PRIVACY POLICY
PPS UK and EU Privacy Policy
Who we are
PPS (a trading name of PrePay Technologies Ltd) is a company registered in England and Wales with company number 04008083 and a registered office at PPS, 4th Floor, Station Square, 1 Gloucester Street, Swindon, SN1 1GW.
and
PPS EU SA (a subsidiary of PPS), is a company registered in Belgium with company number 0712.775.202 and a registered office at Boulevard du Souverain 165, Boîte 9, 1160 Brussels, Belgium. Together referred to as “PPS”, “Our” and “We” herein.
You can email PPS at contact@prepaysolutions.com
or you can call PPS on 0845 303 5303 (+44 845 303 5303 from outside the UK).
and
PPS EU SA (a subsidiary of PPS), is a company registered in Belgium with company number 0712.775.202 and a registered office at Boulevard du Souverain 165, Boîte 9, 1160 Brussels, Belgium. Together referred to as “PPS”, “Our” and “We” herein.
You can email PPS at contact@prepaysolutions.com
or you can call PPS on 0845 303 5303 (+44 845 303 5303 from outside the UK).
Cards and Accounts
This Privacy Policy is only applicable to Cards and/or Accounts (“Card”) issued by PPS. The Terms and Conditions relating to your Cards and/or Accounts will clearly state whether your Cards and/or Accounts is regulated as E-Money or payment services. If you are not sure please do ask for clarification by contacting dpo@prepaysolutions.com
PPS is the Data Controller in relation to your Cards and/or Accounts and all necessary activities relating to the operation of the Cards and/or Accounts: allowing you to receive, activate and use your Card (activating, managing and using your online account where applicable, making and receiving payment transactions, meeting legal requirements, answering requests, providing information to you). You may be the Customer or you may be a person that has been provided with Cards and/or Accounts by the Customer.
PPS is the Data Controller in relation to your Cards and/or Accounts and all necessary activities relating to the operation of the Cards and/or Accounts: allowing you to receive, activate and use your Card (activating, managing and using your online account where applicable, making and receiving payment transactions, meeting legal requirements, answering requests, providing information to you). You may be the Customer or you may be a person that has been provided with Cards and/or Accounts by the Customer.
Programme Managers
If you provide any personal information to the Programme Manager relevant to your Card (this party is clearly identifiable by the branding on your card), the Programme Manager is a separate Data Controller and you can view their Privacy Policy on their website. If you are not sure please do ask for clarification by contacting dpo@prepaysolutions.com
Retail Gift cards and other Cards which are not regulated as E-Money
If you have a product such as a gift card where PPS is acting as a Data Processor and the product is not regulated as E-Money, please go to the website of the party that has issued the relevant gift card and details of how your personal data will be processed will be set out in this party’s own privacy policy. If you are not sure please do ask for clarification by contacting dpo@prepaysolutions.com
Contact details for the PPS Data Protection Officer
Our Data Protection Officer can be contacted at PO Box 3883, Swindon SN3 9EA or at dpo@prepaysolutions.com
The purposes and legal basis for processing your personal information
Processing is necessary for the performance your contract with PPS and for the issue and operation of Cards and/or Accounts and is necessary for compliance with legal obligations applicable to PPS such as financial crime prevention. PPS does not use your personal information for marketing purposes and will not share your information with third parties for marketing purposes.
Financial crime prevention
PPS will use your personal information to help decide if your accounts may be being used for fraud or money-laundering. We may detect that an account is being used in ways that fraudsters work or we may notice that an account is being used in a way that is unusual. If we think there is a risk of fraud, we may stop activity on the accounts or refuse access to them. In the United Kingdom only, we might also check and share your information with fraud prevention agencies. If fraud is identified or suspected, these agencies may keep a record of that information and we may refuse to provide any services. Law enforcement agencies may access and use this information.
Categories of personal information and collection
Type of personal information
Description
Personal Details
Full name and date of birth
Contact Details
Where you live and how to contact you including phone numbers and e-mail addresses
Transactional Data
Details about your Card, use of your Card and payments to and from your accounts
Contractual information
Details about the products or services we provide to you
Locational Data
Data we get about where you are, such as may come from your mobile phone, the address where you connect a computer to the internet, or a shop where you buy something with your Card
Behavioural Data
Details about how you use our products and services
Technical Data
Details on the devices and technology you use
Communications
What we learn about you from letters, emails and conversations between us
Documentary Data
Details about you that are stored in documents in various formats, or copies of them. This could include things like your passport, drivers licence or birth certificate collected to fulfil customer due diligence requirements
Personal information will only be collected directly and voluntarily from you as part of the application process or as a result of transactions relating from the use of your Cardss and/or Accounts. Some personal information may be verified by PPS with use of publically accessible sources to fulfil customer due diligence.
Sending personal information outside of the EEA
PPS will only send your personal information outside of the European Economic Area (EEA) to:
• Follow your instructions
• Comply with a legal duty
In relation to personal information processed by Mastercard certain processors are located outside of Europe. Personal information processed by Mastercard is subject to Mastercard Binding Corporate Rules which you have enforcement rights under as a third-party beneficiary.
• Follow your instructions
• Comply with a legal duty
In relation to personal information processed by Mastercard certain processors are located outside of Europe. Personal information processed by Mastercard is subject to Mastercard Binding Corporate Rules which you have enforcement rights under as a third-party beneficiary.
Recipients (or categories of recipients) of personal information
PPS is committed to ensuring that your information is secure with us and with third parties who act on our behalf. These third parties include Mastercard, card manufacturers, suppliers of identity validation services, IVR and call recording (telephone) suppliers and (if relevant) the Programme Manager (this party is identifiable by the branding on your card). We use many tools to make sure that your information remains confidential and accurate and we may monitor or record calls, emails, text messages or other communications in order to protect you and us.
Retention of personal information
We don’t keep your information for longer than we need to, which is usually up to 7 years in the United Kingdom and up to 10 years in the EEA after the end of the relationship or upon termination of the contract, unless we are required to keep it longer (for example due to a court order or investigation by law enforcement agencies or regulators).
Your Rights
You have certain legal rights to control what we do with your information. These include:
Access
You have a right to access the personal information we hold about you
Rectification
You have a right to rectification of inaccurate personal information and to update incomplete personal information
Erasure
You have a right to request that we delete your personal information
Restriction on processing
You have a right to request us to restrict a processing of your personal information
Objection to processing
You have a right to object to the processing of your personal information
Portability
You have a right to personal information portability
Marketing
You have a right to object to direct marketing
To exercise any of your legal rights, you can email PPS at dpo@prepaysolutions.com or you can write to PPS DPO at PO Box 3883, Swindon SN3 9EA.
Your right to lodge a complaint with the Information Commissioner’s Office
If you wish to raise a complaint on how we have handled your personal information, you can contact our Data Protection Officer. We hope that we can address any concerns you may have, but if we fail to address your complaint you can contact either the:
• Information Commissioner’s Office (https://ico.org.uk/) if you are a United Kingdom resident; or
• Data Protection Authority (https://www.privacycommission.be) if you are an EEA resident.
• Information Commissioner’s Office (https://ico.org.uk/) if you are a United Kingdom resident; or
• Data Protection Authority (https://www.privacycommission.be) if you are an EEA resident.
If you choose not to give personal information
If you choose not to give us your personal information, it may mean that we cannot perform services needed to run your Cards and/or Accounts. It could mean that we cancel your Card, Accounts or services you have with us.
