- References to “you” in this policy are to the individual who is accessing or applying to use the Services either on your own account or on behalf of a business. This includes, in relation to a customer or prospective customer of Tiaplata, any sole trader and any principals, including the managing and financial directors, any other directors and officers, shareholders, partners and beneficial owners of a customer, as well as any member of staff accessing or using the Services on behalf of a customer.
INFORMATION WE MAY COLLECT ABOUT YOU
We will collect and process the following Personal Information and other information about you:
- Information you provide us:
- You may provide us information about you when you sign up to use our Service, e.g., when you provide us with personal details like your name and email address. This also includes information you provide through your continued use of our Services, e.g., by reporting problems with our Services. The information you provide us may include your name, phone number, address, email address, financial information (including credit card, debit card, and/or bank account information), payment details and reason, geographical location, personal identification number, tax identification number, personal description and “selfie” photograph, photograph of your identity document.
- In some cases, such as when you send or receive transactions, or where we need to comply with anti-money laundering regulations, we may also require more information from you, e.g., commercial or identification information.
- With regard to your use of our Services, we may automatically collect the following information about you:
- technical information, including IP address, your login information, browser type and version, time zone setting;
- information about your visit, including the full URL; products you viewed or searched for; length of visits to certain pages, page response times, download errors, and methods used to browse away from the page and any phone number used to call our customer support number
- details of the transactions you make when using our Services, including geographic location from which the transaction originates.
- Information from other sources: we may receive information about you from other sources and add it to our account information, including when you apply to use the Services. For example, we work closely with, and receive information from, third parties like business partners, banks and other financial institutions, merchants, subcontractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, government lists and databases, social media sites (including posting made by or about you or us), credit reference and fraud prevention agencies. We may also review public comments and opinions made on social networking sites (e.g., Facebook, Google, LinkedIn and Twitter) to better understand our customers and our provision and development of Services.
- We may aggregate Personal Information. Such aggregated information does not personally identify you or any other user of the Services. For example, we may aggregate Personal Information to calculate the percentage of our users who have a particular telephone area code.
USE AND DISCLOSURE OF THE INFORMATION
- We may use your Personal Information in the following ways:
- to carry out our obligations relating to your contracts and transactions with us and to provide you with the information, products and services that you request from us, as well as related customer service;
- to notify you about changes to your contracts with us, to our Services or to send you other administrative information;
- to administer our Services and for internal operations, including testing, data analysis research, troubleshooting, statistical and survey purposes;
- to help us to keep our Services safe and secure;
- to improve our Website and to ensure other Services are presented in the most effective manner;
- to measure or understand the effectiveness of advertising we serve and to deliver relevant advertising to you;
- consistent with choices that may be available to you, to provide you with information about other similar goods and services we offer; and
- to provide you, or permit selected third parties to provide you, with information about goods or services we feel may interest you.
- We may also use and disclose Personal Information as we believe necessary or appropriate:
- to comply with any applicable legal and/or regulatory requirements, including laws outside your country of residence or domicile;
- to comply with legal process;
- to prevent and/or detect fraud, financial crime, manage risk and to better protect ourselves, our customers and the integrity of the financial system, it may be necessary to process and disclose sensitive personal information (sometimes known as special category personal data) including biometric data to third parties who help us in managing such risks, including identity verification. This may include software and services we use to verify your identity/age by determining whether a selfie you take matches the photo in your identification document;
- during the identification process we may use a facial recognition process to compare your selfie with your uploaded identification document. During this process biometric data is generated by creating a digital map of your face in order to better compare your identification document photo and your selfie photo. This helps to reduce fraud and is therefore in the substantial public interest. But any biometric information generated is immediately deleted following a match. We do not generally store or retain biometric data because such information is generally generated using secure third-party anti-fraud systems. If your biometric information is stored, retained, or used directly by us in any way, you will be notified at the point of collection;
- to prevent, detect and prosecute fraud and other crimes and abuses of the financial system, or to assist others in doing so, including non-compliance with any terms of the contract with us and which may involve the sharing of any relevant or necessary information we have collected or inferred with third parties for such purposes. We participate in anti-fraud initiatives, which involve assessing you (and/or your customers) and monitoring your transactions and/or locations, to detect patterns requiring investigations or otherwise profile and assess the likelihood of fraud occurring or non-compliance with our or other’s terms of the contract with us. We can do so utilising products and services from third parties. Additionally, if you give us false or inaccurate information about you, or we identify or suspect a fraud or a crime, we may pass your information to fraud prevention agencies and organisations and to law enforcement agencies and similar bodies, and we may decide to take legal action against you;
- to respond to requests from public and government authorities, including public and government authorities outside your country of residence, upon demonstration of lawful authority;
- to enforce our contracts with you;
- to help to keep our Services safe and secure, including to protect our rights, privacy, safety or property, and/or that of our partners, you or others, and to investigate, prevent, detect or suppress fraud; and
- to allow us to pursue available remedies or limit the damages that we may sustain.
- We may disclose and share your Personal Information with selected third parties including:
- recipients/senders of a payment in the context of the specific relevant transaction;
- third-party credit and financial Institutions (where allowed under any terms or other contract), including the credit institution where the sender or recipient (and their businesses, respectively) maintain their bank account(s) and the card schemes governing the issue and use of credit, debit, charge, purchase or other payment cards, alternative payment schemes and any other financial institutions who may process payments and who are not operating under our control nor for whose actions or omissions we have liability;
- where we provide services through third parties such as banks and other organisations, we may be required to disclose your information (including any “know your customer” and “source of wealth” information) with such organisations in order to assist their own regulatory obligations or risk assessments;
- third-party service providers, including suppliers who assist us with the provision of Services, including processing orders, fulfilling orders, processing payments, managing credit, security, sector and fraud risk, identity verification, and marketing, market research and survey activities carried out on our behalf;
- affiliates, business partners, joint marketers, suppliers and sub-contractors for the performance of any contract we enter into with them or you;
- advertisers and advertising networks solely to select and serve relevant advertisements to you and others;
- analytics and search engine providers that assist us in the improvement and optimization of our site;
- in the event that we sell or buy any business or assets, in which case we may disclose your personal information to the prospective seller or buyer of such business or assets;
- to assist us in conducting or co-operating in investigations of fraud or other illegal activity where we believe it is reasonable and appropriate to do so;
- to prevent and detect fraud or crime;
- in response to a subpoena, warrant, court order, or as otherwise required by law;
- to assess financial and insurance risks;
- to recover debt or in relation to your insolvency; and
- to develop customer relationships, services and system.
- We make our best efforts to transfer your personal data only to third parties which share our concern for privacy and apply high standards in this respect.
LEGAL BASIS FOR PROCESSING IN EUROPE
- European data protection laws require to have a lawful basis for using your personal data. The lawful basis we use for collecting and processing your information in Europe are as follows:
- Where it is necessary for entering into or performing a contract with you;
- Where we have a legitimate interest to do so, provided your rights do not override those interests;
- Where you have consented to its uses;
- Where our colleagues believe it is in your vital interests to share your personal details;
- Where required to comply with our legal obligations.
SHARING AND STORING YOUR PERSONAL INFORMATION
- The periods for which we store your personal information are determined based on the nature and type of information, our Service and the country in which they are provided as well as any applicable local legal or regulatory provisions. In general, once no longer needed for a legitimate business purpose or reason, your information will be deleted, or we may anonymise or aggregate it with other information to make it non-personal.
- If you use our Services, we will store your Personal information as long as necessary to provide you with our services of your choice and any linked legitimate business purpose. That would generally mean we store your personal information as long as you are our customer (or commence such an application) and for a period of time afterwards. This will also include the use and storing of your personal information when you commence completion of an application for Services, irrespective of whether you complete such application process or are accepted as a customer.
- The storage period may also depend on the legal and regulatory requirements of the country where you are located. We will store personal information as evidence of our dealings with you (including whether there were any or no financial transactions), to manage any queries or disputes, including to defend or initiate any legal claims. For instance, we will retain your information for the time allowed by the local laws to start a legal claim or for as long as we are ordered pursuant to on an order from the courts, or by law enforcement agencies or our regulators; or as otherwise required or permitted by law, e.g., the retention of “know your customer” records under anti-money laundering regulations or similar.
- We may transfer your Personal Information to a third-party service provider for processing and storage. Whenever we engage a third-party service provider, we ensure that the information is properly safeguarded at all times at a comparable level of protection the information would have received if it had not been transferred.
- Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Services you consent to the transfer of information to countries outside of Canada or EEA, which may have different data protection rules. In the event that your Personal Information is transferred outside of Canada or EEA, the government, courts or law enforcement or regulatory agencies of that jurisdiction may be able to obtain disclosure of your Personal Information through the laws of that jurisdiction.
PROFILING AND AUTOMATED DECISION MAKING
- In some instances, our use of your Personal Information may result in automated decisions being taken (including profiling) that legally affect you or similarly significantly affect you.
- Automated decisions mean that a decision concerning you is made automatically on the basis of a computer determination (using software algorithms), without our human review. For instance, we use automated decisions when you apply to certain Services or to carry out anti-fraud checks. We have implemented measures to safeguard the rights and interests of individuals whose Personal Information is subject to automated decision-making. In addition, if you are using our Services in the EEA, when we make an automated decision about you, you have the right to contest the decision, to express your point of view, and to require a human review of the decision. You can exercise this right by contacting us at the details below. Privacy laws continue to develop and if you think or are unsure as to whether such right may apply to you, please also contact us, so we can assess and advise.
HOW DO WE PROTECT YOUR PERSONAL INFORMATION
- Your Personal Information is protected by security safeguards appropriate to the level of sensitivity of the information through (i) physical measures, such as secure areas; (ii) technical measures, such as encryption and secure servers; and (iii) organizational measures, such as due diligence in transferring Personal Information to third-party processors.
- The safety and security of your Personal Information is also dependent upon you. If we have given you (or if you have chosen) a password or access code for access to certain parts of our Website, you are responsible for keeping this password and/or access code confidential. You must not share your password and/or access code with anyone. You must ensure that there is no unauthorised use of your password and access code. We will act upon instructions and information received from any person that enters your user id and password and you understand that you are fully responsible for all use and any actions that may take place during the use of your account, unless otherwise mandated by law. You must promptly notify us of any information you have provided to us which has changed.
- Unfortunately, no data transmission or storage system can be guaranteed to be fully secure. If you have reason to believe that your interaction with us is no longer secure, e.g., if you feel that the security of your account has been compromised, please immediately notify us in accordance with the “Contact Us” section below.
YOUR CHOICES REGARDING OUR USE OF YOUR PERSONAL INFORMATION
- If you no longer want to receive marketing-related emails from us, you may opt-out by following the instructions in any such email. We will try to comply with your request as soon as reasonably practicable. Please note that if you opt-out, we may still send you important administrative messages, from which you cannot opt-out.
- Subject to applicable laws, you may have the right to access information we hold about you. Your right of access can be exercised in accordance with the relevant data protection legislation. If you have any questions in relation to our use of your Personal Information, contact us.
- Under certain conditions, you may have the right to require us to:
- provide you with further details on the use we make of your Personal Information;
- provide you with a copy of the information that you have provided to us;
- correct, or update your Personal Information;
- delete your Personal Information that is no longer necessary, or no longer subject to a legal obligation to which we are subject to. We have legal obligations so it may not be possible to delete your Personal Information at the time of request. Once the required time has passed then we will be able to comply with your request;
- where processing is based on consent, to withdraw your consent so that we stop that particular processing;
- object to its processing or temporarily restrict its processing while exercising your other rights. However, objection to any processing based on the legitimate interests ground may be possible unless our reasons for undertaking that processing outweigh any prejudice to your data protection rights;
- request to transfer certain of your personal information to another service provider;
- to opt-out of certain uses of your Personal Information, including asking us to limit the sharing of your personal information with affiliated and non-affiliated third parties.
- Your exercise of these rights is subject to certain exemptions to safeguard the public interest, e.g., the prevention or detection of crime, and our interests, e.g., the maintenance of legal privilege. If you exercise any of these rights we will check your entitlement and respond in most cases within a month.
COOKIES AND SIMILAR TECHNOLOGIES
THIRD-PARTY SERVICES AND SITES
- Our Services may, from time to time, contain links to and from the websites of our partner networks, advertisers, affiliates, and other third parties. The inclusion of a link on the Services does not imply endorsement of the linked website or service by us. If you follow a link to any of these websites, please note that we are not responsible for the privacy, these websites have their own privacy policies and that we do not accept any responsibility for them. Please check these policies before you submit any personal data to these websites.
USE OF SERVICES BY MINORS
- Services are not directed to individuals under the age of eighteen (18), and we request that they not provide Personal Information through the Services.
- Consistent with this Policy, we will not knowingly collect personal information from anyone under the age of thirteen (18), and no part of our Website or Service is designed to attract anyone under the age of 18. Because we do not intentionally collect any information about individuals under the age of 18, we also do not knowingly distribute such information to third parties. If you have reason to believe that a person under the age of 18 has provided us with information or is otherwise using or seeking to use our Website and/or Service, please contact us and we will immediately delete such information or terminate such service, subject to our compliance with applicable law and regulation.
- All comments, queries and requests relating to our use of your information are welcomed. If you wish to exercise any of your rights or receive further information, you should write to: firstname.lastname@example.org, marked FAO Privacy. Please note that email communications are not always secure, therefore please do not include credit card or other sensitive information in your emails to us.