Privacy Policy

Last updated: 1 February 2026

INTRODUCTION

InfraRed provides fraud and compliance management solutions. Businesses use our products to validate documents, extract key information from documents, detect fraud in documents, and screen other entities on sanctions lists, watchlists, and for political exposure.

This Privacy Policy (“Policy”) explains:

  • how we collect, use and manage the personal data that you share with us
  • your rights and choices with respect to your personal data
  • how you may reach us with privacy-related concerns

At InfraRed, we are committed to protecting the privacy of the personal information that is provided to or collected by us while using our Services.

PURPOSE OF THIS PRIVACY POLICY

The purpose of this privacy policy is to give you information about how we collect and process your personal data. This privacy policy supplements our Terms of Use and any other notices that we may provide on specific occasions when we are collecting or processing your personal data.

DEFINITIONS

  • InfraRed (“we”/“us”/“our”): refers to Infrared Compliance Solutions Inc.
  • You/Your/User: refers to any person/entity using our Services, either for themselves or on behalf of others, or any person/entity on whose behalf our Services are being used.
  • Services: refers to our website (www.byinfrared.com), web application, dashboard, APIs, SDKs, and any related products, features, functionalities, subdomains or online services provided by InfraRed under our Terms of Use.
  • Personal data: refers to any information associated with an identified or identifiable individual, which can include data that you provide to us, and that we collect about you during your interaction with our Services (such as device information, IP address, etc.).

THE TYPE PERSONAL DATA THAT WE MAY COLLECT

The specific types of personal Information that we may collect, use and store are as follows:

  • “Identity Data”: We collect information about entities, their representative(s), and any other information you may provide to register or prove you are eligible to use our Services and in compliance with regulatory requirements on Know-Your-Business (KYB) and Anti-Money Laundering Laws (AML) and regulations.
  • “Contact Data”: This may include your office address, email address and telephone number of representatives.
  • “Financial Data”: This includes information such as financial institution, expenses made on our platforms, payment information and such other information that would make your use of and payment on our platform easier.
  • Transactional Data: Transactional information, such as purchase history and order details, is collected to facilitate transactions, process orders, and provide customer support.
  • Location Data: We may collect location information, including GPS coordinates and IP addresses, to provide location-based services or improve the functionality of our platform.
  • Marketing and Communication Data: This includes data relating to your preferences in receiving communications with respect to our products and Services from us as well as your communication preferences.

LEGAL BASIS FOR OUR USE OF YOUR PERSONAL DATA

We will use your personal data only to the extent permitted by the GDPR and other applicable privacy laws. Your personal data may be processed under any of the following legal basis where:

  • You consent to our use of your personal data.
  • Your personal information is necessary for the performance of the contract to use our Services.
  • We need to comply with a legal obligation such as KYB or AML laws.
  • We need to protect your vital interest or the vital interest of another individual.
  • It is in the interest of the general public to process your data.

While we mostly collect and process your data with your consent, we may collect and process your data under any of the identified lawful bases depending on the circumstance. We do not always need your consent to process your data. However, we do need your consent before we can process your data for purposes such as direct marketing communications. You are at liberty to withdraw your consent to such kinds of processing at any time. Where such withdrawal makes us unable to proceed with providing you with certain Services, we will inform you accordingly.

By using our Services, you agree to the terms of this Privacy Policy, as to allow us to utilize your data to serve you more accurately.

OUR ROLE AS DATA CONTROLLER

A “controller” is a person or organization who alone or jointly determines the purposes for which, and the way any personal data is, or is likely to be, processed. With respect to any information provided to us by any users of InfraRed, the Data Controller is Infrared Compliance Solutions Inc.

DISCLOSURE OF YOUR INFORMATION

We may disclose your personal information to any of our affiliates. We may also disclose your personal information to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms of Use and other agreements; or to protect our rights, property, or safety or those of other users or the general public.

DATA SECURITY

We will take reasonable steps to protect personal information disclosed to us from loss, modification, misuse, unauthorized access and/or disclosure. While we do our best to protect your personal data, we cannot guarantee the security of your data transmitted to us over the internet as transmission over the internet is not completely secure; therefore, we note that any such transmission is at your own risk. However, we will use strict procedures and security features to try to prevent unauthorized access once we have collected your information. We are bound by international standards and best practices on information and cyber security as may be issued from time to time.

DATA RETENTION

We retain your data for such a period as is necessary for the purpose for which it was collected. Storage of your data is also determined by legal, regulatory, administrative, or operational requirements. We only retain information that allows us to comply with legal and regulatory requests for certain data, meet business and audit requirements, respond to complaints and queries, or address disputes or claims that may arise. When data is no longer required for the purposes for which it was collected, we securely destroy it.

THIRD PARTY SITES

Our website and Services may contain links to third-party websites, products, and services. Our products and Services may also use or offer products or services from third parties. Information collected by third parties, which may include such things as location data or contact details are governed by their privacy practices and we will not be liable for any breach of confidentiality or privacy of your information on such third-party websites. We encourage you to learn about the privacy practices of those third parties.

PRIVACY POLICY CHANGE

We may modify this Privacy Policy from time to time without prior notice by publishing a new version of the Privacy Policy on our website. Any changes to the Privacy Policy will be reflected on the website and will become effective immediately upon publication. We encourage you to periodically review this Privacy Policy to stay informed about how we are protecting the personal data we collect. If changes to the Privacy Policy are material, we will do our best to notify you via email or through a notification on our website.

ACCESS, CONSENT AND CORRECTION

We will take reasonable steps to ensure that the personal data we collect remains accurate, up to date and complete. We will also provide you with access to your personal information held by us on your request unless we are otherwise permitted by applicable laws. If you wish to access or correct personal information that we hold about you, please contact us through the contact details provided below. You have the right to withdraw consent previously given for processing your data or restrict the processing of your personal data. We might however continue to process your data if there are valid legal or operational reasons.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us. Furthermore, if you discover any inaccuracies in your personal information, please promptly notify us by contacting us through the contact details provided below.

YOUR LEGAL RIGHTS

In addition to being able to control the data you directly provide to us, you may exercise any of the below rights with respect to your data:

  • Request information about any of your personal data which we are processing, and request access to your personal information which we process.
  • Request correction of personal information that we hold about you to make them more accurate or to reflect change in circumstances.
  • Request us to refrain from doing certain things with your data or restrict the extent of our collection or processing of your data.
  • Request partial or complete erasure of your personal information.
  • Object to our processing of your personal information where we are processing your personal information for direct marketing purposes.
  • Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you.
  • Request the transfer of your personal information to another party. If you wish to exercise any of the rights set out above, please contact us using the contact details provided below.

CONTACT DETAILS

If you have any questions about this privacy policy or our privacy practices, please contact us using the details provided below:

Email address: [email protected]