TalkRemit Privacy Policy
TALKREMIT PRIVACY POLICY
Updated 29th June 2023
Introduction
Welcome to Talkremit’s privacy policy.
This privacy policy explains how we collect, use, and process your personal data when you use our websites www.talkremit.com and www.dahabshiil.com, or our mobile app, including any data you may provide by using our services, signing up to newsletters, taking part in a competition, taking part in a survey, or so on.
This privacy policy is provided in a layered format so you can click through to the specific areas set out below.
A quick summary
- Important information and who we are
- The data we collect about you
- How is your personal data collected?
- How we use your personal data
- Disclosing your personal data
- Marketing and online advertising
- Automated decision making
- International transfers
- Data security
- Data retention
- Your rights as a data subject
A QUICK SUMMARY
If you don’t want to read the full policy, this summary set outs the basics.
- If you are under 18 please do not use our services or app.
- Talkremit is a payment service that provides digital international money transfer and remittance services.
- We have two brands: Talkremit and Dahabshiil.
- If you are based in the European Economic Area, then the service is provided by Talkremit AB, a Swedish company. Talkremit AB is the controller for your personal data.
- If you are based in the UK, Canada, or anywhere else in the world other than the European Economic Area, then the service is provided by Talkremit Ltd, a UK company. Talkremit Ltd is the controller for your personal data.
- The kinds of personal data we process about you include contact details, bank details, beneficiary details, usage data, transaction data, device data, location data.
- We collect information about you from various sources including directly from you, from your use of our services, from publicly available sources, from financial institutions, from service providers including companies that provide KYC and AML checks.
- We use your personal data for various purposes. For example, to register you as a new customer, to transfer money for you, to manage our relationship with you, to help us improve our services, to protect our business against fraud.
- Where appropriate, we share your personal information with Talkremit companies that are providing services to us, to third parties that are providing services to us, to remittance companies that we work with, to KYC and AML checkers, to regulators and law enforcement bodies.
- We may use personal information about you to provide you with marketing messages unless you opt out or unsubscribe (which you can do at any time).
- We may use personal information about you to serve you with targeted advertising when you visit some third party sites (for example, Facebook and Instagram). To do this, we will share pseudonymised information about you with those third party sites.
- You have a number of rights over your personal information. Those rights, and the manner in which you can exercise those rights, are set out in this policy.
- You can complain to a personal data regulator about how we use personal data about you. Contact details for the personal data regulator are set out in this policy.
We use a few abbreviations.
European Economic Area is the European Union plus Norway, Lichtenstein and Iceland.
AML means anti-money laundering. This means making sure the money that we process does not come from criminal or terrorist sources. We have a duty to carry out AML checks.
KYC means know your customer. We have a duty to carry out KYC checks to make sure that our customers are sending money for legitimate purposes.
IMPORTANT INFORMATION AND WHO WE ARE
Purpose of this privacy policy
This privacy policy aims to give you information on how Talkremit collects and processes your personal data through your use of our websites or mobile app.
Our websites and mobile app are not intended for anyone under the age of 18. If you are not yet 18 years old, please don’t use our websites or mobile app – but please come back when you are old enough!
It is important that you read this privacy policy together with any other privacy information that we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy policy supplements other notices and is not intended to override them.
If you do not provide the data we ask for, our services may not work as well and, in some circumstances, we may not be able to provide our services to you.
Controller
If you are based in the European Economic Area, then the Controller of your personal data (and the person that provides services to you) is Talkremit AB, registered in Sweden with number 559215/5815, and with its principal business offices located at Östra Hamngatan 17, 411 10 Göteborg, Sweden (referred to as “Talkremit”, “we”, “us” or “our” in this privacy policy).
If you are based in the UK, Canada, or anywhere else in the world (other than the European Economic Area), then the Controller of your personal data (and the person that provides services to you) is Talkremit Ltd, company number 10283207, and with a registered office 20 Eastbourne Terrace Eastbourne Terrace, London, England, W2 6LG (also referred to as “Talkremit”, “we”, “us” or “our” in this privacy policy).
If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact us using the details set out below.
Email address: [email protected]
Postal address: Talkremit, 20 Eastbourne Terrace Eastbourne Terrace, London, England, W2 6LG.
Changes to the privacy policy and your duty to inform us of changes
We keep our privacy policy under regular review. This version dates from June 2023.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
Your Right To Complain To The Regulator
If you are based in the UK, you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK regulator for data protection issues (www.ico.org.uk).
If you are based in the European Economic Area, you have the right to make a complaint at any time to the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten), the Swedish regulator for data protection issues (www.imy.se).
If you are based in Canada, you have the right to make a complaint at any time to The Office of the Privacy Commissioner of Canada (OPC), the Canadian regulator for data protection issues (https://www.priv.gc.ca/).
If you are based outside the UK, Canada and the EEA, you have the right to make a complaint at any time to the ICO (www.ico.org.uk).
We would, however, appreciate the chance to deal with your concerns before you approach the ICO, the Swedish Authority for Privacy Protection, or The Office of the Privacy Commissioner of Canada so please contact us at [email protected] in the first instance.
THE DATA WE COLLECT ABOUT YOU
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
- Profile Data about you includes your first name, last name, username or similar identifier, marital status, title, date of birth, gender, social security/insurance number, national identification number, photograph, passport and/or National ID, BankID, your username and password, and billing address, email address and telephone numbers.
- Financial Data includes data about your bank account and payment card details.
- Transaction Data includes details about your remittance payments.
- Biometric data. We may collect, use and store your biometric data during the verification process, or where we feel we need to carry out some anti-money laundering or anti-fraud checks. For example, we may extract face scan information from photos and videos to compare pictures of you on identity documents with each other and with a selfie that you provide. At a future date, we may also use more biometrics (for example tracking keyboard or mouse usage to detect unusual patterns) to prevent fraud and money laundering. Where we intend to collect biometric data, we will ask for your consent before we do so.
- Location Data. We may gather location data from the device that you use to access our websites or app. This information can help us understand our customers better, but can also help with the prevention of fraud and money laundering.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
- Usage Data includes information about how you use our websites, app and services, including the full Uniform Resource Locators (URL) clickstream to, through and from our websites or app (including date and time), services you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (including scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our Customer Support service.
- Marketing and Communications Data includes whether or not you allow us to send you marketing, and also your communication preferences (for example, whether you prefer to be communicated with by email or by SMS).
- KYC and AML data. We have an obligation to comply with anti-money laundering and similar regulations, so from time to time we may also need more identification information from you, including a copy of your bank account statements. We may also carry out checks on you. At the date of this privacy policy we do not access criminal record checks, but we may do so in the future. However, we do access adverse media checks which could highlight previous criminal convictions.
- Beneficiary Data. If a Talkremit customer sends money to you, then that Talkremit customer may provide your personal information to us (for example, name, gender, nationality, address, account details, email, date of birth, social security/insurance number, national identification number and additional verification information if requested by your recipient bank or payer).
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data as this data will not directly or indirectly reveal your identity. For example, we may include your Usage Data with the Usage Data of other users to calculate the percentage of users accessing a specific website feature.
HOW IS YOUR PERSONAL DATA COLLECTED?
We use different methods to collect data from and about you including through:
- Direct interactions. You may give us your information by filling in fields on our websites or mobile app, by just using our services, and by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
- create an account on our website;
- use our services;
- agree for marketing to be sent to you;
- enter a competition, promotion or survey;
- give us feedback or contact us.
- Automated technologies or interactions. As you interact with our websites and app, we will automatically collect Technical Data and Usage Data about your devices, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. Please see our cookie policy for further details on how we use cookies.
- Publicly available sources. We may gather personal data about you from various public sources. For example, so as to verify your identity, we may check the address you have given us against the Electoral Roll, and we may check the media for reports about you. We may also gather information from public media (for example, newspapers) and social media.
- Third parties. We will receive personal data about you from various third parties as set out below:
- Payment service providers: the payment service providers you use to transfer money to us will provide us with your personal information, including your name and address, as well as your financial information, including your bank account details.
- Advertisers and analysers: advertising networks, analytics providers and search information providers may provide us with pseudonymised information about you, including confirmation of how you found our website.
- Service providers. Talkremit’s service providers may provide us with information about you. For example, KYC and AML Data from companies that provide KYC and AML services.
- Talkremit customers. If you are a person that a Talkremit customer sends money to, then that Talkremit customer will provide Beneficiary Data about you to us.
HOW WE USE YOUR PERSONAL DATA
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Where we need to perform the contract we are about to enter into or have entered into with you (for example, when you ask us to transfer money for you).
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal obligation.
We have set this out in more detail in the table below. Generally (and except for biometric data and as provided in our cookie policy) we do not rely on consent as a legal basis for processing your personal data. (By the way, you have the right to stop receiving marketing at any time by contacting us. See Marketing and online advertising).
Purpose/Activity | Type of data | Lawful basis for processing |
To register you as a new customer. | Profile Data
Financial Data Biometric Data Location Data KYC and AML Data |
Performance of our contract with you. |
To transfer money on your behalf and provide you with services, including correcting any mistaken payments. | Profile Data
Financial Data Biometric Data Beneficiary Data Transaction Data |
Performance of our contract with you.
Necessary for our legitimate interests – to correct mistaken payments, to recover debts due to us. Necessary to comply with a legal obligation. |
To transfer money to you. | Beneficiary Data | Necessary for our legitimate interests – to complete the services we have promised. |
To manage our relationship with you. | Profile Data
Financial Data Biometric Data Location Data Transaction Data Usage Data |
Performance of our contract with you.
Necessary to comply with a legal obligation. Necessary for our legitimate interests – to keep our records updated and to study how customers use our services. |
To enable you to partake in a prize draw, competition or complete a survey. | Profile Data
Marketing and Communications Data |
Necessary for our legitimate interests – to study how customers use our services, to develop them and grow our business. |
To administer our business, websites, and app (including troubleshooting, data analysis, testing, system maintenance, support, reporting, hosting of data, and product and service development). | Technical Data
Usage Data
|
Necessary for our legitimate interests – for running our business, provision of administration and IT services, network security, to prevent fraud.
Necessary to comply with a legal obligation. |
To protect our business, websites, app, customers and partners from fraud and dishonesty. | Technical Data
Usage Data Biometric data |
Consent – Biometric data.
Necessary for our legitimate interests – to prevent fraud and dishonesty. Necessary to comply with a legal obligation. |
To deliver targeted online advertisements to you and measure or understand the effectiveness of the advertising we put in front of you. | Profile Data
Transaction Data Usage Data Technical Data Marketing and Communications Data |
Necessary for our legitimate interests – to grow our business and to inform our marketing strategy. |
To provide marketing to you and measure or understand the effectiveness of the marketing we provide. | Profile Data
Transaction Data Usage Data Technical Data Marketing and Communications Data |
Necessary for our legitimate interests – to grow our business and to inform our marketing strategy.
See Marketing and online advertising. |
To use data analytics to improve our websites, app, services, marketing, customer relationships and customer experiences. | Profile Data
Transaction Data Usage Data Technical Data |
Necessary for our legitimate interests – to define types of customers for our services, to keep our websites and app updated and relevant, to develop our business and to inform our marketing strategy. |
To make suggestions and recommendations to you about services that may be of interest to you. | Profile Data
Transaction Data Usage Data Technical Data Marketing and Communications Data |
Necessary for our legitimate interests – to develop our services and grow our business. |
To ensure that KYC and AML legislation is complied with. | KYC and AML Data | Necessary to comply with a legal obligation. |
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.
Also, please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Change Of Purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
DISCLOSING YOUR PERSONAL DATA
We may disclose your personal data to the parties set out below.
Where we disclose your data to third parties, we only do so in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Internal Third Parties
- Talkremit Affiliates: other companies in the Talkremit Group that provide services to us (for example, customer support or IT support).
- Talkremit Affiliates: other companies in the Talkremit Group if we believe that by doing so we can provide a better service to you.
To find out which companies are Talkremit Affiliates, please send an email to [email protected].
External Third Parties
- Service providers: companies providing services to us. For example, companies providing KYC, AML and fraud detection services.
- Remittance partners: companies helping us deliver the money to beneficiaries.
- Professional advisers: including lawyers, bankers, auditors and insurers.
- Regulatory and government: regulatory and government bodies, police and law enforcement, fraud prevention agencies, where required to share that information by a legal obligation.
- Financial institutions: financial institutions, payment system operators, payment service providers and other financial services companies as part of providing our services to you, and also to recover money paid in error.
- Advertisers: advertisers and advertising networks to select you and put relevant adverts and messaging on your screen. For example, Google search, Facebook, Instagram.
- Analytics providers: analytics providers and search engine providers that assist us in the improvement and optimisation of our websites and apps. For example, Google Analytics.
- Beneficiaries: limited information about you is sent to payment beneficiaries when you remit money.
- Other third parties: we may share your personal information with other third parties where we are required to do so by law or regulation (such as in connection with an investigation of fraud or other legal enquiry) or in connection with other legal proceedings (including where we believe that your actions violate applicable laws or any agreement with us).
- Purchasers of the business. In the event that our business or any part of it is sold or integrated with another business, your details may be disclosed to our advisers and those of any prospective purchaser and may be passed to the new owners of the business.
MARKETING AND ONLINE ADVERTISING
Marketing
You will receive marketing communications from us (by email, whatsapp, SMS, post or similar) if you have requested information from us, or purchased services from us, and you have not opted out of receiving that marketing.
If you want to stop receiving this kind of marketing, then please send an email to [email protected]. Please make sure that you are sending the email from the email address that we have registered for you.
If you have agreed to receive marketing from us in return for a specific discount or offer, then your ability to refuse that marketing is subject to the terms of that specific discount or offer. If in doubt as to which category you fall in, please contact us [email protected].
Online Advertising
Online advertising is advertisements and messaging from us that you receive when using other companies’ websites or apps, for example Google search, Facebook, and Instagram. You may be able to prevent advertisements and messaging appearing by adjusting the settings of your browser or on the apps you are using.
Cookies
You can set your browser to refuse all or some browser cookies (other than essential cookies), or to alert you when websites or apps set or access cookies. If you disable or refuse cookies, please note that some parts of our websites and our app may become inaccessible or not function properly. For more information about the cookies we use, please see our cookie policy.
AUTOMATED DECISION MAKING AND PROFILING
We may use your personal data (for example, Transaction Data) as a basis on which to offer you services or features that may be useful for you. You can object to us using your personal data in this way by writing to us at [email protected]
We may also use automated processes at other points. For example, to check your application to open an account with us (eg. automated verification of your identity), to stop a transaction that looks suspicious, or to block a suspicious attempt to login to your account,
If this happens, you will be notified and offered the opportunity to provide further information as well as to challenge the decision and call for a manual review. If you wish to challenge a decision, please send an email to that effect to [email protected].
INTERNATIONAL TRANSFERS
Talkremit Group is an international organisation. Where we disclosed your personal information to other members of the Talkremit Group this is likely to involve transferring your data outside the UK, Canada and/or the EEA.
Many of our remittance partners are based outside the UK, Canada and/or the EEA so their processing of your personal data will involve a transfer of data outside the UK, Canada and/or the EEA.
Whenever we transfer your personal data out of the UK, Canada and/or the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed (by the relevant authorities) to provide an adequate level of protection for personal data.
- Where we use certain service providers based in countries which have not been deemed (by the relevant authorities) to provide an adequate level of protection for personal data, we use contract templates approved by the relevant authorities which give personal data the same protection it has in the UK, Canada and/or the EEA.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the UK, Canada and/or the EEA.
DATA SECURITY
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
DATA RETENTION
How long will you use my personal data for?
By law we have to keep basic information about our customers (including Profile Data, Financial Data and Transaction Data) for 5 years (or longer, if required by law) after they cease being customers.
In some circumstances you can ask us to delete your data: see Your rights as a data subject for further information.
In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
YOUR RIGHTS AS A DATA SUBJECT
You have the following rights against us.
the right to request a copy of your personal data held by us;
the right to correct any inaccurate or incomplete personal data held by us;
the right to request that we erase personal data we hold about you;
the right to request that we restrict the processing of your data;
the right to have your personal data transferred to another organisation;
the right to object to certain types of processing of your personal data by us;
the right to complain to the regulator (see Your Right To Complain To The Regulator)
the right to object to your personal data being processed for direct marketing (see Marketing and online advertising).
These rights are not absolute in all situations and may be subject to conditions and provisions set out in data protection laws.
For further information, or to exercise any particular right, please contact us at [email protected].
Consent. Where we are relying on consent to process your personal data (see Biometric Data and cookies), you can withdraw your consent at any time. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain services to you.
If you wish to exercise any of the rights set out above, please email your request to [email protected]. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.