Powercash21 Ltd understands how important your personal data is and we are committed to protecting and respecting your privacy.
This Privacy Statement:
In this privacy statement, your data is sometimes called "personal data" or "personal information". We may also sometimes collectively refer to handling, collecting, protecting and storing your personal data or any such action as "processing" such personal data.
For the purposes of this statement, personal data shall mean any information relating to you which identifies or may identify you and which includes, for example, your name, address, identification number.
1. Who we are
Powercash21 is a regulated Payments Institution specializing in Acquiring, Issuing and Mobile Payments with a license granted by the Central Bank of Cyprus. (Company No: HE289380; License No: 220.127.116.11/2018)
If you have any questions, or want more details about how we use your personal information, you can contact us at: Data Protection, Quality Towers A, 4th Floor, Piliou 11-13, Larnaca 6037, Larnaca, Cyprus, email: email@example.com.
2. What personal data we process and where we collect it from
We collect and process different types of personal data which we receive from our customers (potential and current) in person or via their representative or via our alternative channels of communication such as Powercash21 website, in the context of our business relationship.
We may also collect and process personal data from publicly available sources (e.g. the Department of Registrar of Companies, the Bankruptcy Archive, commercial registers, the press, media and the Internet) which we lawfully obtain and we are permitted to process.
We also collect data when you sign up for our newsletter using your name and e-mail address via the sign-up form on our website, or when you complete any other forms on our website to receive more information. When you fill out the newsletter form, you indicate your consent to receive our newsletter. You can at any time unsubscribe from receiving this newsletter by following the instructions provided in any of the newsletters.
We also collect your data when you complete the pre-application form, as an indication of interest for any of our products and services or to become one of our merchants. We collect the data you submit on the form, including your including your contact information, address and, order details, corporate information, tax information and payment details. This information is used for pre-approval purposes, and once approved for the establishment of a contract with you.
When you browse our website, we process your IP address, Google Analytics ID, internet browser and device type, location data and your use of our website, including which pages you visited, how you got to our website, the time and length of your visit and your language preferences. We use this data for our legitimate interests of making sure our website works properly.
If you are a prospective customer, or an authorised representative/agent or beneficial owner of a legal entity or of a natural person which/who is a prospective customer, the relevant personal data which we collect may include:
Name, business and/or home address, contact details (telephone, email), identification data, EU basic payment account identification, birth date, place of birth (city and country), if you hold/held a prominent public function (for PEPs), FATCA, authentication data [e.g. signature], nationality.
When we agree to provide services to you or the legal entity you represent or beneficially own, then additional personal data will be collected and processed which may include:
In the context of providing card acquiring and other services
Other payment service/banking relationship details, tax ID, credit reference agency data [e.g., Experian], residence, own and/or third-party security [e.g. a bank guarantee], employment position [e.g. as per corporate certificates of directors/shareholders], cash flows and balance sheets and business management information.
3. Whether you have an obligation to provide us with your personal data
In order that we may be in a position to proceed with a business relationship with you, you must provide your personal data to us which are necessary for the required commencement and execution of a business relationship and the performance of our contractual obligations. We are furthermore obligated to collect such personal data given the provisions of the money laundering law which require that we verify your identity before we enter into a contract or a business relationship with you or the legal entity for which you are the authorized representative / agent or beneficial owner. You must, therefore, provide us at least with your identity card/passport, your full name, place of birth (city and country), and your residential address so that we may comply with our statutory obligation as mentioned above.
Kindly note that if you do not provide us with the required data, then we will not be allowed to commence or continue our business relationship either to you as an individual or as the authorized representative/agent or beneficial owner of a legal entity.
4. Why we process your personal data and on what legal basis
As mentioned earlier we are committed to protecting your privacy and handling your data in an open and transparent manner and as such we process your personal data in accordance with the GDPR and the local data protection law for one or more of the following reasons:
A. For the performance of a contract
Powercash21 processes personal data in order to perform banking transactions and offer payment services based on contracts with our customer but also to be able to complete our acceptance procedure so as to enter into a contract with prospective customers.
The purpose of processing personal data depends on the requirements for each service and the contract terms and conditions provide more details of the relevant purposes.
B. For compliance with a legal obligation
There are a number of legal obligations emanating from the relevant laws to which we are subject as well as statutory requirements, e.g. the Provision and Use of Payment Services and Access to Payment Systems Law of 2018. There are also various supervisory authorities whose laws and regulations we are subject to e.g. the European Central Bank, the European Banking Supervisory Authority, the Cyprus Central Bank, the Cyprus and Securities Exchange Commission. Such obligations and requirements impose on us necessary personal data processing activities for credit checks, identity verification, compliance with court orders, tax law or other reporting obligations and anti-money laundering controls.
C. For the purposes of safeguarding legitimate interests
We process personal data so as to safeguard the legitimate interests pursued by us or by a third party. A legitimate interest is when we have a business or commercial reason to use your information. But even then, it must not unfairly go against what is right and best for you. Examples of such processing activities include:
D. You have provided your consent
Provided that you have given us your specific consent for processing (other than for the reasons set out hereinabove) then the lawfulness of such processing is based on that consent. You have the right to revoke consent at any time. However, any processing of personal data prior to the receipt of your revocation will not be affected.
5. Who receives your personal data
In the course of the performance of our contractual and statutory obligations your personal data may be provided to various service providers and suppliers so that we may perform our contracted service obligations. Such service providers and suppliers enter into contractual agreements with PC21 by which they observe confidentiality and data protection according to the data protection law and GDPR.
It must be noted that we may disclose data about you for any of the reasons set out hereinabove, or if we are legally required to do so, or if we are authorized under our contractual and statutory obligations or if you have given your consent. All data processors appointed by us to process personal data on our behalf are bound by contract to comply with the GDPR provisions.
Under the circumstances referred to above, recipients of personal data may be, for example:
6. Transfer of your personal data to a third country or to an international organisation
Your personal data may be transferred to third countries [i.e. countries outside of the European Economic Area] in such cases as e.g. to execute your payment or if this data transfer is required by law or you have given us your consent to do so. Processors in third countries are obligated to comply with the European data protection standards and to provide appropriate safeguards in relation to the transfer of your data in accordance with GDPR.
7. How we treat your personal data for marketing activities and whether profiling is used for such activities
We may process your personal data to tell you about our services and offers that may be of interest to your business.
The personal data that we process for this purpose consists of information you provide to us and data we collect and/or infer when you use our services, such as information on your transactions. We study all such information to form a view on what we think you may need or what may interest you. In some cases, profiling is used, i.e. we process your data automatically with the aim of evaluating certain personal aspects in order to provide you with targeted marketing information on products.
We can only use your personal data to promote our products and services to you if we have your explicit consent to do so or, in certain cases, if we consider that it is in our legitimate interest to do so.
You have the right to object at any time to the processing of your personal data for marketing purposes, by contacting at any time (as per contact details provided on this document)
8. How long we keep your personal information for
We will keep your personal data for as long as we have a business relationship with you [as an individual or in respect of our dealings with a legal entity you are authorized to represent or are a beneficial owner].
Once our business relationship with you has ended, we may keep your data for up to ten years in accordance with the directive of the Data Protection Commissioner ( http://www.dataprotection.gov.cy).
We may keep your data for longer than 5 years if we cannot delete it for legal, regulatory or technical reasons.
For prospective customer personal data [or authorized representatives/agents or beneficial owners of a legal entity prospective customer] we shall keep your personal data for 6 months from the date of notification of the rejection of your application for payment services and/or facilities or from the date of withdrawal of such application, as per Data Protection Commissioner directive (http://www.dataprotection.gov.cy).
9. Your data protection rights
You have the following rights in terms of your personal data we hold about you:
To exercise any of your rights, or if you have any other questions about our use of your personal data, please contact us in writing to: Data Protection, Officer Quality Towers A, 4th Floor, Piliou 11-13, Larnaca 6037, Larnaca, Cyprus, or email: firstname.lastname@example.org
10. Changes to this privacy statement
We may modify or amend this privacy statement from time to time.
We will notify you appropriately when we make changes to this privacy statement and we will amend the revision date at the top of this page. We do however encourage you to review this statement periodically so as to be always informed about how we are processing and protecting your personal information.
We may use third-party Service Providers to monitor and analyze the use of our Service.
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en