PRIVACY POLICY

 

Please read, download and save this Privacy Policy

 

 

GENERAL

 

 

This Privacy Policy describes the type of personal information we collect from our Clients and sets out the terms on which we use and process that information.

 

“Personal data” means any information relating to an identified or identifiable person (“Data Subject”). Identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as: name, a photograph, address, an e-mail, an identification number, location data, an online identifier – e.g. IP address, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

 

CSC Europe Limited (“CSC Europe”) considers the protection and security of personal information fundamental right of each individual and takes the processing of such information responsibly. This Privacy Policy determines our obligations on one side and Clients’ rights on another, as provided by the new EU General Data Protection Regulation (“GDPR”), which came into force on 25 May, 2018 and was made directly applicable to all EU Member States. The Policy follows strictly the requirements of the Law Providing for the Protection of Natural Persons with Regard to the Processing of Personal Data and for the Free Movement of Such Data (Law 125(I) of 2018) as well.

 

The Privacy Policy explains how CSC Europe uses and secures Clients’ personal data whilst they are using the CSC Europe website (www.csc24seven.eu) or any web portal that is owned and hosted by CSC Europe when the Client enters into a contract with us.

 

 

WHY WE COLLECT PERSONAL INFORMATION

 

 

CSC Europe Limited is an Electronic Money Institution operating under license No.  115.1.3.2 granted by the Central Bank of Cyprus (www.centralbank.cy).  As a regulated financial company we collect Customers data in order to comply with our legal obligations laid down by the rules governing our operations. CSC Europe uses personal information to identify and verify the Customers and support them with proper management of accounts and transactions, but also to reduce effectively any exposure to fraud.

 

 

Our registered head office is located in Cyprus at: 23, Zachariadhes Court, 15, Nicodemou Mylona Street, Larnaca, 6010, Cyprus.

 

Please contact us if you have any questions about how your personal information is used by us at e-mail:compliance@csc24seven.com or by writing to us at the registered address specified above.

 

YOUR CONSENT

 

By using our websites and our services you agree and accept the terms of this Privacy Policy and consent to the collection and use of your personal information in the manner described herein. You also warrant that all data provided by you in the course of our business relationship is accurate and up to date.

 

NOTIFICATION OF CHANGES

 

This Privacy Policy may be revised over time and we may change this Privacy Policy at any time by posting a revised version of it on our website. Unless we have legal grounds to do otherwise, we will provide you with at least 30 days' prior notice of the effective date of the revised Privacy Policy. We may post the notice on our website and/or send you the notice by e-mail.  As of the effective date of the revised Privacy Policy, you will be considered as having consented to all changes to the Privacy Policy.

If you disagree with the terms of this Privacy Policy, you may end our agreement and close your account at any time. We encourage you to visit the Company’s website periodically so as to keep updated on any subsequent changes in our Privacy Policy. 

 

This policy was last updated on 28^th  June, 2021. 

 

 

TYPE OF PERSONAL INFORMATION AND DOCUMENTS WE COLLECT

 

 

We collect personal information and documents about you when you apply to become a Client and open account with CSC Europe . This information may include: your name, date of birth, nationality, home address, details on occupation, contact information such as  phone number and email address, but also identity verification information including: images of your government issued identity document (passport, national ID Card or driving license), residence verification information such as utility bill details or similar information. In some circumstances we may conduct a background check on your financial situation by obtaining information about your business and source of wealth, in order for us to comply with our legal obligations under the Prevention and Suppression of Money Laundering and Terrorist Financing Laws of 2007-2021 and the relevant Directives of the Central Bank of Cyprus.

 

Using your device: When you use CSC Europe services using any device, we may additionally collect and store device sign-on data (including but not limited to device ID) and location data in order to provide our services with the best user experience.   We also collect the Internet address (IP address) and other identifying information about the computer or device you use to access your CSC Europe account or use our services in order to detect possible instances of unauthorized access to your account.

We collect information on which pages of our website you visit, IP addresses, the type of browser you use and the times you access our website.

 

Communications: When you communicate with us for customer service or other purposes (e.g., by e-mails, phone calls, faxes, etc.), we retain such information and our responses to you in the records of your account.

 

 

 

COOKIE POLICY

 

 

What are cookies?

 

A cookie is a small file of letters and numbers downloaded on to a device (computer, smart phone etc.) when the user accesses certain websites. Cookies allow a website to recognize a user’s device, remember essential information and work in a better, more efficient way.

 

Different categories of cookies:

 

• First party cookies. First party cookies are set by the website, that the user is browsing and they can only be read by that particular website.

 

• Third party cookies. Third party cookies are set by a different organization to the owner             of the website that is visited. For example, the website might use a third party company who will set their own cookies to perform this service.

 

• Session cookies. Session Cookies are stored only temporarily during a browsing session and are deleted from the user’s device when the browser is closed. Session cookies help our websites remember what you chose on a previous page, avoiding the need to re-enter information. Session cookies expire after a browser session ends, so are not stored long term.

 

• Persistent cookies. These type of cookies are saved on the computer for a fixed period (and are not deleted when the browser is closed. Persistent cookies are used

 

where the website needs to know who you are for more than one browsing session. For example, these types of cookies are used to store the preferences, so that they are remembered for the next visit.

 

 

Cookies that we use:

 

We use two cookies which are essential for its backend server software (ColdFusion) to work properly: CFID and CFTOKEN. These are used as a pair to create a unique session ID in order

that our web systems can uniquely identify a visitor’s session. This information is not used or stored outside of our systems. No personal information of any kind, related to the visitor,

is collected or stored in these cookies. These are session cookies and will expire when your session expires (i.e. when you close your browser or navigate to another page).

 

We use third party and persistent cookies to provide you with additional website functionalities.

 

Additional Information about cookies you can find at: http://www.allaboutcookies.org /

 

By continuing to use our websites you agree to the use of these Cookies and to our Cookie Policy.

 

 

HOW WE USE YOUR PERSONAL INFORMATION

 

We use your personal information to service your account and to improve our service to you.

We strictly obey to the following principles when using your personal data:

1. We are doing our very best to ensure that your personal information is processed lawfully, fairly and in a transparent manner
2. We limit the personal information collected from you to what is necessary in relation to the purposes for which it is processed and try to maintain this information accurate and  up to date
3. We store your personal data for no longer periods than is necessary for the purposes for which it is processed. We will retain and use your information as required to comply with our legal obligations
4. We apply necessary measures to process Customers data in a manner that ensures its security, integrity and confidentiality

CSC Europe collects your personal information for the below stated purposes and you agree that we may use that information to:

a) To verify your identity and comply with applicable laws and regulations relating to the prevention of money laundering and terrorist financing

            b) To process your transactions

            c) To manage risk, detect and prevent fraud or other illegal uses of our services

            d) To help us in responding to your requests for services and support

e) To contact you and communicate to you information and updates related to your use of our services and any other important information

            f) To detect or remediate violations of our policies and applicable agreements

 

 

OUR COMMUNICATION WITH YOU

 

 

We communicate with our Customers via email to provide the requested services. We may also communicate with Customers by phone to:

 

• Resolve complaints or claims

• Respond to requests for customer service

• Inform on illegitimate use of accounts or suspicious transactions

• Confirm information concerning a Customer’s identity, business or account activity

 

We use your email or physical address to confirm the opening of your CSC Europe account, to send you activation code of your pre-paid card, to send you information about changes to our products and services, and to send notices and other disclosures required by law.

We may communicate with you as described above by SMS to send you transaction notification alerts or tokens to process certain transactions on your account.

 

 

DISCLOSURE OF YOUR PERSONAL INFORMATION TO THIRD PARTIES

 

 

There are circumstances in which we may need to share your personal data. We may need to do this in order to help us carry out our operations.

In processing your transactions we may disclose your Personal Information to third parties, to legal and regulatory authorities or may transfer it for processing outside the European Economic Area (“EEA”).

 

Disclosure to third parties

Your information will not be sold, exchanged, or shared with any third parties without your consent, except where required by law.  

Third party service providers are contractually bound with us to protect and use your personal data only for the purposes for which it is disclosed and we ensure that such third parties are subject to the same protective rules as those described in this Privacy Policy.  

Third parties cannot use personally identifiable information about our Customers for any secondary purposes without your explicit consent.

 You agree that we may share your personal information with:

1. third party service partners, who are acting on our behalf as data processors, with any member of our group or with our ultimate holding company
2. selected third parties including business partners or agents for the performance of any contract we enter into with them or with you

 

Third Party Sites

 

If you open a CSC Europe account directly on a third party website or via a third party application, any information that you enter on that website or application (and not directly on a CSC Europe website) will be shared with the owner of the third party website or application. These sites are governed by the Merchant’s own privacy policies and you are encouraged to review their privacy policies before providing them with personal information. CSC Europe is not responsible for the protection of personal data policy of those Merchants.

 

Disclosure to Legal Authorities

 

We may share your Personal Information with Regulators, law enforcement agencies, data protection authorities, government officials or other authorities in the following situations:

1. In connection with a formal request, subpoena, court order, or other legal procedure
2. When we believe in good faith that the disclosure is necessary to prevent money laundering, terrorist financing, tax evasion or other illegal activity
3. Disclosure is necessary to investigate violations of this Privacy Policy or our Terms and Conditions or to prevent financial loss

By submitting your personal data, you consent to this disclosure, transfer or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

 

 

HOW WE STORE YOUR PERSONAL INFORMATION

 

 

The Personal Information you provide to us is stored on our secure servers. Any payment transaction is securely encrypted. You are responsible to keep strictly confidential any security credentials provided to you for access to our site and to your personal account.  We ask you not to s

SECURITY OF YOUR PERSONAL INFORMATION  

We use a variety of security measures to ensure the confidentiality of your Personal Information and protect your Personal Information from loss, theft, unauthorized access, misuse, alteration or destruction. We conform to the PCI DSS standards for protection of data and have implemented security measures including, but not limited to:

• Restricted accesses to Personal Information
• Restricted policies on user accesses
• Transport Layer Security (TLS) to ensure the confidentiality of your information during transmission over internal or public network.
• Systems hardening  to protect our servers from vulnerabilities and attacks
• Audit trails to track changes on your Personal Information

To prevent data loss, the information is stored in a secure clustered environment and backups are performed regularly. All our databases use encryption and all sensitive data is encrypted before being transferred electronically. Access to sensitive data is restricted to prevent data alteration.

 

Only authorized personnel are permitted access to your Personal Information, and these personnel are required to treat the information as highly confidential. The security measures will be reviewed regularly in light of new and relevant legal and technical developments.

 

 

YOUR RIGHTS TO PROTECTION OF PERSONAL DATA UNDER THE NEW GDPR

 

 

As an individual, you have certain rights under the GDPR regarding the use of your personal information. These rights include the following:

• You have a right to access your personal information and know what data we hold on you and for what purpose it is processed. You can request us to provide you with this information made in writing, by either email or letter, together with photographic identification or additional documents we may require to confirm your identity. We will reply to you within a month time of the receipt of your request. That period may be extended by two further months where necessary in case your request is more complex. In such situation we will inform you of any such extension together with the reasons for the delay. We will reply to you by electronic means, unless otherwise requested by you.
   
• You have the right to obtain without undue delay the rectification of inaccurate personal data we maintain for you. You can review the personal information you have provided us and make any desired changes to such information, or to the settings for your CSC Europe account, at any time by logging in to your account.
   
   
• You have the right to object or restrict the processing of your personal information at any time.
   
• You can instruct us to share your personal information with other parties subject to your written direction and explicit consent to do so.
   
• You can withdraw your consent to process your personal data at any time.

 

You can send these requests to e-mail: compliance@csc24seven.com or by post to the registered address of our Company.

 

 

IF YOU WISH TO COMPLAIN

 

Our Company is responsible for ensuring that our day-to-day procedures comply with this Privacy Policy. If you want to exercise your right to access your information, have any questions about this Privacy Policy, or wish to lodge a complaint about how your personal data is used by CSC Europe , you can contact us electronically at the email address given above or by writing to our registered address.

Upon receipt of your complaint we will investigate it and respond to you within a month time.  Where this deadline cannot be observed, we will explain to you the reason and will notify to you the extended time for reply. 

 

Your right to lodge a complaint with the Supervisory Authority

 

Where you believe that CSC Europe has not resolved your complaint in satisfactory manner, you have the right to complain to the Supervisory Authority. Their details are:

 

Office of the Commissioner for Personal Data Protection of Cyprus

1, Iasonos str., 1082 Nicosia

P.O.Box 23378, 1682 Nicosia

Tel: +357 22818456

Fax: +357 22304565

Email: commissioner@dataprotection.gov.cy   

 

Print