Last Updated: May 2022
If you have any questions about this policy, please send them to email@example.com
Personal information means any data which relates to a living individual who can be identified from that data, or from that data and other information which is in the possession of, or is likely to come into the possession of, TransFi (or its representatives or service providers). In addition to factual information, it includes any expression of opinion about an individual and any indication of the intentions of TransFi or any other person in respect of an individual. The definition of personal information depends on the relevant law applicable for your physical location. TransFi may collect and use the following data about you.
This includes information you provide to us in order to establish an account and access our Services. This information is either required by law (e.g. to verify your identity), necessary to provide the requested services (e.g. you will need to provide your bank account number if you would like to link that account to TransFi), or is relevant for our legitimate interests described in greater detail below.
The nature of the Services you are requesting will determine the kind of personal information we might ask for, but may include:
This includes information we collect automatically, such as whenever you interact with the Sites or use the Services. With regard to your use of our Services we may automatically collect the following information:
We may receive information about you if you use any of the other websites we operate or the other services we provide This includes information we may obtain about you from third party sources. The main types of third parties we receive your personal information from are:
We may use your information in the following ways and for the following purposes:
(a) Internal Use: We use your personal information to provide you with our services. We may internally use your personal information to improve the Site’s content and layout, to improve our outreach and for our own marketing efforts (including marketing our services to you), and to determine general information about visitors’ usage behavior to the Site. We require certain information such as your identification, contact and payment information. Third parties that we use such as identity verification services may also access and/or collect your personal information when providing identity verification and/or fraud prevention services. In addition, we may need to collect fees based on your use of our Services. We collect information about your account usage and closely monitor your interactions with our Services. The consequences of not processing your personal information for such purposes is the termination of your account.
(b) Communications with You: According to your preferences and in compliance with applicable law, we may send you marketing communications to inform you about events, to deliver targeted marketing and to share promotional offers. If you are a new customer, we will contact you by electronic means for marketing purposes only if you have consented to such communication. If you do not want us to send you marketing communications, please go to your account settings to opt-out or submit a request via firstname.lastname@example.org.
We may send you service updates regarding administrative or account-related information, security issues, or other transaction-related information. These communications are important to share developments relating to your account that may affect how you can use our Services. You cannot opt-out of receiving critical service communications.
We also process your personal information when you contact us to resolve any questions, disputes, collect fees, or to troubleshoot problems. Without processing your personal information for such purposes, we cannot respond to your requests and ensure your uninterrupted use of the Services.
(c) To maintain legal and regulatory compliance: TransFi needs to process your personal information in order to comply with Anti-Money Laundering and security laws. In addition, when you seek to link a bank account to your TransFi account, we may require you to provide additional information which we may use in collaboration with service providers acting on our behalf to verify your identity or address, and/or to manage risk as required under applicable law. We may be required to disclose certain information in response to requests from law-enforcement officials conducting investigations; subpoenas; a court order; or if we are otherwise required to disclose such information by law. We also will release personal information where disclosure is necessary to protect our legal rights, enforce other agreements, or to protect ourselves or others. For example, we may share information to reduce the risk of fraud or if someone uses or attempts to use the website for illegal reasons or to commit fraud. We also process your personal information in order to help detect, prevent, and mitigate fraud and abuse of our Services and to protect you against account compromise or funds loss. If you do not provide personal information required by law, we will have to close your account.
(d) External Use: We disclose information to our service providers to help enable them to perform services on your behalf. For example, in order to purchase and custody cryptos & or virtual digital assets, we must share some information with third parties, such as your name, email address, physical address, social security number, date of birth, government-issued identification and the amount of cryptos & or virtual digital assets being purchased. Similarly, when we obtain bank account information for ACH transaction and credit card or debit card information, a third-party receives that information to process the payment in connection with the sale of cryptos & or virtual digital assets. Even when you ask us to remember your bank account information, or credit card or debit card information, we do not store sensitive payment data such as the entire credit card number and CVV. Rather, we pass the payment data to the third-party processor and receive back from them a token that does not contain the sensitive data. We do retain non-sensitive payment data used to identify a payment such as the last four digits of a card number and expiration date.
We may share non-personal information (such as the number of daily visitors to the website or the size of an order placed on as certain date) with third parties. This information does not directly personally identify you or any user. For the avoidance of doubt, any IP addresses or a device or other identifier we collect may be shared with one or more third parties.
(e) In our legitimate business interests: Sometimes the processing of your personal information is necessary for our legitimate business interests, such as:
We allow your personal information to be accessed only by those who require access to perform their work and share it only with third parties who have a legitimate purpose for accessing it. TransFi will never sell or rent your personal information to third parties without your explicit consent. We will only share your personal information with the selected third parties including:
Examples of account connections include:
Merchants: If you use your TransFi account to conduct a transaction with a third-party merchant, the merchant may provide data about you and your transaction to us.
Your financial services providers: For example, if you send us funds from your bank account, your bank will provide us with identifying information in addition to information about your account in order to complete the transaction.
TransFi implements and maintains reasonable measures to protect your information. Customer files are protected with safeguards according to the sensitivity of the relevant information. Reasonable controls (such as restricted access) are placed on our computer systems.
TransFi is an international business with operations in multiple countries. This means we may transfer to locations outside of your country. When we transfer your personal information to another country, we will ensure that any transfer of your personal information is compliant with applicable data protection law.
We may store and process all or part of your personal and transactional information, including certain payment information, such as your encrypted bank account and/or routing numbers, in the US and elsewhere in the world where our facilities or service providers are located. We protect your personal information by maintaining physical, electronic, and procedural safeguards in compliance with the applicable laws and regulations.
As a condition of employment, TransFi’s employees are required to follow all applicable laws and regulations, including in relation to data protection law. Access to sensitive personal information is limited to those employees who need to it to perform their roles. Unauthorized use or disclosure of confidential customer information by a TransFi employee is prohibited and may result in disciplinary measures.
Finally, we rely on third-party service providers for the physical security of some of our computer hardware. We require those third-party service providers to comply with commercially reasonable security practices and measures. For example, when you visit our website, you access servers that are kept in a secure environment. While we use industry-standard precautions to safeguard your personal information, we cannot and do not guarantee complete security. 100% complete security does not exist anywhere online or offline. As such, you assume the risk of security breaches and all consequences resulting from them. To that end, please safeguard your credentials.
If we anonymize your personal information so that it can no longer be associated with you, it will no longer be considered personal information, and we can use it without further notice to you.
We do not knowingly request to collect personal information from any person under the age of 18. If a user submitting personal information is suspected of being younger than 18 years of age, TransFi will require the user to close his or her account and will not allow the user to continue using our Services. We will also take steps to delete the information as soon as possible. Please notify us if you know of any individuals under the age of 18 using our Services so we can take action to prevent access to our Services.
We retain the personal information we collect for so long as reasonably necessary to fulfill the purposes for which the data was collected and to perform our contractual and legal obligations. Not with standing the generality of the foregoing, we store email addresses and phone numbers until the user requests to be unsubscribed or removes themselves through any self-service tools offered to the user.
We may use some instances of your data in order customise our services and the information we provide to you, and to address your needs - such as your country of address and transaction history. For example, if you frequently send funds from one particular currency to another, we may use this information to inform you of new product updates or features that may be useful for you. When we do this, we take all necessary measures to ensure that your privacy and security are protected - and we only use pseudonymised data wherever possible. This activity has no legal effect on you.
Depending on applicable law of where you reside, you may be able to assert certain rights related to your personal information. These rights include:
Our Services may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility for them. Please check these policies before you submit any personal data to these websites. Further information about your rights may be obtained by contacting the supervisory data protection authority located in your jurisdiction.
Subject to applicable laws, you may have the right to access information we held about you. Your right of access can be exercised in accordance with the relevant data protection legislation.
TransFi is headquartered at:
100 Ashley Drive,
Tampa, FL 33602,
Last updated: May 2022
The guidelines contained in this reference intend to provide guidance to Trans-Fi Inc. Staff and its customers, regarding practices and standards that Trans-Fi Inc. (TransFi) expect to have in place, in order to detect and prevent money laundering and terrorist financing; identify and report suspicious activity; comply with anti-terrorism and sanctions laws and regulations; and other relevant international laws.
TransFi have created this Compliance Policy Guide to:
This Guide, coupled with internal controls, independent compliance testing and appropriate training, are the key segments of TransFi’s Anti-Money Laundering (AML) and Know-Your-Customer & Business (KYC/KYB) policies.
The greatest risk faced by TransFi lies in the broad area of money laundering. A failure to comply with government rules and requirements can lead to civil fines and penalties, the seizure and forfeiture of bank accounts and other assets, and criminal prosecution. These legal actions can, potentially, be applied to TransFi and/or responsible officers and employees as well as, any duly authorized Customers, to whom we provide services. Also critically important is the ability of TransFi to maintain sound banking relationships that are an absolute requisite for successful business functionality.
Money laundering is the process of causing financial transactions to take place, with the proceeds of criminal activity in such a manner as to conceal the source, illicit origin, or true ownership of the asset. The transactions may also include assisting or facilitating criminal activities such as terrorist financing, drug and human trafficking, proliferation of weapons of mass destruction, corruption & bribery, amongst others.
In order to not be caught committing such illegal activities, criminal groups or individuals do not want to be identified and will seek to conduct transactions in such a way as to defeat these reporting requirements. Given these facts, compliance with “Know Your Customer” & Know Your Business (KYC & KYB) become an unquestionable requirement. As we customize and provide services to financial institutions, these requirements become subject to the strictest adherence.
TransFi’s AML/KYC & KYB policy covers the following elements:
KYC laws have been a standard AML obligation around the world for decades and were introduced in the United States in 2001 with the USA Patriot Act1 in order to help detect and prevent terrorism financing activities.
TransFi is an international services provider in a host of countries within which it provides its services. Regulatory requirements across the world require customer due diligence as a critical tool to preventing illegal activity. TransFi has set up data collection, verification, analytics, investigation and reporting processes within the standards of Anti-Money Laundering regulations through its “Know Your Customer (KYC/KYB)” framework. Key elements of this framework are
To maintain practical policies concerning the need to “Know Your Customer” the business must verify the identity of its customers/ Users. For individual users this includes name and address. A single form of verification may be accepted like a valid Government issued document accurately contains the users name and date of birth for individuals. The same can be verified thru electronic verification means. Acceptable forms of identification for an Individual user would vary by country of operation and include one or more of the following:
Similarly Acceptable forms of identification for a customer or a corporate (KYB) would include the following:
Once the identity has been verified, TransFi is no longer legally liable in a situation where its products & services are used to conduct illegal activities.
TransFi reserves the right to flag users & customers presenting a higher risk (e.g. politically exposed persons – PEPs) and request additional documents & verification. If an EDD requires an investigation, TransFi will take any such measures as deemed fit. If the enhanced due diligence is not complied with to TransFi’s satisfaction, we reserve the right to reject such users & customers from onboarding to TransFi’s products & services. TransFi will also be within its rights to report any failed EDD instances to law enforcement authorities, as deemed appropriate.
TransFi will have the right to verify the identity of users and customers on an ongoing basis, especially if there has been any change in the identification information or their activities are deemed suspicious. Such activities could include, though not limited to, changes in customer information, address, ownership, and activities wherein KYC details will be updated on an ongoing basis. TransFi reserves the right to ask such users for updated KYC documents, even if they have been successfully verified in the past.
TransFi acceptable sources of funds would include internationally accepted payment methods, that the company may from time to time allow. These include:
TransFi reserves the right to block transactions from any sources of funds that are known beneficiaries of corruption & illegal activities.
TransFi is prohibited from transacting with individuals, companies and countries that fail KYC or are on prescribed sanction lists. As such, TransFi will block transactions of users & customers that:
TransFi has established a Compliance Department that is headed by a designated Compliance Officer, who is tasked to ensure implementation and enforcement of the AML / KYC policy. With support and oversight of transactional and administrative practices, the Compliance Officer is responsible to supervise all aspects of TransFi’s Anti Money Laundering and Counter-Terrorist Financing policies and ensures compliance with laws and regulations.
The scope of Compliance department’s efforts includes, but not limited to the following:
The Compliance Officer is also empowered to interact with law enforcement in connection with prevention of any money laundering, terrorist financing and other illegal activities.
Risk assessment is a process, whereby a methodology is maintained to identify and measure the inherent financial crime risk to which the firm is exposed, assess the coverage of controls to mitigate these risks and determine the residual levels. This is done in order to estimate the threat to compliant practices, as TransFi provides services to its customers, are calculated; and as may be necessary, eliminated, reduced or controlled. The main purpose of risk assessment is to identify transactions that may threaten to take advantage of compliance vulnerabilities and evaluate the risks presented, to effectively conduct the elimination of such threats.
TransFi has adopted a risk-based approach to combating money laundering and terrorist financing. This approach applies both to individual transactions and TransFi customers. By adopting a risk-based approach, TranFi is able to ensure that measures taken are commensurate to the identified risks, thereby enabling efficient allocation of resources. This principle also ensures that the greatest risks receive the highest attention.
The Business AML risk assessment will cover at minimum all markets where TransFi has business presence, all aspects of the business and AML related processes.
Regulations across jurisdictions require TransFi to monitor and analyze transactions of both individual users and customers. TransFi uses a comprehensive approach of transaction monitoring including, but not limited to:
TransFi’s transaction monitoring process involves data capture & analysis, record keeping, investigation management & reporting. In addition, the Compliance Officer is authorized to take any appropriate actions to ensure compliance with laws & regulations.
Essential to TransFi’s ability to comply with secrecy & privacy rules and regulations and to ensure that the company does not become associated with illicit activities, an effective internal compliance program is a must. The Customer Compliance Program should include:
These items are the basic elements of a sound compliance program that all money services businesses, which includes TransFi and its customers must have.
Transfi will. Not establish business relationships with customer who pose serious money laundering risks as it fall outside the firms risk appetite. Transfi will not under any circumstances accept the following types of customers.
Government regulators and law enforcement agencies may seek information and records from time to time. Any person associated or connected with our company, who receives or is served with a summons, subpoena or court order related to TransFi business should immediately contact the TransFi Compliance Department for further assistance.
The company will assist entities in their investigations, provided the request(s) is / are conducted in a lawful manner.
The IRS are empowered by law to conduct spot checks and detailed examinations to determine whether registered money services businesses are complying with the Bank Secrecy Act and laws. Attention is normally focused on transaction reporting and record keeping requirements. In fulfilling this requirement, The IRS are entitled to see all subject records and TransFi will always comply with the examination process.
If a customer is subject to an examination with the IRS, TransFi will require the customer share the results of the audit.
Similarly, for jurisdictions outside the US, if a customer is subject to an examination by an equivalent local regulatory body, TransFi will always comply with the examination process.
For any law enforcement requests, please direct your official document to our Compliance team at email@example.com
TransFi is compelled by policy to operate in a legal and responsible manner. The company will remain compliant, in all aspects, with all laws, rules, regulations across jurisdiction’s, as well as, extend its full cooperation to law enforcement and regulatory authorities, maintain records, as per regulatory requirements and in accordance with TransFi’s policies and procedures.
TransFi will not tolerate that its reputation and the sound business practice the company has developed and implemented be put in jeopardy.
TransFi expects its customers to do their part to ensure full compliance with all aspects and the spirit of this reference and TransFi’s Anti-Money Laundering policies and procedures, and support TransFi as it strives to maintain its progressive stance in the industry.
1The USA Patriot Act requires all financial institutions to develop and implement their own AML program and emphasizes a number of mandatory checks and screening capabilities. Accordingly, a firm’s USA Patriot Act Anti-Money Laundering program must be built around the following criteria:
2The Financial Action Task Force (FATF) defines UBO as “the natural person(s) who ultimately owns or controls a customer and/or the natural person on whose behalf a transaction is being conducted. It also includes those persons who exercise ultimate effective control over a legal person or arrangement.” UBO is defined as the below.
Last updated: July 2022
Security and privacy are main priorities for TransFi. Our security policies and measures are constantly reviewed to ensure they are up to date and compliant with the industry standards.
All data sent to or from TransFi's infrastructure is encrypted in transit using Transport Layer Security (TLS) version 1.2 or later, and secured against downgrade attacks using a robust HTTP Strict Transport Security (HSTS) policy.
All TransFi data is encrypted at rest using AES-256 block-level storage encryption and stored in ISO27001 and PCI DSS compliant datacenters.
Business Continuity and Disaster Recovery
TransFi backs up its critical assets and are encrypted using AES with 256-bit keys and stored in ISO27001 and PCI DSS compliant datacenters.
TransFi has at its disposal processes and tooling that enables us to continuously deliver secure software to our cloud infrastructure and applications.
Security Monitoring and Protection
TransFi employees are required to use company-provided devices that are managed through a mobile device management solution. This allows our security and IT teams to enforce security policies, deploy other endpoint protection solutions and wipe devices remotely.