For the purposes of the Data Protection Act 1998 (the Act), EPA is a data controller of Your personal data collected for or used in connection with the administration of EPA membership, and EPS is a data controller of Your personal data when it provides you with e-wallet services or information related to those services. A data controller is the person who determines the purposes for which, and the manner in which, any personal data is processed. Data controllers have a responsibility to establish practices and policies in line with the Act.
Meaning of personal data
Personal data means data that We store electronically, on a computer, or in certain paper filing systems, relating to a living individual who can be identified from that data (or from that data and other nonpublic personal data in Our possession). Personal data can be factual or an opinion.
Personal data that we collect
We collect and process the following personal data about You:
- Personal data You provide on applications or other forms or upload to Your personal account, such as name, address, e-mail address, gender, social security number, tax ID number, telephone number, date of birth and “know Your client” information;
- Personal data about Your transactions with Us or other parties, such as account activation, e- wallet balance, payment/transfer and buy/sell histories and parties to transactions, and credit, debt, or other payment card information;
- Your correspondence with Us;
- Personal data We receive from third parties in order to verify information that You have provided to Us (such as Your identity), or to protect Our Customers, suppliers and correspondents against fraud, such as payment processors, banks, credit reference agencies (but for identification and fraud-prevention purposes, not credit checking purposes), fraud checking agencies, providers of operational services, and regulators; and
We also collect technical information when You visit Our website or use our Mobile Application, including the following:
- Unique identification numbers, e.g. Internet protocol (IP) address and device ID;
- Your login information;
- As applicable to Your type of device, browser type and version, and browser plug-in types and versions, app release, app version, device model, manufacturer (brand), operating system, operating system version, OS library version, time of last seen, enable wifi, radio (EDGE, HSDPA, LTE, WCDMA, none), device screen (width, high, dpi), NFC, telecom operator, Bluetooth enable, Bluetooth version;
- time zone setting, city, region, country and language;
- operating system and platform;
- and information about Your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from Our website (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
TELEPHONE CALLS: To make sure We follow Your telephone instructions correctly, and to improve Our service to you through training Our staff or suppliers, We may also monitor and record telephone calls.
Where we store your personal data
Use of your personal data
We will use Your personal data in order to process Your application for EPA membership or an EPS e- wallet, to forward to third party suppliers of pre-paid cards, to comply with laws and regulations or good practice with regard to anti-money laundering and similar, and to provide You with Our services, including:
- Analysing Your registration application;
- Carrying out Our obligations arising from any contracts entered into between You and Us and to provide you with the information, products and services that you request from Us;
- Taking steps aimed at fraud detection and prevention;
- Personalising aspects of Our overall services for You;
- Communicating with You;
- Learning from the way You use and manage Your e-wallet and Our services;
- Operating Our Site (see our Cookies Policy);
- Resolving disputes with You;
- Administering Our Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- Improving Our Site to ensure that content is presented in the most effective manner for You and for Your computer;
- In Our efforts to keep Our Site safe and secure;
- Allowing You to participate in interactive features of Our services, when You choose to do so;
- Measuring or understanding the effectiveness of advertising We serve to You and others, and to deliver relevant advertising to You; and
- Analysing the effectiveness of our marketing campaigns.
- Targeted advertising
- Collecting feedback
We may also use Your personal data to send You information about Our products and services, or the products or services of third parties, where you have consented to this. You may opt out of this and if You do not wish to receive this information, please update Your preferences via the Site or contact Us by one of the methods referred to on the Site.
Disclosure of your personal data
We will not disclose Your personal data to any third parties except to:
- any electronic money issuer or issuer of pre-paid cards provided through Us and any card scheme, such as Visa or Mastercard;
- other third parties who provide services to you which require the use of our services, for example operators of currency exchanges;
- persons who perform services on Our behalf, including those who administer Your use of Our services or Your e-wallet or respond to Customer inquiries, or who provide marketing services to Us;
- persons from whom We receive or to whom We transfer Your funds held in the e-wallet that We provide to You;
- credit reference agencies;
- fraud prevention agencies and other organisations who may use the data to prevent fraud and money laundering;
- any person to whom We transfer Our business or Our agreements with You;
- as required by law or regulation;
- such persons as You have given Your consent for Us to do so;
- other EPA members, in the case of Your name and contact details, in the event that EPA establishes a customers’ area on the Site;
- third parties in connection with criminal or civil proceedings.
We may provide Your contact details included in Your personal data to third parties for the purpose of their informing you about their services. You may opt out of this and if you do not wish Us to disclose Your personal information to such third parties, please update Your preferences via the Site or contact Us by one of the methods referred to on the Site.
Data protection principles
Under United Kingdom laws, anyone acting as a data controller must comply with the eight enforceable principles of good practice. These principles provide that personal data must be:
- Processed fairly and lawfully.
- Processed for limited purposes (consistent with those notified to You when We collected Your personal data and other purposes permitted under the Act) and in an appropriate way.
- Adequate, relevant and not excessive for the purpose.
- Accurate and up-to-date.
- Not kept longer than necessary for the purpose.
- Processed in line with the rights of the person to whom they relate – please see below.
- Secure, that is that We must take appropriate security measures against unlawful or unauthorised processing of Your personal data, and against the accidental loss of, or damage to, Your personal data. Please see further below.
- Not transferred to people or organisations situated in countries without adequate protection – please see above.
Personal data security
We restrict access to Your personal data not known to the public to Our employees or the employees of Our suppliers who have a need to know such data (e.g., to process Your transactions). We train Our employees on the importance of customer privacy and confidentiality. We also maintain physical, electronic, and procedural safeguards designed to safeguard the personal data of Our Customers. We oblige Our suppliers who process Your data on Our behalf to do the same.
All information you provide to Us is stored on Our or Our suppliers' secure servers. Any payment transfers administered by Us will be encrypted using SSL technology.
Unfortunately, the transmission of information via the Internet is not completely secure. Although We will do Our best to protect Your personal data, We cannot guarantee the absolute security of Your data transmitted to the Site; any transmission is at Your own risk. Once We have received Your information, We will use strict procedures and security features to try to prevent unauthorised access.
Your user name and password
Where We have given You (or where you have chosen) a password or any additional tools which enables you to access certain parts of the Site, or to use Your e-wallet or Our other services, You are responsible for keeping this password and tool confidential. We ask you:
- Not to share a password with anyone. Our representatives will not ask You for Your password, so any communication or telephone or other request for Your password should be treated with suspicion and reported to Us using the methods specified on the Site;
- If You believe that someone else has obtained access to Your password, please also change it as soon as You can by logging into Your account and changing Your customer details;
- Not to write down Your password;
- Not to use a password that could easily be guessed by someone else;
- To log off any website when You have completed Your transaction using Our services;
- To keep Your computer updated with current anti-virus software and the latest browser versions;
- To keep secure any additional tools which enables you to access certain parts of the Site;
- Phishing: Treat emails you receive with caution. You may receive an email claiming to be from us or an electronic money issuer introduced by Us, or a third party (such as a currency exchange) who has referred You to us in connection with its services or with a link that appears to be to the Site or the website of such persons, where You are prompted to enter Your password or personal details. This email will not come from Us or those persons or Our partners. We never send emails requesting log-ins, passwords or other security details. If You think you have received a fraudulent email, please forward the entire email to Us (including header and footer) and delete it from Your computer.
Privacy practices of third parties
Access or correct your personal data
You can access most of Your personal data that We collect online and maintain at www.epayments.com. Where the personal data is not so accessible, You may exercise Your access rights in accordance with the Act. Any access request may be subject to a fee of £10 to meet Our costs in providing You with details of the information We hold about You.
You can correct factual errors in Your personal data by the methods provided on our Site or by contacting Us to require a correction.
If You have any questions regarding this Privacy Disclosure, you can contact Us at [email protected].