Privacy Policy KoronaPay Europe Limited
Purpose and legal basis for processing
Download 414.52 Kb. Pdf ko'rish
|
Privacy Policy
- Bu sahifa navigatsiya:
- Choose a category of data subjects
|
Purpose and legal basis for processing As a licensed electronic money institution, KoronaPay is subject to European and Cyprus AML legislation. So, we must collect and verify data about the senders and recipients of money transfers to prevent money laundering and terrorist financing activities. KoronaPay collects data to the extent strictly necessary to fulfil applicable legal requirements. The legal basis: - compliance with legal obligations KoronaPay is subject to (Article 6(1)(c) of the GDPR). Personal data we process The scope of data collected for the verification purpose depends on: • the transfer limits; • the overall amount of money you transferred within a certain period; Choose a category of data subjects Website users (Cookie Notice) Senders and recipients of transfers Users of KoronaPay Mobile App Counterparties and partners Job applicants Back to content How we use data Your rights Contact us Transfer of data • the applicable level of risk. For transfers below the basic limit, KoronaPay requests the sender’s full name, date of birth, permanent address, phone number and a recipient’s full name and bank details. For transfers above the basic limit and depending on the risk level, KoronaPay additionally collects: • passport or other identity document data. An access to the phone camera is requested to process the photo and to check if it matches with the photo in the official document; • residential status, and employment data. It may be necessary to also collect document that confirms the residential address, e.g. a utility bill; • source of income (a bank statement, payslip, employment contract, an official letter from an employer, etc.) Besides, additional data can be requested by KoronaPay’s Compliance team if the provided information is insufficient to complete a verification. Read more about the existing limits for transfers and the verification process. Why we need your data KoronaPay must check validity of the provided document and verify if the person making a payment order is real (not a robot), if a person is a politically exposed person (PEP), if a person is included in a blacklist or falls under any other restrictions. We receive the information from you directly and consult with AML approved sources and lists. Although the preliminary check is performed automatically, KoronaPay’s Compliance team performs manual examinations to make a decision. How long do we store your data According to the AML legislation, we must retain user account and all related data and documents for at least five (5) years after you made any transfer or identity verification request, or any risk is revealed, which requires us to retain data. At the end of the retention period, we will erase your data, unless we are required to keep your data longer on other legal grounds (e.g. as a part of an investigation or if a legislation changes). Third parties involved in processing • CFT Group, which provides IT, technical and organisational support, maintains infrastructure; • Cloud and hosting providers which host KoronaPay’s systems or provide IT infrastructure in Europe. |
