Privacy & Cookie Policy

Last updated 02 November 2018

1. SCOPE OF POLICY

1.1 This policy applies to your use of:

a) our website at Amaiz.com (the “Site”) including, without limitation, the Amaiz Dashboard available to Amaiz Dashboard Users pursuant to the Business Terms;
b) the Amaiz Mobile App (“App”) once you have downloaded a copy of the App onto your mobile telephone or handheld device (“Device”); and
c) any of the services accessible through the App or the Site (the “Services”).

This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed and used by us.

Controller

Amaiz Ltd are the data controller responsible for your personal data and we are registered with the Information Commissioner’s Office with reference number ZA308506.

Your Amaiz Card and any e-money issued to you in connection with your Amaiz Account are issued by PrePay Technologies Ltd (“PPS”). We will share some of your personal data with PPS in order to facilitate the issue, operation and management of your Amaiz Card and e-money under your Amaiz Account. PPS will be a data controller in respect of such data. PPS’s privacy policy can be found on http://prepaysolutions.com/legal/.

Data Protection Compliance Manager

We have appointed a data protection compliance manager, who has a number of important responsibilities including:

You can contact our data protection compliance manager at: compliance@amaiz.com AMAIZ LTD, WeWork Aldgate Tower, 2 Leman Street, London E18FA.

If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact us via in-App support.

Complaints

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

So that we’re clear and there’s no misunderstanding about how we handle your personal data, we will:

2. COOKIES

2.1 Our Site and App use cookies to distinguish you from other users. This helps us to provide you with a good experience when you browse our Site or use our App and allows us to improve the functionality of our Site and App and the user experience.

A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer or Device. Cookies contain information that is transferred to your Device’s hard drive. We use session cookies on our Site which are cookies which expire once you close your web browser.

2.2 We use the following cookies:

Strictly necessary cookies. These are cookies that are required for the operation of our Site and App. They include, for example, cookies that enable you to log into secure areas of our Site and/or App and enter into transactions.

Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our Site and/or App when they are using it. This helps us to improve the way our Site and App work, for example, by ensuring that users are finding what they are looking for easily. We use Google Analytics cookies. Google Analytics collects information anonymously. It reports website trends without identifying individual visitors. You can opt out of Google Analytics without affecting how you visit our Site. For more information on Google Analytics, please click here https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage.

Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our Site and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.

Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies

You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our Site.

3. INFORMATION WE COLLECT ABOUT YOU

3.1 We will collect and process the following data about you:

a) Information you give us “Submitted Information”: This is information you give us about you by filling in forms on the App and/or the Site, or by corresponding with us (for example, by e-mail or via the chat functions on the App and/or the Site). It includes information you provide when you register to use the App, download or register the App, subscribe to any of our services, enter into any transaction on the App or the Site (such as a Top Up, Instant Transfer, Amaiz Bank Transfer, Electronic Money Exchange), participate in discussion boards or other social media functions on the App or the Site, enter a competition, promotion or survey and when you report a problem with an App, the Services, or the Site. If you contact us, we will keep a record of that correspondence. The information you give us may include your name, address, date of birth, e-mail address, phone number, the Device’s phone number, username, password and other registration information, financial, details of your bank account including the bank account number, bank sort code, IBAN, details of your debit and credit cards including the long number, relevant expiry dates and CVC, identification document numbers, copies of identification documents (for example, passport, driving licence and utility bill) personal description and photograph and any other information you provide us in order to prove your eligibility to use our Services.

b) Information we collect about you and your Device. Each time you visit the App or our Site we will automatically collect the following information:

(i) technical information, including the internet protocol (IP) address used to connect your computer or Device to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, Device information and the type of mobile device you use, a unique Device identifier (for example, your Device’s IMEI number, the MAC address of the Device’s wireless network interface, or the mobile phone number used by the Device), mobile network information, your mobile operating system, the type of mobile browser you use, time zone setting “Device Information”;

(ii) information about your visit, including the full uniform resource locators (URL), clickstream to, through and from our site (including date and time), services you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, device information;

(iii) transaction information including date, time, amount, currencies used, exchange rate, beneficiary details, details and location of the merchant or ATMs associated with the transaction, IP address of sender and receiver, sender’s and receiver’s name and registration information, messages sent or received with the payment, device information used to facilitate the payment and the payment instrument used;

(iv) information stored on your Device, including if you allow Amaiz access contact information from your address book, login information, photos, videos or other digital content, check ins (Content Information). The App will periodically recollect this information in order to stay up-to-date;

(v) details of your use of our App or your visits to our Site including transaction details relating to your use of our services, including who you have sent money or electronic money to, foreign exchange transactions you have entered into, the time, date and location of the place the transaction was entered into.

c) location Information. We use GPS technology and your IP address to determine your location – this may be used when the App is running in the foreground and the background of your Device. This is used to prevent fraud, for instance if your mobile phone is saying that you are based in the UK, but your card is being used to enter into an ATM Withdrawal or point of sale purchase in Spain, we may not allow that transaction to be processed. Our card protection and fraud-prevention measures require this personal data for the feature to work. If you wish to use the particular feature, you will be asked to consent to your data being used for this purpose. You can withdraw your consent at any time by disabling location permission for the Amaiz App within your device settings “Location Information”.

d) Information to help us deliver our service to you. We work closely with third parties in order to help us deliver our Service to you. These third parties are business partners (such as those we partner with to offer additional Amaiz Services like credit), sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies, fraud prevention agencies, customer service providers and developers. Information we may collect about you from such parties can include credit search information, information which helps us to verify your identity or information relating to your payment transactions. Please see the ‘Disclosure of your Information’ section for more information.

e) If you allow us to, we will collect friends lists from Facebook and similar information from other third parties such as Twitter and Google – the App will periodically re-collect this information in order to stay up-to-date.

4. USES MADE OF THE INFORMATION

4.1 Below is a summary of the key types of data that we make use of as part of the Amaiz Services. For more information on how these types of data are used and for which purposes then please see the table below.

We use information held about you in the following ways:

(a) Submitted Information: We will use this information:

(b) Device Information: We will use this information:

c) Location Information: We will use this information:

d) Third Party Information: We will combine this information with information you give to us and information we collect about you. We will use this information and the combined information:

For example, we may use credit reference agencies to carry out credit searches on you, so that, when you apply for credit products or when we suggest credit products to you via the Amaiz App, we will be able to tailor our credit offering to your needs. The use of credit reference agencies and fraud prevention agencies is not limited to such agencies based in the United Kingdom and includes such agencies overseas. Any such search under this section may leave a footprint on your credit file. You acknowledge that we may carry out such credit search in the knowledge that it may leave a footprint on your credit history. We do not allow joint account holders, however in certain circumstances credit reference agencies may link your record with your spouse, partner or other financial associate. In certain circumstances, you are entitled to access your personal records held by credit and fraud prevention agencies. If you would like details of the credit reference and fraud prevention agencies from which we have obtained or may obtain information about you, please contact us via in-App support. You can withdraw your consent to be credit searched at any time by contacting a member of our support team via our in-App chat function.

4.4 If we decide to engage advertisers to promote our products and services, the advertisers and their advertising networks may require anonymised personal data to serve relevant adverts to you and others. We will never disclose identifiable information about individuals to advertisers, but we may provide them with aggregate information about our users (for example, we may inform them that 700 men aged under 28 have clicked on their advertisement on any given day). We may also use such aggregate information to help our advertising partners provide a tailored and targeted campaign, relevant for a sub-section of our users (for example, women in Manchester). In some instances, we may use personal data we have collected from you to enable our advertising partners to display their advertisement to their target audience.

Purposes for which we will use your personal data

4.5 We have set out below, in a table format, a description of all the ways we use your personal data as stated above, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us via in-App support if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.

What we use your information for

To provide the Amaiz Services:

To carry out our obligations arising from any transactions you enter into with us, for example Top Ups, Instant Transfers, Amaiz Bank Transfers, Electronic Money Exchanges, ATM Withdrawals and Amaiz Card Purchases and to provide you with the information, products and services that you request from us.

Type of information

Our reasons

Our legitimate interests

To combat against fraud:

Type of information

Our reasons

Our legitimate interests

To help market and provide new products and services that interest you:

Type of information

Our reasons

Our legitimate interests

To keep the Amaiz Services up and running:

Type of information

Our reasons

Our legitimate interests

Facilitate social interactions:

Type of information

Our reasons

Our legitimate interests

To provide location-based Services:

To protect against fraud; and to make you aware if any of your contacts, who are Amaiz Users and have location services enabled, are in the same area as you.

Type of information

Our reasons

Our legitimate interests

What do we mean when we say:

Legitimate Interest: this means the interest of ours as a business in conducting and managing Amaiz Ltd. and Amaiz Wealth Ltd. to enable us to provide to you the Amaiz Services and offer the most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).

Fulfilling a Contract: this means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.

Our Legal Obligation: this means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.

Consent: this means that we will only process your personal data for certain specific purposes if we obtain your consent before such processing, for example in order to collect and process your location data and/or to send you notifications about local merchants. We are also required, under the Payment Services Regulations 2017, to obtain your consent for the use of your personal data in order to provide our services to you. We normally ask for your consent at the point when you download our App or register for Amaiz Account. Please note that if you do not provide your consent for this purpose, or withdraw it at a later stage, we may be unable to provide our services to you.

5. MARKETING

5.1 We want to make it crystal clear how we use your data for marketing purposes and how you can ‘opt-out’ from receiving any marketing communications from us whenever you want.

5.2 We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We have established a ‘Privacy’ section within the ‘Profile’ section of the App where you can view and make certain decisions about your personal data use in relation to marketing emails and push notifications. Please see the ‘Privacy’ section within the ‘Profile’ section of the App for more details.

PROMOTIONAL OFFERS FROM US

5.3 We may use your personal data (such as your Submitted Information, Location Information or transaction information) to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.

5.4 You will receive marketing communications from us if you have signed up to and/or utilise the Amaiz Services and, in each case, you have not opted out of receiving marketing notifications.

THIRD-PARTY MARKETING

5.5 We will obtain your express opt-in consent before we share your personal data with any company outside the Amaiz group of companies for marketing or promotional purposes.

OPTING OUT

5.6 You can ask us or third parties to stop sending you marketing messages at any time by adjusting your marketing preferences via ‘Privacy’ section found within the ‘Profile’ tab of the App or by following the unsubscribe links on any marketing message sent to you.

6. DISCLOSURE OF YOUR INFORMATION

DATA PROCESSING PARTNERS

6.1 We will disclose the data we collect from you to certain third parties who use personal data in delivering their services to us, they use data securely and confidentially and under strict contractual controls in accordance with data protection laws and enforced by Amaiz.

6.2 We send personal data to the following sets of data processors in order to perform the Amaiz Services:

a) Fraud prevention agencies

This is in order to verify your identity, protect against fraud, comply with anti-money laundering laws and to confirm your eligibility to use our products and services;

b) Cloud storage providers

This is in order to safely and securely store your data with Amaiz;

c) Banking and financial services partners

Financial services providers that help us provide the Amaiz Services including Mastercard and PrePay Technologies Ltd, Authorised Third Party Providers (as defined in our App terms and conditions) and other banking partners, banking intermediaries and international payments services providers;

d) Credit reference agencies

For the purpose of assessing your credit score. Please see section 4.3 above for more information;

e) Card manufacturing/personalisation and delivery companies

For the purpose of creating your personalised Amaiz card and delivering this to you at your requested address;

f) Advertisers and analytics providers

If we decide to engage advertisers to promote our products and services, the advertisers and their advertising networks may require anonymised personal data to serve relevant adverts to you and others. We will never disclose identifiable information about individuals to advertisers, but we may provide them with aggregate information about our users (for example, we may inform them that 700 men aged under 28 have clicked on their advertisement on any given day). We may also use such aggregate information to help our advertising partners provide a tailored and targeted campaign, relevant for a sub-section of our users (for example, women in Manchester). In some instances, we may use personal data we have collected from you to enable our advertising partners to display their advertisement to their target audience;

We also use analytics and search engine providers that assist us in the improvement and optimisation of our site;

g) Companies within the Amaiz group

In order to provide a unified service across all of our products and services, we may disclose your personal information to any member of the Amaiz group, which means any of our subsidiaries or related entities. Companies in the Amaiz group will be acting as joint controllers or processors in order to provide the Amaiz Services. For example, we may share your data with Amaiz Wealth Ltd, an FCA authorised and regulated firm within the Amaiz group in order to provide investment services.

6.3 We may also disclose your personal information in the following circumstances:

If Amaiz or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets. We will ensure that any information disclosed in the course of due diligence and/or negotiations for sale is pseudonymised and in the event disclosure is necessary for the purose of such anticipated transaction, the personal data disclosed is limited to what is absolutely necessary for the purpose of such transaction.

If we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation or request.

In order to:

(i) enforce or apply the General Terms of Service and/or the Business Terms and/or any other agreements between you and us or to investigate potential breaches; or

(ii) protect the rights, property or safety of Amaiz, our customers or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

THIRD PARTY SERVICES PARTNERS

6.4 We may share your data with third party partners and/or service providers in order to provide certain services to you upon your request. Your data will only be sent across in these instances once you have requested to utilise these services. You can withdraw your consent at any time by contacting support via our in-App chat function, however please be aware that this may impact your ability to use such services going forward. Please remember that when we share your data with our partners in such instances that you will also be subject to our partner’s privacy policy as well.

6.5 From time-to-time, we may partner with certain third parties in order to offer you co-branded services or promotional offers. In order to provide these services to you and to allow us and any associated third party to optimise their/our offering to you, we will share some of your personal data with such third parties. We will obtain your express opt-in consent before we share your personal data with any company outside the Amaiz group of companies for these purposes.

6.6 You can withdraw your consent at any time after giving your explicit opt-in consent by contacting support via in-App chat and letting us know.

7. STORAGE SECURITY & INTERNATIONAL TRANSFERS

7.1 The data that we collect from you will be transferred to, and stored at, a destination inside the European Economic Area (EEA). As we provide an international service your data may be processed outside of the EEA in order for us to fulfil our contract with you to provide the Amaiz Services. We will need to process your personal data in order for us, for example, to action a request made by you to execute an international payment, process your payment details, provide global anti-money laundering and counter terrorist financing solutions and provide ongoing support services. We will take all steps to ensure that your data is treated securely and in accordance with this privacy policy.

7.2 All information you provide to us is stored on our secure servers. Any payment transactions carried out by us or our chosen third-party provider of payment processing services will be encrypted using Secured Sockets Layer technology or a secure virtual private network. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our App and/or our Site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

7.3 Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our App or our Site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

7.4 Certain Services include social networking, chat room or forum features. Ensure when using these features that you do not submit any personal data that you do not want to be seen, collected or used by other users.

8. RETAINING YOUR INFORMATION

8.1 Amaiz is obligated under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (SI 2017/692) to retain personal data about you and your Amaiz Transactions for a period of five years form the last transaction or end of the business relationship. Also, as an FCA authorised e-money institution, we are under further regulatory obligations to retain your data for a certain amount of time. Under the E-Money Regulations 2011 you have the right to redeem your e-money up to six years after termination of your Amaiz Account. We therefore use this retention requirement as a benchmark for all personal data that we receive from you. To not hold your information for longer than is strictly necessary we will not hold any of your personal data for more than 6 years after the termination of our business relationship. Although we reserve the right to hold your personal data for longer if we are compelled to by a regulatory body or law enforcement agency.

You have rights under data protection laws in relation to your personal data. Please see below to find out more about these rights:

You have the right to:

Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you. If you require this, then please reach out to our support team via the in-App chat function.

Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us. If you require this, then please reach out to our support team via the in-App chat function.

Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request. As an FCA authorised firm, Amaiz is under certain obligations to retain certain data for a minimum of 6 years (see above). Please note that these retention requirements supersede any right to erasure requests under applicable data protection laws.

Object to processing of your personal data. This is in situations where we are relying on a legitimate interest (or those of a third party) and there is something about your situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights. As an FCA authorised firm, Amaiz is under certain obligations to process and retain certain data for compliance purposes. Please note that these requirements supersede any right to objection requests under applicable data protection laws. If you object to the processing of certain data, then we may not be able to provide the Amaiz Services and it is likely we will have to terminate your account.

Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:

(a) if you want us to establish the data’s accuracy;
(b) where our use of the data is unlawful, but you do not want us to erase it;
© where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or
(d) you have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it. Please note that any requests in relation to the restriction of the processing of your data means that we may not be able to perform the contract we have or are trying to enter into with you (including the Amaiz Services). In this case, we may have to cancel your use of the Amaiz Services, but we will notify you if this is the case at the time.

Request the transfer of your personal data to you or to a third party. We will provide to you, your personal data in a structured, commonly used, machine-readable format, which you can then transfer to an applicable third party. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you. If you require this then please reach out to our support team via the in-App chat function.

Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide the Amaiz Services to you. We will advise you if this is the case at the time you withdraw your consent.

NO FEE USUALLY REQUIRED

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

WHAT WE MAY NEED FROM YOU

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

TIME LIMIT TO RESPOND

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

IF YOU FAIL TO PROVIDE PERSONAL DATA

Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (including the Amaiz Services). In this case, we may have to cancel your use of the Amaiz Services but we will notify you if this is the case at the time.

10. CHANGES TO PRIVACY POLICY

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by SMS by e-mail and/or when you next start the App or log onto the Site. The new terms may be displayed on-screen and you may be required to read and accept them to continue your use of the App or the Services.

11. CONTACT

All questions relating to data and your privacy are welcomed and should be addressed to our support team. If you have any questions, comments or requests regarding this privacy policy then please:

Take a look at some helpful guidance on ICO website which can be found here: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr; and

Contact Amaiz support via our in-App chat function.

Subscribe for updates