Skip to main content

Privacy Policy

POL-503 Privacy Policy

Last updated: 11th November 2024

Purpose

Monek is committed to protecting your privacy and ensuring compliance with all relevant data protection legislation, including the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable laws. Where appropriate, we also adhere to international standards, such as the EU General Data Protection Regulation (EU GDPR) for EU-based individuals.

This Privacy Policy ("Policy") explains how we collect, use, store, process, and share your personal information in connection with this website. It covers our handling of data obtained through our services, including any personally identifiable information ("personal data").

This Policy does not apply to information collected by third-party websites or services, nor to personal data processed in the context of employment.

Policy Statement

This User Privacy Notice ("Privacy Notice" or "Notice") was last updated on 11th November 2024. This Privacy Notice may vary from time to time so please check it regularly.

This Privacy Notice explains our privacy and information practices for our payment/onboarding applications and website (together the "Services"). This Notice describes the types of information processed, how that information is used and disclosed, and how you can access, modify, or delete your information.

Monek Limited (company number 09767332) whose registered office is Unit F2/F3, Davidson Road, Lichfield, Staffordshire, WS14 9DZ ("we", "us" or "our") are the 'Data Processor' for the Personal Data we receive. We are registered with the Information Commissioner's Office with registration number ZA244482.

We may process, use and disclose certain Personal Data about Customers when acting as the Merchant/Partner's service provider. Our Merchants and Partners are responsible for making sure that their Customer's privacy rights are respected, including ensuring appropriate disclosures about third party Data collection and use. To the extent that we are acting as a User's Data Processor, we will process Personal Data in accordance with the terms of our agreement with our Merchant/Partner and their lawful instructions.

Our lawful basis for processing is the fulfilment of our contractual and legal obligations - the collection and use of Data from a variety of sources is essential to our ability to provide the Services - and to help keep the Services compliant and secure. Data is critical in helping us to increase the safety of payments and to fulfil our obligations by reducing the risk of fraud, money laundering and other harmful activity.

2 - What Data Do We Hold

Personal Data is defined as any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier. It does not include Data that has been aggregated or made anonymous such that it can no longer be reasonably associated with a specific person. We process Personal Data in different ways. For example, when a business registers for an account, a Customer makes payments or conducts transactions through our Merchants website or application, a person logs a support ticket via email, or a Merchant enters into a Terminal Rental Agreement. We also receive Personal Data from other sources, such as our Partners, financial service providers, identity verification services and publicly available sources.

The Personal Data that we may process includes:

  • Contact details, such as name, postal address, telephone number, email address
  • Financial and transaction Data, such as credit or debit card number and bank account information
  • Other Personal Data, such as date of birth, proof of identity

Other Data - any Data other than Personal Data which we receive through a variety of sources such as cookies and other technologies that record Data about the use of our websites, websites that implement our Services and the use of our Services generally.

Other Data that we may receive includes:

  • Browser and device Data, such as IP address, device type, operating system and Internet browser type
  • Transaction Data, such as purchases, purchase amount, date of purchase and payment method
  • Cookie and tracking technology Data, such as pages visited, language preferences, other anonymous traffic Data
  • Company Data, such as a company's legal structure, product and service offerings, jurisdiction, company records and information

3 - How Do We Use the Data?

We may use and process the information we have been provided for the purposes outlined below as well as for any purposes specified at the time of collection:

  • To verify an identity for compliance purposes
  • To evaluate an application to use our Services
  • To conduct manual or systematic monitoring for fraud and other harmful activity
  • To respond to enquiries, send service notices and provide customer support
  • To authorise and settle payments on behalf of our Merchants, communicate regarding transaction processing and provide related customer service
  • For audits, regulatory purposes and compliance with industry standards
  • To improve or modify our Services
  • To conduct aggregate analysis and develop business intelligence that enable us to operate, protect, make informed decisions and report on the performance of our business
  • To send you important notices such as communications about changes to this Privacy Notice and any terms and conditions and policies for our Services
  • To sell, make ready for sale or dispose of our business in whole or in part including to any potential buyer or their advisers
  • Where we are required to do so by law, court order or other legal process
  • Where, acting in good faith, we believe disclosure is necessary to assist in the investigation or reporting of suspected illegal or other wrongful activity. This may include exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction
  • In order to enforce or apply our terms and conditions and other agreements with third parties
  • We may disclose your Personal Data to our third party Data processors who may process Data on our behalf to enable us to carry out our usual business practices such as Terminal logistics

4 - Data Retention

We retain the information we collect for as long as necessary to provide the Services you have requested, or for other essential purposes such as complying with legal obligations, resolving disputes and enforcing our agreements.

Please note that we have a variety of obligations to retain the Data that we have been provided, including to ensure that transactions can be appropriately processed, settled, refunded or charged-back, to help identify fraud and to comply with anti-money laundering and other laws and rules that apply to us and to our financial service providers. Accordingly, even if you close your Account, we will retain certain Data to meet our obligations. There may also be residual Data that will remain within our Databases and other records, which will not be removed.

It is the responsibility of our Merchants and Partners for whom we provide access to our systems to advise us if any of their members of staff are no longer with the business to allow us to delete their access and data in accordance with our data retention and IT Security policies.

5 - Your Rights

When you use our Services and provide us with your Personal Data you are agreeing that we may use your Personal Data for the purposes set out in this Privacy Notice.

  • You have the right to opt out of receiving any marketing information which we send you.
  • If our processing of Personal Data is based on your consent, you have the right to withdraw consent for future processing at any time by contacting us. Please note, however, that we may still be entitled to process your Personal Data if we have another legitimate reason (other than consent) for doing so.
  • You have the right to obtain information regarding the processing of your Personal Data and access to the Personal Data which we hold about you.
  • In accordance with GDPR regulations, there is the right to receive some Personal Data in a structured, commonly used and machine-readable format where this is technically feasible. Please note that this right only applies to Personal Data which you have provided to us.
  • You have the right to request that we correct your Personal Data if it is inaccurate or incomplete. Please complete a Data Subject Access Request form and make clear what Personal Data you would like to have changed. For your protection, we may only implement requests with respect to the Personal Data associated with the particular email address that you use to send us your request and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable.
  • You have the right to request that we erase your Personal Data in certain circumstances. Please note that there may be circumstances where you ask us to erase your Personal Data but we are legally entitled to retain it.
  • In accordance with GDPR regulations, there is the right to request that we restrict our processing of your Personal Data in certain circumstances. Again, there may be circumstances where you ask us to restrict our processing of your Personal Data but we are legally entitled to refuse that request.
  • You have the right to audit and inspect the personal data we process on your behalf. Access will be provided in line with our legal and compliance obligations to PCI:DSS and our own internal IT security protocols - each case will be assessed based on the scope of the requirements which should be submitted to dpo@monek.com.
  • You have the right to lodge a complaint with the Information Commissioner's Office.

6 - Children

Our Services are not applicable to Children under the age of 16.

If you have reason to believe that a child under the age of 16 has provided personal information, please contact us and we will delete that information from our Databases.

7 - Changes to the Privacy Policy

This Privacy Notice was last updated on 11th November 2024. If it is necessary for us to alter the terms of the Privacy Notice, we will post the revised Privacy Notice here. We encourage you to frequently review the Privacy Notice for the latest information on our privacy practices. For any material changes to the Services, we will also notify you by email.

8 - To Contact Us

If you have any questions about this Privacy Notice, please contact us at dpo@monek.com