Crosspay Ltd and Crosspay Technologies Ltd (collectively known as Crosspay) of Suites 1-2, Essex House, Upminster, RM14 2SJ are registered with the UK Information Commissioner’s Office as a Data Controller with registration number ZA145474 and A8430760respectively.
This policy describes how Crosspay collects and uses your personal information and also explains your rights in how we use your personal information. This includes personal information you provide on our website and mobile application.
If you have any questions about this policy or how we protect or use your data, please email us at firstname.lastname@example.org
INFORMATION WE MAY COLLECT ABOUT YOU
We may collect and process the following data about you:
Information you give us:
- You may give us information about you by filling in forms on our Website or Mobile Application or by corresponding with us by phone, e-mail or otherwise. This includes (but is not limited to) information you provide when you register to use our service, carrying out a transaction, participating in promotions or campaigns, and when you report a problem with our Service through either our website or mobile application.
- The information you give us may include your name, date of birth, address, e-mail address and phone number, financial and credit card information, payment reason, personal description, geographic location, photograph, and copies of identification, address proof and other documents.
- We may need additional information and documents for certain type of transactions, such as high volume transactions in order to fulfil our anti-money laundering obligations.
Information we collect about you: With regard to each of your visits to our Website or Mobile Application we may automatically collect the following information:
- details of the transactions you carry out via our Website or Mobile Application, including the geographic location from which the transaction originates;
- technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Website or Mobile Application (including date and time); what you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the.
Information we receive from other sources: We may receive information about you if you use any of the other websites we operate or the other services we provide. We also may receive information from the banks and other financial institutions you are using to transfer money to us. We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.
USES MADE OF THE INFORMATION
Data Protection law requires us to have one or more of the following reasons for using your information:
- “Contract performance” – where the information is needed to provide the payment services we provide.
- “Legal obligation” – where we are required by law to process your information, e.g. to verify your identity.
- “Legitimate interest” – in some cases we’re allowed to use your information where, on balance, the benefits of us doing so are legitimate and not outweighed by your interests or legal rights e.g. for our own management analysis and reporting purposes.
- “Consent” – in some cases we may obtain your consent to use information in a particular way or where the law requires consent to be obtained e.g. if you agree to your information being used to send marketing material
We use the information we collect from you in the following ways:
- to register you with an account and provide you Services as described in our Terms and Conditionsand Terms of Service (Contract Performance);
- to comply with our legal and regulatory obligations such anti-money laundering, counter terrorism laws (Legal Obligation);
- to send you confirmations and service information (Contract Performance);
- to improve our Service and applications and improve your experience (Legitimate Interest);
- to administer our Services and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes (Legitimate Interest);
- If you agree, we will also use your information to send you marketing (Consent).
We will endeavor to keep your information accurate and up to date, and not keep it for longer than is necessary.
DISCLOSURE OF YOUR INFORMATION
- business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you and to help provide and improve our Services; e.g. payment service providers, banks, charities you donate to, to enable them carry out necessary checks and administer your donation
- HMRC, if you agree to us processing a Gift Aid claim for you
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation in order to enforce our Terms and Conditions, Terms of Serviceand other applicable agreements; or to protect our rights, property, or safety, as well as those of our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction
- to prevent and detect fraud or crime and assist us in conducting or co-operating in investigations of fraud or other illegal activity where we believe it is reasonable and appropriate to do so
- in response to lawful requests by public authorities, including to meet national security or law enforcement requirements
- as required by law such as to comply with a court order, subpoena, or similar legal process
- in the event that we are involved in a merger, acquisition, sale of any business or assets, in which case your personal data may be disclosed to the prospective buyer or seller of such business or assets.
WHERE WE STORE YOUR PERSONAL DATA
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your money transfer, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that highest levels of security are maintained to protect your data.
All information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Website, you are responsible for keeping this password confidential.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website; any transmission is at your own risk. Once we have received your information, we use strict procedures and security features to try to prevent unauthorised access.
We restrict access of your personal information to our employees who have a business reason for knowing such information. We continuously educate and train our employees about the importance of confidentiality and privacy of customer information. We have safeguarding procedures that comply with the relevant laws and regulations to protect your personal information from any unauthorised access.
LINKS TO OTHER WEBSITES
Within our website we may have links to third party websites and if you decide to follow those links, Crosspay will not be responsible for the privacy practices or the content of those websites. They will have their own privacy policies, including cookies, and we urge you to review them.
YOUR RIGHTS AND ACCESS TO INFORMATION
Upon request we will provide you with information about whether we hold any of your personal information. You may request to review, delete or update your personal information to ensure it is accurate, by contacting us at email@example.com. We aim to respond to your request within 30 days.
You have the right to ask us not to process your personal data for marketing purposes by contacting us at firstname.lastname@example.org
We will retain your information for as long as your account is active or as needed to provide you services, including a record of your transactions. If you wish to cancel your account or request that we no longer use your information to provide you services, please contact us at email@example.com. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements and will securely delete your information when we no longer have a need to retain it.
If you feel that we have not addressed your questions or concerns adequately, you may make a complaint with the Information Commissioner’s Office in the United Kingdom. You may access their details via https://ico.org.uk/global/contact-us/
POST: CROSSPAY, SUITES 1-2, ESSEX HOUSE, UPMINSTER,
PHONE: +44 (0)203 096 2255
Updated: 25October 2019