Last Updated on September 18, 2020.
We reserve the right to change this Policy at any time. We will notify you of any changes to this Policy by posting a new Policy to this page, and/or by sending notice to the primary email address specified in your account. You are advised to review this Policy periodically for any changes. Changes to this Policy are effective when they are posted on this page. You acknowledge that your continued use of our Services after we publish or send a notice about our changes to this Policy means that the collection, use and sharing of Customer Data (defined below) is subject to the updated Policy.
Scope and Applicability
The Policy applies to your information when you visit our website or otherwise use the Services. We will only collect and process information where we have lawful bases. With respect to the information described in this Policy, lawful bases include consent(where you have given consent), contract (where processing is necessary for the performance of a contract with you (e.g. to deliver the Services you have requested)), and, in some instances, for “legitimate interests” in the applicable jurisdiction.
This Policy does not apply to websites, apps, products, or services that we do not own or control, including the websites, apps, products, and/or services of our Customers (defined below). This means that this Policy does not explain what our Customers do with your information that we provide to them (or any information they collect directly from you, their End User (defined below)). Information provided to third parties, such as our Customers, are controlled by their respective privacy policies, which we encourage you to review for more information about their practices.
Our Company is based in the United States. The Services are controlled and operated by us from the United States and are not intended to subject us to the laws or jurisdiction of any state, country or territory other than that of the United States.
What Information Do We Collect?
We may collect any information you (or any of your representatives or employees voluntarily submit to us), such as registration information provided to us to use the Services, which includes your name and email, the entity you represent, and your role and/or title (“Registration Data”).
In addition, we may collect the following technical information regarding your use and interaction with the Services (“Technical Data”) including by using the tracking technologies described further below in this Policy:
- Services Metadata: When a user interacts with the Services, metadata is generated that provides additional context about the way you interact with the Services.
- Log Data: Our servers may automatically collect information about an user’s visit to our Services, including IP addresses and associated information, visit history, browser type and settings, the date and time the Services were accessed and used, information about browser configuration and plugins, language preferences.
- Device Information: Your device “fingerprint” (e.g. hardware model, operating system and version, unique device identifiers and mobile network information) when you access Services.
- Location Information: We may receive information from you that helps approximate your location, such as using an IP address received from your browser to determine an approximate location.
If you are using our Services as a customer (“Customer”), the following end user information (collectively, “End User Data”) may be received and processed by us regarding your end users (“End Users”):
- Identification Information: Name or aliases, physical address, work address, phone number, email address, IP address, date of birth, gender, social security number or other tax identification number, driver’s license or other identification number, employment information, and any additional information we may additionally request from or on behalf of our Customer.
- Business’ Information: Entity legal name or aliases, including “doing business as” names, physical address, phone number, legal entity type, industry, organizational documents (e.g. articles of incorporation and bylaws), employer identification number, or other information relating to authorized signors or beneficial owners, which may include the individual identification information as described above, or additional information we may additionally request from or on behalf of our Customer.
- Bank and Financial Information: External financial institution name, account name, account type, branch number, account number, routing number, international bank account number (“IBAN”), information, data, passwords, authentication questions, materials or other content, transaction and available balance information; transactions and transaction history, including but not limited to ACH, Wire and card transactions, available account balance, card data, loan and debit amounts, loan types, payment plan, loan balance, linked bank accounts, salary and other income, sources of wealth, and other assets.
- Background Check Information: Background check information including credit and criminal checks, supporting research, and screenings, to the extent required or permitted by local law.
- Recipients’ or Senders’ Data: When a user sends or requests money through the Services, we may collect data such as name, postal address, telephone number, IP address, date of birth, and financial account information about the recipient or sender of the funds. The extent of data required about a recipient or sender may vary depending on the Services you are using to send or request money.
- Third-Party Sources: We may obtain information from third-party sources such as merchants, recipients and senders of funds, data providers, identity verification providers, and credit bureaus, where permitted by law.
We may additionally collect the following information on behalf of our Customer directly from End Users for identity verification purposes (“Biometric Data”):
- Photo identification, selfie, or video regarding your biometric facial identifiers.
How Do We Use The Information We Collect?
We use information we collect to:
- Deliver, enhance, and improve the Services and your overall user experience.
- To confirm a person’s authority as a representative or agent.
- To protect, investigate, and deter against fraudulent, unauthorized, or illegal activity.
- To link or combine user information with other information.
- To compare and verify information for accuracy and update our records.
- Email, text, message, or otherwise contact you with information and updates about us and the Services
- To respond to your comments and questions and provide customer service.
- To send you information including confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages.
- In connection with a merger, acquisition, reorganization or similar transaction.
- When required by law or to respond to legal process.
- To protect our users, other individual lives, and/or the rights or property of Company.
- To maintain the security of the Services.
- For any other purpose with your consent.
We may additionally use Customer Data to comply with legal obligations and regulations applicable to the Services and to our partner bank(s), including but not limited to “know your customer” and/or “know your business” obligations based on applicable anti-money laundering and anti-terrorism requirements, economic and trade sanctions, customer due diligence, suspicious activity reporting, foreign exchange and international trade, tax reporting and other applicable laws, regulations, ordinances, and obligations or requirements.
For End Users, we may additionally use Biometric Data to verify the legitimacy of the End User’s identification documents, verify the factualness and credibility of the information the End User provides to us, and avoid fraud, by, among other actions, comparing biometric data with data previously or separately obtained. We do not sell or rent the image, likeness, or Biometric Data to anyone, including marketers or other third parties, and do not use an End User’s Biometric Data for commercial purposes other than identity verification, financial loss mitigation, and regulatory compliance.
Do We Share Your Information?
We do not rent, sell, or share your information with other people or non-affiliated third parties except as necessary to complete any transaction or provide any service you have requested or authorized (which includes services and transactions a Customer has requested or authorized in connection with their End Users), and as set forth below.
To provide the Services, we may share Customer Data:
- Partner Banks: With our partner banks in order to comply with regulation, including the partner bank’s regulatory obligations and know your client requirements.
- Data Aggregation Partners: With our data aggregation partners including:
- Identity verification and fraud prevention services;
- Financial data aggregation, enrichment, and categorization services; and
- Credit reporting agencies, collection agencies, and/or credit bureaus.
Third Party Services Providers: With our third-party service providers, which include:
- Information technology providers that act under our instructions regarding the processing of certain data.
- Independent external auditors or other similar service providers.
- With our Customer’s consent or direction.
We may also share your information:
- To support our audit, compliance, and corporate governance functions.
- In connection with a change of ownership or control of all or part of our business (such as a merger, acquisition, reorganization, or bankruptcy).
- If we have a good-faith belief that access, use, preservation, or disclosure of such information is reasonably necessary to detect or protect against fraud or security issues.
- If required or permitted by applicable law or regulation, including laws and regulations of the United States and other countries, or in the good faith belief that such action is necessary to: (a) comply with a legal obligation or in response to a request from law enforcement or other public authorities wherever Company may do business; (b) protect and defend the rights or property of Company; (c) act in urgent circumstances to protect the personal safety of users, Customers, and contractors/employees of Company or others; or (d) enforce our Terms of Service or otherwise protect against any legal liability. In addition, we may share information with U.S. regulators and with other self-regulatory bodies to which we are subject, wherever we may do business.
How Do We Use Tracking Technologies?
Cookies are small text files that store Internet settings from the websites you visit. They are widely used to make website features work, operate more efficiently, or improve your experience on the site. Cookies are also used to remember your preferences or personalize the content so that it is more relevant to you. Cookies are commonly used at most major transactional websites and digital products in much the same way we use them in our Services. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, please note that if you do not accept cookies, you may not be able to use some portions of our Services.
Choices Regarding Information
For End Users. If you are an End User, you should closely review the privacy policies of the applicable Customer(s) in order to learn about their privacy practices with respect to your data. Our Customers control and are responsible for providing to us (or directing us to collect) Customer Data and are responsible for correcting, deleting, or updating such Customer Data. End Users should contact the applicable Customer(s), to pursue any such legal data subject rights (such as opting out) with respect to Customer Data. We will cooperate with our Customers to support and comply with any such End User data subject rights requests.
Data Access and Modification. You may also request review, update, correct or delete any information you have provided to us by contacting us at firstname.lastname@example.org or by accessing your user account. For your protection, we may need to verify your identity before doing so. If you completely and permanently delete all of your information, then your user account may become deactivated. We may retain an archived copy of your records as required by law or for legitimate business purposes.
Data Retention and Protection
We retain your Registration Data and Technical Data while your account is in existence or as needed to provide you Services. This includes data you provided to us and data generated or inferred from your use of the Services.
It may also be necessary for us to retain certain End User Data in order to:
- Provide the Services to the Customer;
- Assist our bank partners in fulfilling their due diligence and regulatory obligations;
- Comply with laws applicable to us; and/or
- Enable our third-party service providers to perform their obligations.
We take commercially reasonable measures to help protect your information from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction. Additionally, we implement policies designed to protect the confidentiality and security of your nonpublic personal information. The safety and security of your information also depends on you. If you are a Customer or otherwise have an account with us, you are responsible for keeping your login details confidential. Your account is protected by your account password and we urge you to take steps to keep your information safe by not disclosing your password and by logging out of your account after each use. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. By using the Services, you acknowledge that you understand and agree to assume these risks
Children Under 16
The Services are not directed to individuals who are under age of sixteen (16) and we do not solicit nor knowingly collect personal information from children under the age of sixteen (16). If you believe that we have unknowingly collected any personal information on from someone under the age of sixteen (16), please contact us immediately at email@example.com and the information will be deleted.
How We Respond to Do Not Track Signals
Your browser settings may allow you to automatically transmit a Do Not Track signal to websites and other online services you visit. We do not alter our practices when we receive a Do Not Track signal from a visitor’s browser because we do not track our visitors to provide targeted advertising. To find out more about Do Not Track, please visit http://www.allaboutdnt.com.
For any questions relating to this Policy or to contact us please email us at firstname.lastname@example.org.