Privacy Policy of Bankingblocks
Bankingblocks (“We”, “Us”, “Our”) operates all financial services through its group sister company, Oonex S.A., a company (0849185510 – RPR Brussels) which is duly registered according to the laws of Belgium and holder of a Payment Institution License. Bankingblocks respects the privacy of its clients, website users and/or visitors (“You”, “Your”, “Data Subject”) and anyone else concerned in accordance with the applicable laws in force, most importantly the General Data Protection Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data; and Belgium Law of 30 July 2018 on the protection of privacy in relation to the processing of personal data.
Data processing purpose
We process your personal data in accordance with the applicable laws if at least one of the following applies:
- The processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (Art. 6 1b) GDPR). Personal data is processed to conduct financial services and banking transactions in order to fulfil our contractual and pre-contractual obligations. These actions are only taken when requested by you. You find the data processing purpose in the respective product category as well as in the General Terms and Conditions.
- The data subject has given consent to the processing of his or her personal data for one or more specific purposes (Art. 6 1a) GDPR) In case you gave your consent to the processing of your personal data for specific purposes, the processing is permitted on the legal basis of your consent. Your consent is revocable at any time. If you revoked your consent any processing of your personal data will become unlawful after the revocation. This means that the previous processing of your data remains lawful. You may request information about your given consents at any time.
- Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child (Art. 6 1f) GDPR). If necessary, we process your personal data beyond our contractual obligations in order to protect our legitimate interests or the legitimate interests of a third party, e.g.:
- Marketing or market and opinion analysis
- Enforcement of claims and defence within legal disputes
- To ensure IT security
- To prevent criminal acts
- For business management and the development of services and products
What data we collect
We process your personal data either within our business relation if you are a Bankingblocks customer and if you are using and/or visiting our website. When processing your personal data, we collect certain information about you. Similarly, you may decide to provide us with personal data in the context of a direct relationship that we establish with you.
In addition, you can send us data directly. By way of example, you can communicate data on our websites in order to benefit from a Bankingblocks product or service, when you participate in an offer or a promotion, or in the context of a business or work relationship with our company (whether real or potential).
Personal data that might be collected:
- personal contact information (e.g. name, mailing address, e-mail address, and telephone or fax number);
- professional contact information (e.g. job title, department name and company name);
- username and password;
- credit card information (stored in a PCI DSS-compliant environment);
- financial information (e.g. information on financial accounts and information that may be included in a consumer credit report);
- identification number or access code;
- information provided by you;
- other information (e.g. purchasing behaviour and preferences, language preferences, age, date of birth, gender and family status).
Some data is collected automatically, for example, by means of cookies when you visit our website. Data collected in this way includes the IP address, browser type, operating system, source URLs, information about actions performed on a website, and dates and times of visits. A “cookie” is a text file saved on the hard drive of a computer by a web server.
Cookies
The Bankingblocks website uses “cookies”. These are small text files that are created by a program on the server of the Bankingblocks website and which, under certain circumstances, are saved on the hard drive of your personal computer (PC). The “cookies” are necessary from a technical point of view to ensure good communication between your PC and the Bankingblocks website. In particular, the “cookies” record the language you choose during your first visit to the site, so that you will be automatically served in the language of your choice the next time. If you do not want these cookies to register on your hard drive, you can configure your Internet browser to prevent their access to the hard drive. In that case, Bankingblocks cannot guarantee the correct operation of the websites under its control. If you wish, you can delete these “cookies” from your hard drive after each visit of the website or at any given time.
How we use the collected data
We may use your data to:
- provide protection against the risk of fraud and unauthorised transactions, avoid litigation or liability, and manage risk exposure;
- process your credit card transactions (especially for authorisation, clearing, settlement, chargebacks, and other dispute resolution means);
- create and administer your online account, and respond to your requests;
- provide you with products, services and promotions, and to inform you about them or about new products;
- control, evaluate and improve our commercial activities (in particular, by developing new products and services, managing our communications, determining the effectiveness of our advertising, analysing our products, services and sites internet, increasing the functionality of our websites, carrying out accounting, audit, billing, reconciliation and collection activities);
- improve our interactive resources and monitor their use;
- implement our General Terms and Conditions;
- comply with applicable legislation, industry standards and our rules.
We may also use the collected data for other purposes. Where applicable, we undertake to inform you exactly at the time of collection.
What data we disclose
We do not sell or divulge your personal data collected by us, except for the points mentioned in this privacy statement.
We might share your personal data with other companies affiliated with Bankingblocks (“Group”) or other third parties who process your data permissibly (e.g. to execute orders or contracts or because of your given consent). Furthermore, we process personal data coming from publicly accessible sources (e.g. records of debtors, trade registers, registers of associations, media, press, internet). The collecting and processing of publicly available data is permitted. When using additional Bankingblocks products or products of our business partners additional personal data might be collected, processed and stored. Bankingblocks, all entities within the Group and contracted third-party providers take appropriate measures to protect the confidentiality and security of all processed personal data.
We may disclose your personal information (i) if we have a legal or judicial obligation; (ii) to authorities representing the police force or other state agencies; or (iii) where we consider that such disclosure is necessary to prevent physical or pecuniary loss, or in connection with an investigation of fraudulent or unlawful activity, whether proven or simply suspected.
We also reserve the right to transfer personal data about you if we sell all or part of our business. In the event of such assignment or transfer, we undertake to use our best endeavours to induce the recipient of the personal data you have provided to us to comply with our international privacy rules. Following this assignment or transfer, you may contact the recipient to whom we have transferred your personal data for information about the processing of your data.
Your rights
You may refuse to have a unique cookie ID assigned to your computer to prevent the collection and analysis of data when you visit our websites. If you want to exercise this right to object, most browsers allow you to block cookies, receive a notification when you receive a new cookie and delete existing cookies. However, please note that you will not be able to enjoy all the benefits of the features of our websites if you block cookies.
You may object at any time to our promotional and marketing communications, by following the opt-out option described therein.
You can invalidate a consent you have previously granted to us or exercise a right of objection to the processing of your personal data. Any change in your privacy settings will apply from the moment the change has been made, not retrospectively. In certain cases, by invalidating the consent given to us with regard to the use or disclosure of your personal data, you can no longer benefit from certain products or services of Bankingblocks.
You may exercise a right of objection to the sharing of your personal data with third parties, (i) except in respect of third parties providing services on our behalf; (ii) unless we sell all or part of our business; (iii) unless we have a legal or judicial obligation to disclose such data; (iv) except from law enforcement authorities or other state agencies; or (v) unless we consider that such disclosure is necessary to prevent physical or financial loss, or in connection with an investigation of fraudulent or unlawful activity, that is proven or just suspected.
Subject to the legislation in force, you may have a right of access, a right to information, a right to rectification and a right to object with respect to your personal data. The right of access to personal data may be restricted in certain cases, according to the applicable legislation.
How do we protect your personal data
We take appropriate administrative, technical and physical measures to protect the personal data that you entrust to us against destruction, loss, alteration, access, accidental disclosure, illegal or unauthorised use.
How to contact us
If you wish to perform your right of access, a right to information, right to rectification or erasure of your personal data processed by us, please send your request by e-mail to [email protected].