PagoFX S.A. (hereinafter, “PagoFX”, “we” or “us”) is the controller of the personal data you provide to us.
We have tried to make this Privacy Policy as short and clear as possible, but if any of the topics tackled herein is not clear enough, or if you would need additional information, you can get in contact with us at any time through any of the following means:
– PagoFX’s postal address: 85B, Avenue des Nerviens, 1040 Etterbeek (Brussels), Belgium
– PagoFX’s e-mail: privacy@pagofx.com
– Live chat through PagoFX’s website
You may also contact our Data Protection Officer (hereinafter, the “DPO”) at the postal address indicated above or by email at dpo@pagofx.com
This Policy applies to PagoFX’s mobile app, PagoFX’s website, as well as to any other platform through which you may get our services.
We will process your personal data for the purposes described below:
The processing of your personal data is carried out for the execution of PagoFX Terms of Service.
In the case of registration of a company or legal entity in our service, we will process the personal data of the legal representatives provided in order to proceed with the entity registration request. Accordingly, PagoFX will request the email of such person to validate the company account.
PagoFX will only process representative’s personal data for this purpose based on its legitimate interest.
When you have completed such form, we will need to verify your identity, to which end you will need to provide a photo of an identity document (like your passport, driving license, national identity document) of which we will take a photo so that we can verify the correspondence between your face and the one that appears on your identity document. In addition, we will carry out a video-identification in compliance with the Spanish regulations on the prevention of money laundering and financing of terrorism.
PagoFX carries out the processing of your personal data for the execution of the Terms of Service.
In the case of companies, the identification and contact details of the legal representatives will be processed in order to proceed with the subscription of the entity for PagoFX services. In fact, legal representatives will be subject to KYC processes, including verifying their identity for which PagoFX need to obtain a copy of their ID document, a selfie and any other information needed to identify them.
PagoFX will only process representative’s personal data for this purpose based on its legitimate interest.
Accordingly, and in order to provide such Services, PagoFX will also collect personal data from the recipient(s) who you/the company, if applicable are sending money to (first name, last name, recipient’s bank details), as well as the card details, since it will be necessary in order to make the transaction.
As part of the Service, you will have a private section where you can make any changes about your personal information and manage your privacy preferences.
PagoFX carries out the processing of your personal data for the execution of the Terms of Service. The representative’s personal data processed in this context will be used by PagoFX based on its legitimate interest.
We carry out the processing of your personal data in compliance with legal obligations that must be fulfilled by PagoFX under payments regulations.
PagoFX will only process representative’s personal data for this purpose based on its legitimate interest.
By contacting PagoFX through the live chat, or by any other channel, you express your acceptance to the processing of your personal data for the purposes described in this item.
PagoFX carries out the processing described in this point on the basis on its legitimate interest. Notwithstanding, you can exercise your right to object if you do not want to receive more quality surveys.
PagoFX will only process your personal data for this purpose based on its legitimate interest, although you can express your objection to this processing at any time.
This processing will only be carried out if PagoFX have your prior and express consent, which will be required at the time of registration in the APP or in the Website. If you give your consent for this purpose, you can remove it whenever you want.
PagoFX may process your personal data following the legal obligations established by the procedural law.
This data processing is necessary for the execution of the Terms of Service. PagoFX will only process representative’s personal data for this purpose based on its legitimate interest.
In this case, we will process your personal data in compliance with legal obligations to which PagoFX is subject (fraud prevention, anti-money laundering and counter terrorism financing regulations).
This processing activity will be applicable only to clients who are natural persons.
The processing of data regarding to fraud prevention (including automated processing) will be carried out based on our legitimate interest to verify your identity and to monitor the transactions you may do through the APP, in order to protect our business and to comply with the applicable legal requirements.
In accordance with the above, your personal data may be transferred to fraud prevention agencies. This data processing will be carried out based on a legitimate interest of PagoFX, in order to protect our business and to comply with the applicable legal requirements.
A record of any fraud or money laundering risk will be retained by the fraud prevention agencies. Fraud prevention agencies can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six years.
If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services or financing you have requested, or to employ you, or we may stop providing existing services to you. A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you.
We and fraud prevention agencies may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime.
As part of the processing of your personal data for fraud prevention purposes, PagoFX may use automated means to know if you represent a risk in the context of fraud prevention by analysing your behaviour according to previous transactions or actions made by you. In any case, you have the corresponding rights regarding to automated individual decision-making (please see point “What are your rights”).
This processing activity will be applicable only to clients who are natural persons.
We process the personal data that you have directly provided to us by one of the following means:
If you give us someone else’s personal data, we will inform such persons that we have obtained their data from you. In any case, and given that PagoFX may process third party data provided by you, because of the provision of Services, you undertake to obtain consent, if appropriate, and inform such third party of the provisions contained herein on data protection.
We keep your personal data as long as the company needs it for the purposes for which it was collected, taking into account local laws and contractual obligations. When we will no longer need such personal data, we will duly block it during applicable statutes of limitation and/or retention periods set forth by law and we will only be able to process it in order to:
When such retention periods end, we will physically destroy your personal data.
We maintain reasonable security measures to safeguard your personal data from loss, interference, misuse, unauthorised access, disclosure, alteration or destruction. We also maintain reasonable procedures to help ensure that such data is reliable for its intended use and it is accurate, complete and up-to-date.
The list below shows who we share your information with and why.
PagoFX has adopted the appropriate measures to contract with data processors that meet all the requirements and guarantees required by the data protection regulations. Accordingly, the data processors will apply the technical and organizational security measures that will guarantee the protection of your personal data.
For instance, we will make use of the services offered by data processors that carry out their activity, including but not limited, in the following sectors: cloud hosting services, IT and maintenance services, logistics services, legal advice and financial services, homologation of suppliers, instant messaging service providers, customer support, customer relationship management, transaction monitoring services in compliance with fraud prevention and anti-money laundering and counter terrorism financing regulations. For more information about PagoFX’s data processors, please click here.
Among such data processors, Salesforce Inc. is located outside the European Economic Area, in the United States. We inform you that we use Salesforce Inc. platform for the customer record management (CRM), which allows PagoFX to contact with you and to keep you updated on news that may be of interest to you. In general terms, international transfers of data outside the European Union will be carried out in accordance with the provisions of the applicable data protection regulations.
Under data protection law, you have the following rights:
You can exercise the personal data rights indicated above, by sending a communication to PagoFX’s privacy team by the means and to the addresses detailed at the beginning of this policy, providing a copy of a personal identification document.
We work to high standards when it comes to processing your personal data. If you have queries or concerns, please contact with the company at privacy@pagofx.com or through the live chat through PagoFX’s APP or website and we will answer the questions. If you are not satisfied with our response, or if you think that the company is not processing your personal data in accordance with the law, you can submit a complaint to the Belgian Data Protection Authority, Rue de la presse 35, 1000 Brussels, or visiting its website: https://www.dataprotectionauthority.be/