MifinityUK Limited Privacy Notice
MifinityUK Limited Privacy Notice
- Introduction
1.1 Mifinity is a regulated and licensed online payments company. This notice applies to the companies that are part of the MiFinity Group, the list of MiFinity companies that collect or process persona linformation according to this notice are MiFinity UK Limited, MiFinity MaltaLimited, MiFinity Payments Limited (Ireland), MiFinity Canada Limited,Concentric Data Services Limited (Ireland) and Concentric Data Services Limited(Malta). The reference to MiFinity (including “we”, “us” or “our”) includes theabove companies and all relevant group affiliates.
1.2 This policy applies to information we collectabout: a) visitors to our website; and b) people who do business with us orregister for our service.
1.3 1.3 Pleaseread this Privacy Notice carefully to understand our views and practicesregarding your personal data, how we use it and how we will treat it. If you donot agree with this Privacy Notice, please do not use our services.
2. Our contact details are:
Address: 28 School Road, Newtownbreda, Belfast, BT8 6BT
Email: sales@mifinity.com
Data Protection Representative:
Name: Paul Kavanagh
Email: gdpr@mifinity.com
3. What type of information we may hold about you:
3.1 When you do business with us orregister for our service we may collect the following personal information fromyou: a) your full name, residential address, email address, residence,nationality, IP address, mobile number, date of birth and bank or payment carddetails and any proof of your identity and/or address that we may request suchas passports, drivers licenses and documentation used to verify your address,Politically Exposed Status; b) details of any transactions you carry out throughour website and/or mobile application of the fulfilment of your requests; c)details of any bank account (including, but not limited to: account holder,account name, account number, sort code, online banking PIN, TransactionAuthentication Number “TAN” and password, available balance and transactionhistory of your bank account,); d) details of any credit, debit or other cardused by you for transactions; e) your participation in any promotion sponsoredby us; f) correspondence that you send us; g) calls that we make to you or youmake to us; h) surveys that you complete; i) information collected throughcookies – please see our cookies policy for more details; and j) your IPaddress, log-in times, operating system and browser type.
4 Information aboutother individuals
4.1 If you appoint a representativeto act on your behalf, we would require from the representative:
a) Proof that you have given yourrepresentative authority to exercise your data protection rights, or make acomplaint for you (such as a letter giving them your authority); and
b) proof of identity of therepresentative.
Your confirmation that theRepresentative appointed can:
4.1.1 receive on your behalf any dataprotection notices; and
4.1.2. give consent to the transferof your personal data abroad.
5. How we will use theinformation about you and why:
Lawful basis code:
https://ico.org.uk/for-organisations/gdpr-resources/lawful-basis-interactive-guidance-tool/
Using your personal date: Basis of Processing PersonalDate
We’ll process your personal date:
5.1 Asnecessary to perform your contract with you for the relevantaccount, policy or service:
a) To take steps at your request prior to entering into it;
b) To decide whether to enter into it;
c) to operate and administer your account and toprovide the services that you have requested;
d) To update our records;
e) to carry out your instructions to make andreceive payments and undertake transactions using our services, includingverifying that you have sufficient funds in your nominated bank account to makesuch payments;
f) to allow you to participate in the interactive features ofour website;
g) to notify you about changes to our service(s)/thiswebsite;
5.2 As necessary for our own legitimate interests orthose of other persons and organisations, e.g.:
a) For good governance, accounting, and managing and auditing ourbusiness operations;
b) For financial and identity checks, fraudprevention and detection checks and anti-money laundering;
c) To monitor emails, calls, other communications, and activities on youraccount and;
d) For market research, analysis and developing statistics;
e) to improve our internal customer training
5.3 As necessary to comply with a legal obligation,e.g.:
a) When you exercise your rights under data protection law and makerequests;
b) For compliance with legal and regulatory requirements and relateddisclosures;
c) For establishment and defence of legal rights;
d) For activities relating to the prevention, detection and investigation ofcrime;
e) To verify your identity, fraud prevention and anti-money laundering checks;and
f) To monitor emails, calls, other communications, and activities on youraccount.
5.4 Based on yourconsent, e.g.:
a) When you request us to disclose your personal data to other people ororganisations on your behalf, or otherwise agree to disclosures;
b) To send you marketing communications where we’ve asked for your consent todo so.
You're free at any time to change your mind and withdraw your consent.The consequence might be that you can’t do certain things for you.
6. Marketing
6.1 We may wish toprovide you with information about our products and services which we think maybe of interest to you. Before sending any marketing material, we will informyou about the purposes of processing and will also collect specific consent (whereapplicable) from you. We will also provide you with an option to withdraw suchconsent provided at any point in time. You may reach out to our data protectionofficer in case of any matters relating to privacy of your personal data.
7. Cookies and otherinformation-gathering technologies
7.1 Our website uses third partycookies. Cookies are text files placed on your computer to collect standardInternet log information and visitor behaviour information. These cookies allowus to distinguish you from other users of the website which helps us to provideyou with a good experience when you browse our website and allows us to improveour site.
8. How we protect your information
8.1 We have put in place thefollowing security procedures and technical and organisational measures tosafeguard your personal information: a) access to your account is controlled bya password unique to you; b) we store your personal data on secure servers; andc) we automatically encrypt your confidential information in transit from yourcomputer to ours.
8.2 We have implemented measuresdesigned to secure your personal information from accidental loss and fromunauthorised access, use, alteration and disclosure. The safety and security ofyour information is also dependent upon you. If we have given you (or if youhave chosen) a password or access code for access to certain parts of ourwebsite/portal or mobile applications and similar, you are responsible forkeeping this password and/or access code confidential. You must not share yourpassword and/or access code with anyone. You must ensure that there is nounauthorised use of your password and access code. MiFinity will act uponinstructions and information received from any person that enters your user ID andpassword and you understand that you are fully responsible for all use and anyactions that may take place during the use of your account.
8.3 You must promptly notify MiFinityof any information you have provided to us which has changed.
8.4 The transmission of informationvia the internet is not completely secure. Although we will do our best toprotect your personal information, we cannot guarantee the security of yourinformation transmitted to our site, unless you are communicating with usthrough a secure channel that we have provided. Once we have received yourinformation, we will use strict procedures and security features to try toprevent unauthorised access.
8.5 If you are concerned that any ofyour login details have been compromised, you can change them at any time onceyou are logged on, but you should always also immediately contact MiFinityClient Services. and tell us why you think your login details have beencompromised.
9. Retention of information
9.1 The periods for which we retain yourpersonal information are determined based on the nature and type ofinformation, the MiFinity Service and the country in which they are provided aswell as any applicable local legal or regulatory requirements.
9.2 If you use the MiFinity Services,we will retain your personal information as long as necessary to provide youwith the services of your choice and any linked legitimate business purpose.That would generally mean we retain your personal information for as long asyou are our customer and for a period of time afterwards.
9.3 When our relationship with youends, we still need to retain certain elements of your personal information fora time no greater than 5 years.
9.4 We can also continue marketingand sending you direct marketing, subject to local laws and where you have notobjected to such marketing.
10. Disclosure of Information
10.1 We may disclose your personalinformation to our associated companies, which means our subsidiaries and anysubsidiaries of our shareholder(s) and/or any companies which provideoutsourced services to us, who are based in different countries within the EEAand the rest of the World.
10.2 Disclosure of your personalinformation may be necessary in order to – among other things – fulfil yourrequest, process your payment details, provide support services and monitorfraudulent activities.
10.3 When sending money to a personwho you wish to pay, we will pass on certain details to the recipient.Depending on the requirements of that other person and the type of paymentinvolved, we may send other personal details such as your name, address andcountry of residence if the recipients request this information from us inorder to improve the payment process, to reconcile payments with the commercialtransaction or to conduct their own anti-fraud and anti-money launderingchecks.
10.4 When you open an Account, atintervals of up to every 3 months and at any other time we feel it is necessaryto do so to protect our financial interests and prevent money-laundering orfraud, we share certain information about you and your account with MiFinity,which may include financial history and transactions as part of our normalbusiness operations with our banks, payment facilitator partners, credit/debitcard processing services, identity verification service providers and creditreference agencies in order to limit our exposure to fraud and other criminalactivities and to manage our financial risk. When conducting identification orfraud prevention checks, the relevant parties may retain a record of our queryalong with your information and may share this information with other fraudprevention agencies.
10.5 We will share your personalinformation with third parties only in the ways that are described in thisPrivacy Notice. We do not sell your personal information to third parties. Wemay also disclose your personal information to:
a) a prospective buyer of ourbusiness or a buyer of a substantial number of the shares in our business, ifMiFinity is involved in a merger, acquisition, or sale of all or a portion ofits assets, you will be notified via email and/or a prominent notice on ourwebsite of any change in ownership or uses of your personal data, as well asany choices you may have regarding your personal data; b) the police, theFinancial Conduct Authority, the National Crime Agency and any other lawfulenforcement body, regulatory body or court if we are under a duty or requiredby law to disclose or share your personal data , or to protect the rights,property, or safety of ourselves or our group companies, our customers, orothers; and c) third parties we may occasionally use to provide you with theservices that you have requested. These third parties will not use yourpersonal information for any other purpose other than for what it was intendedfor.
11. Overseas transfers
11.1 The information you provide maybe transferred to countries outside the European Economic Area (EEA) that donot have similar protections in place regarding your data and restrictions onits use as set out in this policy. However, we will take steps to ensureadequate protections are in place to ensure the security of your information.
12. Your Rights
12.1 Access to your personal data –You have the right to request a copy of the information that we hold about you.If you would like a copy of some or all of your personal information, pleasesend an email to gdpr@mifinity.com or send a letter to 28 School Road,Newtownbreda, Belfast, Co Antrim, Northern Ireland BT8 6BT.
12.2 Correction of personal data – Wewant to ensure that your personal information is accurate and up to date. Ifany of the information that you have provided to MiFinity changes, for exampleif you change your email address or name, please let us know the correct detailsby sending an email to gdpr@mifinity.com. You may ask us to correct and/orremove information you think is inaccurate.
12.3 Right to withdraw consent –Where we have relied upon your consent to process your personal data, you havethe right to withdraw that consent. It is important to know that by withdrawingyour consent MiFinity may have to end the relationship because we rely on yourdata so that we can provide you with a service.
12.4 Right of erasure (also known as‘right to be forgotten’) – You can request either verbally via our ClientServices or in writing to gdpr@mifinity.com for us to erase your personal datawhere there is no compelling reason, such as our own Anti-Money Launderingrequirements, to continue processing. This right only applies in certaincircumstances; it is not absolute right.
12.5 Right to data portability – Thisright allows you to obtain your personal data that you have provided to us withyour consent or which was necessary for us to provide you with our products andservices in a format which enables you to transfer that personal data toanother organisation. You may have the right to have your personal datatransferred by us directly to the other organisation, if this is technicallyfeasible.
12.6 Right to restrict processing ofpersonal data – You have the right in certain circumstances to request that wesuspend our processing of your personal data. Where we suspend our processingof your personal data, we will still be permitted to store it, but any otherprocessing of this information will require your consent, subject to certainexemptions.
12.7 Right to object to processing ofpersonal data – You have the right to object to our use of your personal datawhich is processed on the basis of our legitimate interests. However, we maycontinue to process your personal data, despite your objection, where there arecompelling legitimate grounds to do so or we need to process your personal datain connection with any legal claims.
13. Monitoring
13.1 We may monitor and record communicationswith you (such as telephone conversations and emails) for the purpose ofquality assurance, training, fraud prevention and compliance.
14. Communicating with you
14.1 We may contact you by email tothe primary email address registered on your account with MiFinity or bytelephone to the contact number(s) you have provided when registering for youraccount with MiFinity. You can change your primary email address and/or contactnumber at any time.
14.2 You may also receivesystem-generated transactional emails such as confirmation of uploads,notification of receipt of payments, notification of password changes, etc.which are necessary for the proper operation and administration of youraccount.
14.3 Phishing is the name given toattempts to steal personal details and financial account details from a websiteuser. “Phishers” use fake or “spoof” emails to lead users to counterfeitwebsites where the user is tricked into entering their personal details, suchas credit card numbers, user names and passwords. WE WILL NEVER SEND EMAILSASKING YOU FOR SUCH DETAILS AND OUR STAFF WILL NEVER ASK YOU FOR YOUR PASSWORD.If you do receive such an email or are asked for your password by anyoneclaiming to work for us, please forward the email or report the incident to ourData Protection Officer at phishing@mifinity.com or by contacting MiFinityClient Services.
15. Your consent
15.1 By submitting your personalinformation you consent to the use of that information as set out in thispolicy.
16. Changes to Privacy policy
16.1 We keep our Privacy Notice underregular review. If we change our Privacy Notice, we will post the changes onthis page, and place notices on other pages of the website, so that you may beaware of the information we collect and how we use it at all times. We reservethe right to make changes to our Privacy Notice at any time, without notice,where such change is required by applicable legislation.
17. Links to other websites
17.1 Our website contains links toother websites. This Privacy Notice applies to this website and our mobileapplications, so when you access links to other websites you should read theirown privacy policies.
18. Filing a Compliant
18.1 If you are not satisfied withhow we manage your personal data, you have a right to make a complaint. Pleaseemail your complaint to the Data Protection Officer at gdpr@mifinity.com, ifyou feel that your complaint has not been dealt with to your satisfaction youcan contact the Information Commissioners Office (ICO) or depending on your locationthen your local Data Protection Authority.
