Who are we?
In accordance with Data Protection Regulations, TalkRemit is a data controller and you – our customer – will be a data subject. As a data controller, we determine the purposes for and means of the processing of your personal data while at the same time ensuring your rights as a data subject are respected.
What data we might collect?
We collect personal information about you when you access the Site (such as behavioural information, including links you click and pages you enter, your IP address and device information), when you contact us (such as your name and email address) and if you opt out of marketing communications. We will collect your email address for marketing purposes. We may also collect an email address which has not been registered with us for ticket tracking purposes, but we will ask for your consent in such cases.
We will collect personal information from you either directly, such as when you contact us, or indirectly, such as your browsing activity while on the Site.
As a company providing money remittance, electronic wallet and chat services, we may also have to collect various types of personal data in the course of providing our Services to you:
1. Personal data such as your name, address, phone number, email address, date of birth and/or nationality. We might also need to collect copies of your identity document, utility bills, bank statements or any other documentary evidence. We might need this data in order to satisfy our know your customer (“KYC”) obligations.
2. Financial data such as your card or bank account information.
4. Technical datasuch as (1) the internet protocol you use to login to your Account or submit a Transaction, (2) information about your device such as the device manufacturer, device model, device operating system, device operating system version, application version, carrier, connection type and/or time zone; and (3) event-based attributes such as button clicks and other in-app events.
When you install the TalkRemit application, we will also ask you to allow us to access your mobile device’s address book. A copy of the phone numbers and names of all your contacts (whether they are TalkRemit users or not) will be collected and stored on our servers so that we can enable you and your contacts to connect.
The TalkRemit application might also ask you to allow us to access your media files (to enable you to share images with your TalkRemit contacts), location (to share your location with your TalkRemit contacts), microphone and speaker (to enable you to talk with your TalkRemit contacts). You can choose not to allow us to have such access, however this would mean that some of the Services might not work. You can change your access preferences through your device settings.
We shall use automated processing to track your behaviour when using the Site, for example how you leave the Site, and to track if, and when, the Site crashes. This shall allow us to develop, maintain and improve the Site and our Services and tailor our communications with you accordingly.
Do you have to provide information and, if so, why?
We require you to provide us with, as a minimum, your email address and phone number in order to provide you with the Talk Services. We require you to provide us with, as a minimum, your full legal name, date of birth, address and nationality in order to provide you with the Remittance Services.
We may also require you to provide us with further information about yourself and/or your Receiver in relation to providing you with the Services such as an address, phone number, nationality, identity documentation, proof of address (such as utility bills), source of funds, bank statements or any other documentation as required by applicable laws and regulations.
We will inform you at the point of collecting information from you whether you are required to provide the information to us.
Why might we process your data?
We strive to provide you with a safe, personalised and delightful experience when you use our Services. To this end, we might process your data for the following reasons, which are necessary for the purposes of our legitimate interests in accordance with the lawful processing requirements indicated in the Data Protection Regulations:
1. To provide you the Services.We need to collect your financial details and details about your recipient to complete money transfers or enable Top-Up of your Electronic Wallet. We also need your contact information for us to allow you to chat and talk with your friends and family.
2. To comply with the law.As a financially regulated institution, we are obliged to know who our customers are and to perform our anti-money laundering and combating terrorism financing checks.
3. To provide relevant marketing.We might process your contact details such as email address and telephone number to provide you, as our customer, with a relevant and personalised marketing communication. Our goal is to market you only information which might benefit you and to do so in such a way which does not undermine your rights as a data subject. You will always have an absolute right to object at any time to any marketing communication sent to you.
4. To improve our Services.We might process technical data about your usage of our application to improve our Services. We will use anonymous identifiers and aggregated data, not your personal data. We will not sell your data to third party companies.
Legitimate interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
How do we protect your data?
Protecting your personal data is very important to us. TalkRemit maintains physical, electronic and procedural safeguards that comply with the applicable laws to protect your personal information from unauthorised access:
1. Using network and application firewallsWhen you transmit your personal data from your device to our servers, your information is protected by both a “firewall” and industry standard SSL (secure socket layer) encryption.
2. Secure storage.Once your data reaches our servers, data is securely stored.
3. Access control.TalkRemit maintains a strict policy to control who can have access to your personal data. Any personal data will be accessible by TalkRemit employees on the need-to-know basis only. TalkRemit regularly trains staff on data protection practices to ensure all employees are aware of the Data Protection Regulations, data protection principles and customers’ rights as data subjects.
4. Payment Card Industry Data Security Standard (“PCI-DSS”).Any financial information you transmit when you enter your card details is processed in accordance to PCI-DSS standards.
5. System testing.TalkRemit regularly tests and reviews its systems and security practices.
6. Controlled data sharing.Before we decide to share your data with any third party, we make a careful assessment of that third party’s level of data protection. Any agreement to share data is made only with third parties which have an adequate level of data protection which complies with the Data Protection Regulations.
Even though TalkRemit will make every effort to protect your data, you accept that we cannot guarantee security when you transmit it over the internet, and any transmission is at your own risk. To minimise your risk, we highly recommend that you do not share your login credentials, passwords, pin numbers or any other Account details with anyone else. We also highly recommend that you use appropriate anti-virus software to protect yourself from your data being compromised.
We have procedures in place to deal with any suspected data security breach.
If at any point you suspect or become aware of a security incident, please contact us at email@example.com.
How long do we retain your data?
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including holding your personal data until we are lawfully required to do so. To comply with relevant KYC, anti-money laundering and counter-terrorism financing regulations, we are obliged to retain your data for at least five years after your last transaction with us in respect of the Remittance Services. We will store your data in respect of the Talk Services for one year after you close your account with us. We might retain your data for a longer period if instructed so by the relevant authorities or if required to protect rights of TalkRemit.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
Who might we share your data with?
We might share your data with third party service providers which enable us to provide you with the Services:
1. Payment service providers (“PSPs”) – we will use PSPs to enable card processing, bank payment services and accounting.
2. Money service businesses (“MSBs”) – we will partner with MSBs in different countries to provide you and your receiver with different payout services ranging from cash to mobile wallets.
3. KYC service providers – we might rely on trusted KYC providers to verify your identity. This might involve verifying your information against credit institutions.
4. Regulatory authorities and law enforcement agencies – in order to comply with relevant laws and regulations, we might be obliged to share your personal data as well as your account/transaction data with relevant authorities.
5. Analytics and marketing companies – to provide you with a high-quality service, we might share anonymised data with analytics companies. In order to provide you with relevant and personalised marketing communications we might also share anonymous aggregated data with our partners.
We select our partners carefully. Before starting any relationship, we make sure they are fully compliant with the Data Protection Regulations and employ adequate data protection practices.
Transfers out of the EEA
The Site is controlled, operated and administered by us from our office within the European Economic Area (“EEA”). The Talk Services are intended for use worldwide and the Remittance Services are intended only for use within the EEA. Personal data may be transferred to and stored and accessed by Service Providers located in countries both inside the EEA and outside the EEA in countries that do not have the same data protection laws as the United Kingdom and EEA.
Where personal information is transferred outside of the EEA, we shall apply mechanisms to ensure similar levels of protection are afforded to it such as (i) transferring your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission or (ii) providing appropriate safeguards such as using specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
If you use the Remittance Services to pay a Receiver in another country or the Talk Services to communicate with a person (or persons) in another country, personal data will be transferred as necessary to complete the Transaction or communication.
What are your rights?
When you share your personal data with us, you have all the below rights:
1. Right to Withdraw Consent – at any point in time you can easily withdraw your consent to allow us to process your personal data. This can be done easily in your Account settings or by sending us an email to firstname.lastname@example.org. Please note that (i) this will not affect the lawfulness of any processing based on consent given before its withdrawal, and (ii) withdrawing consent might mean that we will not be able to provide all or part of the Services to you.
2. Right to Be Informed – you have a right to be informed about what data we collect, how we use it and who we share it with.
3. Right to Access – you can ask us to provide you with all the data we have collected about you, how it is used and who it has been shared with. If you wish to do so, please send us an email to email@example.com. We will have one month from the day of receipt of the request to send you back the results (this may be extended by two further months where necessary, in which case we will inform of you of the extension and the reasons for it within one month of receipt of the request).
4. Right to Rectify – you have a right to rectify incomplete or inaccurate personal information concerning you.
5. Right to Erasure – you have the right to require the erasure of personal data concerning you in certain circumstances.
6. Right to Data Portability – you have the right to receive the personal information concerning you which you have provided to us in a structured, commonly used and machine-readable format and have the right to transmit that data to a third party in certain situations.
7. Right to Restriction of Processing – you have a right to request that we stop processing any personal data.
8. Right to Object to Direct Marketing Processing – you have the right to object to the processing of your personal information for the purposes of direct marketing at any time by sending us an email to firstname.lastname@example.org.
9. Right to Object – you have the right to object to the processing of personal information concerning you in certain other circumstances.
10. Notification Obligation – you have a right to be informed without undue delay about a personal data breach where this is likely to result in a high risk of adversely affecting your rights and freedoms.
11. Right to Complain – you have a right to complain to a supervisory authority, in particular in the European Union (or EEA) state where you work, normally live or where any alleged infringement of data protection laws occurred (in the UK, this is the Information Commissioner’s Office who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113) if you believe we didn’t process your data correctly.
You can exercise your data protection rights by sending us an email to email@example.com.
A cookie is a small piece of data sent from a website and stored on your device while you are browsing that website. Cookies were designed to be a reliable mechanism for websites to remember important information about the usage of the website.
The types of cookies we use are as follows:
1. Essential cookies – these are the cookies required for good functioning of the Site. For example, to store your session ID.
2. Analytical cookies – these are the cookies that allow us to see and count how many users visit our Site, which pages they go through and how they behave on our Site.
If you wish to contact us, please send us an email to firstname.lastname@example.org