Privacy Policy

Last Updated: January 2026

1. Introduction

Dorianis Finance Ltd ("we," "us," "our," or "Company") is committed to protecting your privacy and ensuring transparency in how we handle your personal information. This Privacy Policy explains our practices regarding the collection, use, disclosure, and protection of your data when you use our website, services, and communications.

This policy applies to all individuals who interact with Dorianis Finance Ltd, including clients, prospective clients, website visitors, and other users. We comply with applicable privacy laws including the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada and the General Data Protection Regulation (GDPR) where applicable.

2. Information We Collect

2.1 Personal Information You Provide

We collect information you voluntarily provide to us, including:

• Contact Information: Name, email address, phone number, mailing address, and country of residence
• Financial Information: Investment preferences, portfolio details, account information, and financial goals
• Professional Information: Employment status, industry, professional background, and qualifications
• Communication Preferences: How you prefer to be contacted and your interests in our services
• Form Data: Information provided through contact forms, questionnaires, and inquiry submissions

2.2 Information Collected Automatically

When you visit our website, we automatically collect certain information:

• Usage Data: Pages visited, time spent on site, links clicked, and navigation patterns
• Device Information: IP address, browser type, operating system, device identifier, and referring URL
• Location Data: General geographic location derived from IP address (not precise GPS location)
• Cookies and Tracking: Information from cookies, web beacons, pixels, and similar tracking technologies

2.3 Information from Third Parties

We may receive information about you from third parties, including:

• Business partners and financial institutions
• Service providers and vendors
• Publicly available sources and data providers
• Other individuals with whom you have shared your information

3. How We Use Your Information

We use collected information for the following legitimate purposes:

• Service Delivery: Providing investment advisory services, responding to inquiries, and managing client relationships
• Communication: Sending service updates, newsletters, market insights, and promotional materials (with consent)
• Compliance and Legal: Meeting regulatory requirements, Know Your Customer (KYC) obligations, and Anti-Money Laundering (AML) standards
• Business Operations: Improving our services, conducting analytics, and developing new offerings
• Security and Fraud Prevention: Protecting against fraud, unauthorized access, and maintaining system security
• Website Functionality: Enabling technical features, personalization, and optimizing user experience
• Legal Obligations: Complying with court orders, government requests, and applicable laws

4. Legal Basis for Processing

Under GDPR and Canadian privacy laws, we process your information based on:

• Consent: Your explicit consent to collect and use your data
• Contract Performance: Processing necessary to provide agreed-upon services
• Legal Obligation: Compliance with applicable laws and regulations
• Legitimate Interest: Our business interests in improving services and protecting security
• Vital Interest: Protection of health, safety, or fundamental rights

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your data with:

• Service Providers: Third-party vendors providing IT, hosting, analytics, and customer support services
• Financial Partners: Banks, investment firms, and custodians necessary for service delivery
• Regulatory Authorities: Financial regulators, tax authorities, and law enforcement when required by law
• Business Transfers: In case of merger, acquisition, or sale of assets (with notice)
• Other Disclosures: With your explicit consent or as permitted by applicable law

All third-party recipients are bound by confidentiality agreements and are required to maintain data security standards equivalent to our own.

6. Data Retention

We retain your personal information for as long as necessary to:

• Provide our services and maintain our business relationship
• Comply with legal, regulatory, and tax obligations (minimum 7 years for financial records)
• Resolve disputes and enforce agreements
• Protect against fraud and maintain security

Once retention periods expire, we securely delete or anonymize your information, except where continued retention is legally required.

7. Data Security

We implement comprehensive technical and organizational measures to protect your data:

• Encryption of data in transit (SSL/TLS) and at rest
• Secure access controls and multi-factor authentication
• Regular security audits and vulnerability assessments
• Employee training on data protection and confidentiality
• Incident response and breach notification procedures
• Compliance with industry security standards

However, no security system is completely impenetrable. While we strive to protect your information, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials.

8. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

8.1 GDPR Rights (EU/EEA Residents)

• Right of Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete information
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restrict Processing: Limit how we process your information
• Right to Data Portability: Receive your data in a structured, portable format
• Right to Object: Opt-out of certain processing activities
• Right to Lodge a Complaint: File a complaint with your local data protection authority

8.2 Canadian Privacy Rights (PIPEDA)

• Right of Access: Request access to personal information we hold about you
• Right to Correction: Request correction of inaccurate information
• Right to Opt-Out: Decline to have your information used for marketing purposes
• Right to Complaint: File a complaint with the Privacy Commissioner of Canada

9. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance user experience and collect analytics:

• Essential Cookies: Necessary for website functionality and security
• Analytics Cookies: Help us understand how visitors use our site
• Preference Cookies: Remember your settings and preferences
• Marketing Cookies: Used for targeted advertising and promotional purposes

You can control cookie preferences through your browser settings. However, disabling certain cookies may affect website functionality. For more information, see our Cookie Policy.

10. Marketing Communications

We may send you marketing communications, including:

• Email newsletters and market insights
• Product updates and service announcements
• Promotional offers and events
• Educational content relevant to your interests

All marketing communications include a clear unsubscribe option. You may withdraw consent at any time by clicking "Unsubscribe" in our emails or by contacting us directly at finance@dorianis.bond.

11. Third-Party Links and Services

Our website may contain links to third-party websites and services. We are not responsible for their privacy practices. When you access external links, you are subject to their respective privacy policies. We recommend reviewing their privacy statements before providing any personal information.

12. International Data Transfers

Your personal information may be transferred to and processed in countries other than Canada, including the United States and European Union. These countries may have different data protection laws than Canada. By providing your information, you consent to such transfers.

When we transfer data to countries without equivalent privacy protections, we implement appropriate safeguards, including:

• Standard contractual clauses approved by relevant authorities
• Binding corporate rules and data processing agreements
• Your explicit consent to the transfer
• Adequacy decisions under applicable privacy laws

13. Data Breach Notification

In the event of a data breach that may compromise your personal information, we will notify affected individuals and relevant authorities without undue delay, as required by law. Our notification will include details of the breach, types of information affected, recommended protective measures, and our contact information for further assistance.

14. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that a minor has provided us with personal information, we will promptly delete such information and terminate the minor's account. Parents or guardians who believe their child has provided information to us may contact us immediately.

15. How to Exercise Your Rights

To exercise any of your privacy rights, please contact us with your request:

Dorianis Finance Ltd
199 Bay St., Toronto, ON M5L 1A2, Canada
Email: finance@dorianis.bond
Phone: +1 416 867 5000
VAT: 701948253 RT 0001

We will respond to your request within 30 days (or as required by law). We may request proof of identity to verify your request. If we cannot fulfill your request, we will explain the reasons and any available remedies.

16. Data Protection Officer

For questions about our privacy practices or to file a formal complaint, you may contact our Data Protection Officer at finance@dorianis.bond or through the address above.

17. Privacy Policy Updates

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

• Posting the updated policy on our website with a revised "Last Updated" date
• Sending you an email notification of significant changes
• Requesting your consent to material changes, where required by law
• Displaying a prominent notice on our website

Your continued use of our services after notification constitutes acceptance of the updated Privacy Policy. We encourage you to review this policy regularly to stay informed about how we protect your information.

18. Regulatory Compliance

Dorianis Finance Ltd complies with the following regulations and standards:

• PIPEDA: Personal Information Protection and Electronic Documents Act (Canada)
• GDPR: General Data Protection Regulation (EU/EEA)
• CCPA/CPRA: California Consumer Privacy Act and California Privacy Rights Act (as applicable)
• Ontario FIPPA: Freedom of Information and Protection of Privacy Act
• PECA: Personal Information Protection Act (Alberta)
• AML/KYC: Anti-Money Laundering and Know Your Customer regulations
• Financial Services Regulations: Applicable provincial and federal financial services laws

19. Specific Provisions for EU/EEA Residents

If you are located in the European Union or European Economic Area, additional rights apply under GDPR:

19.1 Legal Basis

We process your data based on one or more of the following legal bases: your consent, performance of a contract, compliance with legal obligations, protection of vital interests, performance of tasks in the public interest, or legitimate interests pursued by us or third parties.

19.2 Your GDPR Rights

You have the right to lodge a complaint with your supervisory authority. Contact information for EU data protection authorities is available at https://edpb.ec.europa.eu/about-edpb/board/members_en.

19.3 Data Protection Impact Assessment

When necessary, we conduct Data Protection Impact Assessments to ensure our processing activities comply with GDPR requirements and minimize privacy risks.

20. Specific Provisions for Canadian Residents

If you are a Canadian resident, additional rights apply under PIPEDA and provincial privacy laws:

20.1 Your Canadian Privacy Rights

• Right to know what personal information we hold about you
• Right to request correction of inaccurate information
• Right to withdraw consent at any time
• Right to complaint to the Privacy Commissioner of Canada
• Right to understand why we collect, use, and disclose your information

20.2 Privacy Commissioner Contact

If you have concerns about our privacy practices, you may contact the Privacy Commissioner of Canada:
Phone: 1-800-282-1376
Website: www.priv.gc.ca

21. Sensitive Personal Information

We take special care with sensitive personal information, including:

• Health and medical information
• Financial records and account details
• Social Security numbers and tax identification numbers
• Biometric data and genetic information
• Information about racial or ethnic origin, political opinions, religious beliefs
• Information about criminal convictions or offences

Sensitive information is processed only with explicit consent, or where required by law for KYC/AML compliance. We apply enhanced security measures and restrict access to authorized personnel only.

22. Automated Decision-Making

We may use automated decision-making processes, including:

• Risk assessment and fraud detection systems
• Eligibility determination for services
• Personalized recommendations based on your profile
• Analytics and profiling for service improvement

You have the right to request human review of automated decisions that significantly affect you. Please contact us to exercise this right.

23. Vendor and Service Provider Standards

All third-party vendors and service providers who handle your personal information are required to:

• Sign Data Processing Agreements (DPA) outlining their responsibilities
• Implement security measures equivalent to or exceeding our standards
• Use data only for specified purposes
• Cooperate with audits and security assessments
• Maintain confidentiality of your information
• Promptly report any breaches or security incidents

24. Contact Information and Complaints Process

For privacy inquiries, access requests, or to file a complaint:

We aim to resolve privacy concerns within 30 days. If you are unsatisfied with our response, you have the right to escalate your complaint to the relevant regulatory authority in your jurisdiction.

25. Glossary of Terms

Personal Information:

Any information relating to an identified or identifiable natural person that can be used to directly or indirectly identify them.

Data Processing:

Any operation performed on personal data, including collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, transmission, or erasure.

Data Controller:

Dorianis Finance Ltd, which determines the purposes and means of processing personal data.

Data Processor:

A third party that processes personal data on behalf of the controller, subject to contractual agreements.

Consent:

Your freely given, specific, informed, and unambiguous agreement to the processing of your personal data.

Breach:

A security incident resulting in accidental or unlawful access, disclosure, or loss of personal data.

Encryption:

The process of converting readable data into coded form to prevent unauthorized access.

26. Final Statement

At Dorianis Finance Ltd, we are committed to maintaining the highest standards of data protection and privacy. Your trust is fundamental to our business, and we take our responsibility to protect your personal information seriously. We continuously review and improve our privacy practices to ensure compliance with evolving regulations and to meet or exceed your expectations.

If you have any questions about this Privacy Policy or our privacy practices, please do not hesitate to contact us. We welcome your feedback and are committed to working with you to address any privacy concerns.

Last Updated: January 2026
Effective Date: January 1, 2026
Version: 2.0
Company: Dorianis Finance Ltd | VAT: 701948253 RT 0001
Jurisdiction: Canada (Ontario) | GDPR Compliant for EU/EEA Residents