Last change: 26.06.18
Via our wallet, services and other tools we manage the deposit, payments, withdrawal and transfer of funds from a customer to either that same customer or another customer or a merchant (respectively the "Customer", the "Merchant", and "Services" respectively).
When you visit this website www.caspero.com hosted by International Fintech UAB and Caspero UAB and their group companies (together “Company”, "we", “us”) and all related websites (the "Website"), or when you correspond with us and become either a Customer or a Merchant (where you, the natural person, either as a Customer or as the Merchant’s ultimate beneficial owner, director or other representative, are hereby referred to as “Data Subject”), we may process personal data about you as a data controller.
The Services are developed, owned and operated by Caspero UAB, a subsidiary of International Fintech UAB, a licensed financial institution with registration number 304409766 (e- money license No. 6, issued by the Central Bank of Lithuania) located at Jogailos street 4, Vilnius LT-01116, Lithuania.
“Personal Information” means information that can be used to uniquely identify a single person, which may include without limitations, name, addresses, telephone numbers, email address, payment information, 4 digits of payment card, IP address, but also the frequency and location of payments, patterns of purchases etc.
Please note that this Policy is governed by the Lithuanian laws.
Please read the following carefully to understand our practices regarding Data Subject’s Personal Information and how we will treat it.
SCOPE AND CONSENT
- Your use of the Website and Services, regardless of how you access or use them, whether by using your computer, your mobile device or any other device;
- Your use the Services in the course of your private use, and/or trade or business, unless otherwise agreed through contract;
- Email, other electronic messages including SMS, telephone, web chat, website/portal and other communications between you and Company.
LEARN MORE to understand how we will treat your Personal Information:
If you are not satisfied with any aspect of this Policy, please do not continue to use the Services.
Contact Us details are provided at the end of the Policy, for feedback or any privacy enquiries you may have.
When you are required to provide Personal Information to us
You are not required by law to provide any Personal Information to us. For example, you always decide whether to participate in our promotions or to use the Services. You are required to provide certain Personal Information to enable us to enter into a contract with you so that you can use the Services. Our registration forms indicate which data elements are required for our contracts.
THE INFORMATION WE COLLECT FROM YOU
We may collect, receive and process any information, including the Data Subjects’ Personal Information, data and other details submitted, shared or exchanged in connection with the Services. You may provide some of this information to us, for example by filling in forms via the Website, or by corresponding with us by phone, e-mail, web chat or otherwise. We may collect some of it through automatic means, for example by using cookies when you visit our Website. We may also obtain data about Data Subject from our users who may send you invitation to join our Services. We may also infer from your use of the Services a pattern of your transactions which becomes a separate type of Personal Information.
LEARN MORE to understand which information we collect:
When underwriting both new Customers and new Merchants, the Company routinely collects ‘Know Your Customer’ information and data from you and/or your Merchant's Data Subjects for compliance with Anti-Money Laundering laws. Details may be crosschecked against lists and search libraries to verify that such details are correct and not subject to blacklisting or service prohibitions.
We also collect numerous information about the Customers and from the content and the details of their transactions.
We may also collect non-personal information, or anonymized Personal Information in order to make it non-personal.
Information you provide us:
When underwriting new Customers and new Merchants, the Company routinely collects ‘Know Your Customer’ and Anti-Money Laundering data from Data Subjects, whether they are Customers or representative related to the Merchant. These details may be crosschecked against lists and search libraries to verify that such details are correct and not subject to blacklisting or service prohibitions.
- When a Merchant registers to our Services, it will be requested to provide Personal Information on its UBOSs, directors etc. such as: full name, e-mail address, phone number, address, gender, date of birth, contact details, location, nationality and country of residence, and any other relevant contact information. The legal regulation framework that applies to the Services may change from time to time and therefore we may require additional information in order to comply with the adjusted regulation.
- When a Customer registers to our Services, he/she may be requested to provide Personal Information such as: full name, e-mail address, IP address, phone number, address, gender, date of birth, contact details, location, nationality and country of residence, a copy of its identification document bearing an identification number, whether a national ID card or a passport, and also financial information including bank account details, credit or debit card number (the last four digits, the expiration date and the CVV number), for instance when uploading the wallet. Eventually, he/she may also provide us copies of their utility bills and any other relevant contact information. The legal regulation framework that applies to the Services may change from time to time and therefore we may require additional information in order to comply with the adjusted regulation.
- When a Merchant uses the Services, it may be requested to provide additional Personal Information and KYC information such as: Data Subjects’ identification numbers, photographs, a copy of an identification document (e.g. ID card, driving license and/or passport), various business and financial information, including bank account details and any information of their transactions and financial activity with other payment processors, copies of utility bills, etc., and any proof of their identity as we may request. The legal regulation framework that applies on the Services may change from time to time, and accordingly we may require some additional information in order to align with such new regulation.
- When a Customer proceeds to a transaction via the Services, such as uploading sums on the wallet, performing a purchase, transferring any amount to another wallet, withdrawing amounts by transferring them to another bank account, or requesting to make a payment to, or receive a payment from, a third party not registered with us, we may collect additional Personal Information such as a secondary ID, a bank statement, evidence of the source of the funds for the transactions and other details related to the transaction, including the type of Merchant, goods or services purchased, the amount and time of the transaction, and we may also collect information regarding the third party for which a request of transfer has been made, including the name and surname and e-mail address of that third party, whether or not he/she is a Customer.
- Information provided to us when you communicate with us by phone, e-mail, SMS, a website or portal. We may monitor and record phone calls, e-mails, Skype chats, or other communications between you and our Customer Service representatives or other Company's representatives. When visiting our offices, access control systems and other monitoring systems may be in operation.
- Any other information that you provide us.
Information we get from your use of our Services:
- Information on your requested transactions provided through your use of the Services, and information derived from your habits and your pattern of transactions. Even though we do not create your personal pattern and we do not predict your behavior, it is part of the risk management to detect transactions that could be deemed abnormal in their amount, destination, currency or rationale in comparison to your previous transactions history.
Information we collect from third parties
- Information we collect for regulatory and risk purposes:
In order to fulfill our legal obligations to prevent fraud and money laundering and for risk assessment purposes, we may obtain information about Data Subjects from other sources and add it to our account information, including from our corporate group of companies (subject to their privacy policies and applicable law), from third parties such as credit bureaus and identity verification services. We may also obtain further information about Data Subjects from our trusted service providers when you request to use our Services and at any time when we feel it is necessary to prevent fraud, to minimize financial risks or to prevent other risks, for instance – Data Subjects’ financial history information. Also, we may obtain additional information on the Customers from business partners, financial institutions and from our service providers for ensuring that their transactions are complete.
- Information we receive from other users:
We may also receive Personal Information of third parties that are contacted or invited by the Data Subject to register our Services, make or to receive a payment.
We may also obtain information on Data Subject from resellers and finders, which may transfer us such information under Data Subjects’ consent.
Authentication and Fraud Detection: In order to help protect you from fraud and misuse of your Personal Information, we may collect information about you and your interactions with the Services. We may also evaluate your computer, mobile phone or other access device to identify any malicious software or activity.
INFORMATION WE COLLECT AUTOMATICALLY
- We may use third party services, such as Google Analytics, to collect and process such data in order to analyze the traffic to the Website and the platform on which our Services is based.
We do not intentionally collect sensitive information relating to your health, ethnicity, religious or political beliefs etc., but we may obtain it in specific limited circumstances, for example if you ask us to transfer money to a political party or a religious organization etc.
LEGAL BASIS FOR PROCESSING
We will only process your Personal Information on the basis of the following:
- To be able to establish and perform our contract with you and perform our contract obligations under that contract (e.g. providing you with the requested Services) or as needed to establish and fulfill our contract with a merchant, where we are providing payment services.; or
- Where we have a legitimate interest to process data, (e.g. for our legitimate interest of managing our internal administration, claim management, risk management, conducting marketing research to improve our products and services and to offer our Customers with tailored products and services), or for the legitimate interests of others, provided that such processing is not overriding Data Subjects’ rights and freedoms in objecting to such processing; or
- Where it is necessary to comply with legal obligations which we are subject to (for example, anti-money laundering or other anti-financial crime checks);
- With your consent (or provided you have not objected, or opted-out, as may be appropriate under applicable law), to provide you with marketing communications; or
- Exceptionally, when necessary in the public interest, for example when law enforcement agencies request information to investigate a crime.
HOW WE USE THE INFORMATION
We use Data Subject’s Personal Information for the following purposes:
- to provide you with the Services and with customer support;
- to examine eligibility of onboarding of both Customers and Merchants;
- to perform creditworthiness and solvency checks, compare information for accuracy and verify it with third parties; obtain information about you from credit reference agencies and fraud prevention agencies; assess the financial risks in case of a transaction, for customer service purposes, and to detect, prevent, mitigate and investigate fraudulent or illegal activities. such checks and searches may be carried out prior to opening an account;
- to send promotional communications with respect to Services that may be of interest to you;
- to infer from your transactions a profile of your use of our Services. We may also infer from your type of use of our Service transactions that are abnormal as to their amount, destination, currency or rationale and we may choose to alert you on such potentially abnormal transactions after recording the request and before executing it.
LEARN MORE about the use of your Personal Information by us:
We may use information collected about Data Subjects, including Personal Information, in any one or more of the following ways: (i) When a new application to become a Merchant is submitted to us, we use the data received from the potential Merchant to assess its application. As such, this data is used by us to establish or perform our (future) contract with the Merchant and for our legitimate interests in following up with it. We also use the data above for our legitimate interest of managing our internal administration, for establishing and performing our contract with the Merchant; (ii) When a new application to become a Customer is submitted to us, we use the data received from the potential Customer to assess its application. As such, this data is used by us to establish or perform our (future) contract with the Customer and for our legitimate interests in following up with him. We also use the data above for our legitimate interest of managing our internal administration, for establishing and performing our contract with the Customer; (iii) We use Merchant’s client’s Personal Information to provide Merchants with the requested Services and transactions, including fulfilling Company's obligations to financial or other institutions in connection with the Services, (iv) for financial and identity checks, fraud prevention checks, anti-money laundering and credit checks, including examination of your request for Services according to legal regulatory requirements, risk management examination and fraud detection; (v) to provide reports that include Personal Information to Anti Money Laundering Authorities, and to any other competent authorities (in your territory or outside your territory or outside the EU), with accordance to legal requirements; (vi) to record and track details of transactions carried out in relation to the Services; (vii) to improve the quality of the Services and customize user experience; (viii) for Customer service, including answering questions and responding to feedback and complaints; (ix) for alerting on transactions that appear to be abnormal to the profile of the Customer, or that appear to be inappropriate to its profile in comparison with its past transactions (x) for sending communications, administrative e-mails and/or reaching our clients via social media platforms. Company may e-mail or communicate with you from time-to-time, if Company needs to provide you with information or for other commercially, non-marketing reasons related to the Services; (xi) for ensuring that transaction of our Merchants are complete or amounts of transactions are charged back, (xii) for legal and accounting purposes, such as reporting to tax authorities and reporting of legal and accounting information required by the Lithuanian law.
Please be informed that no automated decisions or profiling are made in the course of the processing of Data Subjects’ Personal Information.
We use analytics for security and anti-fraud purposes, such as to identify unauthorized use of the Services or to verify and cross-check abnormal transactions that would have been entered into by the Data Subject. In the view of the Data Subject's previous transactions, we may infer from a request of transaction that it is abnormal, for instance with respect to its amount, the destination of the funds, the currency chosen or the rationale or absence of rationale for such transaction.
DISCLOSING OF INFORMATION TO THIRD PARTIES
We may share Data Subject’s Personal Information with third parties assisting us to provide our Services, with suppliers working on our behalf, or where we are required or permitted to do so by law. We may also share Personal Information with third parties to comply with our legal obligations, to prevent any fraudulent or illegal activities related to our Services, to respond to legal process or to protect the rights or property of the Company, our Customers or others. We attempt to minimize the amount of Personal Information we disclose to what is directly relevant and necessary to accomplish the specified purposes.
LEARN MORE about the cases of disclosure of Personal Information to third parties:
We will not disclose to third parties the Personal Information gathered about Data Subjects via the Website and Services, inasmuch as this Information identifies them personally, except in the cases set forth hereinafter:
(a) To collect, hold and manage their Personal Information through our trusted vendors and our affiliated companies (including their sub-contractors) who apply suitable safeguards to protect the privacy and security of Data Subjects’ personal data, for example, cloud computing platform and hosting services provider, as reasonable for business purposes, which may be located in a country that does not have the same data protection laws as our jurisdiction;
(b) To bill and collect money owed to us by you or your company;
(c) To Credit and Financial Institutions that take part in the processing of the Services: including the credit institution where you maintain your or your company’s bank account and any other financial institutions who may process payments;
(d) Risk management. We use trusted third parties to secure transaction processing and to conduct identity verification and prevention checks of fraud or any other illegal activities or otherwise address security or technical issues (for example, World Check by Thomson Reuters for money laundering detection) and of bank transfer transaction, and we send Personal Information to those third parties to process payments;
(e) To communicate with you about your account and provide customer support, including by our third party trusted vendors;
(f) To provide information to our authorized representatives and advisors, including attorneys and accountants, to help us comply with legal, accounting, security and other requirements;
(g) To provide, support, and improve the Services we offer and to make certain features of the Services available to you;
(h) To satisfy applicable laws and regulations, if and as applicable, including reports to Anti Money Laundering Authorities and to any other competent authority, with accordance to legal requirements, to financial institutions that take part in the processing of the services for compliance purposes, and to comply with a judicial proceeding, court order, or legal process;
(i) To enforce the Terms and Conditions, including investigation of potential violations thereof, and to protect against harm to the rights, property or safety of Company, its users or the public as required or permitted by law;
(j) to send you newsletters and promotional communications via our contractors (provided you have not objected, or opted-out, as may be appropriate under applicable law);
(k) In the event Company goes through a business transition such as a merger, acquisition of all or a portion of Company's assets, Data Subjects’ Personal Information may be among the assets transferred and it will be transferred only subject to restrictions similar to those contained herein or as otherwise be required by applicable laws and regulations.
Please note that these third parties may be in other countries where the laws on processing Personal Information may be less stringent than in your country.
Except where permitted as stated, Company does not sell, rent, share or otherwise disclose Personal Information to third parties.
Company may transfer and disclose to third parties or otherwise use non-personal information at its own discretion.
STORING YOUR DATA
The Personal Information that we may collect may be transferred to, stored at and processed in a destination outside your territory and/or outside the European Economic Area ("EEA"), where Personal Information may not be protected by the same standards. When we transfer Personal Information outside the EEA, we will take steps with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy. You expressly agree to such transfers of Data.
LEARN MORE to understand the reasons for storing Personal Information outside EEA and/or your territory:
Any Personal Information which we may collect may be transferred to, processed and stored at destinations outside your territory and/or outside of the European Economic Area ("EEA"), where Personal Information may not be protected by the same standards, for the reasons set out below:
- Where our hosting provider or cloud computing platform is outside your territory or outside the EEA.
- Transfer to our affiliated companies that is needed for providing the Services.
- If necessary for providing the Services.
- Where our anti-fraud agencies, credit reference agencies and other service provider that are based outside your territory or outside the EEA, require access to Data Subjects’ data to perform their obligations to us and provide the requested Services to you.
- Where Personal Information is processed by staff operating outside your territory or outside the EEA who work for us or one of our suppliers. Such staff may be engaged in, among other things, the fulfillment of orders, the processing of payment details and support services in provision of the Services. Where such staff is acting on behalf of Company, we will take all steps reasonably necessary to ensure that Personal Information is treated securely and in accordance with applicable law and with this Policy.
- To satisfy applicable laws and regulations, if and as applicable, including reports to Anti Money Laundering Authorities and to any other competent authority outside of the EEA.
In these and similar cases where recipients of Personal Information are located outside the EEA, we will take all steps reasonably necessary to ensure that Personal Information is treated securely and in accordance with this Policy, including the use of any adequacy mechanisms required by law to ensure that the transfer is lawful.
- We may retain Data Subjects’ Personal Information in conformance with applicable laws, usually for 8 to10 years, in order to: comply with legal requirements or to protect Company's legal interests, prevent fraud, resolve disputes, troubleshoot problems, assist with any investigations, enforce the Terms and Conditions and take other actions otherwise permitted by law.
- In addition, we will retain Personal Information after your or your company’s registration to the Services is cancelled, or if your or your company’s application is declined or abandoned, for as long as permitted under any applicable law, for legal, regulatory, fraud and other financial crime prevention.
- Personal Information required for legal proceedings and/or compliance purposes (such as AML and KYC procedures), will be retained for a period permitted under the Lithuanian law, usually 8-10 years.
- Personal Information concerning Data Subject’s transactions, including but not limited to chargebacks, refunds and legal proceedings, will be retained for a period of 8 years, or according to the longer of your company’s and/or bank’s relevant policies regarding chargebacks or refunds, as case may be.
THIRD PARTY SOFTWARE/SERVICE
USE OF “COOKIES”
LEARN MORE on what is a cookie and how you can disable it:
What is a cookie?
Cookies are alphanumeric identifiers that are transferred to and stored in your device through your web browser for record-keeping purposes. Some cookies allow making it easier for you to navigate a website, while others are used to enable a faster log-in process or to allow to track your activities on a website.
When you access the Website, you will be presented with a message bar requesting your consent to set those cookies. By continuing to browse the Website, you are enabling us place cookies on your computer and/or our partners to provide a better experience and service to you.
Cookies generally process your IP-address but they do not save your personal information like e-mail address or phone number.
This Website may place the following type of Cookies:
- Security cookies: these cookies, such as Cloudflare, allow the determination of the nature of the traffic, in order to assess whether there is a real individual or a bot trying to affect the system.
- Essential cookies: These cookies are necessary to allow you access and move around our Website and use all its features. Without these cookies, you would not be able to access our Website and/or to use certain important features.
- Visitor Cookie: These cookies are part of our security mechanism and are used to identify visitors (visitor representing a specific computer) of the Website,
- Analytics cookies: This Website also uses analytics cookies placed by Google Analytics (including Google Tag Manager) to measure the number of visits and the parts of the website that are the most popular among our Website visitors as well as for benchmarking purposes. This information is used to provide aggregated and statistical information on the use of this Website and is used to improve the contents of this Website to enhance your user experience. To opt-out of Google Analytics, please go to: https://tools.google.com/dlpage/gaoptout/ (or to other Google link as may be updated from time to time)
- Advertising cookies: These third party cookies, such as Google Adwords, help ensure that our advertisements are as relevant to you as possible. These cookies track and record information (including by Google) regarding your browsing habits and activity, and use this information to enable us to show you relevant/personalised marketing content across the Internet. Using these cookies, our third party vendors may collect personally identifiable information (for instance when information collected by such cookies is associated with your Google Account) and use this to display our targeted advertising to you. For example, some advertising cookies help select advertisements that are based on your interests. You can opt out of Google’s use of the abovementioned cookies by visiting Google’s Ads Settings: https://adssettings.google.com/authenticated (or other Google link as may be updated from time to time).
You can choose to enable or disable Cookies in your internet browser. By default, most internet browsers accept cookies but this can be changed.
A user may oppose the registration of cookies in his/her connected terminal by setting his/her Internet browser as follows:
- Select "Edit" then "Preferences" menu
- Click on the "Security" icon
- Select the desired options for cookies
For Mozilla Firefox
- Select "Tools" then "Options" menu
- Click on the "Privacy" icon
- Select the desired options for cookies
For Microsoft Internet Explorer:
- Select "Tools " then "Internet Options" menu
- Click on the "Privacy" tab
- Select the desired level using the cursor
- Select the "Settings " then "Privacy" menu
- Click on the tab " Content Settings "
- Select the desired options for cookies
For further details, please consult the help menu in your internet browser.
You can choose to delete cookies at any time; however you may lose any information that enables you to access the Website more quickly and efficiently including, but not limited to, personalisation settings. You are therefore informed that the opposition to the registration of cookies can make inaccessible all or part of the Website features.
THIRD PARTY SERVICES
SECURITY PRECAUTIONS TO PROTECT INFORMATION
We take a great care in implementing and maintaining reasonable and appropriate security procedures consistent with prevailing industry standards to protect the security of the Website, the Services, and Data Subjects’ Personal Information from accidental loss and from unauthorized access, use, alteration and disclosure.
While we take reasonable precautions against possible security breaches of the Services, no website or internet transmission is completely secure, and we cannot guarantee (i) that unauthorized access, hacking, data loss, or other breaches shall never occur; and (ii) the security of Data Subjects’ data while it is being transmitted to and from the Services; any transmission is at your own risk. Company urges you to take steps to keep your Personal Information safe, including your account password, and to log out of your account after use.
You are responsible for keeping this password confidential and complying with our instructions. You must not share credentials with anyone else, and you authorize the Company to act upon instructions and information from any person that enters your credentials. You also agree to promptly notify us of any information you have provided to us which has changed.
TERMS AND CONDITIONS
Please also review the Terms and Conditions section establishing the use, disclaimers, and limitations of liability governing the use of the Services, at: https://www.caspero.com/terms.
YOUR PRIVACY RIGHTS
Where applicable, you may have certain rights under data protection legislation, including the right to see the Personal Information held about Data Subjects and you may ask us to make any necessary changes to ensure it is accurate and up to date.
LEARN MORE on other rights available:
Where applicable, data protection legislation may also provide the following rights in relation to Personal Information which may also be discussed by Data Subjects with us by using the Contact Us section below or by emailing us at [email protected]:
- request us to give access to it;
- request us to rectify inaccurate or incomplete information, or erase it, where applicable;
- request us to restrict or to stop our using it, in certain circumstances;
- withdraw your consent to our using it, where applicable;
- data portability, in certain circumstances;
- opt out from our direct marketing; and
- lodge a complaint with the relevant Data Protection Authority.
If you have any additional questions or concerns about this Policy, please feel free to contact us any time through the Services or email at [email protected], or by writing to us at Jogailos street 4, Vilnius LT-01116, Lithuania or by calling us at +370 694 00234.