1、Your Privacy is Important to Us
You have arrived at a website that is provided by UAB "Glocash Payment" (hereinafter – the Company), registered address at T.Narbuto str. 5,Vilnius LT 08105,Lithuania is the electronic money institution authorized and regulated by the Lithuanian supervisory authority – Bank of Lithuania. The privacy of each and every customer (hereinafter – the Customers) matters to us, and we strive for transparency in all of our data privacy practices, especially when it comes to identifying the information we collect, use, share, and disclose (hereinafter – the Personal data), as well as the ways we help keep your information safe. In order to that the Company is obligated to use and process the Personal data of the Customers only in accordance with this privacy policy (hereinafter – Privacy policy) and the applicable legal acts which regulate the protection of Personal data.
To be noted, the Company's activities are:
- the issuing of electronic money;
- the redemption of electronic money;
- issuing and/or acquiring of payment instruments;
- execution of payments transactions.
All activities of the Company are regulated by the applicable laws related to the electronic money, including, but not limited to the legal acts related to the financial institutions and financial services. Please be informed that the license of the Company and all activities can be checked here: https://www.lb.lt/lt/finansu-rinku-dalyviai/uab-glocash-payment.
2、Legal Basis
Personal data is processed in the Company when the Customer has given consent and/or when processing of data is necessary in order to fulfill the agreement to which the Client is a party, or to take action at the request of the Customer prior to the conclusion of the agreement and/or to process the data necessary for the fulfillment of the legal obligation imposed on the Company.
3、The Purposes of The Processing of The Personal Data
In accordance to our Customers safety, the Company indicates that the purposes of the processing your Personal data are:
- Provision of services of issuance, distribution and redemption of electronic money and provision of payment services;
- Conclusion and execution of the agreements;
- Customers' identifications;
- Implementation of the obligations under the Law on Money Laundering and Terrorist Financing Prevention.
4、Direct Marketing
Moreover, the Company may collect and process Personal data of the Customer due to the direct marketing. Direct marketing is the activity that is intended to offer the goods or services to the Customer by post, telephone or other direct way as well as to inquire the opinion of the Customers about the offered goods and services. The Personal data collected for the direct marketing purposes may be processed only with the consent of the Customers which clearly indicates that Customers agree with the processing of the Personal data for the direct marketing. In case if the Customers do not agree with the processing of their Personal data for the direct marketing purposes, the Personal data for the direct marketing is not processed. The Customers are granted with the right to withdraw its consent given for the processing of the Personal data for the purposes of the direct marketing. The Customer may withdraw the given consent by sending the information through the e-mail.
5、Collection of Information
The Company commits to comply with the provisions of General Data Protection Regulation, the Law on Legal Protection of Personal Data of the Republic of Lithuania and all of the other Laws and/or legal acts that are applicable, as well as all of the European Union acts that are applicable in accordance with the Personal data protection regulations that are applicable for the specific country in which the services are provided.
This Privacy policy is prepared for the introduction of the Customers how the Company is processing the Personal data of the Customers and well as what kind of measures are implemented in the Company to achieve the adequate protection of the Personal data of the Customers that are being processed during the provision of services.
6、Principles of The Customers Personal Data
The list of principles that the Company strictly follows to comply with the needs to protect its Customers Personal data:
- Personal data is collected for specified and legitimate purposes and is not further processed for purposes incompatible with those purposes established prior to the collection of personal data;
- Personal data is processed accurately, honestly and lawfully;
- Personal data is accurate and if necessary due to the processing of personal data is constantly updated as well as inaccurate or incomplete data is corrected, supplemented, destroyed or the processing is stopped;
- Personal data is identical, suitable and only to the extent which is necessary to collect and further process the personal data;
- The personal data is stored for the period specified by the Company, but not longer than the terms set forth by the applicable legal acts allow as well as when the storage term is expired the personal data are destroyed;
- Implementation of adequate organizational measures, designed for securing personal data against accidental or illegal destruction, modification, disclosure, and any other illegal management;
- Implementation of measures designated for the prevention of use by persons seeking to acquire funds by fraudulent means;
- The personal data of the customers is considered as confidential information and may only be disclosed to the third parties in accordance with the rules and procedure provided in the Privacy Policy, internal documents of the Company and the legal acts of the Republic of Lithuania.
7、The Information We Have About You
| General | name, surname, personal code, date of birth, age (year of birth), address, residence place, identification card (passport) number, issuance place and date, mobile phone number, email address, employment data. |
| Customers (natural persons) | photo, signature, financial institution account number, IBAN number, debit card number, video and audio record for identification, telephone conversations, client IP addresses, date of client transactions, amount of transactions, currency, location, data about the beneficiary of the funds, the history of the actions performed, the source of funds, sex, nationality, employment status. |
| Representatives of the clients (legal entities) (members of the client's management bodies and other representatives (for example, employees) who are authorized according to the corporate documents to represent the client in relations with the data controller or acting in accordance with the power of attorney, procuration when representing the client) | personal code, personal identity document data, e-mail address, sex, position, surname, address, nationality, phone number, name, photo, signature, bank account information (bank name and bank account number), monetary transaction or transaction date, amount, currency , data about the beneficiary of the funds (natural person's name, surname, date of birth, personal identification number or other unique character assigned to this person to identify the person, legal entity name, legal form, registered office address, code, if any). |
| Ultimate beneficiary owners of the clients (legal entities) (natural persons who directly or indirectly own or control a legal unit with a sufficient number of shares or voting rights, including through bearer share management) | personal identification code, identity card, sex, surname, address , nationality, name, photo, signature, number of shares held, voting rights or share capital part, monetary transaction or transaction date, amount, currency in which the monetary transaction or transaction is executed, data about the beneficiary of funds (natural person's name, surname, date of birth, personal identification number, or other unique character assigned to this person to identify the person, legal entity name, legal form, registered office address, code, if any). |
| The Personal data collected and processed for the purposes of the direct marketing | name, surname, the email address, mobile phone number and the address of the place of residence. |
8、Personal Data Storage Terms
The Personal data of the Customers are kept in such a way that the identity of the Customers can be determined for no longer than is necessary for the purposes for which Personal data is processed. The terms of storage of the Personal data of the Customers in case of the purposes indicated in this Privacy policy, excluding the purpose for the direct marketing, are set forth by the applicable law. The Company strictly follows those terms and in case if changes appears, the terms are changed in accordance with the changes. The Personal data of the Customers collected and processed for the purpose of direct marketing shall be kept not longer than the consent of the Customers' is valid.
The Personal data of the Customers is obtained from the Customers as well as from the commercial banks, other credit and financial institutions. Personal data from commercial banks, other credit and financial institutions is obtained through execution of the payment transactions.
9、Third Parties
Customers' Personal data specified in this Privacy Policy may be transferred to the third parties:
- The Bank of the Republic of Lithuania and the SEPA participant (personal data for these beneficiaries is due to the use of the Single Euro Payments Area - SEPA);
- Payment service users (payees and payers);
- Financial institutions (subject to Customer's consent and in the scope of the personal data of the solely specified by Customer).
Customers' personal data may be transmitted to the third parties not specified above for the specified and legitimate purposes only, and only to third parties who have the right established by laws and other legal acts to receive personal data in the countries of the European Union and the European Economic Area.
The company does not take any responsibility regarding the third-party links found in in the Company's website and their privacy policies used.
10、The Rights Granted to The Customers as Personal Data Subject
In accordance with statutory regulations on data protection, the Customers have the right to access the personal data relating to Customers and which has been collected or disclosed by the Company and the right to have such personal data rectified in case such personal data is inaccurate or incomplete.
The Customers are granted by the rights:
- To check whether the Company holds Customers' personal data;
- To access and correct Customers' personal data;
- To request that the Company corrects any of Customers' personal data that may be inaccurate;
- To inquire about Company's policies and practices in relation to personal data and to be informed of the kind of personal data held by the Company.
The Company undertakes that all other rights of data subject as described in applicable laws are guaranteed for the Customers as data subject.
If in any case the Customer thinks that the personal data is processed by violating applicable laws, the Company is open in helping with solving the issue for the Customer. The Customer have the right to request the Company to provide information about the processing of its personal data by submitting an application to the personal data officer of the Company via e-mail:
com/glocash/support. The Company ensures that the requested information will be provided in as soon as possible after the day the request was received by the Company. The Customer can also file the complaint regarding the Personal data in the same manner.
The Customer has the right to submit application regarding the issues of personal data processing directly to the State Data Protection Inspectorate which is the supervisory authority of the Company for the protection of personal data. The Customer may apply in accordance with the procedures for handling complaints that are established by the State Data Protection Inspectorate.
