Effective Date: October 8, 2025

Oxen International Website

Information security statement

Download PDF
FR
arrow-language-btn

This Privacy Policy applies to your use of the Oxen website and services, including any interactions or transactions conducted via our platform.

Oxen is a registered trademark and marketing brand used by Lapki Digital Pay Inc., a federally incorporated Canadian company and registered Money Services Business (MSB) with FINTRAC under registration number C100000671.

Oxen is not a separate legal entity, and all services are offered and administered solely by Lapki Digital Pay Inc., headquartered at:

205 – 50 Lonsdale Ave #2630
Vancouver, BC V6M 2E6
Canada

1. Our Commitment to Security

We take a proactive approach to safeguarding personal and financial information entrusted to us. Security is embedded into the way we design, build, and operate our platform. Our security program is aligned with internationally recognized standards and is continuously evolving to address emerging threats.

2. Security Governance

Our internal Information Security Management practices include:

  • Alignment with the principles of ISO/IEC 27001
  • Internal security policies, access controls, and data classification protocols
  • Ongoing employee security training and awareness
  • Regular internal reviews and risk assessments


We work to ensure that every team member and system component upholds our commitment to protecting sensitive information.

3. Cybersecurity Measures

We implement multi-layered defenses to protect our platform and your data, including:

  • End-to-end encryption of sensitive data (in transit and at rest)
  • Real-time system monitoring and threat detection
  • Regular vulnerability assessments and penetration testing
  • Secure APIs and web application firewall protection
  • Role-based access control (RBAC) and principle of least privilege

4. Business Continuity and Operational Resilience

We maintain high standards for service reliability and continuity:


  • Business Continuity Plans (BCP) and Disaster Recovery (DR) protocols are in place
  • Regularly tested data backups stored securely in geographically diverse regions
  • Critical infrastructure is deployed in high-availability, fault-tolerant environments

5. Regulatory Compliance and Data Privacy

We are committed to meeting or exceeding legal and regulatory requirements, including:

  • FINTRAC compliance as a registered Canadian Money Services Business (MSB)
  • PIPEDA for Canadian data protection
  • GDPR for users in the European Economic Area
  • CCPA/CPRA for eligible users in California
  • Ongoing compliance with applicable AML/CTF regulations


We apply a privacy-by-design approach across all services and data flows.

6. Continuous Improvement

Security is not a one-time project — it is a continuous process. We regularly review and improve our systems, controls, and training in response to new technologies, evolving threats, and changing legal requirements.

7. Contact Us

If you have any questions about our information security practices, or if you suspect a vulnerability or incident involving our platform, please contact us at:
📧Email: security@oxen.finance
📍Mailing Address:
Lapki Digital Pay Inc.
205 – 50 Lonsdale Ave #2630
Vancouver, BC V6M 2E6
Canada