We are grateful for the trust you place in us with regard to the protection of your personal data and to respect your right to confidentiality in accordance with data protection legislation. As new technologies have transformed the way personal data is collected, used and stored, customer trust and respect for the privacy of personal data remain key goals of PayTop. The terms “we”, “our”, “our” refer to PayTop as an authorized Payment Establishment for the services covered by the Master Agreement for Online Fund Transfer Services (the “Master Agreement”) and responsible for processing customer personal data for the purposes referred to in the said Master Agreement.
We believe that it is important to clearly explain to our customers when they subscribe to our Master Agreement in order to use the services offered via the “Paycell : Money Transfer” Application, how personal data are collected, used and protected by PayTop and disclosed to “Paycell : Money Transfer” for certain processing purposes relating to the management of the commercial relationship with customers, as referred to in the Terms of Service of the Application, as well as the advantages that this use brings and the protections implemented against unauthorized access and use; “Paycell : Money Transfer” being the owner of the Application operating in white label under the licence PayTop as a Payment Establishment.
As data controller defining for what purpose and how your personal data are used, PayTop is aware of the importance of the confidentiality and security of the personal data processed and of compliance with Regulation (EU) 2016 / 679 of the European Parliament and of the Council of April 27, 2016 (RGPD), of the Information and Freedoms law, n ° 78-17 of January 6, 1978 and of the E-Privacy directive of July 12, 2002 ("legislation relating to the regulation in force ”).
This customer data protection policy describes how we collect and use your personal information. Definitions
It is any information relating to an identified or identifiable natural person. This concept includes both classic data such as surname, first name, telephone number, postal address, e-mail address, date of birth as well as other more atypical data such as IP address, location data, or banking data as such information is transmitted for the completion of a transfer transaction.
It is any automated or manual operation applied to personal data, regardless of the collection process implemented (registration, adaptation, extraction, use, etc.) and the medium used in order to anticipate technological developments.
Data processing is carried out by a controller who ensures that the processing is carried out in a highly secure manner. As part of the payment services offered in the “Paycell : Money Transfer” Mobile Application, the data controller will be PayTop.
We may collect, record and use personal data concerning you in electronic form directly from you when you subscribe to our Master Agreement and when you register on the “ Paycell : Money Transfer” Application.
This data will be processed in accordance with data protection legislation and in the manner set out in this privacy policy.
The personal data that we collect and process include:
- Your identification data (surname, first name, date of birth, place of birth)
- Proof of your identity (identity card, passport, identity document numbers, selfie)
- Your contact details (mobile phone number, email address)
- Data relating to the client's profile (nationality, main residence, tax residence)
- Your bank details (bank details such as IBAN, name of your bank, supplier)
- Customer identification data (user name)
We also collect the data you provide us with regard to the beneficiaries to whom you wish to send money (last name, first name, bank account statement and name of the bank / supplier, phone number, wallet number).
By providing us with such data, you confirm that you have obtained the consent of such persons as to the reasonable use of their data for the purposes specified in this policy, or that you are otherwise authorized to provide us with such data on their behalf.
By the terminology ““Paycell : Money Transfer” Application” or “Application” we mean the Mobile Application running on Android or iOS devices, which can be downloaded from Google (Android) or App (iOS) online stores on any mobile device from which you can access the services offered therewith.
The applicable legal bases are as follows:
• The law: the processing of your personal data is made compulsory by law
• The contract: the processing of your personal data is necessary for the performance of the contractand / or precontractual measures
• Legitimate interest: we have a commercial interest in processing your personal data in a lawful, fairand transparent manner.
• Consent: you have accepted the processing of your personal data through express consent that youcan withdraw at any time.
A legitimate interest arises when we have a professional or business reason to use your personal data in the conduct and management of our business. abs0 the context of money transfer activities, we will not be able to provide our services to you if you do not provide us with your personal data, in particular your banking data and those of your beneficiaries.
The personal information we collect may be used for different purposes. Each processing of your data by PayTop and their disclosure to “Paycell : Money Transfer” is based on a legal basis in accordance with and adapted to the legislation in force, whether for the execution of the contract, in accordance with a legal obligation, for the execution of a task of public interest or relating to the exercise of public authority, in the case of a vital or legitimate interest or based on your freely given and unequivocal consent to said processing.
|
Purpose of processing |
Legal ground |
Retention period |
|
Management of the mobile application (ex: cookie) |
Consent |
Thirteen (13) months maximum after their first deposit in your terminal equipment |
|
Provision of payment products and services |
Execution of the contract |
Five (5) years concerning the elements of identity from the end of the commercial relationship |
|
Statistical and satisfaction studies |
Legitimate interest in improving the service offered / consent |
Maximum of ten (10) years from the study and depending on its nature |
|
Verification of documents for evidentiary purposes Fight against money laundering and terrorist financing |
Legal obligation and legitimate interest Legal obligation |
Five (5) years with regard to Transactions made from their execution Six (6) months for telephone records with Customer Service Five (5) years from the execution of the Operation |
|
Fraud Payment data (excluding cryptogram) |
Legal obligation Legal obligation |
Ten (10) years from the closure of the fraud file Thirteen (13) months, following the debit date for handling complaints; until consent is withdrawn or the Card expires for top-ups |
|
Commercial prospecting (sending of commercial communication by phone, mail, sms, email) |
Consent |
Three (3) years from the end of the business relationship or the last contact from the prospect |
Your personal information may be communicated to reliable partners and subcontractors located in a Member State of the European Union or outside the European Union offering appropriate guarantees for the respect and effectiveness of your rights such as the Privacy Shield, for the execution of the subscribed payment products and services. This subcontracting allows PayTop to ensure the compliance of the services offered as well as to strengthen its fight against money laundering and the financing of terrorism. PayTop continuously ensures that all of its partners and subcontractors respect your rights to protect your personal data.
In addition, this information can be transmitted to French and foreign authorities to comply with legal obligations.
Do not hesitate to write to us, our personal data protection officer is available for any request for information.
In order to ensure the protection of your personal information, we strive to put in place physical and technical security measures adapted to our activity and in accordance with applicable standards.
PayTop is committed to ensuring the utmost security in the backup, conservation, integrity and confidentiality of this data. Under no circumstances will this data be transmitted or sold to third parties.
PayTop or its partners are authorized to communicate any operational incident to public or private establishments in charge of centralizing this information.
Protecting our information systems and the personal data of our users is essential to ensure that customers who use the “Paycell : Money Transfer” Application, the products, services and technologies offered through them do so securely. It is also essential so that we can maintain the trust of our users. We have taken the following measures to protect your personal data:
Paytop has technical, administrative and physical mechanisms in place to protect against unauthorized access, use or disclosure of personal customer data that we collect or store.
We implement various security measures to ensure the security of your personal data when you enter it, send it or access it.
We offer the use of secure transmission, processing and storage services through standardized security mechanisms.
All personal data relating to your banking data (such as IBAN) provided is encrypted using TLS technology during transmission to prevent misuse of your personal data. Card numbers, issuance and expiration dates are stored on our company's main data processing systems.
Your personal data may be accessible to persons with special permissions to these systems, and who are required to maintain the confidentiality of personal data. Authorized staff cannot access personal data such as access codes to your mobile application, namely the combination of your phone number with a unique OTP code received by SMS.
No method of transmission over the Internet or of electronic storage is 100% reliable. Thus, we cannot guarantee absolute security. If you have any questions about security, you can contact us at dpo@paytop.com.
In order to always be as close as possible to your expectations, PayTop may send a newsletter about its products and services that may be of interest to you. The data necessary for sending newsletters or marketing emails are your name, first name and email address. A link at the bottom of the page of each newsletter will allow you to unsubscribe at any time.
In accordance with the law transposing the general regulation on the protection of personal data, you have rights which we are required to respect.
What are your rights as a person?
• A right to information about the processing of your data; PayTop makes it a point of honour toprovide you with clear, fair and transparent information on the processing and collection of your data;
• A right of access to your personal information transmitted; you have the right to obtain from us confirmation that your data is being processed or not, the purposes of the processing, the recipient of the data, the possible transfer of the latter as well as a copy of said data;
• A right to rectify inaccurate or incomplete data; you can obtain from us the rectification of your dataif it turns out to be erroneous or inaccurate;
• A right to object to certain processing operations, in particular those for the purpose of commercialprospecting;
• A right to erase your data that is the subject of unlawful processing; you have a right to be forgotten only when the processing of your data does not concern the performance of the contract and you have terminated the said contract;
• A right to portability making it possible to receive your data provided in a usable format in order to transmit them to another payment service provider. To do so, two conditions must be met, the processing must be carried out using automated processes and the processing must be based on consent or the contract. Data portability only applies to data that you have provided to us about yourself;
• A right to limit processing when the person has objected to it, when they contest the accuracy of the data, when their processing is unlawful, or when they need it for the establishment, exercise or defense of his legal rights.
To exercise any of its rights, without prejudice to your other rights, simply write online to the email address dpo@paytop.com. Your request will then be sent directly to our data protection officer. A response will then be sent to you within one (1) month of receipt of the request; two (2) additional months will be necessary if the answer is longer and complex to achieve. You can also send us at the same addresses your instructions relating to the storage, erasure and communication of your personal data after your death.
In addition, you can register on the list of opposition to canvassing by telephone on the site www.bloctel.gouv.fr. You also have the right to contact the CNIL (www.cnil.fr).
It is reminded for your information that the consent given is not final and may, depending on the purpose of the processing and according to your expectations, be withdrawn at any time by you.
We may update this Customer Data Protection Policy to reflect changes in our practices relating to personal data. If we make significant changes, we will notify you by email (sent to the email address specified in your account), or via a link accessible from the mobile application before the changes take effect. We encourage you to review this page regularly to stay informed of changes in our privacy practices.
If we decide to change our Customer Data Protection Policy, we will post those changes on the “Paycell : Money Transfer” Mobile Application to keep you informed and seek your consent where applicable. If you have any questions about this Policy, if you need additional information, if you wish to exercise your rights or if you wish to report an incident of a personal data privacy breach, our personal data protection officer is at your disposal at the following email address: dpo@paytop.com.
PayTop SAS, a simplified joint stock company with a capital of €4,509,962.5050, whose registered office is located at 1, Rue de Stockholm 75008 Paris, registered in the Paris Trade and Companies Register under number 487 568 446, licensed under number 16 408 and supervised by the ACPR, located at 4 place de Budapest, CS 92459, 75436 PARIS CEDEX 09 (http://www.acpr.banque-france.fr/home.html) as a payment establishment; such accreditation can be consulted on the public register at the following address: https://regafi.fr (PayTop's website is http://www.paytop.com)