Collection of Personal Information
We collect personal information from our customers when they register for our Buy Now Pay Later service. The personal information we collect includes name, address, telephone number, date of birt, passport/ID number and email address. We also collect information about our customers’ bank accounts through an Account Information Service provided by Finclude, a regulated financial institution operating under the rules and regulations of the European Central Bank. Our customers provide their consent for Finclude to access their bank accounts in order to provide us with the information needed to determine creditworthiness.
Use of Personal Information
The personal information we collect is used to communicate with our customers and to determine their creditworthiness for our Buy Now Pay Later service. This includes sending promotional materials and updates about our services, as well as sending notifications about account status or any changes to the terms of service. We also use this information to comply with legal and regulatory requirements, such as those related to anti-money laundering and countering the financing of terrorism.
We take the security of personal information seriously and have implemented appropriate technical and organizational measures to protect it from unauthorized access, alteration, disclosure, or destruction. This includes regular monitoring and testing of our systems and regular staff training on data protection best practices.
We only share or disclose personal information to third parties in the event of default of payments. In such cases, the data may be shared and transferred to InfoCredit, a Cyprus based company responsible for bad debts recovery. They will use the data to contact the customer, and to take necessary action as per the agreement.
We also assure our customers that their personal information is kept confidential and will not be used for any other purpose than for the services provided by us. We are committed to safeguarding the privacy of our customers and we will only use the information collected about you in accordance with the Republic of Cyprus legal framework regarding privacy policies and the General Data Protection Regulation (GDPR).
Security of Personal Information
We take the security of personal information seriously and have implemented appropriate technical and organizational measures to protect it from unauthorized access, alteration, disclosure, or destruction. This includes implementing industry-standard encryption methods to protect data both in transit and at rest, regular monitoring and testing of our systems to identify and address potential vulnerabilities, and regular staff training on data protection best practices.
We also have in place strict access controls to ensure that only authorized personnel have access to personal information and that access is restricted to the minimum necessary to perform their job functions. Additionally, we conduct regular risk assessments to identify and mitigate potential security threats to personal information.
We also have policies in place for data retention and destruction to ensure that personal information is only kept for as long as necessary and is securely disposed of when no longer needed.
We take the security of personal information very seriously, and we are committed to protecting the privacy of our customers. We will continue to review and improve our security measures to ensure that personal information remains protected at all times.
Access to Personal Information
Customers may access and update their personal information by contacting us. They may also request that their personal information be deleted from our records.