Privacy Policy

Your privacy is important to us and we value your trust.
This Online Privacy Code (this “Code”) describes the online privacy practices of Caary Capital Limited. (“CAARY”, “we” or “us”) and applicable to consumers who visit, use, or interact with our online services.

Our “online services” include CAARY branded websites, mobile applications (“mobile apps,” including those for use on tablets), electronic communications (such as email messages) with you and digital advertising campaigns.
This Code explains the following:

  • How we, directly or through service providers (including advertising partners), may collect information:
    • When you visit, use, or interact with us through any of our online services; and
    • Through our advertisements (“ads”) displayed via online services operated by us or third parties; and
  • How we, directly or through our service providers (including our advertising partners), may use or share information collected via our online services, and associate this information with other information about you.
    Consent: By visiting or using any of our online services, responding to any electronic communications we may send you, or clicking on one of our ads, you agree to this Code.
    Check the Effective Date: This Code may be revised from time to time, so we encourage you to periodically check the current version available. If we revise this Code in a material way, we will change the “Last Update” date shown at the top of this page and provide a conspicuous notice on our website before any changes take effect.
    Important – Customers: If you have a financial product or service with us, we will use and share your personal information in accordance with the privacy notice that applies to your account. However, this Code may still be useful to you in describing our online services, and the options and choices described below are available to you as well.

What information do we collect

We may collect personal information from you through our online services, directly or through our service providers. For example, you may provide us with your name, mailing address, phone number, email address, account number and date of birth and that of the company that you are applying for when you fill out an online application form or survey, register, log into or update your account through our online services, register for a marketing offer or input financial or other information into one of our mobile apps or Web portals.

When you obtain one of our products or services online, or register for or use one of our online services, we may ask you to provide information about a previous financial transaction with another company (e.g., the amount of your monthly payment to a third party), and use that information to verify your identity (using information obtained from a third-party information service).

Types of information we collect

When you visit or use any of our websites or mobile apps, view any of our electronic communications, or interact with one of our targeted ads, we may collect information from your computer(s) and your smartphone(s), tablet(s) or other mobile device(s) (together referred to as “mobile devices”).
This information includes:

  • The make and model of the computer(s) or mobile device(s) you use to visit, use, view or interact with our online services, browser version, hardware, and operating system.
  • Your mobile phone number, mobile country code, unique device identifier, mobile advertising identifier (assigned by your mobile platform), information about the screen size of your mobile device(s), the date and time of your device use, and other mobile device-related information;
  • Your Internet Protocol (IP) address and related information, such as your internet service provider and general location and MAC address.
  • The precise location of your mobile device(s), if enabled on your device(s) (for example, when you register to receive location-based content, such as the location of the nearest ATM, through our mobile apps)
  • Your browsing habits on online services provided by us or third parties, such as search terms you entered on our websites, what websites and pages you visit, how long you stay and what actions you take;
  • Search terms that directed you to our websites and mobile apps, which websites you came from, and which websites you visit right after leaving one of our websites.
  • Which of our ads or other online content you view, access, or click on; and
  • Any actions you take in response to electronic communications that we send to you, such as opening the message or clicking an embedded link.
  • Photos and contacts stored on your mobile device(s) (when enabled in your mobile device settings).

Our service providers may also collect information about your browsing habits on online services offered by third parties and use it for the purposes described below.

Third-party information

We may also collect information about you from additional online and offline sources, including our affiliates, credit reporting agencies and other third-party sources as permitted by law.

Association of information

  • We may associate the above information from your computer(s) or mobile device(s) through various means, including a unique identifier (such as IP address, customer ID, or visitor ID, unique device identifier and mobile advertising identifier) by using cookies (small data files saved to your browser by websites) and other tracking technologies. When used, these unique identifiers enable us to identify you as our customer, track your activity on our online services and to associate your computer(s) and mobile device(s) with one another, for the purposes described in the following section.
  • If you are one of our customers, we may associate the above information with your personal/corporate profile (contact information, and information about your holdings, transactions, demographics and location) and use it for the same purposes.

How we use your information.

We may use the information discussed above in several ways, to:
Deliver products and services to you, which includes:

  • Recognizing you when you return to our websites or use our mobile apps (and remembering your login user ID).
  • Verifying your identity, as required by applicable regulations.
  • Processing applications and transactions.
  • Using the location of your mobile device(s) for location-based services you request.
  • Using contacts stored on your mobile device to add new individuals and merchants to our BillPay service through our mobile apps at your direction.
  • Using photos stored on your mobile device to do the following through our mobile apps at your direction:
    1. Receipt capture.
    2. Pay bills through our BillPay service; and
    3. Autofill information on your driver’s license to open a new account
  • Managing your preferences (such as your language preference) and providing a more personalized experience.
  • Identify, fix, and troubleshoot bugs and errors
  • Understand how you use our products and manage operate and improve our services
  • Facilitating the operation of our websites and mobile apps; and
  • Providing you with updates on your accounts, products, and services.

Advertise and market our products and services, including:

  • Posting ads through our or third-party websites or mobile apps that may be of interest to you
  • Using your IP Address to display available product interest rates for your region or state; and
  • Contacting you with ads, promotions and offers that may be of interest to you (as permitted by law and consistent with any marketing preferences that we offer, and you have registered with us).
    Prevent and detect fraud and enhance the security of your account and our online services.
    Conduct market research, reporting and development, including to better understand our customers, website visitors and mobile app users, improve our online services, and improve our products and services; and
    In other ways as required or permitted by law or with your consent.

Aggregated/anonymized information

We may also aggregate or anonymize information about you (so that it does not identify you individually). This aggregate or anonymized information is not subject to this Code, and we may use it as permitted by law.
We may also share aggregated or anonymized information (which does not identify you individually) for various business purposes as permitted by law, for example:

  • Third parties to help develop, market, and deliver products and services that are better tailored to our customers, website visitors and mobile app users; and
  • Our advertising partners for online advertising purposes.

Online Advertising

We may advertise our products and services and personalize content through online services offered by us, our affiliates and third parties that are not affiliated with us, by using cookies, the mobile advertising identifier of your device and other tracking technologies. Some of our advertising partners may collect data from your mobile device, such as your website and app browsing habits and your mobile advertising identifier, and use it for “online behavioral advertising” (also referred to as “OBA” or “interest-based advertising”).
Our personalized or tailored ads and content may include:

  • Pre-screened offers of credit.
  • Ads and content based upon your location (e.g., IP address or location of your mobile device), your computer(s) and mobile device(s), your visits to and use of online services offered by us or our affiliates, your customer relationship with us (e.g., contact information, and holdings, transactions, demographics and location) and other information described above;
  • Ads based upon the above information and your visits to and use of online services offered by non-affiliated third parties, which are referred to as “online behavioral advertising” (“OBA”) or “interest-based advertising;”
  • Relationship-based ads (e.g., “promoted posts”) on social media, search engine and webmail sites, based upon your contact information in our files; and
  • Ads on search engine websites based upon search terms that you enter on the search engine websites.If you click on one of our ads, a cookie, the mobile advertising identifier of your device and other tracking technologies may be used to track the effectiveness of our advertising and to display tailored ads for our products or services.
    We or our advertising partners may use non-cookie technologies to recognize your computer or mobile device and collect and record information about your web surfing activity including your activities on our websites. Please keep in mind that your web browser may not permit you to block the use of these non-cookie technologies, and browser settings that block cookies may have no effect on such technologies.


By using or accessing CAARY’s web and mobile application, you hereby consent that:

  • Caary will collect, use, disclose private information with express consent only and for the purposes included in the policy;
  • Caary will not use or disclose private information for other purposes, not disclosed in the policy, without consent;
  • Consent would not be required in the situations that are permitted by law, certain information is publicly available, there is fraud investigation, it is required by law enforcement agency.

This Privacy Policy, or its future variations, will continue to apply if your use of our Services is discontinued by either you or CAARY.

How to Withdraw Consent.

If you wish to revoke your consent, please do not visit our website and delete any cookies you may have on your devices and cease all use the Services. Employee Personal Data provided by a Company or its Employees will be maintained by CAARY consistent with our practices and as required by law or the agreements we maintain with third-party service providers. When using certain products or services, the Company will need to formally close its CAARY Account and satisfy any outstanding obligations owed to us before an Employee can fully revoke consent to our use of Personal Data. CAARY, its affiliates, and its service providers may retain Personal Data to comply with governmental reporting obligations and other legal or regulatory requirements.

How to Update Your Records.

It is your responsibility to provide us with a true, accurate and complete e-mail address, your contact information,and other information related to this Agreement and your Card, and to maintain and update promptly any changes to this information. You can update your information (such as your e-mail address) by updating the admin profile in

System Requirements.

To receive, access or retain electronic Communications, you will need a computer or other device with internet access, a compatible web browser and, for some types of Communications, a PDF file reader. Compatible browsers include the most current version (and typically one or more prior versions) of all major browsers in widespread use. You will also need access to a printer or the ability to download information to keep copies for your records. When you agree to receive electronic Communications, you are indicating that you have the capability to access the Communications electronically and to download or print copies for your records.

Communications in Writing.

All Communications in either electronic or paper format from us to you will be considered “in writing”. You should print or download for your records a copy of this policy and any other Communication that is important to you.

Communications from You.

This policy applies only to Communications you receive from us. Any notices or communications which you are required to send to us in writing, whether pursuant to our agreements with you or under applicable law, must still be sent in accordance with the instructions in those agreements.


We reserve the right, in our sole discretion, to discontinue the provision of your electronic Communications, or to terminate or change the terms and conditions on which we provide electronic Communications. We will provide you with notice of any such termination or change as required by law.


CAARY CAPITAL LIMITED is a PCI – DSS complaint company and maintain appropriate physical, electronic, and administrative safeguards to protect information we collected from our online services. We have placed appropriate Network Architecture, Firewalls and Web Application Firewalls to control the flow of information between CAARY‘s networks (internal) and untrusted networks (external), as well as traffic into and out of more sensitive areas within an entity’s internal trusted networks. CAARY examines all network traffic and blocks those transmissions that do not meet CAARY‘s specified security criteria. Furthermore, CAARY has created a DMZ (using appropriate configurations) to limit inbound and outbound traffic to only protocols that are necessary for the cardholder data environment.

The cardholder data, plastic data, receipt data and other information collected or shared by the customer into our environment is an example of a more sensitive data which is maintain within our trusted network zone.

CAARY is consistent with ISO standard 27001 (information security) and we have also addressed all PCI-DSS configuration requirements including but not limited to password requirements, log settings, File Integrity Monitoring, Anti-virus software etc. All CAARY’s system components are checked for all known security vulnerabilities which access the cardholder data network.

The information collected pertaining to online usage and online systems is restricted only to CAARY’s Authorized personnel and no other 3rd party not authorized by CAARY can access this information. Furthermore, CAARY has also ensured that no unauthorized individual within the organization or a 3rd party vendor can physically access the personal card holder data.

Please contact us immediately if you believe that your personal data, usage data, or any other data shared with us has been stolen, lost or otherwise unsecure.

Data Retention

Subject to the proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and associated Regulations, CAARY must keep intended use of an account records for at least five years from the day the account is closed. All data retained is in encrypted format at all times including at rest or in transit.
CAARY shall be keeping all information in our system including but limited to:

  • Signature Card as defined by Fintrac.
  • certificate of incumbency.
  • The articles of incorporate or the bylaws of the corporation that set out the officers duly authorized to sign on behalf of the corporation, such as the president, treasurer, vice-president, comptroller, etc.
  • If there are changes to the articles or bylaws that relate to the power to bind the corporation regarding the account and these changes were in effect at the time the account was opened, then the board resolution stating the change would be included in this type of record.
  • The name, address and telephone number of every account holder of a credit card of the account.
  • When the credit card account is opened in the name of an individual, their name, address, date of birth and the nature of their principal business or occupation.
  • When the credit card account is opened in the name of an entity, other than a corporation, the entity’s name, address, telephone number and the nature of its principal business.
  • When the credit card account is opened in the name of a corporation, a copy of the part of official corporate records that contains any provision relating to the power to bind the corporation in respect of the credit card account.
  • The date of birth of every holder of a credit card for the account, if the information is known after taking reasonable measures to obtain it.
  • Every credit card application that you receive from a client in the normal course of business.
  • A copy of every credit card statement that you send to a client.
  • Suspicious transaction report (STR)
  • Services data including transaction details, merchants, merchant categories, receipts, SKU level data and account related information including but limited to GL categories etc.

Cross Border Data Transfer

We may from time to time use third party service providers to facilitate our provision of services to you. As a result, your personal information may be accessed, administered or stored by such third parties to the extent reasonably required for them to perform such services. Some service providers may be located in other jurisdictions that do not have privacy legislation similar to that found in Canada, and information in such jurisdictions may be accessed pursuant to the laws of those countries.

In addition to service providers based in Canada we also currently use service providers based in the United States and Australia.

Third-party sites and services

Our online services may contain links to websites and other online services operated by third parties, which are not governed by this Code. We encourage you to learn about the privacy and security practices of third parties. We are not responsible for the privacy or security of websites and other online services operated by third parties, nor the online collection, use, association or sharing of personal or other information by third parties.

Updating your information (Customers)

The accuracy of your account information is important to us. If you have a financial product or service with us and you find that any personal information we have or have reported to another party does not appear to be accurate, please contact us through our mobile application or website. It is your responsibility to provide us with a true, accurate and complete e-mail address, your contact information, and other information related to this Agreement and your Card, and to maintain and update promptly any changes to this information. You can update your information (such as your e-mail address) by updating the admin profile in

Social media

CAARY participates in social media platforms, such as Facebook®, Twitter®; and LinkedIn®, which enable online sharing and collaboration among their users. Any information or other content you post on these platforms, such as pictures, opinions or personal information, is subject to the platforms’ terms of use and privacy and security policies; please refer to their policies to better understand your rights and obligations with regard to such content.

Contact us

If you have any questions, comments or want to request personal information, please contact us:
Send a Letter to :
Attention: Chief Operating Officer
186 Bartley Drive
Toronto, Ontario.
M4A 1E1

Or email us

Method of Requesting Person information

In order to request personal information collected, please send an email from your registered email address to above mentioned email address and must include the following details.

  • Name
  • Card Number
  • Telephone Number
  • Registered DOB
  • Company Incorporation Number
  • Company Registeres Address

OPC Contact

The Office of the Privacy Commissioner of Canada (OPC) can help individuals and organizations identify, address and report concerns related to possible mishandling of personal information. There are numerous ways to connect with the OPC if you need to:

To find out more information as to how OPC can help resolve your concerns pertaining to CAARY, please visit.

SPAM Contact

CAARY takes spamming very seriously and we will never spam our partners or customers. You can always un-subscribe from Caary communications services using the below email address
email us

You can bring your concerns to the attention of the three government agencies responsible for enforcing CASL—the Canadian Radio-television and Telecommunications Commission, the Competition Bureau and the Office of the Privacy Commissioner of Canada.
Send emails to: