You're currently offline. Some features may be limited.
image
top el image

Privacy title image Policy

Your privacy matters to us. Learn how we collect, use, and protect your personal information when you use Canna Escrows's services.

Read Full Policy
Last Updated
January 15, 2025

Effective immediately for all users

Compliance
GDPR & CCPA

Fully compliant with regulations

Data Security
AES-256

Bank-grade encryption

Your Rights
Full Control

Access, modify, or delete data

image image image image image image

Table of Contents

1 Information We Collect

We collect information that you provide directly to us, information we obtain automatically when you use our services, and information from third parties when necessary for regulatory compliance.

1.1 Personal Information You Provide
  • • Contact information: Name, email address, phone number, mailing address
  • • Identity verification: Government-issued ID, Social Security Number, date of birth
  • • Financial information: Bank account details, payment method information
  • • Business information: Company name, tax ID, business registration documents
  • • Communication data: Messages, support inquiries, feedback
1.2 Automatically Collected Information
  • • Device information: IP address, browser type, operating system
  • • Usage data: Pages visited, time spent, click patterns, session recordings
  • • Location data: General geographic location based on IP address
  • • Technical data: Cookies, web beacons, log files
1.3 Third-Party Information

We may obtain information from credit bureaus, identity verification services, government databases, and public records to comply with Know Your Customer (KYC) and Anti-Money Laundering (AML) requirements.

2 How We Use Your Information

2.1 Service Provision
  • • Creating and managing your account
  • • Processing escrow transactions
  • • Verifying identity and preventing fraud
  • • Facilitating communication between transaction parties
  • • Providing customer support
2.2 Legal and Regulatory Compliance
  • • Complying with KYC and AML regulations
  • • Reporting suspicious activities to authorities
  • • Maintaining transaction records as required by law
  • • Responding to legal requests and court orders
2.3 Service Improvement
  • • Analyzing usage patterns to improve our platform
  • • Developing new features and services
  • • Conducting security assessments and fraud prevention
  • • Performing data analytics and research
2.4 Communications

We use your information to send transaction updates, security alerts, policy changes, and promotional communications (with your consent).

3 Information Sharing and Disclosure

3.1 Service Providers

We share information with trusted third-party service providers who assist us in:

  • • Payment processing and banking services
  • • Identity verification and fraud detection
  • • Customer support and communication
  • • Data hosting and security services
  • • Analytics and performance monitoring
3.2 Legal Requirements

We may disclose information when required by law, including:

  • • Compliance with court orders, subpoenas, or legal processes
  • • Cooperation with law enforcement investigations
  • • Reporting to financial regulatory authorities
  • • Protecting our rights, property, or safety
3.3 Transaction Parties

Limited information may be shared between transaction parties as necessary to facilitate escrow services, including contact information and transaction details.

3.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity, subject to the same privacy protections.

4 Data Security

4.1 Technical Safeguards
  • • AES-256 encryption for data at rest and in transit
  • • Multi-factor authentication for account access
  • • Regular security audits and penetration testing
  • • Secure data centers with 24/7 monitoring
  • • Network firewalls and intrusion detection systems
4.2 Administrative Safeguards
  • • Employee background checks and confidentiality agreements
  • • Role-based access controls and principle of least privilege
  • • Regular security training and awareness programs
  • • Incident response and data breach procedures
4.3 Physical Safeguards
  • • Secure data centers with biometric access controls
  • • Environmental monitoring and backup power systems
  • • Secure disposal of physical media and documents
4.4 Data Breach Response

In the unlikely event of a data breach, we will notify affected users and relevant authorities within 72 hours as required by applicable laws.

5 Cookies and Tracking Technologies

5.1 Types of Cookies
  • Essential cookies: Required for basic website functionality
  • Performance cookies: Help us understand how visitors use our site
  • Functional cookies: Remember your preferences and settings
  • Marketing cookies: Track visitors across websites for advertising
5.2 Cookie Management

You can control cookies through:

  • • Browser settings to block or delete cookies
  • • Our cookie consent banner and preference center
  • • Third-party opt-out tools for advertising cookies
5.3 Other Tracking Technologies
  • • Web beacons and pixel tags for email tracking
  • • JavaScript for user interaction analytics
  • • Local storage for temporary data caching
5.4 Do Not Track

We respect browser "Do Not Track" signals and will not track users who have enabled this setting.

6 Your Privacy Rights

6.1 Access Rights

You have the right to:

  • • Request a copy of all personal information we hold about you
  • • Receive information about how we use your data
  • • Download your data in a portable format
6.2 Correction and Update Rights
  • • Correct inaccurate or incomplete information
  • • Update your account information at any time
  • • Request we update information obtained from third parties
6.3 Deletion Rights

You may request deletion of your personal information, subject to:

  • • Legal record retention requirements (typically 7 years)
  • • Ongoing transaction obligations
  • • Fraud prevention and security purposes
6.4 Objection and Restriction Rights
  • • Object to processing for marketing purposes
  • • Restrict processing while we verify accuracy
  • • Opt out of automated decision-making
6.5 How to Exercise Your Rights

Contact our Data Protection Officer at privacy{{ $appSettings->site_name }}.com or use our online privacy portal. We will respond within 30 days of receiving your request.

7 Data Retention

7.1 Retention Periods
  • • Transaction records: 7 years (legal requirement)
  • • Identity verification documents: 5 years after account closure
  • • Marketing communications: Until you unsubscribe
  • • Support communications: 3 years
  • • Website analytics: 2 years
7.2 Retention Criteria

We determine retention periods based on:

  • • Legal and regulatory requirements
  • • Legitimate business purposes
  • • Risk management and fraud prevention
  • • User relationship duration
7.3 Secure Deletion

When retention periods expire, we securely delete or anonymize data using industry-standard methods to prevent recovery.

14 Contact Information

For questions about this Privacy Policy or to exercise your privacy rights, please contact us:

Data Protection Officer

Email:

Phone:

Response Time: 30 days maximum

Mailing Address

Canna Escrows, Inc.

Privacy Department

84 Brook Street, Mayfair, London, United Kingdom, W1K 5EH