EU-U.S. Privacy Shield Policy

EU-U.S. Privacy Shield Policy

 

1.Introduction

Moneycorp Inc. (“we”, “our”, “us”) is committed to maintaining the highest standards of data protection. We have therefore agreed to comply with the EU-U.S. Privacy Shield (Privacy Shield) regarding the collection, use, retention and deletion of personal data we receive in the United States (U.S.) from the European Economic Area (EEA). For the purposes of this policy, personal data we receive from the European Economic Area will be known as EEA Personal Data.

This Privacy Shield Policy (Policy) describes how Moneycorp Inc. collects, uses and discloses EEA Personal Data, and supplements our main Privacy Policy located here. Unless specifically defined at the end of this Policy, the terms in this Policy have the same meaning as in our main Privacy Policy.

For purposes of enforcing compliance with the Privacy Shield, Moneycorp Inc. is subject to the investigatory and enforcement authority of the U.S. Federal Trade Commission. If there is any conflict between the terms in this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.

For more information about the Privacy Shield and to view our certification, see the U.S. Department of Commerce Privacy Shield website located at: https://www.privacyshield.gov.

2.Personal Data Collection and Use

Described below are the types of EEA personal data we may receive in the U.S. as well the purposes for which we may use that EEA personal data.

What EEA personal data may Moneycorp Inc. receive?

Moneycorp Inc. may receive any EEA Personal Data that you have:

1. Provided to a Moneycorp Group company over email, telephone, fax, post or online.

 

2. Provided to a Moneycorp Group Referring Partner located in the EEA, with your consent that you wish to be contacted by Moneycorp Inc.

 

Examples include your:             

  • Name
  • Email address
  • Residential address
  • Date of Birth
  • Telephone Number
  • Banking Details
  • Identification Documents (e.g. passport)

 

Why does Moneycorp Inc. process EEA personal Data?

Moneycorp Inc. may process EEA Personal Data for the following purposes:

  • Facilitating your order or enquiry
  • To complete the delivery of our foreign exchange and international payment services (Services)
  • Training and quality purposes
  • To comply with our legal and regulatory obligations

 

3. Data Transfers to Third Parties

Moneycorp Inc. will only transfer your EEA personal data to

1.Moneycorp subsidiaries, overseas branches and affiliate companies

  • Moneycorp Bank Limited (Gibraltar);
  • Moneycorp CFX Limited (UK);
  • Moneycorp Financial Risk Management Limited (UK);
  • Moneycorp Shared Services Limited (UK);
  • Moneycorp S.L.U. (Spain);
  • TTT Moneycorp Limited (UK);
  • TTT Moneycorp Pty Limited (Australia); and,
  • French, Irish, Romanian and Spanish (Madrid) branches. 

The purpose of disclosure will be to facilitate your order or enquiry and/or to complete the delivery of our Services. If we transfer your EEA Personal Data to one of the above named establishments, we will take steps to ensure that your EEA Personal Data is protected with the same level of protection the Privacy Shield requires.

2.Third Party Service Providers 

·WNS Global Services (India)

WNS Global Services (WNS) is a provider of outsourcing solutions and performs functions on our behalf in the areas of IT development, IT support, back office, compliance and finance. Moneycorp Inc. may pass your EEA personal data to WNS in order to complete the delivery of our Services.

· Novo Mundo Corretora de Câmbio S.A. (Brazil)

Novo Mundo Corretora de Câmbio S.A. (Novo Mundo) is a foreign exchange service provider who performs functions on our behalf, with respect to customers who wish to undertake transactions in Brazilian Real. Moneycorp Inc. may pass your EEA personal data to Novo Mundo in order to facilitate your order or enquiry and/or to complete the delivery of our Services.

3.Third Party Data Controllers

·Tempus Inc. (U.S.)

Tempus Inc. (Tempus) is a foreign exchange and international payments provider. Tempus, as Data Controller, has appointed Moneycorp Inc. (and TTT Moneycorp Limited), as Data Processors, to assist them with providing foreign exchange services to their customers.

If you are a Tempus Customer, your personal data will be held in the EEA and may be pass on to Tempus by virtue of our contractual obligations as Data Processor. If you are not a Tempus Customer, we will not pass your EEA personal data to Tempus and this section will not apply.

We have entered into written agreements with WNS, Novo Mundo and Tempus requiring them to provide the same level of protection required by the Privacy Shield Principles. We will also take reasonable and appropriate steps to ensure that WNS, Novo Mundo and Tempus process EEA Personal Data in accordance with our Privacy Shield obligations and to stop and remediate any unauthorised processing.

Under certain circumstances, we will remain liable for the acts of WNS and Novo Mundo where they are handling EEA Personal Data that we transfer to them in order to perform services on our behalf.

4. Public Authorities

This will only be in response to lawful requests made from public authorities in order to meet national security, public interest or law enforcement requirements. We will not transfer your EEA personal data to any unaffiliated third party Data Controller, unless we have your explicit consent to do so. 

4.Security

Moneycorp Inc. maintains reasonable and appropriate security measures to protect EEA Personal Data from loss, misuse, unauthorised access, disclosure, alteration, or destruction in accordance with the Privacy Shield.

 

5.Access

 

You may have the right to access the EEA Personal Data that we hold about you and to request that we correct, amend, or delete it if it is inaccurate or processed in violation of the Privacy Shield. These access rights may not apply in some cases, including where providing access is unreasonably burdensome, where it would violate the rights of someone other than the individual requesting access or where we are required to retain the EEA Personal Data by law. 

If you would like to request access to, correction, amendment, or deletion of your EEA Personal Data, you can submit a request to the contact information provided below. We may request specific information from you to confirm your identity.

6.Contact Us

You can direct any questions or complaints about the use or disclosure of your EEA Personal Data to us at:

Privacy Shield Officer

Email: DataProtection@moneycorp.com

Telephone: +1 407-352-5890

We will investigate and attempt to resolve any complaints or disputes regarding the use or disclosure of your EEA Personal Data within 45 days of receiving your complaint.

For any unresolved complaints, Moneycorp has chosen to cooperate with the EU Data Protection Authorities, and comply with the information and advice provided by such authorities. Please visit http://ec.europa.eu/justice/data-protection/bodies/index_en.htm where you can find the relevant DPA contacts for more information and assistance. As further explained in the Privacy Shield Principles, a binding arbitration option will also be made available to you in order to address complaints not resolved by any other means. 

7.Changes to this Policy

We reserve the right to amend this Policy from time to time in order to be consistent with the Privacy Shield's requirements.

Effective Date: 1st January 2018

Last Modified: 1st January 2018

 

8.Definitions

Data Controller

An entity who (either alone or jointly) determines the purposes, conditions and means of the processing of personal data.

Data Processor

An entity that processes data on behalf of the Data Controller.

EU Data Protection Authorities

National authorities tasked with the protection of data and privacy as well as enforcement. A complete list of applicable authorities can be found at: http://ec.europa.eu/justice/data-protection/bodies/index_en.htm

European Economic Area

The European Economic Area combines the countries of the European Union and members countries of the European Trade Association. A complete list of applicable countries can be found at: https://www.gov.uk/eu-eea.

EEA Personal

Data

Personal data Moneycorp Inc. receives from the European Economic Area.

Moneycorp Group

This means Moneycorp Bank Limited (Gibraltar); Moneycorp CFX Limited (UK); Moneycorp Financial Risk Management Limited (UK) including Irish and Spanish branches Moneycorp (Hong Kong) Limited; Moneycorp Shared Services Limited (UK); Moneycorp S.L.U. (Spain); Moneycorp Technologies Limited (UK); Moneycorp Technologies Limited (Ireland);Moneycorp Inc. (U.S.). Moneycorp US Inc. (U.S); TTT Moneycorp Limited (UK) including French, Irish, Romanian and Spanish branches; TTT Moneycorp Pty Limited (Australia). For full details including company registration numbers and addresses please click here.

Personal Data

Any information that can be used to directly or indirectly identify a living person.

Process, Processing, Processed.

Any operation or set of operations which are performed on data. This includes collecting, viewing, recording, organising, structuring, storing, using and destroying.

Referring Partner

An entity who has referred an individual or company to a Moneycorp Group establishment in order to engage in our services. They are also known as Introducers and include property agents, law firms, financial accountants and banks.

Services

Foreign exchange and international payment products and services provided by Moneycorp Group companies.

Tempus Customer

An individual who resides in the U.S. (but outside the State of Florida) and who has agreed to Tempus Account Agreement terms and conditions.