Last updated: November 29, 2022
Thank you for using iWallet!
iWallet may provide additional "just-in-time" disclosures or additional information about the data collection, use and sharing practices of specific Services. These notices may supplement or clarify iWallet's privacy practices or may provide you with additional choices about how iWallet processes your personal information.
1. THE DATA WE COLLECT ABOUT YOU
Personal Data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). We may collect, use, store and transfer different kinds of Personal Data about you which we have grouped together as follows: • Identity Data, including first name, maiden name, last name, username or similar identifier, title, and gender. • Contact Data, including your address (es), email address (es) and telephone number(s). • Financial Data, including bank account details. • Transaction Data, including interactions you may have had with us. • Technical Data, including internet protocol (IP) address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website(s). • Profile Data, including your CV, professional background and career history. • Usage Data, including information about how you use our website, products and services. • Marketing and Communications Data, including your preferences in receiving marketing from us and third parties and your communication preferences.
We do not intend to collect the following special categories of Personal Data about you: your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. Here are some specific examples of the types of Personal Data iWallet may collect and how we may use it: When you create an account or use iWallet Services, we, or our affiliates or our vendors acting on our behalf may collect the following types of data to meet our legal obligations: your name, date of birth, social security number, driver number ID, personal ID, address, phone, email, full bank account details and/or credit card numbers that you link to your iWallet account or input when you use iWallet Services. iWallet will use this information to fulfill your requests and provide the relevant Services. If you seek permissions to raise Digital Currency buy and sell limits associated with your iWallet Account, we may require you to provide additional data which we may use in collaboration with service providers acting on our behalf to verify your identity or address, and/or to manage risk as required under applicable law. This information may include your date of birth, taxpayer or government identification number, a copy of your government-issued identification, or other personal information. We may also obtain information about you from third parties such as credit bureaus and identity verification services. You may choose to provide us with access to certain Personal Data stored by third parties such as social media sites (such as Facebook and Twitter). The information we have access to varies by site and is controlled by your privacy settings on that site and your authorization.
IF YOU FAIL TO PROVIDE PERSONAL DATA Where we need to collect Personal Data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may cancel a service you receive from us but we will notify you if this is the case at the time.
Please be informed that we have a legal obligation. For example, "Know your Customer" and AML compliance requirements are governed by, among other laws, the Bank Secrecy Act (1970) (USA), the USA Patriot Act (2001) (USA), EU Directive 2015/849 (AMLD IV) on anti-money laundering and terrorist financing, EU Directive 2018/843 (AMLD V) on anti-money laundering and terrorist financing and EU Member State implementing legislation such as the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 (as amended) (Ireland).
(2) HOW WE COLLECT YOUR PERSONAL DATA
We use different methods to collect data from and about you including through: (i) Direct interactions. You may give us your Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise. (ii) Automated technologies. As you interact with our website(s), we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this Personal Data by using cookies, server logs and other similar technologies. (iii) Third parties or publicly available sources. We may receive Personal Data about you from various third parties and public sources such as Technical Data from analytics, technology and hosting providers, Identity and Contact Data from business networks, data brokers or aggregators and from publicly availably sources. (iv) Relationship data: We may collect or obtain your Personal Data in the ordinary course of our relationship with you (e.g., we provide a service to you, or to your employer). (v) Credit Bureaus, Public Databases & ID Verification Partners: We may obtain Personal Data about you from public databases and ID verification partners for purposes of verifying your identity. ID verification partners use a combination of government records and publicly available information about you to verify your identity. Such information includes your name, address, job role, public employment profile, credit history, status on any sanctions lists maintained by public authorities, and other relevant data. We may obtain such information to comply with our legal obligations, such as anti-money laundering laws. In some cases, we may process additional data about you based on public interest grounds to ensure our Services are not used fraudulently or for other illicit activities. (vi) Resellers, Channel Partners, Joint Marketing Partners, and Social Media Platforms: We may collect Personal Data about your publicly available social media profile, interests or preferences, and page-view information from some business partners with which we operate co-branded services or joint offerings. There are multiple purposes for collecting this information. First, we process such information to better understand you and/or maintain and improve the accuracy of the records we hold about you as well as to position, promote or optimize our Services. In addition, we may also use this information in conjunction with your browsing habits / preferences (as obtained from our data partners) and your contact details, professional information and iWallet transaction history to deliver targeted advertising and marketing to you, where permitted by applicable law and in accordance with your advertising / marketing preferences. Second, we also process such information to provide support to you as part of our contractual obligations to you. Lastly, we process such information in the public interest because it helps us monitor, prevent and detect fraud. Once we obtain such information from third parties, we do not subsequently share it with any other third parties except as described in this Policy. This information is shared with iWallet's processors and corporate group as necessary to perform the Services.
(3) HOW WE USE YOUR PERSONAL DATA
We only use your Personal Data when the law allows us to. Generally, we will use your Personal Data in the following circumstances: (i) Where we need to perform a contract we are about to enter into or have entered into with you. (ii )Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. (iii) Where we need to comply with a legal or regulatory obligation. (iv) When you have expressly consented to us processing your Personal Data. Where consent is relied on, you have the right to withdraw it at any time by contacting us. (v) Where the processing is necessary to protect the vital interests of any individual; or (vi) Where we have a legitimate interest in the processing of your Personal Data. The balancing test we have conducted in each case is as follows: (a) we have ensured that the Processing is lawful, proportionate, and conducted in accordance with the terms of this Policy; (b) we have ensured that we have a legitimate business need to perform the Processing; and (c) we have ensured that there is no material likelihood of any adverse impact on your interests, fundamental rights, or freedoms, as a result of the Processing.
(4) PURPOSES FOR WHICH WE MAY PROCESS YOUR PERSONAL DATA
We may process your Personal Data for the following purposes, subject to applicable law: • Our Sites: operating and managing our Sites; providing content to you; displaying advertising and other information to you; communicating and interacting with you via our Sites; and notifying you of changes to any of our Sites, or our Services. • Members: communicating with you regarding your Membership (or prospective Membership), where applicable, and to keep you up to date with new developments at iWallet. • Communications: communicating with you via any means (including via email, telephone, text message, social media, post or in person) information in which you may be interested (e.g., new product offerings, information relevant to you as an iWallet client), subject to ensuring that such communications are provided to you in compliance with applicable law; maintaining and updating your contact information where appropriate; and obtaining your prior, opt-in consent where required. • Communications and IT operations: management of our communications systems; operation of IT security systems; and IT security audits. • Financial management: sales; finance; corporate audit; and vendor management. • Surveys: engaging with you for the purposes of obtaining your views on our Services. • Security: physical security of our premises (including records of visits to our premises; and CCTV recordings); and electronic security (including login records and access details). • Investigations: detecting, investigating and preventing breaches of policy, fraud, and violations of law, in accordance with applicable law. • Legal proceedings: establishing, exercising and defending legal rights. • Legal compliance: compliance with our legal and regulatory obligations under applicable law. • Improving our Sites, Services: identifying issues with our Sites, or our Services; planning improvements to our Sites, or our Services; and creating new Sites, or Services. • Recruitment and job applications: recruitment activities; advertising of positions; interview activities; analysis of suitability for the relevant position; records of hiring decisions; offer details; and acceptance details. • Aggregate your information on an anonymous basis with other data for data analytical and reporting purposes.
(5) DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES
(6) HOW PERSONAL DATA IS SHARED WITH THIRD-PARTY SITES AND SERVICES Please note that merchants you interact with may have their own privacy policies, and iWallet is not responsible for their operations, including, but not limited to, their information practices. Information collected by third parties, which may include such things as contact details or location data, is governed by their privacy practices. We encourage you to learn about the privacy practices of those third parties. If you authorize one or more third-party applications to access your iWallet Account, then information you have provided to iWallet may be shared with those third parties. Unless you provide further authorization, these third parties are not allowed to use this information for any purpose other than to facilitate your transactions using iWallet Services.
(7) OPTING OUT We offer you the opportunity to receive marketing information from us. We will normally send direct marketing by email if we have your email address, but may choose to contact you via other methods, if you have provided your consent for us to market to you using these methods. If you consented to receive marketing communications when you registered and created a customer account, you can tell us that you do not wish to receive any more at any time by selecting the ‘unsubscribe’ option in the marketing communications we send or at any time by changing your account preferences.
(11) DATA ACCURACY We take every reasonable step to ensure that: • Your Personal Data that we process are accurate and, where necessary, kept up to date; and • Any of your Personal Data that we process that are inaccurate (having regard to the purposes for which they are processed) are erased or rectified without delay. From time to time we may ask you to confirm the accuracy of your Personal Data.
(12) DATA RETENTION We will only retain your Personal Data for as long as we believe necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, reporting or audit requirements. To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements. Details of retention periods for different aspects of your Personal Data are available by contacting us firstname.lastname@example.org.
(13) YOUR LEGAL RIGHTS Under certain circumstances, you have rights under data protection laws in relation to your Personal Data. These include rights: • To request access to your Personal Data (commonly known as a “data subject access request”). This enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it. • To request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us. • To request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your Personal Data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request. • To object to processing of your Personal Data. This is where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your Personal Data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms. • To request restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of your Personal Data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it. • To request the transfer of your Personal Data to you or to a third party. We will provide to you, or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you. • To withdraw consent. This occurs at any time where we are relying on consent to process your Personal Data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent. If you wish to exercise any of the rights set out above, please contact us email@example.com.
(15) NOTE REGARDING CHILDREN (UNDER 18 YEARS OF AGE) Please note that we do not knowingly permit or solicit information from individuals under eighteen (18) years of age. In addition we do not knowingly market our products or Services to individuals under eighteen (18) years of age. You may use our Services only with involvement and permission of a parent or guardian.
(16) DIRECT MARKETING We may process your Personal Data to contact you via email, telephone, direct mail or other communication formats to provide you with information regarding services that may be of interest to you. If we provide services to you, we may send information to you regarding our services, upcoming promotions and other information that may be of interest to you, using the contact details that you have provided to us and always in compliance with applicable law. You may unsubscribe from our promotional email list at any time by simply clicking on the unsubscribe link included in every promotional email we send. After you unsubscribe, we will not send you further promotional emails, but we may continue to contact you to the extent necessary for the purposes of any services you have requested.
(17) CALIFORNIA PRIVACY RIGHTS If you are a California resident, you have the right to request information from us regarding the manner in which we share certain categories of your Personal Data with third parties for the third parties' direct marketing purposes. California law provides that you have the right to submit a request to us at our designated address and receive the following information: (a) the categories of information we disclosed to third parties for the third parties' direct marketing purposes during the preceding calendar year; and (b) the names and addresses of third parties that received such information, or if the nature of their business cannot be determined from the name, then examples of the products or services marketed. You are entitled to receive a copy of this information in a standardized format and the information will not be specific to you individually. You may make such a request by emailing firstname.lastname@example.org.
(18) CONTACT DETAILS For the purposes of this Policy, iWallet is the Controller. You may contact us at via post, telephone, fax, email or via our online Contact Us form. If you have any comments, questions or concerns about any of the information in this Policy, or any other issues relating to the Processing of Personal Data carried out by us, or on our behalf, please contact us at email@example.com or by calling us at 1-866-376-4880.