Privacy Policy

Introduction

At UAB “deVere E-Money” (“deVere”, “the Company”, “we” or “us”), we are dedicated to safeguarding and preserving your privacy when using our Services or communicating electronically with us.

This Privacy Policy, together with our terms of use, (“Policy”), provides an explanation as to what happens to any personal data that you provide the Company, or that we collect from you or other sources whilst using our Services on our mobile application deVere Vault (“App”), our website https://www.devere-emoney.com, with prepaid multicurrency MasterCard card and other online products and non-banking services (“Services”), that enable you to convert currency and make payments swiftly and in a cost-effective manner. You may choose not to provide any information to us, in which case, the Company may be unable to provide its Services to you; services such as, receiving money, sending money and exchanging currency etc.

The Company code is 304469514, the address is Technopolis Delta, J. Balčikonio str. 9 LT-08314, Vilnius, Lithuania. The Company is the electronic money institution, authorized and regulated by the Lithuanian supervisory authority – Bank of Lithuania. The license of the Company and all activities covered by it can be checked here https://www.lb.lt/lt/frd-licencijos/view_license?id=403

All activities of the Company are regulated by the applicable laws related to the electronic money, including, but not limited to the legal acts related to the financial institutions and financial services. The Company is collecting and using the personal data (hereinafter – “Personal data”) of its customers (hereinafter – “Customers” or “you”), the Company is obligated to use and process the Personal data of the Customers only in accordance with this Policy and the applicable legal acts which regulate the protection of Personal data.

The Company updates this Policy from time to time, therefore please do review this Policy regularly.

Principles

Managing Personal Data

The Company commits to comply with the provisions of the Law on Legal Protection of Personal Data of the Republic of Lithuania and all of the other Laws and/or legal acts that are applicable, as well as the Regulation (EU) 2016/679 of the European Parliament and of the Council (hereinafter – Regulation 2016/679) and all other legal acts of the European Union acts that are applicable in accordance with the Personal data protection regulations that are applicable for the specific country in which the services are provided.

The Company manages personal data in observance of the following principles:

1.    Processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness,
fairness and transparency’);
2.    Collected for specified, explicit and legitimate purposes and not further processed in a manner that
is incompatible with those purposes; (‘purpose limitation’);
3.    Adequate, relevant and limited to what is necessary in relation to the purposes for which they are
processed (‘data minimization’);
4.    Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure
that personal data that are inaccurate, having regard to the purposes for which they are processed,
are erased or rectified without delay (‘accuracy’);
5.    Kept in a form which permits identification of data subjects for no longer than is necessary for the
purposes for which the personal data are processed; (‘storage limitation’);
6.    Processed in a manner that ensures appropriate security of the personal data, including protection
against unauthorized or unlawful processing and against accidental loss, destruction or damage,
using appropriate technical or organizational measures (‘integrity and confidentiality’).

Information

When providing its Services or communicating electronically with you, the Company collects and processes certain data about you. This information may be provided to us by yourself, or we may collect information about you from you or other sources, as described below.

Information you provide

When using the Company’s Services, by law the Company is required to verify your identity. Therefore, you will be asked to provide certain information. Depending on which of our Services you will making use of, you may be asked to provide the following information, including but not limited to:

1.    Contact and personal information: title, your first name, surname, date of birth, age (year of birth), email address, mobile phone number, personal code, residential address and/or mailing address, data of the personal identity document, photo, signature.
2.    Account information: financial institution account number, IBAN, debit card number.

Information we collect

In operating our Site or App and providing Services to you, we may collect and process the following data:

1.    Details of your visits to our Site, App and the resources that you access, including but not limited to: metadata.
2.    Information that you provide by filling in forms on our Site.
3.    Information provided to us when you communicate with us for any reason,
4.    Video and audio records of video calls for identification, telephone conversations.
5.    Account information: account details and transaction history, date of the transaction, amount, currency, location, data about beneficiary and other details about the parties involved.
6.    Automatically gathered information, including but not limited to Internet protocol (IP) address and other.

Information we receive from other sources

The Company may search publicly available information about you in order to verify your identity, process your transactions, detect and prevent fraud, or other similar purposes.

Children's Privacy

deVere does not knowingly collect or solicit any information from any individual under the age of 18 without parental or guardian consent. We do not direct any of our business practices or system outputs towards children under the age of 18.

If we are notified or have any other reason to believe that we have collected personal information from or about a child under the age of 18, deVere will promptly delete the information and any account associated with that information. If you are a parent or guardian and you believe deVere has information from or about your child under 18 years of age, please contact us.

Use of Cookies

The cookies are small text files that can be stored on and accessed from your device when you visit our website, to the extent you agree. When you visit the website again, or visit another website which recognises that cookie, your device is able to communicate with the website and the website can read the information held in that cookie. We do not save the cookies longer than necessary.

The Company uses in its website only the necessary cookies. These cookies are essential, as they ensure your security and privacy when you use our secure website as well as enabling you to move around a website and use its features. These cookies don't gather information about you that could be used for marketing or remembering where you've been on the internet.

As explained above, cookies help you to get the most out of our website. If you decide to disable cookies, you may find that certain aspects of our website do not work as expected. You are able to delete cookies that are already on your computer and you are able to set most browsers to prevent the cookies from being installed to your devices, Please find more information on deleting and managing cookies on www.aboutcookies.org or www.youronlinechoices.com/en/

Use of Your Information

The information that the Company collects and stores is primarily used to enable us to provide you with the best possible Service suited to your needs. We may use the information for the following purposes:

1.    Provision of payment services and issuance, distribution and redemption of electronic money;
2.    Conclusion and execution of the agreements concluded;
3.    Meeting the requirements of the Law on Prevention of Money Laundering and Terrorist Financing;
4.    Customer identification;
5.    Direct marketing.

Direct Marketing

Due to the respect of your rights granted to you as data subject, please find the information how use your data for direct marketing purposes.

As a deVere E-Money client, we will provide you with information on products and services that we offer, or a new promotion that we’re running that is related to your Vault account. These communications may be via email or in-app message, which can be viewed in the notification centre. The only information we will use to contact you is that which you provided when first signing up for Vault, that is, your First name and Email Address. If you do not want to receive these messages from deVere E-Money, you can opt out at any time by navigating to the Vault app > Settings > Contact Preferences.

Please be informed that the Company is part of the wider deVere Group of Companies and you may at any time request to receive marketing emails and/or calls about products and services that they offer. The list of the deVere Group of Companies are publicly available here: https://www.devere-group.com/globalpresence/. If you wish to receive such marketing emails and/or calls about products and services, please choose the “opt-in”  within the Vault app > Settings > Contact Preferences. Only in case you choose to receive direct marketing e-mails or calls about the services and products that deVere Group of Companies are offering, the Company will share with them your First name and Email Address and/or telephone number. Please note that neither the Company, nor the deVere Group of Companies share your personal data with the third-party organizations. You can stop receiving of marketing emails and/or calls from deVere Group of Companies by “opting-out” at any time by navigating to the Vault app > Settings > Preferences.

Please note if you do not agree to receive these marketing messages and / or calls offered by us or deVere Group Companies, this will not apply to Personal data provided to the Company as a result of the using of the services of the Company.

Retaining Your Personal Data

Please be informed that your Personal data is storage for no longer period than it necessary for the purposes for which it was collected or for the period set forth by applicable laws:

Personal data collected during the provisions of the Company services is storage as long as you use the Company’s service and 10 years after the termination of the services;

Personal data collected for the purpose of the direct marketing shall be kept until you choose the “opt-out” function as described in the section “Direct Marketing” above;

To the extent necessary for the purpose of the archiving documents in accordance with terms set forth by the applicable laws.

Personal Data Transfer

We may transfer data that we collect from you to locations inside of the European Union and European Economic Area for processing and storing. Also, it may be processed by staff operating inside the European Union and European Economic Area who work for us or for one of our partners, acting and processing data on behalf of deVere according to the data processing agreements signed between the parties. By submitting your personal data, you agree to this transfer, storing or processing. The Company will take all reasonable steps to make sure that your data is treated securely and in agreement with this Privacy Policy.

Data that is provided to us is stored on our secure servers. Details relating to any transactions entered into on our Site will be encrypted to ensure its safety.

The transmission of information via the internet is not completely secure and hence the Company cannot guarantee the security of data sent to us electronically and transmission of such data is therefore entirely at your own risk. Where we have given you (or where you have chosen) a password so that you can access certain parts of our site, you are responsible for keeping this password confidential.

Disclosing Your Information

deVere may share information within the deVere Group and with the external partner companies required to provide the Services to maintain and manage your account. The information that deVere shares includes both the information that deVere collects from you directly and the information that deVere collects from other sources.

The Company may disclose your personal information to third parties:
1.    Where the Company sells any or all of its business and/or our assets to a third party (merger, acquisition etc.).
2.    Where we are legally required to disclose your information.
3.    To assist fraud protection and minimise credit risk, to protect our rights and legitimate interests, protect safety of any person, prevent misuses, security or technical issues, or respond to authorities’ requests.

Third Party Links

You might find links to third party websites on our website. These websites should have their own privacy policies which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.

Security of Your Personal Information

We have technical, administrative and physical safeguards in place to help protect against unauthorized access to, use or disclosure of your information we collect or store. Our employees are trained on the importance of protecting privacy and on the proper access to, use and disclosure of customer information. Under our practices and policies, access to sensitive personally identifiable information is authorized only for those who have a business need for such access.

Although we work hard to protect your personal information that we collect and store, no program is 100% secure and we cannot guarantee that our safeguards will prevent every unauthorized attempt to access, use or disclose personal information.

We will inform you of any breach of personal data within the term set forth by the applicable law, if we see that this breach may affect your personal data protection and rights.

The rights granted to you as the data subject

You, as a data subject, shall have the right to:

1. know/be informed about the processing of your Personal data;
2. have access to your Personal data and familiarise you with the processing method;
3. demand rectification or destruction of your Personal data or restriction of further processing of your Personal data, with the exception of retention, where the data are processed not in compliance with the provisions of laws;
4. object to the processing of your personal data;
5. request the transfer of your personal data to you or to a third party. Please note that this right only applies to automated information which you initially provided consent for the Company or where the Company used the information to perform a contract with you.

If you require the rights mentioned above please contact us at [email protected].

The Company must provide conditions to you to exercise the rights specified above, with the exceptions of cases provided by law when it is necessary to ensure:

1. state security or defence;
2. public order, the prevention, investigation, detection and prosecution of criminal offence;
3. important economic or financial interests of the state;
4. prevention, investigation, detection of breaches of official or professional ethics;
5. protection of rights and freedoms of the data subject or any other persons.

The Company also ensures all other rights, guarantees and interests of the Data subjects guaranteed by Regulation 2016/679 and the laws and other legal acts of the Republic of Lithuania.

Personal data protection officer

The Company has appointed a data protection officer (hereinafter the Officer). The appointed person may be reached at [email protected].

The Officer carries out the following main tasks (the list is not exhaustive) the Company has the right to supplement these tasks, taking into account the necessity and / or applicable legal requirements):

1. informs the Company and its Employees about their duties and obligations in accordance with the applicable legislation and advises the Company and its Employees on Personal data protection issues;
2. on its own initiative or on the basis of a complaint, the Officer carries out inspections and informs the Company and the Data subjects within a reasonable time of the conclusions of the inspections;
3. participates in the trainings of the Company's staff in order to ensure that the Company's Employee's knowledge of Personal data protection and related issues is constantly updated and to improve the Company's Employee ‘s competence;
4. cooperates with the State Data Protection Inspectorate;
5. the personal data protection officer may also perform other tasks and duties it is set forth by the applicable laws.

Contacting Us

If you have any questions or concerns about our Policy or data processing or if you would like to make a complaint about a possible breach of privacy laws, please contact us at [email protected].

When a privacy question or access/download request is received we have a dedicated team which triages the contacts and seeks to address the specific concern or query which you are seeking to raise. Where your issue may be more substantive in nature, more information may be sought from you. All such substantive contacts receive a response. If you are unsatisfied with the reply received, you may refer your complaint to the supervisory authority or to the competent court. If you ask us, we will endeavour to provide you with information about relevant complaint avenues which may be applicable to your circumstances.