officer may be contacted at: Privacy Officer – Piastra Pay Inc. / Email: [email protected]

      The Privacy Officer oversees compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and related regulatory obligations.

      If you have any questions regarding this Privacy Policy or our handling of Data, you also may contact us at: [email protected].

      2. Scope of Application

      This Privacy Policy applies to personal information collected, used or disclosed in connection with:

      • client onboarding and identity verification (KYC / KYB);
      • blockchain transaction monitoring (KYT);
      • provision of virtual asset processing services;
      • fiat settlement and payment execution;
      • compliance with anti-money laundering and counter-terrorist financing obligations;
      • sanctions screening and regulatory reporting;
      • transaction monitoring and fraud prevention;
      • customer support and complaint handling;
      • website administration, analytics and service security.

      This Policy applies to corporate clients and their representatives. Cryptonix does not provide services directly to retail consumers.

      3. Roles of Cryptonix Entities

      Cryptonix operates through independent legal entities that determine the purposes and means of processing personal data within their respective operational scope.

      Piastra Pay Inc. (Canada)

      Piastra Pay Inc. acts as an independent data controller in relation to:

      • merchant onboarding and corporate verification (KYB);
      • identity verification of directors and beneficial owners;
      • sanctions screening;
      • compliance with Canadian AML/CTF obligations;
      • reporting to FINTRAC and other competent authorities;
      • execution of fiat settlement and banking payouts.

      Piastra Pay Inc. processes personal information in accordance with PIPEDA and Canadian regulatory requirements applicable to MSBs.

      3-102-941161 S.R.L. (Costa Rica)

      3-102-941161 S.R.L. acts as an independent data controller in relation to:

      • provision of crypto processing infrastructure;
      • dashboard access and account management;
      • blockchain transaction monitoring (KYT);
      • transaction recording and wallet-related operations;
      • technical processing of digital asset transactions.

      This entity processes personal data in accordance with applicable Costa Rican data protection laws.

      Neither entity acts as a processor on behalf of the other. Each entity independently determines the purposes and means of processing within its operational responsibility. Personal data may be exchanged between the entities strictly for the purpose of delivering the Services and complying with legal and regulatory obligations.

      4. Categories of Personal Information Collected

      We may collect and process the following categories of personal information:

      • identification data (full name, date of birth, nationality, identification documents);
      • corporate information (company name, registration number, registered address);
      • beneficial ownership information;
      • contact details (email address, telephone number);
      • banking and payment information;
      • transaction data and blockchain-related metadata;
      • compliance screening results;
      • communications and correspondence;
      • technical data related to Website usage (IP address, browser type, device information).

      We limit the collection of personal information to what is necessary for legitimate business purposes and regulatory compliance.

      Where the processing involves sensitive personal data, including identification documents, financial information or other data classified as sensitive under applicable law, such processing is carried out strictly in accordance with legal requirements and only to the extent necessary for compliance, security and contractual purposes.

      5. Purposes of Processing

      We collect and process personal information for purposes that are reasonable and necessary in the context of providing our Services, including:

      • verifying client identity and corporate structure;
      • performing AML/CTF and sanctions compliance checks;
      • executing crypto processing and fiat settlement;
      • complying with regulatory reporting obligations;
      • preventing fraud and mitigating financial crime risks;
      • administering client accounts and dashboards;
      • communicating with clients;
      • maintaining service security and integrity;
      • handling complaints and resolving disputes.

      We do not sell personal information to third parties.

      Where required under applicable law, we obtain meaningful consent for the collection, use and disclosure of personal information.

      Processing may be based on:

      • contractual necessity;
      • compliance with legal and regulatory obligations;
      • legitimate business interests;
      • express or implied consent, depending on the sensitivity of the information and applicable legal requirements.

      Consent may be withdrawn, subject to legal or contractual restrictions. Withdrawal of consent may limit our ability to provide Services.

      7. Use, Disclosure and Retention

      Personal information is used only for the purposes for which it was collected, unless otherwise required or permitted by law.

      We may disclose personal information to:

      • regulatory authorities, including FINTRAC and competent Costa Rican authorities;
      • financial institutions involved in settlement;
      • service providers performing services on our behalf;
      • law enforcement or judicial authorities where legally required.

      We retain personal information for the duration of the business relationship and for a minimum of five (5) years following termination, or longer if required by law or necessary to protect our legitimate business interests.

      8. International Data Transfers

      Due to the international structure of Cryptonix, personal information may be transferred between Canada and Costa Rica and, where necessary, to other jurisdictions where service providers operate.

      We implement appropriate contractual and technical safeguards to ensure that personal information remains protected in accordance with applicable legal standards.

      By using our Services, you acknowledge that your information may be transferred across borders for legitimate business and regulatory purposes.

      9. Security Measures

      We implement technical, administrative and physical safeguards designed to protect personal information against unauthorized access, loss, misuse or alteration.

      Such measures include, but are not limited to:

      • encryption of data in transit and at rest;
      • access control and authentication mechanisms;
      • multi-signature wallet security protocols;
      • segregation of operational functions;
      • internal confidentiality obligations;
      • periodic security assessments and policy reviews.

      No system can guarantee absolute security, but we take commercially reasonable measures consistent with industry standards.

      In the event of a breach of security safeguards involving personal information under the control of Piastra Pay Inc. that poses a real risk of significant harm to an individual, we will notify affected individuals and report the breach to the Office of the Privacy Commissioner of Canada in accordance with applicable law.

      We maintain internal breach response procedures to assess, document and respond to any such incidents as required under PIPEDA.

      10. Accuracy and Access

      We take reasonable steps to ensure that personal information is accurate, complete and up to date.

      Subject to legal limitations, individuals may request:

      • confirmation of whether we hold their personal information;
      • access to their personal information;
      • correction of inaccurate or incomplete data.

      Requests may be submitted to [email protected].

      Where Costa Rican law applies, individuals may exercise their rights of Access, Rectification, Cancellation and Opposition (ARCO rights) in accordance with Law No. 8968. Requests will be processed within the timeframes established by applicable legislation.

      11. Complaints

      If you have concerns regarding our handling of personal information, you may contact us at [email protected].

      If you are not satisfied with our response and Canadian law applies, you may file a complaint with the Office of the Privacy Commissioner of Canada.

      12. Children

      Our Services are intended for corporate clients and are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors.

      13. Changes to this Policy

      We may update this Privacy Policy from time to time to reflect legal, regulatory or operational changes. The updated version will be published on the Website and will become effective upon publication.

      14. Effective Date

      This Privacy Policy is effective as of the date of publication on the Website.