Privacy Policy
Last update July 29, 2019
Privacy Policy of Acct.com / Unified Finance
This Privacy Policy describes the rules according to which Unified Finance Ltd (further Unified Finance, we, us our our) uses and protects any data you provide to us when using this website and the services available through it.
Definitions
Acct.com Platform (further also acct.com, Acct or the Platform): a trading name and pending trademark of Unified Finance Ltd, registered under No. 10805527 with Companies House; address: Suite 6, Lansdowne Business Centre, Bumpers Way, Chippenham, England, SN14 6RZ
Person (further you or your): any person using the Platform and/or any person using any services offered by Unified Finance, including user
User: a person or an entity, who uses the Services, agreed to the General Terms and Conditions and is a holder of a Payment Account
Payment Account: payment account held with Unified Finance accessible at the Platform
Website: https://acct.com
Card: payment card issued by Unified Finance and/or CashFlows Europe Ltd.
Payment Account Terms: regulated under General Terms and Conditions available on our website
Policy: this Privacy Policy
GDPR: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
The principles of processing personal data
Our principles while processing your personal data:
- We process your personal data only in accordance with this Policy and applicable laws;
- We collect and process personal data only for the purposes stipulated in this Policy;
-
We make sure that the personal data which we collect and process is:
- adequate, relevant and limited to what is necessary for the purposes stipulated in this Policy;
- accurate and up to date and
- stored only for such period as is necessary for the purposes stipulated in this Policy.
We apply appropriate technological and organizational measures to ensure the availability, authenticity, integrity and confidentiality of personal data.
The personal data we collect
The personal data, which Unified Finance collects and processes includes the following:
Personal Details – your personal details, including:
- full name;
- date of birth;
- personal identification code;
- citizenship;
- residency;
- residential address;
- e-mail address;
- mobile phone number;
- occupation, photo or video of person, which is provided to Unified Finance for the purpose of identifying the person.
Identification Document Data – data retrieved from your ID which you have provided to us, including the document number, issue date, expiry date and issuing entity and a photo of your ID.
Due Diligence Data – data which we collect for the purpose of conducting customer due diligence under applicable anti-money laundering laws from you and appropriate databases, including information about:
- whether you have been affiliated with money laundering or terrorist financing;
- whether you have been prosecuted for a crime;
- whether you have been subject to any international financial sanctions;
- whether you have held a public office or
- whether you are/ have been a close relative or associate of someone who has held public office.
Transaction Data – details of any transfers made to and from your Payment Account, including the name and account number of the payer and the payee, the date, time, currency, amount and explanation of the transaction.
Card Data – your card data, including:
- your card number;
- the name;
- the expiry date;
Device Data – information regarding the device on which you are using the Platform, including the device’s model, name or any other identifier and the IP address of the network from which you are using the Platform.
Preference Data – your preferences on the Platform (language preferences, transaction limits, etc).
Contact Data – the contacts list on your device.
Client Support Data – communication between you and Unified Finance’s client support (e- mails and calls).
Usage Data – data about your interaction with the Platform (e.g. information about which features of the Platform you use, which features you don’t use, etc).
Other Data – other data not listed in this section above, which is generated as a result of using the Platform (e.g. gif-images added to payments, comments added to claims, etc).
Grounds for collecting and processing personal data
Unified Finance collects and processes personal data for the following purposes:
Compliance purposes (GDPR art 6 ( 1 ) ( a )) – to perform an obligation under applicable laws, including the obligation to:
- avoid money laundering, terrorist financing and fraud;
- ensure the fulfilment of international financial sanctions;
- ensure the security of our payment services;
-
comply with the lawful inquiries and orders of:
- public authorities, including foreign public authorities with whom Unified Finance is obliged to cooperate under applicable laws;
- other financial institutions with whom Unified Finance is obliged to cooperate under applicable laws.
Contractual purposes (GDPR art 6 ( 1 ) ( b )) – to perform or enter into a contract between you and us.
Fraud monitoring purposes (GDPR art 6 ( 1 ) ( f )) – to monitor and decrease payment fraud
Analytical purposes (GDPR art 6 ( 1 ) ( f )) – to gain a better understanding of the preferences of our users and how do they interact with the Platform.
Note that upon processing personal data for Analytical Purposes, the data is part of a large mass of data. Unified Finance does not analyse your individual preferences or interaction with the Platform.
Marketing Purposes (GDPR art 6 ( 1 ) ( a )) – to send marketing e-mails of our products and services.
We do not process personal data for profiling or other automated decision making.
Purpose of using personal data
Unified Finance processes the following data for the following purposes:
Purpose | ||||||
Compliance | Contractual | Fraud Monitoring | Analytical | Marketing (upon Person prior consent) |
Additional Features | |
Personal Details | + | + | + | + | + | |
Identification Document Data | + | |||||
Device Data | + | + | + | |||
Transaction Data | + | + | + | + | ||
Preference Data | + | + | ||||
Card Data | + | |||||
Contact Data | + | |||||
Due Diligence Data | + | |||||
Client Support Data | + | + | ||||
Usage Data | + | |||||
Other Data | + |
Your consent on operations for data processing
We need your consent for processing personal data for the following purposes:
- Marketing purposes
- Additional Features
- We do not process personal data for the purposes stipulated in this section unless you have granted us your prior consent
- If we would want to process personal data for any new purpose, which requires your consent, then we will not process personal data for such new purpose, before we have received your consent for such processing.
Consent on withdrawal for processing personal data
The consent for the processing of personal data can be withdrawn at any time
Data collected for marketing purposes:
- Send an email to dataprotection@unifiedfinance.com to delete personal data for marketing purposes.
The withdrawal of your consent does not affect the legality of processing personal data prior to the withdrawal.
Legislative responsibility to distribute the personal data to Unified Finance
There is no statutory obligation for you to provide Unified Finance your personal data. However, there are statutory obligations for us to collect personal data.
In order for us to provide you our services, we need to collect and process personal data. In case we are not able to collect or process personal data, we are not able to provide you our services.
Other sources for collecting personal data
Unified Finance collects Due Diligence Data not only from you personally. Other sources include:
- databases of people affiliated with money laundering or financing terrorism;
- databases of people, who have been accused of a crime;
- databases of people subject to international financial sanctions;
- databases of people who have held a public office, etc.
Some of these databases are publicly available and some of them are not. In addition, we use other public databases (e.g. adverse media screening) for collecting Due Diligence Data.
Terms for storing and keeping of personal data
Unified Finance stores personal data for the following periods:
Transaction Data – 10 years after Payment Account is closed. We are obliged to store this data for such period under accounting and taxation laws.
Personal Details, Identification Document Data, Due Diligence Data, Card Data – 5 years after termination of the business relationship with Unified Finance. We are obliged to store this data for such period under relevant Money Laundering and Terrorist Financing Prevention Laws.
Device Data, Preference Data, Contact Data – until the closure of Payment Account (for Payment Account and the Platform to function).
Client Support Data, Usage Data – 3 years as of its creation, except for e-mails and chat logs, which are stored at least until the closure of Payment Account. We store this data for such period as within this period the data is still relevant for Analytical Purposes. E-mails and chat logs are necessary for providing client support until such time when you are no longer a client of Unified Finance.
After the periods stipulated in this section above Unified Finance will delete personal data
Unified Finance stores personal data on servers/cloud located within the European Economic Area.
Your rights in connection with personal data
In connection with the processing of personal data, you have the following rights:
Right to information – you have the right to receive the information provided in this Policy. The valid version of this Policy will be available on our website at any given time.
Right to access – you have the right to ask Unified Finance to provide you with a copy of your personal data which Unified Finance processes.
Right to Rectification – you have the right to ask Unified Finance to rectify your personal data in case the data is incorrect or incomplete.
Right to erasure – you have the right to ask Unified Finance to erase your personal data, unless Unified Finance is obliged to continue processing personal data under law or under a contract between you and Unified Finance, or in case Unified Finance has other lawful grounds for the continued processing of your personal data. In accordance with „Terms for storing and keeping of personal data“ section, Unified Finance will, in any case, delete personal data as soon as it no longer has lawful grounds for processing your personal data.
Right to restriction – you have the right to ask Unified Finance to restrict the processing of your personal data in case the data is incorrect or incomplete or in case your personal data is processed unlawfully.
Right to data portability - you have the right to ask Unified Finance to provide you or, in case it is technically feasible, a third party, personal data, which you have to provided Unified Finance yourself and which is processed in accordance with your consent or a contract between you and Unified Finance.
Right to object – you have the right to object to processing personal data in case you believe that Unified Finance has no lawful grounds for processing your personal data. For any processing conducted in accordance with your consent, you can always withdraw its consent by following the instructions set out in “Consent on withdrawal for processing personal data“ section.
Right to file complaints – you have the right to file complaints regarding processing personal data as further described in „Inquiries, requests and complaints“ section.
You can exercise its rights stipulated in „Your rights in connection with personal data“ section by using the respective functionalities of the Platform or sending a respective request to dataprotection@unifiedfinance.com.
We will make our best efforts to respond to your application submitted in accordance with „Persons rights in connection with personal data“ section within 2 weeks. Under GDPR art 12 ( 3 ) we must respond to your application within 1 month. In case it is necessary due to the number and complexity of applications filed with us, we may, under GDPR art 12 ( 3 ), also respond to your application within 3 months.
Processing personal data regarding child account
We do not open child account as according to our Terms and Conditions it can be opened by a person with an active legal capacity of at least 18 years of age.
Distribution of personal data
Upon processing personal data, we may share elements of your personal data with the following third parties:
- public authorities and other financial institutions whom we are obliged to disclose personal data under law;
- server hosts/ cloud service providers who host our servers / clouds;
- payment processors and payment network operators who process your transactions;
- identification service providers who help us verify your identity and acquire Due Diligence Data;
- card manufacturers who manufacture your card;
- communication service providers who facilitate e-mails, calls, SMS messages and other communication between you and us;
- couriers who help us deliver letters (e.g. letters with your card and PIN codes);
- partners, with whom we have arranged you a gift, a discount or another special offer;
- other parties involved with the provision of our services.
The partners listed in this section above may be located within and outside of the European Economic Area but we make sure that the servers on which personal data is stored are, in any case, located within the European Economic Area.
Sharing personal data with Third Parties and safeguarding measures applied
Upon sharing personal data with third parties, we will apply the following safeguards (except as specified in p. 2 of this section below):
- Unified Finance enters into a data processing agreement with the relevant third party;
- Unified Finance makes sure that such third party undertakes to implement appropriate technical and organizational measures ensuring the processing of personal data in accordance with this Policy and applicable laws;
- Unified Finance makes sure that personal data will not be forwarded to any countries which the Commission of the European Union has not recognized as ensuring an adequate level of data protection.
- Unified Finance cannot apply the safeguards stipulated in p.1 of this section above upon sharing personal data with public authorities and other financial institutions whom Unified Finance is obliged to disclose personal data under law.
Amendment of the Privacy Policy
We may unilaterally amend this Policy from time to time. Upon amending this Policy, we will notify you about the new Policy by e-mail and/or via the Platform. In case the new Policy refers to processing personal data for any new purpose, which requires your consent, then we will not process personal data for such new purpose, before it has your consent for processing your personal data for such new purpose.
Inquiries, requests and complaints
In case you have inquiries, requests or complaints regarding the processing of your personal data, you may forward them to:
+44 (0) 7939 216 285
dataprotection@unifiedfinance.com
which are processed by the Data Protection Officer of Unified Finance.
You may choose to file a complaint with the Information Commissioner’s Office by calling +44 303 123 1113 or filing a report over internet https://ico.org.uk/concerns/. If you are residing in another country you may contact your competent national authority responsible for the protection of information.