AICA Privacy Policy for Merchant Services
Last updated: 19 December, 2025
We provide payment processing, reconciliation and settlement, and other related services to our Customers in Canada through AICA Merchant Services Inc (“Canada Merchant Services”). This Privacy Notice describes how we collect, use and share personal information in relation to the Canada Merchant Services.
This Privacy Notice applies to:
· Visitors to our websites (including https://www.antom.com) and any person who contacts us over the telephone, email or other means (“Visitors”);
· Customers who register for and/or use Canada Merchant Services (“Customers”). This may include acquirers, platforms, marketplaces, sellers or sub-merchants of platforms or marketplaces (for instance, if you have an account on a platform or marketplace and signed up the Canada Merchant Services provided by us), affiliates, and other partners, including the personnel, officers, and connected persons of our Customers (referred to as “representatives”) and other partners, where their personal information is provided to us in connection with Canada Merchant Services; and
· consumers who do business with, or otherwise engage in a transaction with a Customer, such as those buying goods and services from a Customer who uses Canada Merchant Services for payment processing (“End Users”).
Unless otherwise indicated or the context requires otherwise, a reference to “you” or “your” refers to a Visitor, Customer (including a Customer’s or partner’s representative), and/or End User, and references to “we”, “us” or “our” in this Privacy Notice refer to AICA Merchant Services, Inc.
When we process End User personal information, we do so as a “service provider” to our Customer, except as otherwise indicated below. The Customers control and are accountable for End User personal information. This means that our Customers are responsible under applicable data protection laws and regulations for ensuring that End User privacy rights are respected, including ensuring appropriate consents are obtained from, and disclosures made to, End Users about data collection and use that happens in connection with the Customers’ products and services. For information about how the Customer collects, uses or shares End User personal information, as well as End User choices and privacy rights, please refer to the applicable Customer’s privacy notice.
1. WHAT PERSONAL INFORMATION DO WE COLLECT ABOUT YOU?
The types of personal information we collect about you depend on whether you are a Customer (or its representative), a Visitor, or an End User.
The table below describes the personal information we collect from and about Customers (and their representatives) and Visitors.
Types of Personal Information | Individuals From or About Whom We Might Collect It |
Contact information, including your first and last name, address, phone number, email, or other information that permits us to contact you or verify your identity. | Visitors Customers |
Copies of communications with or about you. | Visitors Customers |
Company registration details during onboarding process, such as the entity registration information, basic business information and basic personal details of the executive, authorized person and ultimate beneficiaries and account authentication details to complete “know your business” or “know your client” checks as required by relevant laws, include the name, ID number, ID expiry data, date of birth, nationality, residential country and copies of government ID documents (e.g., passport, driver’s license) role and relationship with the Customer or partner. | Customers |
Transaction information, financial information, bank account information and tax identification information. | Customers |
Details of any marketing preferences you have given us (such as requests to receive or not receive certain types of marketing communications). | Customers |
Information about the device you use to interact with us and our services (including IP address, geographic location, device type and model, screen resolution, app version, device language, device identification codes and other features/data that can be used to identify a device). | Visitors Customers |
Information from your visits to our websites or mobile applications, and your interactions with our emails or other communications. This information includes browser history, product engagement, length of visit/usage, page views and any search term you use, IP address or other unique identifiers, browser/platform type and version, internet service provider, operating system, referral source/exit pages, device operations, session information, user agent, device logs in the event of a crash or error report, and unique identifiers saved in cookies and information associated with a cookie. | Visitors Customers |
As a “service provider”, we collect the End User personal information described in the table below for the purposes of providing Canada Merchant Services to Customers.
Types of Personal Information | Individuals From or About Whom We Might Collect It |
Contact information, including your first and last name, address, phone number, email, or other information that permits us to contact you or verify your identity. | End Users |
Copies of communications with or about you. | End Users |
Payment card information, wallet ID or other financial account information, such as payment methods and details of the payment information used to complete a transaction with a Customer. | End Users |
Transaction details, such as the Customers you deal with, the amounts paid, details of the products and/or services purchased, shipping information and information related to requests for chargebacks and/or refunds. | End Users |
Information about the device you use to make a payment (including IP address, device type and model, screen resolution, app version, device language, device identification codes and other features/data that can be used to identify a device). | End Users |
We will indicate whether the provision of personal information is mandatory or optional. If you do not provide mandatory personal information to us, you may not be able to use the Canada Merchant Services.
2. HOW WE OBTAIN YOUR PERSONAL INFORMATION
We collect the above personal information from various sources, either directly from you or indirectly, as set out below.
We collect personal information directly from you when you provide it to us in connection with the Canada Merchant Services. For example, we collect personal information from Customers and their representatives when you inquire about or register to use any of the Canada Merchant Services, sign an agreement with us, provide your personal information during the Customer onboarding process, or log into your account to use the Canada Merchant Services on our website or customer portals. We also collect personal information from Customers and their representatives, Visitors, and End Users when you communicate with us via e-mail, phone, SMS, web form, or any other electronic means.
We also receive personal information about you from the following sources:
· Customers and other third parties who support the ability to make payments and conduct transactions through Canada Merchant Services or otherwise;
· affiliates;
· suppliers providing services on our behalf;
· banks, card associations, payment networks, acquiring institutions, and other financial institutions that we cooperate with to provide the Canada Merchant Services;
· third parties for fraud monitoring and prevention purposes, or other purposes required by law;
· in relation to representatives of a Customer or partner, from the relevant Customer or partner; and
· publicly available sources.
We may combine information that we have about you from various sources, including the information you have provided to us.
Please refer to the section How We Use Your Personal Information below for more details.
3. HOW WE USE YOUR PERSONAL INFORMATION
We use the personal information of Customers (and their representatives) and Visitors for the purposes set forth in the table below.
Purpose | Relevant Individuals |
To process, maintain, and manage Customers’ registration with the Canada Merchant Services. | Customers |
To provide Customers with Canada Merchant Services and related services, including enabling and conducting transactions, customizing your user experience, enabling the receipt of balance top-ups, financing proceeds and third-party payments, facilitating the settlement of payment for goods and services and providing other fund settlement services, handling foreign exchange conversions, chargebacks, and sending notices about transactions. | Customers |
For the exercise of our rights and the performance of our obligations under, and managing compliance with, our agreements and related documentation. | Customers Visitors |
To respond to your queries, feedback, claims or disputes (including resolving payment disputes) or otherwise provide customer support and services to Customers and Visitors. | Customers Visitors |
To operate and maintain our websites, customer portals and other platforms. | Customers Visitors |
To contact Customers or Visitors in relation to our provision of the Canada Merchant Services, such as in connection with any communication preferences or requests you have expressed, asking for or receiving feedback about Canada Merchant Services or other related products and services, using Customers and Visitors feedback to improve our business and/or customize products and services, and contacting Customers or Visitors for other lawful purposes. | Customers Visitors |
To conduct marketing and advertising activities (including trade shows and promotional events) in relation to Customers and prospective Customers and Visitors, and to send advertising or other information about our products and services to Customers, prospective Customers and Visitors. | Customers Visitors |
For security, authentication, and risk control purposes in relation to Customers, prospective Customers and Visitors, including to verify your identity; verify your eligibility as a customer of Canada Merchant Services; manage and detect anti-money laundering and fraud risk; perform creditworthiness and solvency checks; assess, detect, investigate, prevent and/or remediate fraud, data breaches, or other potentially prohibited or illegal activities or violations of our agreements and policies or industry standards; and otherwise to protect the integrity and maintain the security of our services, products and platforms, to protect our rights or property and those of others, and to prevent any harm or financial loss to us or others. | Customers Visitors |
To carry out “know your client” checks on Customers and their representatives, to conduct onboarding and due diligence; and to manage and develop the relationship with Customers, partners or Visitors. | Customers Visitors |
To improve and optimize the Canada Merchant Services, and to conduct research, statistical analysis, analytics, business planning and business intelligence purposes in order to understand how Customers and their representatives or Visitors perceive our products and services, industry trends, usage patterns, and other factors that may affect our business. | Customers Visitors |
To manage our business, including billing, invoicing, account management, reconciliation, collection, audit purposes and internal reporting. | Customers Visitors |
In relation to any proposed or actual merger, acquisition, corporate reorganization, financing, joint venture, assignment, transfer, disposition or similar transaction, including the sale of business, assets or stock. | Customers Visitors |
For the establishment, exercise, or defense of legal claims or potential claims on behalf of ourselves or our affiliates, for the purposes of legal proceedings, for compliance, regulatory and investigative purposes. | Customers Visitors |
To comply with law, regulation, information security standards, best practices including the Payment Card Industry Standards (being the Payment Card Industry Data Security Standard (PCI DSS)) and the National Institute of Standards and Technology Cyber Security Framework (NIST CSF), codes of conduct applicable to or required on payment processors, and any other requirements or rules imposed by payment schemes; to prevent fraud, money laundering, and other illegal activity; and to fulfill compliance reporting obligations. | Customers Visitors |
To safeguard the interests of our users, third parties, or the public, we may disclose personal information associated with you to the entities listed in Section 4, if we determine, in good faith, that such disclosure is necessary to:
| Customers |
For any additional purposes with your consent or as permitted or required by law. | Customers Visitors |
As a “service provider” to our Customers, we may collect and use End User personal information for the purposes in the table below.
Purpose | Relevant Individuals |
To provide the Canada Merchant Services to, and as instructed by, the Customers, including processing e-commerce payment transactions, facilitating payment solutions, calculating applicable sales tax, invoicing and billing, helping Customers calculate revenue, pay bills, and perform accounting tasks, detecting and fixing the security and technical issues, developing and improving Canada Merchant Services and user experiences as instructed by Customer, and providing other Canada Merchant Services requested by Customers. | End Users |
To share personal information with the Customers, where instructed to do so by such Customers, including to provide them with analytics to help them troubleshoot and improve their offering and user experiences. | End Users |
To verify your identity, prevent fraud, and enhance security in accordance with the instructions of the Customers. | End Users |
For our own purposes, we may also use End Users personal information for the purposes described in the table below.
Purpose | Relevant Individuals |
To comply with relevant laws, regulations, information security standards, best practices including the Payment Card Industry Standards (being the Payment Card Industry Data Security Standard (PCI DSS)) and the National Institute of Standards and Technology Cyber Security Framework (NIST CSF), codes of conduct applicable to or required on payment processors, and any requirements or rules imposed by payment schemes, bank partners and payment channel providers; to prevent fraud, money laundering, and other illegal activities; and to fulfill compliance reporting obligations. | End Users |
For the establishment, exercise, or defense of legal claims or potential claims on behalf of ourselves or our affiliates, for the purposes of legal proceedings, for compliance, regulatory and investigative purposes. | End Users |
To safeguard the interests of our users, third parties, or the public, we may disclose personal information associated with you to the entities listed in Section 4 if we determine, in good faith, that such disclosure is necessary to:
| End Users |
To create and use aggregated, de-identified or anonymized data for the development and improvement of Canada Merchant Services and user experiences. | End Users |
4. WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?
We share the personal information of Customers (and their representatives) and Visitors for the purposes indicated under the section How We Use Your Personal Information above, with the following categories of recipients.
· with affiliates who assist in the provision of Canada Merchant Services;
· with any agent, contractor, vendor, or service provider that we work with in providing the Canada Merchant Services. We set out a list of such agents, contractors, vendors, and service providers here;
· with service providers and other third parties where you have instructed us to share information with them;
· with banks, card associations, payment networks or acquiring institutions, and other financial institutions involved in processing of payments and conducting transactions through Canada Merchant Services;
· with law enforcement agencies, government and regulatory or supervisory authorities or any other organizations to which we, or any of our affiliates or service providers, are under an obligation to make disclosure under the requirements of any applicable law, regulation, codes of conduct applicable on payment processors or contractual obligations in provision of Canada Merchant Services;
· with parties relevant to litigation proceedings and the assessment of claims or disputes, including courts;
· with individuals and entities involved in any merger, acquisition, corporate reorganization, financing, or similar transaction with us, including in the event of the sale of all or part of our assets; and
· with our professional advisors (e.g., lawyers, accountants, auditors, and trustees).
Separately, we share the personal information of End Users in accordance with the instructions of the Customers for whom we are a “service provider”. For example, we may be instructed to share End User personal information with the relevant Customer from whom you are making a purchase, or to share End User personal information in order to complete the transaction that an End User requests. Additionally, we may need to share End Users personal information with card schemes, banks, and other financial institutions, or otherwise where legally required to do so (for example, in respect of anti-money laundering, sanction screening and fraud or illegal activity prevention). Please refer to the relevant Customer’s privacy notice for further information about how the Customer shares (and instructs us to share) End Users personal information.
5. HOW DO WE STORE AND PROTECT YOUR PERSONAL INFORMATION?
In relation to Customers (and their representatives) and Visitors, we will keep your personal information in accordance with our policies and for as long as it is necessary to provide you with the Canada Merchant Services or other purposes as set out in this Privacy Notice. In addition, we may retain your personal information for a longer period (including after you are no longer a user of our services) if it is necessary to comply with laws and regulations applicable to us. The criteria we use to determine the appropriate retention periods are:
· regulatory requirements that we are subject to;
· whether a legal claim could be brought against us;
· necessity of information to provide the Canada Merchant Services;
· the type, nature, and sensitivity of your personal information being processed; and
· the legal basis for processing – e.g., consent.
In relation to End Users, we will keep your personal information as instructed by the relevant Customer on whose behalf we process your personal information, except that we may retain End User personal information for longer periods if necessary to comply with laws and regulations applicable to us, and industry or card scheme requirements.
We use a variety of security measures and technologies designed to help protect your personal information from unauthorized access, use, disclosure, alteration or destruction, consistent with applicable data protection and privacy laws and regulations.
6. INTERNATIONAL TRANSFERS OF YOUR PERSONAL INFORMATION
We are a global business, and your personal information are processed outside of your province of residence and outside of Canada, for example United States, Singapore, Germany. Those countries might have data protection regulations that are different from those in the Canada. Regardless of where your information is processed, we take measures to comply with applicable data protection laws related to such transfer.
7. YOUR CHOICES AND PRIVACY RIGHTS WITH RESPECT TO YOUR PERSONAL INFORMATION
Depending on where you are located and which applicable privacy laws apply, Customers (and their representatives) and Visitors may be entitled to exercise the following rights:
· Access/Right to Know: you may request to access that personal information you provided to us. You can also send a data portability request and ask to send you a copy of personal information in a structured, commonly used, and machine-readable format, if it is technically feasible.
· Deletion: You may request that we delete the personal information we have collected about you, subject to certain exceptions.
· Correct or Update Your personal information: You have the right to request that we correct, update, or modify the personal information we maintain about you.
· Withdraw consent: You may withdraw your consent to our processing of your personal information, subject to certain restrictions.
If you are an End User and you would like to exercise your rights with respect to your personal information, please contact the relevant Customer directly. We will support the Customer in meeting your request.
Please note that these rights are not absolute and are subject to a number of exceptions and qualifications which mean they may not always apply.
Submitting Privacy Rights Requests: If you would like to exercise your privacy rights, contact us using the details set out in the Contact Us section below. If you would like to withdraw consent to our use of certain types of cookies, our cookie notice explains how to do this.
Where you are given the option to share your personal information with us, you can always choose not to do so.
However, choosing not to share your personal information with us or withdrawing your consent to our use of it could mean that we are unable to perform the actions necessary to achieve the purposes of processing described (see section How We Use Your Personal Information) or that you are unable to make use of the services and products offered by us. After you have chosen to withdraw your consent, we may be able to continue to process your personal information to the extent required or otherwise permitted by applicable data protection and privacy laws or regulations.
Verification of Your Identity: Depending on the nature of your request, we will ask you for identifying information and attempt to match it to information that we maintain about you in order to verify your identity. Not all of the above request types will be subject to verification. If we are unable to verify your identity with the degree of certainty required, we will not be able to respond to your request. We will notify you to explain the basis of the denial.
8. THIRD PARTY SERVICES AND SITES
We may provide links to third party websites and services (including other online Customer sites) for your convenience and information. These services and websites may operate independently from us. Linked services and websites may have their own privacy notices or policies, which we strongly suggest you review if you visit any linked services and websites. To the extent any linked websites and services you visit are not owned or controlled by us, we are not responsible for (i) these websites’ or services’ content, (ii) any use of these services or websites by you, or (iii) the privacy practices of these services or websites.
9. CHANGES TO THIS PRIVACY NOTICE
We may change, amend or revise this Privacy Notice from time to time. We will notify you of any substantive or material change in this Privacy Notice through a combination of updating this webpage, sending push notifications, e-mails or letters, by phone or by publishing announcements on our websites. You can review this Privacy Notice any time at the homepage of our websites.
Once posted on our website, the new Privacy Notice will become immediately effective unless stated otherwise.
10. CONTACT US
If you have questions, complaints or requests about how we process your personal information, please contact us by email via privacy@us.antgroup.com or at the following business address: AICA Merchant Services Inc., Privacy Office, 525 Almanor Avenue, Suite 100, Sunnyvale, CA 94085.