Last change: 26.06.18
When you visit this website www.international-fintech.com hosted by International Fintech UAB and its group of companies (together “Company”, "we", “us”) and all related websites (the "Website"), or when you correspond with us or send us your details for contacting, we may process personal data about you, as a data controller or as data processor.
We, International Fintech UAB, a licensed financial institution with registration number 304409766 (e- money license No. 6, issued by the Central Bank of Lithuania) located in Jogailos street 4, Vilnius LT-01116, Lithuania and our group of companies, develop, own and operate certain different services such as collecting and distributing payments on behalf of Merchant, whether to other merchants or Merchant’s clients “(Users”) and managing the chargebacks process for Merchants (the “Services”).
This Policy specifies what information we collect and how we collect the information, how we use the collected information, and how we share the information and protect it. Contact Us details are provided at the end of the Policy, for feedback or any privacy enquiries you may have.
“Personal Information” means information that we directly associate with a specific person, which may include without limitations, name, address, telephone number, email address, 4 digits of payment card, payment information, IP address, credit history etc.
Please note that this Policy is governed by the Lithuanian laws.
Please read the following carefully to understand our practices regarding your Personal Information and how we will treat it.
SCOPE AND CONSENT
By visiting this website www.international-fintech.com (the “Website”), you accept and consent to the practices described in this Policy. This Policy (together with any other documents referred to in it) sets out the basis on which we collect and use personal information. It applies, without limitation, to:
- Your use of the Website and Services, whether by using your computer, your mobile device or any other device;
- Email, other electronic messages including SMS, telephone, web chat, website/portal and other communications between you and Company.
LEARN MORE to understand what we can do if you disagree to this Policy:
If you are not satisfied with any aspect of this Policy, please do not continue to use the Website.
Contact Us details are provided at the end of the Policy, for feedback or any privacy enquiries you may have.
When you are required to provide Personal Information to us
You are not required by law to provide any Personal Information to us. For example, you always decide whether to participate in our promotions or to use the Services. You are required to provide certain Personal Information to enable us to enter into a contract with your Merchant so that you can use the Services. Our registration forms indicate which data elements are required for our contracts.
THE INFORMATION WE COLLECT FROM YOU
We may collect, receive and process any information, including the Data Subjects’ Personal Information, data and other details submitted, shared or exchanged in connection with the Services. You may provide some of this information to us, for example by filling in forms via the Website, or by corresponding with us by phone, e-mail, web chat or otherwise. We may collect some of it through automatic means, for example by using cookies when you visit our Website. We may also obtain data about Data Subject from third parties, such as resellers/finders. We may also infer from your use of the Services a pattern of your transactions which becomes a separate type of Personal Information.
LEARN MORE to understand which information we collect:
When underwriting new Merchants, the Company routinely collects ‘Know Your Customer’ and data from your Merchants' Data Subjects for compliance with Anti-Money Laundering laws. These details may be crosschecked against lists and search libraries to verify that such details are correct and not subject to blacklisting or service prohibitions.
We also collect information from transactions made by Users.
Information you provide us:
- When a Merchant registers to our Services, it will be requested to provide Personal Information on its Data Subjects such as: passport, utility bill, full name, e-mail address, phone number, address, gender, date of birth, contact details, location, nationality and country of residence, and any other contact information provided on or via the Services or in any other communications with us.
- When a Merchant uses the Services, it may be requested to provide additional Personal Information and KYC information such as: Data Subjects’ identification numbers, photographs, a copy of an identification document (e.g. ID card, driving license and/or passport), various business and financial information, including bank account details and any information of their transactions and financial activity with other payment processors, copies of utility bills, etc., and any proof of their identity as we may request. The legal regulation framework that applies on the Services may change from time to time, and accordingly we may require some additional information in order to align with such new regulation.
- Information on Merchant’s clients relating to any transaction processed via the Services, including the location of the client and any relevant details relating to the content and details of transaction, such as last four digits of the credit or debit card, address and email, name and surname, IP address.
- Information provided to us when you communicate with us by phone, e-mail, SMS, a website or portal. We may monitor and record phone calls, e-mails, Skype chats, or other communications between you and our Customer Service representatives or other Company's representatives. When visiting our offices, access control systems and other monitoring systems may be in operation.
- Any other information that you provide us.
Information we collect from third parties
In order to fulfill our legal obligations to prevent fraud and money laundering and for risk assessment purposes, we will obtain information about Data Subjects from our trusted service providers when you request to use our Services and at any time when we feel it is necessary to prevent fraud, to minimize financial risks or to prevent other risks, for instance – Data Subjects’ financial history information. Also, we may obtain additional information on the Users from our services providers for ensuring that the transactions initiated by the Merchants’ clients are complete. We will also obtain information on Data Subject from resellers and finders, which may transfer such information under Data Subjects’ consent.
Authentication and Fraud Detection
In order to help protect you from fraud and misuse of your Personal Information, we may collect information about you and your interactions with the Services. We may also evaluate your computer, mobile phone or other access device to identify any malicious software or activity.
INFORMATION WE COLLECT AUTOMATICALLY
- We may use third party services, such as Google Analytics, to collect and process such data in order to analyze the traffic to the Website and the platform on which our Services are based.
We do not intentionally collect sensitive information relating to Data Subject’s health, ethnicity, religious or political beliefs etc., but we may obtain it in specific limited circumstances, for example if you or a User ask us to transfer money to a political party or a religious organization etc.
LEGAL BASIS FOR PROCESSING
We will only process your Personal Information on the following basis:
- To be able to establish and perform our contract with the Merchant and perform our contract obligations under that contract (e.g. providing Merchant with the requested Services); or
- Where we have a legitimate interest to process data, (e.g. for our legitimate interest of managing our internal administration, claim management, risk management, conducting marketing research to improve our products and services and to offer our customers with tailored products and services), subject to such processing not overriding Data Subjects’ rights and freedoms in objecting to such processing; or
- Where it is necessary to comply with legal obligations which we are subject to (for example, money laundering or other anti-financial crime checks); or
- Exceptionally, when necessary in the public interest, for example when law enforcement agencies request information to investigate a crime.
HOW WE USE THE INFORMATION
We use Data Subject’s Personal Information to provide and improve our Services, to examine eligibility of onboarding of a Merchant, and to assess the situation in case of a transaction. for customer service purposes, and to detect, prevent, mitigate and investigate fraudulent or illegal activities. We may also use this information for sending promotional communications with respect to Services that may be of interest to you.
LEARN MORE about the use of your Personal Information by us:
We may use information collected about Data Subjects, including Personal Information, in any one or more of the following ways: (i) When a new application to become a Merchant is submitted to us, we use the data received from the potential Merchant to assess its application. As such, this data is used by us to establish or perform our (future) contract with the Merchant and for our legitimate interests in following up with it. We also use the data above for our legitimate interest of managing our internal administration, and for establishing and performing our contract with the Merchant; (ii) We use the Merchant’s clients' Personal Information to provide Merchants with the requested Services and transactions, ensuring that such transactions are complete or amounts of transactions are charged back, including fulfilling the Company's obligations to financial or other institutions in connection with the Services, (iii) For financial and identity checks, fraud prevention checks, anti-money laundering and credit checks, including examination of your request for Services according to legal regulatory requirements, risk management examination and fraud detection; (iv) To provide reports that include Personal Information to Anti Money Laundering Authorities, and to any other competent authorities, in accordance with the legal requirements; (v) To record and track details of transactions carried out in relation to the Services; (vi) To improve the quality of the Services and customize user experience; (vii) For customer service, including answering questions and responding to feedback and complaints; (viii) For sending communications, administrative e-mails and/or reaching our clients via social media platforms. Company may e-mail or communicate with you from time-to-time, if Company needs to provide you with information or for other commercially, non-marketing reasons related to the Services; (ix) for legal and accounting purposes, such as reporting to tax authorities and reporting of legal and accounting information required by the Lithuanian law.
Please be informed that no automated decisions or profiling are made in the course of the processing of Data Subjects’ and/or Users’ Personal Information.
AUTOMATED DECISION MAKING
We use analytics for security and anti-fraud purposes, such as to identify unauthorized use of the Services or to verify and cross-check abnormal transactions that would have been entered into by the Data Subject. In the view of the Data Subject's previous transactions, we may infer from a request of transaction that it is abnormal, for instance with respect to its amount, the destination of the funds, the currency chosen or the rationale or absence of rationale for such transaction.
DISCLOSING OF INFORMATION TO THIRD PARTIES
We may share Data Subject’s Personal Information with third parties assisting us to provide our Services, with suppliers working on our behalf, where we have your Data Subjects’ permission, or where we are required or permitted to do so by law. We may also share Personal Information with third parties to comply with our legal obligations, to prevent any fraudulent or illegal activities related to our Services, to respond to legal process or to protect the rights or property of the Company, our customers or others. We attempt to minimize the amount of personal information we disclose to what is directly relevant and necessary to accomplish the specified purposes.
LEARN MORE about the cases of disclosure of information to third parties:
We will not disclose to third parties the Personal Information gathered about Data Subjects via the Website and Services, inasmuch as this Information identifies them personally, except in the cases set forth hereinafter:
(a) To collect, hold and manage their Personal Information through our trusted vendors (including their sub-contractors) who apply suitable safeguards to protect the privacy and security of Data Subjects’ and Users’ personal data, for example, cloud computing platform and hosting services provider, as reasonable for business purposes, which may be located in a country that does not have the same data protection laws as our jurisdiction;
(b) To bill and collect money owed to us by the Merchant;
(c) To Credit and Financial Institutions that take part in the processing of the Services: including the credit institution where Merchants maintain their bank account and any other financial institutions who may process payments;
(d) Risk management. We use trusted third parties to secure transaction processing and to conduct identity verification and prevention checks of fraud or any other illegal activities or otherwise address security or technical issues (for example, World Check by Thomson Reuters for money laundering detection) and of bank transfer transaction, and we send Personal Information to those third parties to process payments;
(e) To communicate with Merchants about their account and provide customer support, including by our third party trusted vendors;
(f) To provide information to our authorized representatives and advisors, including attorneys and accountants, to help us comply with legal, accounting, security and other requirements;
(g) To provide, support, and improve the Services we offer and to make certain features of the Services available to you;
(h) To satisfy applicable laws and regulations, if and as applicable, including reports to Anti Money Laundering Authorities and to any other competent authority, in accordance with the legal requirements, to financial institutions that take part in the processing of the services for compliance purposes, and to comply with a judicial proceeding, court order, or legal process;
(i) To enforce our contractual terms with the Merchants, including investigation of potential violations thereof, and to protect against harm to the rights, property or safety of Company, its users or the public as required or permitted by law;
(j) In the event Company goes through a business transition such as a merger, acquisition of all or a portion of Company's assets, Data Subjects’ Personal Information may be among the assets transferred and it will be transferred only subject to restrictions similar to those contained herein or as otherwise be required by applicable laws and regulations.
Please note that these third parties may be in other countries where the laws on processing Personal Information may be less stringent than in your country.
Except where permitted as stated, Company does not sell, rent, share or otherwise disclose Personal Information to third parties.
Company may transfer and disclose to third parties or otherwise use non-personal information at its own discretion.
STORING YOUR DATA
The Personal Information that we may collect may be transferred to, stored at and processed in a destination outside your territory and/or outside the European Economic Area ("EEA"), where Personal Information may not be protected by the same standards. When we transfer Personal Information outside the EEA, we will take steps with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy. You expressly agree to such transfers of Data.
LEARN MORE to understand the reasons for storing Personal Information outside EEA and/or your territory:
Any Personal Information which we may collect may be transferred to, processed and stored at destinations outside your territory and/or outside of the European Economic Area ("EEA"), where Personal Information may not be protected by the same standards, for the reasons set out below:
- Where our hosting provider or cloud computing platform is outside your territory or outside the EEA.
- Transfer to our affiliated companies that is needed for providing the Services.
- If necessary for providing the Services.
- Where our anti-fraud agencies, credit reference agencies and other service provider that are based outside your territory or outside the EEA, require access to Data Subjects’ data to perform their obligations to us and provide the requested Services to you.
- Where Personal Information is processed by staff operating outside your territory or outside the EEA who work for us or one of our suppliers. Such staff may be engaged in, among other things, the fulfillment of orders, the processing of payment details and support services in provision of the Services. Where such staff is acting on behalf of Company, we will take all steps reasonably necessary to ensure that Personal Information is treated securely and in accordance with applicable law and with this Policy.
- To satisfy applicable laws and regulations, if and as applicable, including reports to Anti Money Laundering Authorities and to any other competent authority outside of the EEA.
In these and similar cases where recipients of Personal Information are located outside the EEA, we will take all steps reasonably necessary to ensure that Personal Information is treated securely and in accordance with this Policy, including the use of any adequacy mechanisms required by law to ensure that the transfer is lawful.
- We may retain Data Subjects’ Personal Information in conformance with applicable laws, usually for 8 to 10 years, in order to: comply with legal requirements or to protect the Company's legal interests, prevent fraud, resolve disputes, troubleshoot problems, assist with any investigations, enforce our contractual terms with the Merchants and take other actions otherwise permitted by law.
- In addition, we will retain Personal Information after the Merchant’s registration to the Services is cancelled, or if Merchant’s application is declined or abandoned, for as long as permitted under any applicable law, for legal, regulatory, fraud and other financial crime prevention purposes.
- Personal Information required for legal proceedings and/or compliance purposes (such as AML and KYC procedures), will be retained for a period permitted under the Lithuanian law, usually 8 to 10 years.
- Personal Information concerning Data Subject’s transactions, including but not limited to chargebacks and legal proceedings, will be retained for a period of 8 years, or according to the longer of Merchant’s and/or bank’s relevant policies regarding chargebacks or refunds, as case may be.
THIRD PARTY SOFTWARE/SERVICE
Also, we use third party’s platform to manage the transaction, where we receive Merchant’s clients’ details about the transactions: name, family name, last four digits of the payment card, IP address and email.
USE OF “COOKIES”
LEARN MORE on what is a cookie and how you can disable it:
What is a cookie?
Cookies are alphanumeric identifiers that are transferred to and stored in your device through your web browser for record-keeping purposes. Some cookies allow making it easier for you to navigate a website, while others are used to enable a faster log-in process or to allow to track your activities on a website.
When you access the Website, you will be presented with a message bar requesting your consent to set those cookies. By continuing to browse the Website, you are enabling us place cookies on your computer and/or our partners to provide a better experience and service to you.
Cookies generally process your IP-address but they do not save your personal information like e-mail address or phone number.
This Website may place the following type of Cookies:
- Security cookies: these cookies, such as Cloudflare, allow the determination of the nature of the traffic, in order to assess whether there is a real individual or a bot trying to affect the system.
- Essential cookies: These cookies are necessary to allow you access and move around our Website and use all its features. Without these cookies, you would not be able to access our Website and/or to use certain important features.
- Visitor Cookie: These cookies are part of our security mechanism and are used to identify visitors (visitor representing a specific computer) of the Website,
- Analytics cookies: This Website also uses analytics cookies placed by Google Analytics (including Google Tag Manager) to measure the number of visits and the parts of the website that are the most popular among our Website visitors as well as for benchmarking purposes. This information is used to provide aggregated and statistical information on the use of this Website and is used to improve the contents of this Website to enhance your user experience. To opt-out of Google Analytics, please go to: https://tools.google.com/dlpage/gaoptout/ (or to other Google link as may be updated from time to time)
- Advertising cookies: These third party cookies, such as Google Adwords, help ensure that our advertisements are as relevant to you as possible. These cookies track and record information (including by Google) regarding your browsing habits and activity, and use this information to enable us to show you relevant/personalised marketing content across the Internet. Using these cookies, our third party vendors may collect personally identifiable information (for instance when information collected by such cookies is associated with your Google Account) and use this to display our targeted advertising to you. For example, some advertising cookies help select advertisements that are based on your interests. You can opt out of Google’s use of the abovementioned cookies by visiting Google’s Ads Settings: https://adssettings.google.com/authenticated (or other Google link as may be updated from time to time).
You can choose to enable or disable Cookies in your internet browser. By default, most internet browsers accept cookies but this can be changed.
A customer may oppose the registration of cookies in his/her connected terminal by setting his/her Internet browser as follows:
- Select "Edit" then "Preferences" menu
- Click on the "Security" icon
- Select the desired options for cookies
For Mozilla Firefox
- Select "Tools" then "Options" menu
- Click on the "Privacy" icon
- Select the desired options for cookies
For Microsoft Internet Explorer:
- Select "Tools " then "Internet Options" menu
- Click on the "Privacy" tab
- Select the desired level using the cursor
- Select the "Settings " then "Privacy" menu
- Click on the tab " Content Settings "
- Select the desired options for cookies
For further details, please consult the help menu in your internet browser.
You can choose to delete cookies at any time; however, you may lose any information that enables you to access the Website more quickly and efficiently including, but not limited to, personalization settings. You are therefore informed that the opposition to the registration of cookies can make inaccessible all or part of the Website features.
THIRD PARTY SERVICES
SECURITY PRECAUTIONS TO PROTECT INFORMATION
We take a great care in implementing and maintaining reasonable and appropriate security procedures consistent with prevailing industry standards to protect the security of the Website, the Services, and Data Subjects’ Personal Information from accidental loss and from unauthorized access, use, alteration and disclosure.
While we take reasonable precautions against possible security breaches of the Services, no website or internet transmission is completely secure, and we cannot guarantee (i) that unauthorized access, hacking, data loss, or other breaches shall never occur; and (ii) the security of your or Data Subjects’ data while it is being transmitted to and from the Services; any transmission is at your own risk. Company urges you to take steps to keep your Data Subjects’ Personal Information safe, including your account password, and to log out of your account after use.
You are responsible for keeping this password confidential and complying with our instructions. You must not share credentials with anyone else, and you authorize the Company to act upon instructions and information from any person that enters your credentials. You also agree to promptly notify us of any information you have provided to us which has changed.
YOUR PRIVACY RIGHTS
Where applicable, you may have certain rights under data protection legislation, including the right to see the personal information held about Data Subjects and you may ask us to make any necessary changes to ensure it is accurate and up to date.
LEARN MORE on other rights available:
Where applicable, data protection legislation may also provide the following rights in relation to Personal Information which may also be discussed by Data Subjects with us by using the Contact Us section below or by emailing us at [email protected]-fintech.com:
- request for access to Personal Information;
- request to rectify inaccurate or incomplete information, or erase it, where applicable;
- request to restrict or to stop our using it, in certain circumstances;
- withdraw consent to our using it, where applicable;
- data portability, in certain circumstances;
- opt out from our direct marketing; and
- lodge a complaint with the relevant Data Protection Authority.
If you have any additional questions or concerns about this Policy, please feel free to contact us any time through the Services or email at [email protected], or by writing to us at in Jogailos street 4, Vilnius LT-01116, Lithuania or by calling us at +370 694 08689.