I. Introduction
-
- This Privacy policy is the main document that sets out the basis as to what happens to any personal data that You provide to Verified payments, UAB, or that We collect from You or other sources when You visit our website https://verifiedpayments.com. You may choose not to provide any information to Us, however, We may be unable to provide Services to You.
- Please pay attention to the fact that We may update this Privacy policy from time to time, therefore please do review it regularly.
- Your personal data controller is Verified Payments, UAB, head office address T. Kosčiuškos str. 24, LT-01100, Vilnius, Lithuania (hereinafter referred to as „We“, „Us“). We have appointed a data protection officer (“DPO”). You can contact our DPO at [email protected].
- We act according to the Law on the Legal Protection of Personal data of the Republic of Lithuania, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) and other applicable legal regulation.
- Security is highly important to us. We take all reasonable measures to protect personal data from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction, including industry-standard security and encryption features.
- If the Client is a legal person, the Head or another representative of the Client shall properly inform data subjects (Beneficial owners, Head, etc.) about the transfer of their data to Us and to present this Privacy policy to them.
II. The purposes of processing
-
- For the purpose of communication with you, we process Your name, email, company website, and any other information you choose to provide us in the contact form of our website (e.g., telephone number). We process this data on the basis of consent. If you don’t become our client, we store it for 1 (one) year after the last communication and if you become our client, we store it for 8 years after the end of the business relationship.
- For direct marketing purposes, we may process your name and email address by sending you our messages and newsletters. We process this data on the basis of your consent. You can always withdraw your consent by contacting our DPO at [email protected]. If you are not our client and just gave your consent to receive direct marketing messages, we will process your data for 3 (three) years after the day of your consent.
- We process data about your use of our website. The usage data may include your IP address, geographical location, browser type, and version, operating system, referral source, length of visit, page views, and website navigation paths, as well as information about the timing, frequency, and pattern of your service use. We obtain such data through the use of cookies and similar technologies. The legal basis for this processing is our legitimate interest and we process such data to have a better understanding of how you use our website. Please see our Cookie Policy for more information.
- All Your provided or our collected data about You, except Identity data, may be processed for statistical purposes. We process Your data in such a way that after including data in statistical evaluation there would be no possibility to identify You. You agree that You are informed about the right to refuse that Your data would be processed for statistical purposes, but we would have the right to continue processing Your data if we can prove that data is processed for convincing legitimate reasons which are superior to the interests, rights, and freedoms of You or in order to bring, enforce or defend legal requirements. The data will be processed till it becomes irrelevant.
- We process your data for the purposes of providing our services to You (not applicable if You don’t become our client). For more information about the data, we collect and process if you decide to use our services, please see Verifo Privacy Policy.
III. Partners services
-
- You may access our partners’ services via our website. According to this, You may find links to third-party websites on our website. These websites should have their own privacy policy documents which You should check. We shall not be liable for their policies and activity as We have no control over them.
- If You choose to use such services, You have to provide Your data to such partner and accept the terms & conditions of services set by that partner or We may share Your data in order to provide certain services to You upon Your request. We shall only be an intermediary between You and the service provider and is not liable for the proper provision of such services.
IV. Your rights
Please be informed about Your rights under Data Protection regulations in relation to Your personal data:
-
-
- Right to Information: The right to ask Us for information about what personal data of Yours is being processed and the rationale for such processing.
- Right of Access: The right to access Your personal data.
- Right of Rectification: The right of rectification of inaccurate personal data concerning You, and the right to have incomplete personal data completed. Please be advised that We may need to verify the accuracy of the new data You provide to Us.
- Right of Erasure (the right to be forgotten): The right of erasure of personal data concerning You if there is no convincing reason for Us continuing to process it. Please be advised that We may not always be able to comply with Your request of erasure for specific legal reasons which will be notified to You, if applicable, at the time of Your request. Please note that Under GDPR Article 17(3)(b), legal requirements take precedence over the right to be forgotten. From an AML perspective, the EU’s 4th Anti- Money Laundering Directive (4AMLD) introduced the requirement that both customer due diligence and transaction records be retained for a minimum of a set number of years after the end of the customer relationship and as a financial institution We will retain Your data, in line with AML regulations, for a minimum of 8 years. In this context, the right to be forgotten would only be enforceable after this period had ended.
- Right of Restriction of Processing (Right to Withdraw Consent): The right to obtain from Us restriction of processing if there is a legitimate reason. Where processing has been restricted, such personal data shall, with the exception of storage, only be processed with Your consent or for the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the EU or of a Member State.
- Right to Data Portability: The right to receive the personal data concerning You, which You provided to Us, and have the right to transmit data to another controller. Please be advised that this right only applies to the information which You provided for Us.
- Right to object. The right to object at any time to processing of personal data concerning You which is processed for the purposes of our legitimate interests. We shall no longer process the personal data unless the We demonstrate compelling legitimate grounds for the processing which override the interests, rights, and freedoms of You or for the establishment, exercise, or defense of legal claims. Where personal data is processed for marketing purposes, You shall have the right to object at any time to the processing personal data concerning You for such marketing.
- Right to Object to Automated Processing: This right to object to a decision based on automated processing. Using this right, a customer may ask for his or her request (for instance, a loan request) to be reviewed manually, because he or she believes that automated processing of his or her loan may not consider the unique situation of the customer.
- Right to withdraw consent: The right to withdraw Your consent at any time where we are relying on consent to process Your personal data. However, this will not affect the lawfulness of any processing carried out before You withdraw your consent. In some cases, if You withdraw Your consent, We may not be able to provide the Services to You.
- Right to complain. You have the right to make a complaint at any time to the State Data Protection Inspectorate, Lithuania supervisory authority for data protection issues. We would, however, appreciate the chance to deal with Your concerns before You approach the supervisory authority so please contact Us in the first instance so that We can handle Your complaint and satisfy it benevolently if it is well-grounded. If You are not satisfied with our reply, You can address competent authority according to Our Complaints policy. You can implement Your rights according to Our Policy for the implementation of data subject rights.
-