Data Protection and Privacy Notice
In this Privacy Notice we explain how we collect and use your personal information that we obtain when you use our services, visit or use our websites or mobile applications or otherwise interact with us, how we share your information and the steps we take to protect your information.
By using or navigating the Website or the Service, you acknowledge that you have read, understand, and agree to be bound by this Privacy Notice. You should not provide us with any of your information if you do not agree with the terms of this Privacy Notice. If your Money Transfer account is held jointly with another person, this Privacy Notice applies to both joint account-holders individually and together. We encourage you to review and check the Website regularly for any updates to this Privacy Notice. We will publish the updated version on the Website and by continuing to deal with us, you accept this Privacy Notice as it applies from time to time.
Data Protection Principles
“Personal data” means any information that enables us to identify you or the beneficiary of your transaction with us, directly or indirectly, such as name, email, address, telephone number, any form of identification number or one or more factors specific to your or your beneficiary’s identity.
We are committed to complying with applicable data protection laws and will ensure that personal data is:
• Used lawfully, fairly and in a transparent way;
• Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;
• Relevant to the purposes we have told you about and limited only to those purposes;
• Accurate and kept up to date;
• Kept only as long as necessary for the purposes we have told you about; and
• Kept securely.
1: What personal data do we collect and how do we collect it?
Personal data you give us We may collect personal data when you give it to us, including when you indicate that you would like to receive any of our Services, when you register with us, when you complete forms online, when you speak with us over the telephone, when you write to us, when you visit the Website and, in certain circumstances as set out in this Privacy Notice, when you have provided your information to a related company operating under the Secure FX Brand. We will also collect details of transactions you carry out through the Secure FX and of the fulfilment of such transactions.
We may collect and process the following personal data:
• Personal details, such as data which may identify you or the beneficiary of your transaction with us. This may include your name, title, residential and/or business address, email, telephone and other contact data, date of birth, gender, images, signature, passport/visa details; and names and personal details of beneficiaries of transactions (“Identity Personal Data”);
• Financial details, such as data relating to you and your beneficiary’s payment data and bank account obtained for the purposes of money transfers (“Transaction Personal Data”);
• Additional details requested by law enforcement or requested pursuant to our compliance procedures in connection with efforts to prevent money laundering, terrorist financing and criminal activity, such as relationship to the beneficiary of the transaction, the purpose of the transaction and proof of funds (“Compliance Personal Data”);
• Information from which you may be indirectly identified, such as a client identification number or online identifier (“Indirectly Identifiable Personal Data”) Cookies and similar technologies When you use our Website or mobile apps we collect information via cookies and similar technologies, including the IP address of visitors, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
We may use this data for the following purposes:
• To measure the use of our Website and services, including number of visits, average time spent on a website, pages viewed, page interaction data (such as scrolling, clicks, and mouse-overs), etc., and to improve the content we offer;
• To administer the Website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes; and
• As part of our efforts to keep the Website safe and secure; Due to their core role of enhancing or enabling usability or site processes, disabling cookies may prevent you from using certain parts of our Website. It will also mean that some features on our Website will not function if you do not allow cookies.
· Registration and administration with Secure FX; we may use Identity Personal Data and/or Compliance Personal Data to enable you to register with us and, once your registration with us is complete, for the administration of your account, to contact you, to update our records about you, and to respond to and process your queries and requests.
· Performance of a contract with you; you may wish to have access to certain tools and information made available on Our Website before or after you decide that you would like to register to use the Services, including our foreign exchange and payment service. We may collect Identity Personal Data as part of this access and use Identity Personal Data so that we can supply you with information about our Services and relevant market information.
· Supply of our Services; we may use Identity Personal Data, Transaction Personal Data and/ or Compliance Personal Data so that we can supply you with our Services which you use or have requested and to meet our contractual obligations to you. We may use Identity Personal Data and/or Transaction Personal Data to notify you about changes or developments relating to our Services which you used or have requested. Necessary to comply with a legal obligation.
· Compliance. We may use Identity Personal Data, Transaction Personal Data and/or Compliance Personal Data for our compliance purposes, including the prevention and detection of crime, tax evasion or fraud. We may monitor and record our telephone calls with you (which may involve Identity Personal Data, Transaction Personal Data and/or Compliance Personal Data) and we may use any transcripts of these calls so we can be sure we understand the instructions you give us and so we have a clear record of the products and services you have requested.
· Marketing. In certain circumstances, we may use your Identity Data to contact you with marketing communications in relation to the Services or the services and products of Secure FX. Secure FX may combine Indirectly Identifiable Personal Data with other information generated during the use of our Services to create individual profiles for customers through automated processes.
Secure FX may share your personal data with other Secure FX Companies in order to enable or facilitate us to provide you with any of the Services you have requested, where you have asked us to do so. This may include sharing your personal data for compliance or regulatory purposes. We may only share personal data we collect under the following circumstances and to enable or facilitate certain aspects of the Services we provide.
• Compliance verification service providers.
• Financial services providers, such as banks.
• Credit control or debt collection agencies.
• Communication fullfilment providers, to faciliate our communications with you.
· Regulators or legal representatives; we may disclose your personal data in special cases if required or requested to do so by law, court order, or other governmental authority, or when we believe in good faith that disclosing this data is otherwise necessary or advisable, such as to identify, contact, or bring legal action against someone who may be causing injury to – or interfering with our rights or property, our services, another user, or anyone else that could be harmed by such activities (for example, identify theft or fraud)
We have safeguards in place with all external parties requiring them to protect your personal data.
We will never pass your information to a Contact unless you have asked us to do so.
In addition, where we have received your contact details and other personal data as a result of a referral, we may pass your personal data back to the relevant referrer for the specific purpose of commission reporting.
2: How long is your personal data retained?
Personal data is used for different purposes, and is subject to different standards and regulations. In general, personal data is retained for as long as necessary to provide you with services you request, to comply with applicable legal, accounting or reporting requirements, and to ensure that you have a reasonable opportunity to access the personal data. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
• Legal and regulatory requirements. We will retain your personal data for a period after closure of your account with us or the last transaction we carried out for you, based on legal and regulatory requirements, our compliance procedures and legal limitation periods. Generally, this retention period will be a minimum of six years.
• Customer service. If you provide us with your personal data but do not have an account with us, we will (subject to any legal or regulatory considerations) retain your personal data for as long as necessary to deal with your query (for example, to address your questions in the event of an unsuccessful application).
If you send us correspondence, including e-mails, we may retain such data along with any records of your account. We may also retain customer service correspondence and other correspondence involving you, us and any of our partners, and our suppliers. We will retain these records in line with our retention policy.
3: Data Security
We are committed to maintaining the security of your personal data and have measures in place to protect against the loss, misuse, and alteration of the data under our control. We employ modern and secure techniques to protect our systems from intrusion by unauthorised individuals, and we regularly upgrade our security as better methods become available. Our datacentres and those of our partners utilize modern physical security measures to prevent unauthorised access to the facility. In addition, all personal data is stored in a secure location behind firewalls and other sophisticated security systems with limited (need-to-know) administrative access. All our employees who have access to, or are associated with, the processing of personal data are contractually obligated to respect the confidentiality of your data and abide by the privacy standards we have established. Please be aware that no security measures are perfect or impenetrable. Therefore, although we use industry standard practices to protect your privacy, we cannot (and do not) guarantee the absolute security of personal data.
What are my data protection rights?
Subject to verification of your identity, you may request access to and have the opportunity to update, verify and amend your personal data. You may also exercise any other rights you enjoy under applicable data protection laws.
4: Complaints procedure
Where you believe that we have not complied with our obligations under this Privacy Notice, or the applicable law, you have the right to make a complaint to a Data Protection Authority or through the courts. Although not required, we would encourage you to let us know about any complaint you might have and we will respond in line with our complaints procedure – our contact details are set out below. For more information regarding our complaints procedure, please read our Complaints Charter. If you are not satisfied with our reply/outcome, or otherwise with the handling of the complaint, you have the right to lodge a claim before a relevant Data Protection Authority or the courts.
5: Contact Us
If you have any questions or concerns about this Privacy Notice or our data practices, please contact us in writing by email at dataprotection@securefx.co.za. Any complaints will be handled in line with our complaints charter.