%20(1520%20x%20400%20px).avif)
Privacy Policy
Last updated: [Insert date]
1. General
1.1 [Company Name] (“the company”, “we”, “us”) is committed to protecting your information and respecting your privacy.
We are registered as a data controller with the appropriate supervisory authority.Registration reference: [Insert registration/ID if applicable]. This Privacy Policy, together with our Account Terms & Conditions (and any documents referenced there), explains the basis on which any personal data we collect from you, or that you provide to us, via our website [insert domain](“Website”) or in connection with your account, will be processed. By completing forms, speaking with our staff, submitting details to us, or using the Website, you agree that we will collect, use, and disclose your personal information as described here. If you do not agree, please discontinue use of our services.
1.2 Changes to this Privacy Policy
Any changes we make will be posted on this page and become effective when published. Where required by law, we may update the Policy without prior notice. If we make material changes to how your data is used, we will notify you by reasonable means prior to the change taking effect. You may object to new uses by contacting us as set out in Section 11 (Contact Us); an objection may result in closure of your account in line with the Account Terms & Conditions.
2. Information We Collect
2.1 Information We Collect from You
We may collect and process:Identity & contact data: title, full name, nationality, date of birth, current address, email, mobile and landline numbers, and identity/address documents (e.g., passport, licence, utility bill) provided during onboarding. Transactional data: details of transactions you initiate via the Website, by phone, or email, and the fulfilment of your requests.Payment instruments: details of the bank account or card used for transactions.Marketing & participation: entries in promotions, survey responses, and communication preferences.Correspondence & calls: records of emails, letters, chats, and calls to/from us. Technical data: cookies (see Section 10), IP address, login times, operating system, browser type, device identifiers.Usage data: pages visited, traffic, location (where enabled), weblogs, and resources accessed on the Website.
2.2 Information We Collect from Third Parties
To comply with fraud-prevention and anti-money-laundering obligations, we may obtain data from credit reference agencies, fraud-prevention databases, sanctions/PEP lists, identity-verification providers, and other lawful sources (e.g., public registers). This may include financial history, court judgments, or bankruptcy data where permitted.3. How We Use Your Information (Lawful Bases)
We process personal data only where a lawful basis applies:
To perform a contract / take steps prior to a contractOpen and operate your account; assess and decide whether to enter into a contract; provide requested services; maintain relevant records.
Our legitimate interestsGood governance, accounting, auditing, and management of our operations; market research and statistics; improving and developing our services; sending direct marketing where permitted (or with consent where required).
Legal obligationResponding to data-protection rights requests; complying with legal and regulatory requirements and disclosures; establishing and defending legal claims; preventing, detecting and investigating crime; identity verification, fraud-prevention and AML/CTF checks; monitoring communications and account activity as required by law or guidance.
ConsentDisclosing data to third parties at your request; processing special-category data where you ask us to; sending marketing communications where consent is required. You may withdraw consent at any time.4. Storing Your Personal Data
4.1 Location
Your data may be transferred to and stored outside your country (including outside the UK/EEA), for example:to provide services you request (e.g., payments to non-EEA destinations);where screening, verification, or technology providers are located abroad;where a referring partner is entitled to commission (see 6.5).
We take appropriate safeguards (e.g., Standard Contractual Clauses, adequacy decisions) to ensure your data remains protected in line with this Policy and applicable law.
4.2 Security
We implement physical, technical, and organisational measures to protect information, including encryption, access controls, and secure development practices. Website sessions are protected by TLS/SSL.You are responsible for keeping login details confidential. If you suspect compromise, update your credentials immediately and notify us (see Section 11). Transmission over the internet carries risk; once received, we apply strict procedures to prevent unauthorised access.
4.3 Retention
We retain records for at least five (5) years after account closure (or longer where required) to meet AML and legal obligations. Data not required will be securely deleted or anonymised.5. Your Rights (UK GDPR/EU GDPR equivalents)
Subject to conditions and exemptions, you may have the right to:Be informed about processing;Access your personal data;Rectification of inaccuracies;Erasure (right to be forgotten);Restriction of processing;Data portability;Object to processing (including direct marketing);Not be subject to solely automated decisions, including profiling, that produce legal or similar significant effects.
You also have the right to complain to your supervisory authority. Details are available on request or via the authority’s website. We will cooperate with the authority and comply with applicable rulings.6. Disclosure of Your Information
6.1 Group Companies
We may share data within our corporate group (subsidiaries/holding company) for service provision, support, fraud monitoring, and operations.
6.2 Merchants and Other Customers
To complete payments, we may share your email and, where required by the recipient or scheme rules, name, address, and country of residence to reconcile transactions, improve payment processing, or perform AML checks.
6.3 Fraud & Credit Reference Agencies; Service Partners
At onboarding, periodically (e.g., up to every 3 months), and as needed, we share relevant information with banks, payment partners, identity-verification providers, fraud-prevention and credit-reference agencies to verify users, manage risk, and prevent crime. These parties may log queries and share results with other agencies in line with law.
6.4 Strategic Partners & Suppliers
We may share limited account information (e.g., name, address, contact details, date of birth) with operational partnerssupporting product performance and service delivery. These partners process data under their own legal obligations and privacy notices. Where required, we ensure appropriate certifications/authorisations and cross-border safeguards.
6.5 Other Disclosures
We may disclose information to:prospective buyers or investors in connection with corporate transactions;law-enforcement, regulators, courts, or others where required by law or to protect rights, property, or safety;third parties where you request or consent;referrers entitled to commission; where commission is volume-based we may share aggregated transaction counts/values (not full transaction details without your further written consent);vetted third parties engaged to deliver services you requested (they may use data only for that purpose).
6.6 Automated Decision-Making
We may use automated processing (including profiling) to assess eligibility, manage risks, detect fraud, and tailor marketing (where permitted). When used to assess your application or produce legal/similar effects, it is necessary for contract performance and subject to safeguards. You can request human review where required by law.7. Communicating With You
We may contact you at the primary email and phone numbers registered to your account. You may receive system notifications (e.g., payment confirmations, security alerts) necessary for account operation.
7.1 Newsletters & Marketing
You can opt out of marketing at any time. Each marketing email contains an unsubscribe link. Operational emails related to your account will still be sent.
7.2 Phishing
We will never ask for your password by email or phone. If you receive a suspicious request, do not respond; report it using the channels in Section 11.8. Links to Other Websites & Social Features
Our Website may link to third-party sites and include social features or widgets. These may collect your IP address, page visited, and set cookies. Your interactions are governed by the third party’s privacy policy. We are not responsible for their practices.9. Accessing and Updating Your Information
Please keep your details current. You can update certain fields in your account or by contacting us (Section 11). We are not liable for losses arising from outdated information. Address/phone updates may be limited in frequency for security reasons. To deactivate your account, see the Account Terms & Conditions. You may request access to your data at any time.10. Cookies
10.1 General
Cookies are small data files placed on your device. They help websites function, improve efficiency, and provide analytics. Learn more at allaboutcookies.org.
10.2 Types of Cookies and Consent
We may use:Strictly necessary cookies – essential for login, security, and core features;Compliance cookies – supporting AML/fraud prevention and session protection;Performance cookies – analytics to improve our site (aggregated and anonymous);Functionality cookies – remembering preferences (e.g., language, region);Third-party cookies – for embedded content (e.g., video, social widgets).
By using the Website, you agree we may place Performance and Functionality cookies unless you adjust settings (see 10.3). Third-party cookies are controlled by the relevant provider.
10.3 Blocking Cookies
You can block cookies via your browser settings. Blocking Strictly necessary or Compliance cookies may prevent access to parts of the Website. Some cookies may be set on visit unless blocked in advance.11. Contact Us
Questions, requests, or complaints about this Privacy Policy or our data practices can be sent to:Email: [insert privacy/compliance email]Postal: [insert Data Protection Officer/Privacy Office address]Phone (optional): [insert number]
We will respond within the timelines required by applicable law.