Privacy Notice – November 2018
QuickRemit Limited understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of all of our customers and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.
- Who We Are.2
- Information That We Collect 2
- The personal data that we collect:3
- How we collect information about you:4
- How We Use Your Personal Data.4
- Purposes and reasons for processing your personal data are detailed below: – 5
- Your Rights. 6
- Sharing and Disclosing Your Personal Information.6
- Safeguarding Measures 7
- Protecting your Personal Data 7
- Not Providing Your Data 8
- How Long We Keep Your Data 8
- Special Categories Data 8
Who We Are
Controller: means a natural or legal person who (either alone, jointly or together with other persons) determines the purpose(s) “for which” and the manner “in which” any personal data is, or will be processed;
Processor: means a natural or legal person (other than an employee of the controller) who processes personal data on behalf of the controller;
Processing: means any operation or a set of operations which is performed on personal data or on sets of personal data, whether by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Data Subject: An individual about whom information is being processed.
“Personal Data” refers to any information which identifies you as an individual directly or indirectly.
“You” refers to a website visitor who accesses the website to register or effect a transaction and ones either calling or visiting any of company’s branches.
Information That We Collect
QuickRemit processes your personal information to meet our legal, statutory and contractual obligations and to provide you with our products and services. We will never collect any unnecessary personal data from you and do not process your information in any way, other than as specified in this notice.
The personal data that we collect:
The personal data we collect, and process may include, among others:
- • Your name;
- • Your contact information such as Your address and email address and telephone number (or any telephone number used to call our customer services);
- • Your demographic information such as age and gender;
- • Evidence of Your identity (for example passport information);
- • Unique identifiers such as username, account number and password;
- • Your profiles and postings on any other social media applications and services that we provide or that You make available to us;
- • Your payment details or other financial data, e.g.: Your bank or payment method provider’s name, or your account number, sort code and billing address; and;
- • We also collect from you, information in relation to other people (e.g.: details of the recipients of your money transfers), where You provide us with such information. By providing us with such information, you confirm that you have obtained any necessary permissions from such persons to the reasonable use of their information for such purposes in accordance with this notice or are otherwise permitted to give us this information on their behalf. Please also ensure that those other people are aware of this notice and that the provisions of this notice are clearly communicated to them.
- • We also collect your full name and address when you complete a form to contact customer support.
How we collect information about you:
Online registration form.
How We Use Your Personal Data
QuickRemit takes your privacy very seriously and will never disclose, share or sell your data without your consent; unless required to do so by law. We only retain your data for as long as is necessary and for the purpose(s) specified in this notice. We are committed to protect the security and confidentiality of your personal data. We use appropriate technical and organizational measures in such a manner that processing will meet the requirements of the national and European Union laws (GDPR) and ensure the protection of your rights. When you set an account on our website, you would require a username and password to log in. You must keep your username and password secure, and never disclose it to a third party. Where you have consented to us providing you with promotional offers and marketing, you are free to withdraw this consent at any time. The General Data Protection Regulation (GDPR) requires that specific data protection principles be followed in the handling of personal data. These principles require that personal data must:
- • be accurate;
- • be secure;
- • not be kept longer than is necessary;
- • be adequate, relevant and not excessive;
- • be fair, lawfully and transparently processed;
- • be treated with individuals’ rights;
- • be processed for limited purposes and not in any manner incompatible with those purposes;
- • and not be transferred to countries without adequate protection.
If you would like to execute one of your rights please contact QuickRemit. We have one month to respond to your request. Please bear in mind that, as a financial institution and in order to comply with AML/CTF regulatory requirements QuickRemit is obligated to retain your personal data, as well as all your transaction details and any other additional documents, for required period of time. This is for the purpose of preventing, detecting and investigating possible money laundering and terrorist financing. Those requirements overrule the GDPR requirements. We have a right to decline a data subject request to execute its right of access or charge a reasonable fee for fulfilling such request if it is excessive or manifestly unfounded. If you think that your GDPR right has been compromised, you have the right to lodge a complaint to the authority – the Information Commissioner’s Office in the United Kingdom – for further details please visit: https://ico.org.uk/global/contact-us/. You might also contact any national data protection supervisory authority within EU or EFTA countries if you are based outside United Kingdom –http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.
It is important for us, the data we collect and hold on our users are accurate and up to date. Therefore, we have set up processes and tools to help our users maintain their personal details. You can update your details directly through our website (after log on) or you can contact us by phone or email (see Contact page on our website). The purposes and reasons for processing your personal data are detailed below: –
- • Personal identification information: We collect your personal data in form of name, address, email, and mobile number to register you online so that you can make transfers.
- • Bank card details: This information is required to complete the transaction and ensure the electronic transfer of funds to your beneficiaries.
- • We will occasionally send you marketing information where we have assessed that it is beneficial to you as a customer and in our interests. Such information will be non-intrusive and is processed on the grounds of you giving us consent and legitimate interests.
- • to register You with a QuickRemit account;
- • to fulfil Your Transaction Request;
- • to send You confirmations;
- • to notify You about changes to our services;
- • to prevent fraud;
- • to ensure that content from our site is presented in the most effective manner for You and for Your computer;
- • to send You marketing communications, provided that You have given us Your contact details in the course of a sale (or of negotiations for a sale) of our products or services and that you do not decide to opt out from this type of communications, in accordance with Data Protection Legislation (including the European Directive 2002/58/EC and The Privacy and Electronic Communications (EC Directive) Regulations 2003).
- • to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- • as part of our efforts to keep our site and our services safe and secure;
- • to measure or understand the effectiveness of advertising we serve to You and others, and to deliver relevant advertising to You;
- • to make suggestions and recommendations to You and other users of our site about services that may interest You or them; and
You have the right to access any personal information that QuickRemit processes about you and to request information about: –
- • What personal data we hold about you
- • The purposes of the processing
- • The categories of personal data concerned
- • The recipients to whom the personal data has/will be disclosed
- • How long we intend to store your personal data for
- • If we did not collect the data directly from you, information about the source
- • If you believe that we hold any incomplete or inaccurate data about you, you have the right to ask us to correct and/or complete the information and we will strive to do so as quickly as possible; unless there is a valid reason for not doing so, at which point you will be notified.
You also have the right to request erasure of your personal data or to restrict processing in accordance with the General Data Protection Regulations (GDPR); as well as to object to any direct marketing from us. Where applicable, you have the right to data portability which means that when You request to have information we hold about you in a format that is machine readable and transferable.
And you also have the right to be informed about any automated decision-making we may use.
You have the right to opt out of having your information used for contacting you about our activities. You can opt out of receiving information from us at any time by simply withdrawing consent by changing the communication choices, unsubscribing from our communications or contacting us.
If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the request; this is to ensure that your data is protected and kept secure.
Sharing and Disclosing Your Personal Information
We do not share or disclose any of your personal information without your consent, other than for the purposes specified in this notice or where there is a legal requirement.
We may work with a network of Partners running local branches and money transfers agents and we share information with them to complete the transactions. We may disclose information to companies, which help us run or improve the running of our business or which help us deliver products and services to you and to banks, credit card companies, credit reference agencies and to organizations in order to comply with legal, regulatory, security and processing requirements, government and foreign government requirements, applicable to us or our Partners or service providers, including but not limited to anti-money laundering laws.
The information shared is only for purposes of effecting, administering and completing your remittance transactions and your information are not shared with any other parties or for any other reasons.
QuickRemit takes your privacy seriously and takes every reasonable measure and precaution to protect and secure your personal data. We work hard to protect you and your information from unauthorized access, alteration, disclosure or destruction and have several layers of security measures in place, including robust security measures such as SSL and strong encryption on our database servers, access, IT authentication, firewalls, anti-virus/malware etc.
Data that You submit via our site or Mobile App is sent to and stored on secure servers owned by or operated for us within the European Union and EEA. Data may be transferred to, or stored at, a destination outside the European Economic Area (“EEA“) and may also be processed by staff operating outside the EEA who work for us, or for one of our service providers, related companies, agents or contractors. Such transfers may be made in order to operate the service, improve our site, Mobile App or services, or to assist in our security or fraud protection activities.
Where recipients are outside the EEA, we ensure that they provide an adequate level of protection for Your personal data or that the transfer is otherwise permitted under applicable Data Protection Legislation, by methods including using standard contractual clauses, binding corporate rules, registration for the Privacy Shield program, or by relying on a relevant adequacy decision by the European Commission or on other legal grounds or conditions, always in accordance with applicable Data Protection Legislation. Where we feel it is necessary or appropriate we may seek to rely on Your consent as the legal basis for transferring Your personal data to outside the EEA, however we do not generally do so. Where we do, You may withdraw Your consent at any time.
Protecting your Personal Data
We ensure that there are appropriate technical, physical, electronic, and administrative safeguards in place that comply with applicable government laws and regulations to protect Your personal details from unauthorised access. When You may enter certain information such as a credit card number on our order forms, we encrypt the transmission of that information using reasonable security measures. We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it.
Unfortunately, the transmission of information via the internet (including by email) is not completely secure. Although we will do our best to protect Your personal data, we cannot guarantee the security of Your data transmitted to our site; any transmission is at Your own risk. Once we have received Your information, we will use strict procedures and security features to try to prevent unauthorised access. We also endeavour to restrict Information access to our employees, agents and representatives that need to know it.
Not Providing Your Data
You are not obligated to provide your personal information to QuickRemit; however, as this information is required to complete the transactions and serve you efficiently, we would not be able to offer you services without the required information.
As noted in the ‘How We Use Your Personal Data’ section of this notice, we occasionally process your personal information under the legitimate interests’ legal basis. Where this is the case, we have carried out a thorough Legitimate Interests’ Assessment (LIA) to ensure that we have weighed your interests and any risk posed to you against our own interests; ensuring that they are proportionate and appropriate.
As a money transfer / remittance business; QuickRemit applies the principle of the legitimate interests as a basis for processing and sharing your personal data with our associate companies / branches and have identified that our interests as a business are achieved and this includes processing the personal data you submit in form of Name, address, email and mobile phone.
Where significant amounts of money are processed, we might also require further information and it might be like identity documents for example Passport, Driving license and a further proof of address. Based on legitimate interest grounds above, we further share your data as an applicant which we might also have to share this information during audits by third parties.
How Long We Keep Your Data
QuickRemit only retains your personal information for as long as is necessary and we have strict review and retention policies in place to meet these obligations. We are required under UK tax law to keep your basic personal data (name, address, contact details) for a minimum of 6 years after which time, it will be destroyed. As a policy, we retain records of personal data that we collect for a period of 7 years.
Where you have consented to us using your details for direct marketing, we will keep such data until you notify us otherwise and/or withdraw your consent.
Special Categories Data
Special categories of Data as defined under GDPR include Ethnic background, political opinions, religious and ideological beliefs, trade union membership; biometric and health data. QuickRemit does not collect such information, we only collect the minimum amount of Data for the purposes of serving our customers.
Changes to This Policy