Wirepayer is registered as a data controller with the Information Commissioner's Office (Ref ZA082729). The ICO is the UK's independent authority set up to uphold information rights.
2. Information We Collect
2.1 Information We Collect from You
We may collect and process the following data about you:
Personal data including your title, full name, nationality, current address, email address, mobile telephone number, home telephone number, date of birth and any proof of your identity and/or address that we may request. This information is collected through the application process.
Details of any transactions you carry out either through our Website using your account or over the phone or by email and of the fulfilment of your requests;
Details of any bank account, debit or other card used by you for transactions;
Your participation in any promotion sponsored by us;
Correspondence that you send us;
Calls that we make to you or you make to us;
Surveys that you complete;
Information collected through cookies – please see section 10 Cookies for more details;
Your IP address, log-in times, operating system and browser type;
Details of your visits to our Website including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access whilst visiting our Website.
2.2 Information We Collect from Third Parties about You
In order to fulfill our legal obligations to prevent fraud and money laundering, we will obtain information about you from third party agencies, including your financial history, county court judgements and bankruptcies, from credit reference and fraud prevention agencies when you open an account and at any time when we feel it is necessary to prevent fraud and minimise our financial risks. Please refer to our Money Laundering Regulations for further details.
3. How We Use Your Information
We will use your personal data to provide information on services requested or products ordered. Data is collected and used on a lawful basis only which is outlined below.
Lawful basis - To perform a contract with you
• To take steps at your request prior to entering into a contract
• To decide whether to enter into a contract
• To manage and perform the contract
• To ensure our records remain relevant
Lawful basis - Our legitimate interest
• For good governance, accounting, managing and auditing our business operations
• For market research, analysis and developing statistics
• To send you marketing communications with your consent
Lawful basis - Legal obligation
• When you exercise your rights under data protection law and make requests
• For compliance with legal, regulatory requirements and related disclosures
• For establishment and defence of legal rights
• For activities relating to the prevention, detection and investigation of crime
• To verify your identity, engage in fraud prevention and anti-money laundering checks
• To monitor emails, calls, other communications, and activities on your account
Lawful basis - Your consent
• When you request we disclose your personal data to other people or organisations
• When we process any special categories of personal data at your request
• To send you marketing communications where we have asked for your consent to do so
4. Storing Your Personal Data
4.1. Where is it Stored?
The data that we collect from you may be transferred to and stored at, destinations outside the European Economic Area ("EEA") for the reasons set out below:
if this is necessary for providing you with the services you request. For example if you transfer funds to an account that is not located in the EEA, it may be necessary to send your details to the recipient;
where our anti-fraud agencies, credit reference agencies and other service providers are based outside the EEA and require access to your data to perform their obligations to us and provide services to you;
if you have been referred to us by a third party and that third party is entitled to a commission payment – for further detail see section 6.5.
We are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure of information we have physical, electronic and managerial procedures in place to keep your information safe. Once logged into your account, all internet communication is secured using Secure Socket Layer (SSL) technology with high security 128bit encryption.
However, this high level of protection can only be effective if you follow certain security practices yourself. You must never share your account or log in details with anyone. If you are concerned that any of your log in details have been compromised, you can change them any time once you are logged on but you should always also immediately contact Customer Services and tell us why you think your log in details have been compromised. Please read our account Terms & Conditions for further information on how to keep your account safe. Details of how to contact Customer Services are available from the "Contact" section of the Website. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website. Any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We are by law required to retain certain records for a period of at least five years after closure of your account which will include your personal data such as your name, contact details, customer number and transaction history etc. Otherwise, we will delete and destroy all personal data that we hold about you when you (or we) terminate your account.
5. Your rights under the General Data Protection Regulation (GDPR)
The right to be informed
The right of access
The right of rectification
The right of erasure
The right to restrict processing
The right to data portability
The right to object
Rights in relation to automated decision making and profiling
If you would like further information about data protection you can visit the Information Commissioner's Office (ICO) at ico.org.uk. The ICO is the UK's independent authority set up to uphold information rights in the public interest and data privacy for individuals. We comply with all ICO regulatory and statutory requirements. You have the right to make a complaint to the ICO regarding the handling of your data.
6. Disclosure of Your Information
6.1. Group Companies
We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries. This may be necessary in order to, among other things, fulfil your request, process your payment details, provide support services and monitor fraudulent activities.
6.2. Merchants and other Customers
When sending money to another account holder, individual or a merchant who you wish to pay we may pass on your email address to the recipient. Depending on the requirements of the merchant and the type of payment involved, we may also send other personal details such as your name, address and country of residence if the recipients request this information from us in order to improve the payment process, to reconcile payments with the commercial transaction or to conduct their own anti-fraud and anti-money laundering checks.
6.3. Fraud and Credit Reference Agencies
When you open an account, at intervals of up to every 3 months and at any other time we feel it is necessary to do so to protect our financial interests and prevent money-laundering or fraud, we share certain information about you and your account, financial history and transactions as part of our normal business operations with our banks, payment facilitator partners, debit card processing services, identity verification service providers and credit reference agencies to identify and verify users, to limit our exposure to fraud and other criminal activities and to manage our financial risk. We can provide you with a list of the credit reference agencies we use upon your written request to the email address set out in the Contact Us section. When conducting identification or fraud prevention checks, the relevant parties may retain a record of our query along with your information and may share this information with other fraud prevention agencies. If you want to know what information these companies hold about you, you can write to them to request access to your information. Please refer to our Money Laundering Regulations for further details.
6.4. Strategic Partners
Wirepayer may supply strategic partners with certain information from your account, (such as your name, address, telephone number, date of birth, email address and gender) to provide operational services relating to the performance of Wirepayer issued product. Our strategic partners gather information for their own purposes and for that reason we cannot exercise control over the uses to which they apply your personal information. All our strategic partners are obliged to comply with the "fair processing code" contained in the Data Protection Act 1998, which requires them to inform you about (or make readily available to you) the following information:
Why they are handling your personal data and what they intend to do with it
Any further information to make the processing of your personal data fair
We supply your personal details such as name and address to some suppliers where it is necessary in order to fulfil our obligations to you in setting up and maintaining the account. Where required by law, strategic partners and suppliers are certified or authorised and regulated to the required standards. Your personal data may be transferred outside the UK and the European Economic Area. If these countries do not have adequate protections for personal data under applicable laws we will take all necessary steps to safeguard your personal data.
6.5. Other Disclosures
a prospective buyer of our business or a buyer of a substantial number of the shares in our business;
the police, other lawful enforcement body, regulatory body or court if we are under a duty or required by law to disclose or share your personal data , or to protect the rights, property, or safety of ourselves or our group companies, our customers, or others;
third parties where you have expressed an interest in receiving information about their goods and services and
third parties who referred you to us initially and to whom we owe a commission payment as a result of the referral. Where the commission payment is based on transaction volumes, numbers or types of transactions, we may share that information with that third party, but we will not disclose the full details of each of your transactions without your further written consent.
third parties we may occasionally use to provide you with the services that you have requested. We require these third parties to not use your personal information for any other purpose.
6.6 Automated decision Making
We may process your personal data without human intervention to evaluate your personal situation such as transactional history and account opening anniversary events. We may do this to decide what marketing communications are suitable for you (subject to your permission), to analyse statistics and to assess risks. This is all done on the basis of our legitimate interests, to protect our business, and to develop and improve our products and services. If we use automated decision making including profiling activity to assess your application, this will be performed on the basis of it being necessary to perform the contract.
7. Communicating With You
We may contact you by email to the primary email address registered with your account or by telephone to the contact telephone numbers you have provided when registering for your account. You can change your primary email address and/or contact telephone number at any time, subject to the provisions of section 9 below. You may also receive system-generated transactional emails such as confirmation of uploads, notification of receipt of payments, notification of password changes etc. which are necessary for the proper operation and administration of your account.
7.1. Newsletters and Marketing
You are free to opt out of receiving all marketing communications from us and our strategic partners at any time by contacting us. Should you be opted in to receive email correspondence, there is an unsubscribe link on each email we send out, if you use this, we will not send any unsolicited mail to your registered email address. Please note that you will still receive communication regarding your account such as transactional emails or other notification affecting the operation of your account or our legal relationship. From time to time we do share aggregated information about our customers' use of our website and services with other companies for research and analysis purposes, but you cannot be identified from this aggregated information.
Phishing is the name given to attempts to steal personal details and financial account details from a website user. "Phishers" use fake or "spoof" emails to lead users to counterfeit websites where the user is tricked into entering their personal details, such as debit card numbers, user names and passwords. WE WILL NEVER SEND EMAILS ASKING YOU FOR SUCH DETAILS AND OUR STAFF WILL NEVER ASK YOU FOR YOUR PASSWORD.
If you do receive such an email or are asked for your password by anyone claiming to work for us please forward the email or report the incident by email to our Data Protection Officer (contact details are at the end of this policy) or by contacting Customer Services.
8. Links to Other Web sites
Our Website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
9. Accessing and Updating Your Information
If your personal details (such as your name, address, or telephone number) change you should inform Customer Services via the "Contact" section of the Website as soon as you can. We shall not be liable for any loss arising out of your failure to keep your personal details up to date. Your address and phone number can only be changed once in any 3 month period. In order to deactivate your account, please refer to the account Terms & Conditions. You have the right to access information that we hold about you. To do so, please contact us at the address given at the end of this policy.
A cookie is a small amount of data which contains information that is downloaded to the device from which you access our Website. Cookies are useful because they allow us and other websites to recognise your device. For more comprehensive information about how cookies work, see http://www.allaboutcookies.org. Cookies are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. For example, they can allow you to navigate between web pages of our Website and remember your preferences such as your language selection.
10.2. Types of Cookies and Consent
Strictly necessary cookies – These are cookies which are essential for our site to operate such as those which identify you so you can log into your account. They allow you to move around our website and use the services you have requested. These cookies will be activated when you enter our site and as you use our site.
Compliance cookies – These include cookies which are necessary to assist in meeting our regulatory compliance obligations, such as anti-money laundering and anti-fraud obligations and prevent your account from being hijacked. These cookies will be activated when you enter our site and as you use our site.
Performance cookies – These are cookies that help us to improve how our site works and to deliver a better service to you. For example, they will assess which pages you visit most often or if you get an error message. They also allow us to see if you have used the website of one of our group or affiliated companies. All information collected by these cookies is aggregated and therefore anonymous.
Functionality cookies – These cookies allow us to deliver a more personalised service to you and allow our Website to remember choices you have made such as the language you prefer or the region you are in. They may also be used to provide services you have requested such as being able to comment on one of our blogs.
Third Party cookies – When you visit a page on our Website with content embedded from third parties, for example, YouTube or Twitter, cookies may be downloaded onto your device. We do not set or control these cookies. If you are concerned about the types of cookies that may be downloaded you check the third party websites for more information about these cookies.
We may use other cookies from time to time in accordance with this policy. By using our Website and other online services, you acknowledge that we may use some or all of the cookies mentioned and you agree that we can place Performance and Functionality Cookies on your device when you use our Website. If you do not agree to this you should cease using our Website and online services or adjust your browser settings. Please see section 10.3 below.
10.3. Blocking Cookies
11. Contact us
Post: Data Protection Officer, Wirepayer Limited, 160 Fleet Street, London, EC4A 2DQ