Introduction

This data protection policy (Data Protection Policy) describes how SYSPAY (hereafter SYSPAY or ‘we’ or ‘us’ or ‘our’) collects, uses, stores, processes and protects the personal data of users browsing/and or using the services (hereafter “Users” or “you” or “your” or “yours) from the https://cashlib.com/ website (hereafter the “Site”).

We know how important privacy and protection of confidential information is important for our users, which is why we only collect the information we need as part of our Services on our Site and we will not share this personal data (hereafter ‘Personal Data’) with any third parties other than those defined in this Data Protection Policy.

The purpose of this Data Protection Policy is to describe how the Users’ Personal Data is handled by SYSPAY. and for what purposes it is processed.

Under the applicable data protection legislation, the person responsible for the processing is SYSPAY, as the publisher of the Site, whose head office is located at 3B, Wied Ghomor Street, St. Julians STJ 2041 MALTA and which is registered in the Register of Trade and Companies under the number C 51532.

SYSPAY is committed to ensuring that the Personal Data it uses is used in accordance with applicable regulations, and in particular the Law of 1 August 2018 on the protection of individuals in relation to the handling of personal data in criminal matters as well as in matters of national security, transposing the General Data Protection Regulation (EU) 2016/679 of 27 April 2016 (hereafter the Regulation’ or ‘the Regulation’s).

 

1- Collected Data Policies

For the duration of the use of the Site and the Services, SYSPAY is likely to collect any information, directly or indirectly identifying the User, necessary to create an account on the Site and/or necessary for access to the Site’s services.

Personal Data collected on the Site in connection with the use of the services or the creation of an SYSPAY account is required in order to access the services offered by SYSPAY via the Site, including for the purchase and use of CashLib coupons (hereafter the “Services”).

Sometimes, some data collected may not be considered as Personal Data but are also processed by SYSPAY. as part of the Services.

All collected data categories that we are or may collect are presented in the table below:

Data categories

Data collected or that can be collected

Policy

Personal personal data
  • first name,
  • Date of birth
  • e-mail address,
  • postal address,
  • phone number
  • demographics (city, zip code, country)
  • Data on your ID (Passport or ID card)

Banking and financial data
  • means of payment (e.g. bank cards),
  • payment transaction data,
  • bank transaction statement
  • bank identity statement
  • Bank or credit card statement
  • Origin of fund form

Connection data
  • IP address

Navigation and interaction data
  • Your activity on the Site (number of pages viewed, Services viewed, …)

Other Data

Company data
  • Name of the company

Non-nominal login data
  • site’s list of URLs,
  • Your type of browser and relevant version,
  • your operating system

Documents needed to comply with financial regulations
  • all documents containing personal data necessary to comply with financial regulations, such as anti-money laundering (AML-CTF) and Know Your Customer (KYC), including:
  • National identity card or passport,
  • proof of transfers and/or deposit of funds,
  • proof of residence,
  • selfie or photograph or video sequence of the Customer,
  • Any other documents that are necessary.

 

 

2- For what finalites and on what legal basis do we collect your data? 

We treat your personal data in the act of our Services on our site. The legal basis of our treatment of the Personal Data is either the execution of a contract with the User (acceptance of the General Terms of Purchase or the Use of  the Site) or the legitimate interest SYSPAY or the compliance with regulatory obligations (e.g. anti-money laundering or terrorist financing).

Specifically, we can use your Personal Data for the following purposes:

  • Providing the Services to the User on the Site;
  • Processing the payments under the SYSPAY’s Services SYSPAY. on its website or on its partners’ website;
  • Comply with the anti-money laundering and terrorist financing regulations or any other equivalent  regulations;
  • Protect our systems against any fraud;
  • Provide and improve our Services to the Users.

With your consent or when the Regulations allows us, we may also use your Personal Data for marketing purposes, including emailing you to inform you of new offers on our Services or on services similar to those offered on our Site. However, we will not send you any unsolicited commercial prospecting or SPAM and we will take all necessary measures to respect the exercise of your rights in accordance with the Regulations.

 

3- Are your data shared?

SYSPAY. shares The Personal Data provided by Users with subcontractors in connection with the provision of its Services on the Site.

The various third-party recipients who may have access to or process your Personal Data are listed below:

 

Partner

Privacy Policy Information

Sift

https://sift.com/service-privacy

Algoreg

https://www.algoreg.com/about-us

Ovh

https://www.ovh.com/fr/protection-donnees-personnelles/

 

With the exception of what is expressly stated, above, SYSPAY. never shares or transfers Users’ Personal Data to any other third party, without informing and obtaining the users’ prior consent, unless under applicable law, a court order or a legitimate request from a competent jurisdiction or administrative authority compels SYSPAY. to do so.

Users’ Personal Data provided under the Services may be subject to data transfer outside the European Economic Area (‘EEA’) (the EEA includes all EU member states, plus Norway, Iceland and Liechtenstein). When SYSPAY. transfers Personal Data to its subcontractors outside the EEA, SYSPAY will take all appropriate steps to ensure that Users’ Personal Data is processed as securely as it would be within the EEA.

 

4- Personal data retention 

All personal data is processed and stored securely, for a period not exceeding what is necessary to achieve the purposes for which it was originally collected by SYSPAY.

The Personal data will therefore be kept for the following periods (or their retention will be determined on the following basis): SYSPAY stores and processes your Personal Data for the duration of the provision of the Services until the closing of your account on the SYSPAY. website. However, Personal Data may be retained with limited access within SYSPAY. for up to 5 years for probationary purposes or up to 10 years as part of its regulatory obligations, including anti-money laundering regulations.

If your account remains inactive for more than 5 years, your Personal Data will be removed from the SYSPAY. systems in order to respect the users’ right to be forgotten.

To send commercial prospecting at the end of our contractual relationship, we may keep your Contact Data in our files for a period of five (5) years from the end of our contractual relationship and you will conduct commercial prospecting based on the information you have provided to SYSPAY.

 

5- Security of your personal belongings 

SYSPAY is committed to protecting the Personal Data communicated through its  Services from loss, misuse, disclosure, tampering, unavailability, unauthorized access and destruction, and takes all reasonable precautions to protect the privacy of Personal Data, including by taking appropriate organizational and technical action on our Site.

The steps we take to secure and protect your Personal Data include:

  • The implementation and maintenance of a rigorous internal data protection policy (including a strict access rights and policy) that involves different rights of use and access depending on the different levels of authorisation of IT admins personal;
  • Sensitive access to the systems is protected by double or triple authentication, assuming strong passwords, IP address restrictions and authentication with unique password;
  • The security measures and server-side firewalls encrypt end-to-end all connections and data with an SSL certificate signed and verified by a competent authority;
  • The databases and all user information are regularly backed up and encrypted to ensure total end-to-end integrity from start to finish.

 

Although SYSPAY. makes every effort to protect Personal Data provided through its Service, the transmission of information over the Internet cannot be completely secure. As such, Users recognize and accept that the security of their Personal Data transmitted over the Internet cannot be fully guaranteed and that it is up to them to take the necessary precautions when transmitting their Personal Data.

 

6- What are your rights? 

In accordance with the Regulations, you have the right to access, change, rectify, limit, object and remove Personal Data concerning you.

These rights are not absolute and each of these rights is subject to certain conditions in accordance with the applicable National Regulations and laws.

  • The right of access: Any User has the right to obtain confirmation from SYSPAY whether or not personal data about him or her is being processed by SYSPAY. The User also can obtain additional information on how they are used. Any User can also assert their right of access by requesting a copy of the Personal Data about him or her.
  • The right to rectify: Users can contact SYSPAY. to ask to correct their Personal Data if they are inaccurate or incomplete (for example, if we have the wrong name or address).
  • The right to be erased or the right to be forgotten: Users may request the erasure or deletion of their Personal Data when, for example, they are no longer required for the purposes for which they were collected or when their use is illegal. However, this is not a general right to erasure and there are a few exceptions, for example when SYSPAY. must use the information in the context of a court proceeding or in order to comply with a legal obligation.
  • The right to limit processing: Users have the option to request blocking or prevent the subsequent use of their Personal Data when SYSPAY. analyzes a rectification request or as an alternative to the deletion. Where the request for limitation is deemed justified, SYSPAY. can still retain the Personal Data, but can no longer use it for other purposes.
  • The right to data portability: Users have the right to obtain communication and reuse certain Personal Data processed by SYSPAY. for their own purposes and to communicate it to third parties (who are separate data handlers). This right applies only to Personal Data provided by Users, processed by SYSPAY on the basis of the User’s consent or for the purpose of executing the contract and which are subject to automated processing. If requested by the User, SYSPAY. will provide a copy of its Personal Data in a structured, commonly used and machine-readable format or (where technically possible) SYSPAY. will be able to transmit your Personal Data directly to another processing manager.
  • The right to object: Users have the right to object to certain types of treatment, in certain circumstances and for legitimate reasons. SYSPAY. will cease to treat Personal Data, except in the case of a legal or regulatory obligation, or on a probationary basis, particularly in the exercise or defence of its rights as a result of potential claims. This objection may result in SYSPAY’s inability to provide the subscribed Services.
  • The right to withdraw your consent: For Personal Data processed by SYSPAY. on the basis of  Your  consent, the User may withdraw his consent at any time. However, such withdrawal does not affect the legality of the treatment that took place prior to the withdrawal. Withdrawal of your consent may result in SYSPAY. not being able to provide the subscribed Services.
  • The right to provide us with guidance on the use of your Personal Data after your death: Any User has the opportunity to provide instructions on the management (for example, preservation, erasure and disclosure) of their  Personal Data after death. You can change or revoke your instructions at any time.

Similarly, you have the right to lodge a claim with the National Data Protection Commission’ (CNPD) for any breach on the part of SYSPAY in the current data protection regulations: https://cnpd.public.lu/fr/particuliers/faire-valoir.html

 

7- Access to your personal details 

You have the right to access your Personal Data and request a copy of any of the Data Personal that we hold. Under the Regulations, no fees are payable, and we will provide all the information in our possession free of charge in response to your request.

SYSPAY. will review your application and provide you with an appropriate response within the time frame provided by the applicable Regulations.

For any requests related to your Personal Data or for any questions relating to your Personal Data, please contact us at: compliance@syspay.com

 

8- How can you control your business? 

In addition to the rights under the Regulations set out above, when you provide Personal Data via our Site, you can manage your Personal Data directly on your account accessible on the Site.

In particular, you may object at any time to the treatment of your Personal Data for commercial prospecting or for direct marketing purposes (including the possibility of refusing to not receive our emails, which you can do by unsubscribing by using the links provided in our emails or during the time when your provide your Personal Data or when you manage your account.

 

9- Changes to the present data protection policy 

We reserve the right to update this Policy at any time. Please check this Policy on our website regularly to be informed of any changes. We can also notify you by any means of any changes in the processing of your Personal Data.