Legal Notice

Cookie Policy

TIB Finance uses cookies. A cookie is a small text, graphic, or flash file that our web servers place on a user's computer or device to serve as a unique identifier. Cookies also allow us to automatically reconnect a user to our services, as long as the user chooses to enable this option.

Use of Our Cookies

TIB Finance cookies do not have an expiration date. Our cookies may collect personally identifiable information, including username and password to support optional automatic login. Cookies may also be used to identify and track transactions introduced by recognized partners and to support optional user choices to save and reuse certain payment information for future transactions.

Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use our site, but your ability to use certain features or areas of our site may be limited.

Technologies Used

Technologies such as cookies, beacons, tags, and scripts are used by TIB Finance and our marketing partners, merchants, affiliates, or analytics or service providers, including online customer support providers and online transaction processors. These technologies are used to analyze trends, administer the site, track user movements on the site, and gather demographic information about our user base as a whole.

Types of Cookies Used

Type	Description	Functionality
Strictly Necessary	These cookies are essential for the site to function	Navigation, authentication, forms
Functional	Enable enhanced functionality	Preferences, history, personalization
Performance	Visit and traffic analysis	Statistics, site improvement
Targeting	For personalized advertising	Marketing, relevant content

Intellectual Property

This section describes the procedure to follow for filing claims related to copyright infringement.

Copyright Infringement Complaint Procedure

If you believe that your copyrighted work has been copied in a manner that constitutes copyright infringement and is accessible via TIB Finance, you may notify our copyright agent, in accordance with applicable law. For your complaint to be valid, you must provide the following information:

1. A physical or electronic signature of a person authorized to act on behalf of the owner of an exclusive right that has allegedly been infringed.
2. Identification of the copyrighted work that is alleged to have been infringed or, if multiple works are involved, a representative list of such works.
3. Identification of the material that is alleged to infringe or to be the subject of infringing activity and that is to be removed or access to which is to be disabled, and information reasonably sufficient to permit TIB Finance to locate the material.
4. Information reasonably sufficient to permit TIB Finance to contact the complaining party, such as an address, telephone number, and, if available, an email address.
5. A statement that the complaining party has a good faith belief that the use of the material in the manner complained of is not authorized by the copyright owner, its agent, or the law.
6. A statement that the information in the notification is accurate and, under penalty of perjury, that the complaining party is authorized to act on behalf of the owner of an exclusive right that has allegedly been infringed.

Please note that under applicable law, if you knowingly make a false statement that online material constitutes an infringement, you may be subject to heavy civil penalties, including damages, court costs, and attorney fees incurred by TIB Finance or by any copyright owner or its licensee who is injured as a result of our reliance on such false statement. You may also be subject to criminal prosecution for perjury.

GDPR Compliance

The General Data Protection Regulation came into effect on May 25, 2018. This regulation replaces the various national regulations and laws that were in place in the European Economic Area (EEA) over the previous two decades. The regulation increases the level of control that EEA citizens and residents have over their personal data in the digital age and presents a more unified environment for international businesses in Europe.

Impact of GDPR

The regulation impacts any company that receives, processes, stores, or transfers personal data of individuals based in the EEA, regardless of its location. Personal data is broadly defined and generally includes information about an individual such as name, email, location, online identifier, IP address, home address, etc., whether in a professional or domestic context. New rights are granted to data subjects regarding stored personal data, including the right to prior notification of how the data will be used, how it will be processed, and when it will be deleted.

TIB Finance and GDPR

TIB Finance has updated its terms and conditions, privacy policy, and cookie usage to comply with GDPR requirements, as well as to ensure that our systems and third-party services are compliant. We continue to ensure that our systems and third-party services remain compliant.

International Data Transfers

Following the invalidation of the EU-US Privacy Shield by the European Court of Justice in July 2020, TIB Finance uses the EU Standard Contractual Clauses as the basis for compliance regarding data transfers from the EEA to countries, including the United States, that are not recognized as having adequacy status by the EU. TIB Finance is updating data processing agreements with the relevant parties involved in the processing, receipt, and storage of personal data.

Prohibited Activities

By registering with TIB Finance, you confirm that you will not use the Service to accept payments related to prohibited businesses, prohibited business activities, or prohibited business practices.

List of Prohibited Items

1. You may not sell or promote items or services prohibited by law in the jurisdiction of the transaction.
2. You may not sell the items listed below:

• Any illegal or unlawful goods or services or that encourage, promote, facilitate, or instruct others to engage in illegal activity
• Business/investment/money-making opportunities operating as get-rich-quick schemes/Home internet businesses (e.g., real estate investment without capital, work from home, etc.)
• Computer viruses, worms, Trojan horses, dishonest adware, malware, unauthorized rootkits, and other malicious and/or illegal software
• Counterfeit goods; counterfeit products, brand imitations, stolen/recalled property
• Credit repair
• Crowdfunding
• Cryptocurrency
• Debt collection, debt counseling, debt settlement, debt relief, or debt consolidation
• Escort services & bride catalogs, sexual services, mail-order brides
• Essay writing/paper mills
• Financial advisory services
• Foreign currency exchange services or software, binary options
• Betting tips/sports predictions or odds/Internet gambling and other card-not-present wagering/Legal/regulated point-of-sale gambling
• Live animals, human body parts/fluids/remains (excluding hairpieces)
• Medical benefit packages, discount medical cards, medical/therapeutic services, medical consultation, dental plans
• Money laundering
• Outbound telemarketing (business to consumer)
• Phone unlocking services, jailbreakers
• Pornography and adult content featuring children and/or persons under 18 years of age; and/or featuring rape/violence/bestiality and/or any other illegal sexual content
• Products that infringe or violate copyrights, trademarks, privacy, or intellectual property rights
• Rape/Violence
• Satellite/cable signal decoders/cards
• Sites promoting hate, racism, religious persecution, or containing offensive content
• Spyware
• Timeshare cancellation
• Unregulated and/or unlicensed financial companies, securities and trading firms
• Virtual gaming tokens, credits, penny auctions, fee-based auctions, or non-refundable fee auctions
• Warranty companies
• Weapons, firearms, ammunition, explosives, hazardous materials, fuels, knives

Payment Data Security (PCI-DSS)

TIB Finance and Merchant Responsibilities

TIB Finance is compliant with the Payment Card Industry Data Security Standards (PCI-DSS) at Level 1, which is the highest level of PCI compliance.

Whenever cardholder payment data is transmitted, processed, or managed through the TIB Finance platform, we assume responsibility for the appropriate security of the data entrusted to us in accordance with PCI-DSS requirements.

Merchants who use TIB Finance-hosted secure order pages benefit from the fact that the primary PCI compliance burden is covered by TIB Finance. Nevertheless, since merchants have access to transaction invoices, they must carefully manage the administration of this data in accordance with applicable privacy legislation and card association rules.

Merchants who host their own order pages and use TIB Finance payment APIs are required to be fully PCI-DSS compliant and are responsible for the secure management of all buyer payment data. These merchants are encouraged to simplify their compliance obligations and to protect and secure their business and their customers' data.

Refund Policy

Refund policies are determined and implemented by each merchant. If you have a refund, return, or exchange request for an order placed with your merchant, please contact them directly. Each merchant must clearly state their refund policy in their website terms and conditions so that the buyer fully understands these terms before completing their purchase.

Subscriptions and Recurring Fees

Ongoing subscriptions and recurring fees can be canceled at any time. Cancellation will take effect from the next billing period. A cancellation will only cancel future billings.

Dispute Resolution Procedures

The TIB Finance dispute resolution system is designed to facilitate polite and friendly communication between merchants and buyers and to help them resolve any issues that may arise.

Grounds for Cancellation

TIB Finance reserves the right to cancel a transaction in order to comply with credit card industry regulations, payment processor and banking rules, or the need to comply with legal requirements, intellectual property rights, court orders, and law enforcement agencies. Additionally, TIB Finance may cancel transactions that it reasonably considers to be potentially fraudulent, illegal, or in violation of TIB Finance's prohibited items policy or privacy policy.

Privacy Policy

TIB Finance holds personal information in the course of its business activities. We are committed to protecting the confidentiality and security of this information in accordance with Quebec's Act respecting the protection of personal information in the private sector and other applicable privacy legislation.

In the course of providing our services, we may receive personal information from third parties, including credit agencies such as Equifax and TransUnion. This information may be shared with our clients as part of credit reports and verification services.

TIB Finance discloses personal information only where necessary for the provision of its services, in accordance with the consents obtained and for the purposes indicated at the time of collection. In certain cases provided for by law, TIB Finance may also be required or authorized to disclose certain personal information without the consent of the individual concerned, in particular to legal advisors, to competent authorities, in connection with a legally authorized request, for the recovery of a debt, to prevent or detect fraud, or where such disclosure is necessary for the performance of a mandate or a service contract entrusted to a supplier. In all cases, TIB Finance limits disclosure to the information that is necessary and applies reasonable confidentiality and security measures.

Data Accuracy and Updates

TIB Finance is committed to maintaining accurate and up-to-date personal information. We employ multiple verification methods and update processes to ensure data quality.

Verification Sources

• Credit agencies (Equifax, TransUnion)
• Official documents provided by individuals
• Direct confirmation with data subjects

Update Process

• During new service requests
• Periodic reviews of existing records
• Upon client request

Controls in Place

• Automated format validation
• Cross-verification with multiple sources
• Automatic alerts for data inconsistencies
• Regular staff training on data quality

Your Rights and Access Procedure

Under applicable privacy legislation, you have the following rights regarding your personal information:

• Right of access to your personal information
• Right to rectification of inaccurate information
• Right to erasure (right to be forgotten)
• Right to restriction of processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent

Access Request Procedure

1. Submit your request via our contact form or by mail to our Privacy Officer
2. Identity verification: provide a copy of a government-issued photo ID and proof of residence
3. You will receive an acknowledgment within 10 business days of receipt of your complete request
4. A response will be provided within 30 days of acknowledgment
5. If you are not satisfied with our response, you may file a complaint with the Commission d'accès à l'information du Québec

Security Measures

TIB Finance implements comprehensive security measures to protect personal information from unauthorized access, disclosure, alteration, or destruction.

Access Controls

• Multi-factor authentication for all system access
• Role-based permissions based on job function
• Principle of least privilege applied to all users
• Comprehensive access logging and monitoring

Secure Systems

• AES-256 encryption for data at rest and in transit
• Enterprise-grade firewalls and network segmentation
• 24/7 intrusion detection and prevention systems
• Regular security updates and patch management

Internal Policies

• Annual security awareness training for all employees
• Regular security audits and penetration testing
• Confidentiality agreements for all staff
• Acceptable use policy for all systems and data

Incident Management

• Documented incident response plan
• Dedicated security incident response team
• Notification procedures to authorities and affected individuals as required by law

Physical Security

• Access cards and biometric controls for premises access
• 24/7 video surveillance
• Clean desk policy
• Secure document shredding

Data Retention and Destruction

TIB Finance retains personal information only as long as necessary to fulfill the purposes for which it was collected, or as required by law.

Retention Periods

• Maximum 7 years after the end of the business relationship
• Legal obligations may require extended retention periods
• Marketing information retained for maximum 3 years

Secure Destruction Methods

• Electronic data destruction following NIST 800-88 guidelines with certificate of destruction
• P-4 or higher cross-cut shredding for paper documents
• Physical destruction of storage media when decommissioned
• Destruction logs maintained for audit purposes

Anonymization

Where appropriate, personal information may be anonymized rather than destroyed for statistical and analytical purposes, in accordance with applicable privacy legislation.