Last Updated: September 15, 2025

Privacy Policy

1. General Provisions

1.1. This Privacy Policy (“Policy”) is issued by Market Sense Ltd, a company incorporated under the laws of Canada (hereinafter referred to as “Market Sense Ltd”, “we”, “us”, or “our”).

1.2. This Policy governs the collection, processing, storage, disclosure, and protection of Personal Data of individuals (“Users”, “you”, “your”) who access the website www.manitist.io (the “Website”), use our mobile applications, or engage with related services (collectively, the “Services”).

1.3. This Policy has been drafted in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) of Canada, the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) of Canada, the EU General Data Protection Regulation (GDPR), and other applicable laws and regulations relating to the protection of personal information and the prevention of financial crime.

1.4. By accessing or using our Services, you expressly acknowledge and agree to be bound by the terms of this Policy. If you do not agree, you must immediately discontinue the use of the Services.

1.5. This Policy constitutes an integral part of the User Agreement between Market Sense Ltd and the User.

1.6. Inquiries, requests, or complaints regarding this Policy shall be addressed to our Chief Technology Officer (CTO) at: privacy@manitist.io

2. Categories of Personal Data Collected

Market Sense Ltd may collect, process, and retain the following categories of Personal Data:

2.1. Data Provided by the User

Full name, residential address, email, telephone number, instant messaging or social media identifiers
Date of birth, gender, identification number, tax residency information
Account credentials, security preferences, authentication information
Marketing and communication preferences

2.2. KYC and AML/ATF Data

Government-issued identification documents (passport, identity card, driver’s licence)
Biometric identifiers (photographs, video for liveness and identity checks)
Information relating to source of funds and/or wealth
Screening results for Politically Exposed Persons (PEP) and international sanctions

2.3. Transactional Data

Records of exchanges, purchases, sales, deposits, withdrawals, and transfers of virtual assets
Linked financial accounts, payment cards, e-wallets, or third-party payment services
Amount, currency, counterparties, originator/beneficiary details, transaction timestamps

2.4. Technical and Device Data

IP address, geolocation (city-level), device specifications, operating system, browser information
Connection data, session activity, timestamps, security event logs

2.5. Communication Data

Emails, messages, chat transcripts, and associated attachments
Records of telephone calls and voice recordings
Survey responses, support interactions, and user engagement with communications

2.6. Data from Third Parties

Information obtained from financial institutions, card schemes, credit reference agencies, and fraud prevention databases
Data provided by blockchain analytics providers and regulatory authorities

2.7. Website and Cookie Data

Pages visited, time spent on the Website, referral sources
User interaction with digital marketing, campaigns, and advertisements

3. Legal Basis for Processing

The processing of Personal Data is conducted pursuant to one or more of the following legal bases:

Consent of the User (Article 6(1)(a) GDPR; PIPEDA principles)
Necessity for the performance of a contract with the User (Article 6(1)(b) GDPR)
Compliance with legal and regulatory obligations, including under PCMLTFA, FATF standards, and international AML/CFT obligations (Article 6(1)(c) GDPR)
Legitimate interests of Market Sense Ltd, including but not limited to fraud prevention, risk management, service optimisation, and marketing analytics (Article 6(1)(f) GDPR)

4. Data Subject Rights

Subject to applicable law, Users shall enjoy the following rights in respect of their Personal Data:

Right to be informed of the collection and use of Personal Data

Right of access to obtain confirmation and a copy of the data held
Right to rectification of inaccurate or incomplete data
Right to erasure (“right to be forgotten”), unless retention is required by law (e.g., PCMLTFA recordkeeping)
Right to restriction of processing under certain circumstances
Right to data portability, in machine-readable format, where technically feasible
Right to object to processing carried out on the basis of legitimate interests, including direct marketing
Right to withdraw consent at any time

All rights requests shall be directed to: privacy@manitist.io

5. Data Retention

KYC and AML data: retained for not less than 5 years following account closure, in accordance with PCMLTFA.
Transactional records: retained for a period of at least 5 years.
Marketing data: retained until withdrawal of consent.
Other records: retained strictly for as long as is necessary to fulfil the purposes set out in this Policy.

6. Security Measures

Market Sense Ltd employs appropriate organisational and technical safeguards, including but not limited to:

Encryption of data in transit and at rest
Multi-factor authentication (MFA) for user accounts and administrative systems
Restricted physical and logical access to infrastructure and offices
Regular penetration testing, audits, and monitoring
Confidentiality agreements with employees, contractors, and service providers

7. Disclosure to Third Parties

Market Sense Ltd does not sell or lease Personal Data. Personal Data may, however, be disclosed under strict confidentiality and data protection terms to:

Financial institutions and payment providers for the purpose of executing transactions
Vendors of KYC, AML, and sanctions screening services

Supervisory and regulatory authorities, as well as law enforcement, where legally required
Technology and infrastructure partners (e.g., cloud hosting, analytics, CRM platforms)

8. International Transfers

Personal Data may be transferred to jurisdictions outside Canada, including but not limited to the European Union, the United Kingdom. Where required by law, such transfers shall be carried out subject to adequacy decisions, Standard Contractual Clauses (SCCs), or equivalent safeguards.

9. Cookies and Tracking Technologies

Market Sense Ltd uses the following categories of cookies:

Functional cookies to enable log-in sessions and preferences
Analytical cookies (e.g. Google Analytics) for statistical reporting
Advertising cookies (e.g. Facebook Pixel, Google Ads, LinkedIn Ads) for marketing and retargeting purposes

Users may configure their browser to reject or disable cookies, although this may impact functionality of the Services.

10. Account Deletion

10.1. Users may request deletion of their accounts following the completion of all pending transactions. 10.2. Certain records, including KYC and AML data, must be retained by law for a minimum of five (5) years and cannot be deleted on request. 10.3. Where records are relevant to a dispute, investigation, or regulatory process, they shall be retained until the resolution of such matter.

11. Amendments

Market Sense Ltd may amend or update this Policy at any time. Notice of amendments shall be published on the Website, including an updated “Last Updated” date. Continued use of the Services following the publication of an updated Policy shall constitute acceptance of the revised terms.

12. Contact Information

For all matters arising under this Policy, including the exercise of statutory rights, Users may contact:

Chief Technology Officer (CTO) Email: privacy@manitist.io

‍