Information sent correctly
Error. The information could not be sent
RESPONSIBLE FOR TREATMENT: KIBIBYTE, S.L. DPD: PYMELEGAL, S.L. PURPOSE: Respond to the user's request. LEGITIMATION: Consent of the interested party. ASSIGNMENTS: No assignments are foreseen, except by legal obligation or judicial requirement. RIGHTS: Access, rectification, deletion, opposition, limitation, portability, revocation of consent. If you consider that the processing of your data does not comply with the regulations, you can go to the Control Authority (AEPD). ADDITIONAL INFORMATION: Privacy Policy
RESPONSIBLE FOR TREATMENT: KIBIBYTE, S.L. DPD: PYMELEGAL, S.L. PURPOSE: Respond to the user's request to receive the demo. LEGITIMATION: Consent of the interested party. ASSIGNMENTS: No assignments are foreseen, except by legal obligation or judicial requirement. RIGHTS: Access, rectification, deletion, opposition, limitation, portability, revocation of consent. If you consider that the processing of your data does not comply with the regulations, you can go to the Control Authority (AEPD). ADDITIONAL INFORMATION: Privacy Policy
RESPONSIBLE FOR TREATMENT: KIBIBYTE, S.L. DPD: PYMELEGAL, S.L. PURPOSE: Respond to the user's request. LEGITIMATION: Consent of the interested party. ASSIGNMENTS: No assignments are foreseen, except by legal obligation or judicial requirement. RIGHTS: Access, rectification, deletion, opposition, limitation, portability, revocation of consent. If you consider that the processing of your data does not comply with the regulations, you can go to the Control Authority (AEPD). ADDITIONAL INFORMATION: Privacy Policy
At HUBUC we take your privacy very seriously. By visiting our site and using our services, you are accepting our guidelines, so please take a few minutes to read it over carefully.
1. Introduction
B2B Fintech Solutions SL, CIF: B67552141 (“HUBUC”, "us", "we", or "our") operates the Hubuc.com website, the HUBUC web application, the HUBUC mobile app and the HUBUC Debit Mastercard® (the "Service"). To the extent that any personal data is shared within our affiliates (the “HUBUC Group”) this Privacy Policy also represents the HUBUC Group's undertakings in regards to your privacy and the security of your personal data.
At HUBUC we take your privacy very seriously. By visiting our site, downloading our app, requesting our HUBUC Mastercard and using our Services, you are accepting the practices and guidelines set out in this document (henceforth referred to as the "Privacy Policy"), so please take a few minutes to read it over carefully.
2. Purpose
This Privacy Policy aims to provide you with some helpful information regarding our use of your personal data and to help you understand the rights you have in connection with your personal data.
This Privacy Policy informs you of our policies regarding the collection, use and disclosure of Personal information when you use our Service.
We will not use or share your information with anyone except as described in this Privacy Policy.
3. What is Personal Data?
Personal data is widely defined by European Data Privacy law and includes all types of information that directly or indirectly can identify a natural person. This means that name, address, phone number are considered personal data, but that log data, encrypted data or other types of electronic ID such as an IP-Address can also be classified as personal data, if they can be connected to a natural person.
4. What is Processing of Personal Data?
Processing is similarly defined very widely by European law and includes almost every action taken in relation to personal data - for example collection, registration, organization, structuring, storage, adaption, transfer or deletion.
5. What Does this Privacy Policy Cover?
This privacy policy concerns data for which HUBUC is a 'data controller' - in other words, where we decide the purpose and means by which personal data is processed.
This policy does not cover personal data that we process on behalf of our customers - the legal agreements which relate to this processing can be found at Hubuc.com/legal - namely our Terms and Conditions, in conjunction with our Data Processing Addendum which we strongly encourage our customers to sign and return to us.
6. Who's Data Does Hubuc Control?
6.1 Representatives of Customers and Hubuc users:
Hubuc is also the data controller in relation to both account Administrators as well as in regard to the personal data provided by Hubuc users when accepting an Administrators' invitation and activating their Hubuc profile.
6.2 Executive Directors, LLP Members or Designated Members, Board Members, Beneficial Owners and other individuals within the scope of Hubuc's Know-Your-Customer (KYC) policy:
Hubuc is the data controller for personal data obtained when our customers register for our services and during the registration process provide information regarding their corporate structure and permit us to pull applicable data from public registries.
6.3 Leads:
Hubuc is also the data controller for representatives of potential customers who are either website visitors who submit personal data through any of the forms on our websites or otherwise contact us through our customer support or people who might be interested in our services and/or products whose information we have received from other sources e.g. Facebook, LinkedIn or similar.
6.4 Prospects:
In some situations you may have been contacted by a Hubuc Business Development Representative who has determined that you may be interested in a demonstration and/or trial of the Hubuc service. In this case some limited personal information may be controlled and processed by Hubuc to offer this demonstration and answer any questions you may have about our product.
6.5 Website visitors and individuals interacting via webchat, emailing or telephoning our support:
Hubuc controls some personal data of individuals visiting our website, particularly behavioural and tracking details: e.g. location data, behavioural patterns, personal preferences, IP-number, cookie identifiers, unique identifier of devices you use to access and use the services and our websites. Further, Hubuc controls personal data regarding individuals who interact with our team either via webchat, email or telephoning our support.
6.6 Candidates:
Hubuc is the data controller for candidate's personal data obtained in the recruiting process.
7. Types of data, purposes of processing and lawful basis for processing
7.1 Representatives of customers and HUBUC users
Categories of personal data we may process
For existing customers:
7.2 Executive Directors, LLP Members or Designated Members, Board Members, Beneficial Owners and other individuals within the scope of Hubuc's Know-Your-Customer (KYC) policy
Categories of personal data we process
7.3 Leads, website visitors, individuals interacting via webchat, emailing or telephoning our support
Categories of personal data we may process
For existing customers visiting our website:
7.4 Prospects and referrals
Categories of personal data we may process
7.5 Candidates
Categories of personal data we may process
8. What personal data does Hubuc collect from third parties?
We process personal data obtained from selected third parties such as fraud detection agencies, other financial institutions and other information providers, and from publicly available sources including population registers, company registration offices, enforcement authorities, as well as services such as LinkedIn. Further, in connection with payment processing we collect information from third parties such as banks and payment service providers.
Other external resources from which we may collect information are sanctions lists, registers held by credit-rating agencies and other commercial information providers providing information on e.g. beneficial owners and politically exposed persons.
9. Ways we will never use personal data
We will never use your personal data for any other purposes than those listed in this Privacy Policy. The only exception being if we obtain your written consent, or inform you of a new purpose for processing that is also compatible with the original purpose for which we collected the personal data, in accordance with applicable laws and regulations.
We will not share personal data with third parties for them to use for their own marketing purposes without ensuring that there is a lawful ground to do so.
We do not sell your personal data to third parties.
10. Automated decision making
Currently, HUBUC does not carry out any such processing that is defined as solely automated decision making, including profiling, under the General Data Protection Regulation (“GDPR”) that has ”legal effects” or has otherwise significant effects.
11. Policy regarding sharing of data with third parties
Hubuc Group We may share personal information with members of the Hubuc Group for the purposes set out in this Privacy Policy.
Third party service providers Where necessary to provide our services we may disclose personal data about you to identify you and perform an assignment or agreement with companies that we cooperate with in order to perform our services. These services include, but are not limited to, secure identification solutions and between parties in the financial system such as banks.
Our designated banks and relevant card networks may also come to process your personal data for their own fraud prevention and risk management.
Third parties that are data processors Some of the third parties that we share personal data with are data processors. A data processor is a party that processes personal data on our instructions and on our behalf. We collaborate with carefully vetted suppliers, which include processing of personal data on behalf of us.
Examples include suppliers of IT development, maintenance, hosting and support but also suppliers supporting us with marketing and customer support.
When we share your personal data with data processors we only share them for purposes compatible with the purposes for which we have collected the data (such as performance of a contract). We always control all data processors and ensure that they can provide adequate guarantees as regards security and confidentiality of personal data. We have written agreements in place with all data processors through which they guarantee the security and confidentiality of personal data that they process on our behalf and limitations as regards third country transfers.
Third parties that are data controllers Some of the third parties that we share personal data with are independent data controllers. This means that we are not the ones that dictate how the data that we provide shall be processed. Examples are authorities, acquirers and other financial institutions. When your data is shared with independent data controllers their data policies and personal data processing principles apply.
Authorities We also disclose personal data to authorities to the extent we are under a statutory obligation to do so. Such authorities include tax authorities, police authorities, enforcement authorities and supervisory authorities in relevant countries. We may also be required to provide competent authorities information about your use of our services, e.g. revenue or tax authorities, as required by law, which may include personal data such as your name, address and information regarding card transactions processed by us on your behalf through your use of our services.
12. Third country transfers?
If we transfer your personal data to a third country, i.e. a country outside of the European Economic Area (“EEA”) we will comply with all applicable laws in respect of such transfer, including making sure that your personal data is kept secure, and ensure that appropriate safeguards are in place to ensure there is adequate protection.
Our preferred basis for transfer is the use of Standard Contractual Clauses. You can access a copy of the relevant EU model-clauses used by us for transfers by browsing to www.eur-lex.europa.eu and searching for 32010D0087.
If we transfer your personal data to a third country, i.e. a country outside of the European Economic Area (“EEA”) we will comply with all applicable laws (including Article 46 of the GDPR) in respect of such transfer, including making sure that your personal data is kept secure, and ensure that appropriate safeguards are in place to ensure there is adequate protection.
13. Security and integrity
We take security seriously.
We always process personal data in accordance with applicable laws and regulations, and we have implemented appropriate technical and organizational security measures to prevent that your personal data is used for non-legitimate purposes or disclosed to unauthorized third parties and otherwise protected from misuse, loss, alteration or destruction.
The technical and organizational measures that we have implemented are designed to ensure a level of security appropriate to the risks that are associated with our data processing activities, in particular accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to your personal data including access control to premises, facilities, systems and data, disclosure control, input control, job control, availability control and segregation control.
14. Storage of personal data
We will not process personal data for a longer period than is necessary for fulfilling the purpose of such processing, as set out in this Privacy Policy. Your personal data will be anonymized or deleted once it is no longer relevant for the purposes for which it was collected. We only retain your personal data to ensure compliance with our legal and regulatory requirements.
If we keep your data for other purposes than those of the performance of a contract, such as anti- money laundering purposes, bookkeeping and regulatory capital adequacy requirements, we keep the data only if necessary and/or mandated by laws and regulations for the respective purpose.
The data retention obligations will differ within the Hubuc Group subject to applicable local laws.
See below for examples of the retention periods that we apply:
The above is only for explanatory purposes and the retention times may differ from country to country.
15. Your rights
While HUBUC is in control of some of your personal data it's important that you know that you have a range of important rights under EU law.
Please note that there are exceptions to these rights, so access may be denied e.g. where we are legally prevented from making a disclosure.
Your rights in connection to your personal data
Where our lawful basis for processing your data is our legitimate interests, you have the right to object to the processing of your data if:
This means that we will cease such processing unless we:
If you choose to object to our further processing of your personal data as described in this Privacy Policy, please note that we may no longer be able to provide you with the services you have requested and may therefore terminate relevant agreements with you, see relevant terms and conditions for more information. In addition, we may continue to process your personal data for other legitimate purposes, such as to fulfil an agreement with you, to protect our interests in connection with legal proceedings and to fulfil our legal obligations. If you have received marketing from us, you may at any time object to the marketing by contacting us at privacy@Hubuc.com or opt out by following the instructions in the marketing material.
16. How to exercise your rights
Send us an email at privacy@Hubuc.com and we'll do our best to help.
You can also always contact us by sending a letter to B2B Fintech Solutions SL, Att: Privacy Function, Cl Prat De La Riba 11 B, 2-1, 08150, (Parets Del Valles) Barcelona, Spain.
If you are unhappy with our processing of your personal data you may lodge a complaint with or contact the Spanish Data Protection Authority (AEPD), at C/ Jorge Juan, 6, 28001-Madrid, phone no. +34 901 233 144. You may also seek a remedy through local courts if you believe your rights have been breached.
17. Cookies
Cookies are text files placed on your computer to collect standard internet log information and visitor use of the website and to compile statistical reports on website activities. You may set your browser not to accept cookies. However, in a few cases some of our website features may not function as a result.
Our website thus uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our website. For detailed information on the cookies we use and the purposes for which we use them see our Cookie Policy.
18. Third-party websites and services
Our websites and services may from time to time contain links to third party websites that are not controlled by us. If you visit such websites or use such services, please be aware that this Privacy Policy does not apply for such third parties' processing, and we encourage you to carefully review how such third parties process personal data before using their websites or services.
19. Changes to this Privacy Policy
We are constantly working on improving and developing our services, products and websites, so we may change this Privacy Policy from time to time. We will not diminish your rights under this Privacy Policy or under applicable data protection laws in the jurisdictions in which we operate. If the changes are significant, we will provide a more prominent notice, when we are required to do so by applicable law. Please review this Privacy Policy from time to time to stay updated on any changes.
How to Complain
We aim to provide you with the highest standards of service, however there may be occasions when the service you receive does not meet your expectations. Telling us about it gives us a chance to fix things.
We want to:
How to Contact us
By email to us: xx@yy.zz
or
By email to: complaints@hubuc.com
What We Need
Please provide us with as much information as possible when making your complaint. This will help us to understand the issue and resolve it quickly. Please include:
What to Expect Next
| Immediately | Our aim is to resolve your complaint as quickly as possible, but you will receive a response from us within 1 business day so you know we have received your complaint. This will contain your complaint reference number for your records and will help us find your information quickly should you need to contact us. |
| 5 business days |
If we have been unable to resolve your complaint within 5 business days, we will write to you and:
|
| 15 business days |
In most cases, HUBUC will be able to resolve your complaint within 15 business days. If they have not resolved it within 15 business days, they will write to you to confirm either:
Or |
| 35 business days | After the 15 days, if your complaint relates to your debit card or SEFIDE account, in our 15 day response we will provide you the contact details for SEFIDE or Transact Payments Malta Limited who will continue to work with you to resolve your complaint. |
What if you're not happy with the response?
If your complaint relates to your debit card
If you don't agree with our response, your complaint relates to your debit card and you wish to take it further, in the first instance you should contact the card issuer Transact Payments Malta Limited, Vault 13-15, Valletta Waterfront, Pinto Wharf, Valetta, Malta, FRN 1913, email address: complaints@transactpaymentsltd.com, web: www.transactpaymentsltd.com for further assistance.
If, having exhausted the above complaints process with Transact Payments, you remain unhappy you may complain to the Malta Financial Services Authority (Tel: +356 2144 1155) or the Office of the Arbiter for Financial Services (Tel: +356 8007 2366 or +356 2124 9245)
For further information including details of the MFSA and Arbiter's complaint procedures, please visit their websites:
https://www.mfsa.mt/consumers/complaints
https://financialarbiter.org.mt/oafs/complaint
If your complaint relates to your SEFIDE account (You can identify your account provider in your terms and conditions)
If you don't agree with our response, your complaint relates to your SEFIDE account and you wish to take it further, in the first instance you should contact SEFIDE, Av. De la Ciencia 2-3°, 1806 Granada, Spain by emailing atencionalcliente@sefide.com, web www.sefide.com for further assistance.
If having exhausted the SEFIDE complaints process, you remain unhappy, you may seek further assistance by contacting the Banco de Espana, Servicio de reclamaciones, Alcala 50, 28014 Madrid, by telephone +34 913 385 068, or by email (in Spanish) via the BdE website:
INDEX
1. How we treat your personal data
To manage your relationships with us, at SEFIDE EDE (hereinafter, SEFIDE) we will process your personal data to fulfill different purposes, always in accordance with the provisions of current regulations, respecting your rights and with total transparency.
To do this, in this Privacy Policy, which you can access at any time from https://sefide.com/politica-de-privacidad/ you can consult the full details of how we will use your data in the relationships we establish with you. Likewise, if you wish, you can request this information on paper at any of our offices.
The main regulations that regulate the treatments that we will do with your personal data are:
2. Who treats your data
Responsible for the treatment: The person in charge of the treatment of your personal data in your contractual and business relations with us (“Contractual Relations”) is SEFIDE EDE, SLU, with NIF B-93205474 and address at Avenida de la Ciencia, 2-3ª Plant – Postal Code 18006 of Granada.
Co-responsible for treatment: In addition, for certain treatments that we will inform you in detail in this policy, SEFIDE will treat your data jointly, deciding the objectives (“what the data is used for”) and the means used (“how the data is used”). being, therefore, responsible for these treatments.
The treatments for which SEFIDE will jointly process your data are described in detail in section 6 “What treatments we carry out with your data”.
3. Data Protection Delegate
SEFIDE has appointed a Data Protection Officer , who will assist you to answer any question related to the processing of your personal data and the exercise of your rights.
You can contact the Data Protection Delegate to send your suggestions, questions, doubts or claims through this address: dpo@sefide.com
4. Exercise of rights and presentation of claims before the Spanish Data Protection Agency (AEPD)
You can exercise your rights of access, rectification, opposition, deletion, limitation, portability and forgetting of your personal data, to withdraw your consent and not to be the subject of an automated decision, in accordance with the law.
You can request to exercise these rights through any of the following channels:
5. Data categories
At SEFIDE we will process different personal data in order to manage the Contractual Relationships that you establish with us, to carry out the rest of the data processing that derives from your condition as a client and, if you have given us your consent, to also carry out the processing of your data for the activities detailed in section 6.1.
To facilitate your understanding, we have arranged the data we process in the categories that we detail below.
Not all the categories of data that we detail are used for all data processing. In section 6, where we detail the data processing that we carry out, you can consult specifically for each specific processing the categories of data that are used, thus having the necessary information that allows you to exercise, if you wish, your recognized rights. by the RGPD, especially those of opposition and revocation of consent.
The categories of data used by the different treatments exposed in section 6 are the following:
6. What treatments we carry out with your data
The treatments that we will carry out with your data are diverse, and respond to different purposes and legal bases:
6.1. Processing based on consent
These treatments have your consent as a legal basis, as established in art. 6.1.a) of the General Data Protection Regulation (RGPD).
We may have requested that consent through different channels, for example, in the process in which you registered as a customer, through our electronic channels. If for any reason, we have never requested your consent, these treatments will not apply to you.
You can consult the authorizations that you have consented or denied us, and modify your decision at any time and free of charge at our offices, on the SEFIDE website (www.sefide.com), or in your private area of the website or applications SEFIDE mobiles.
The treatments based on your consent are indicated below in order of (1) to (4). We will indicate for each of them: the description of the purpose (Purpose), whether or not they are treatments carried out under a co-responsibility regime (Joint Controllers/Data Controller), and the categories of data used (Categories of processed data).
In the event that you have given your consent for the processing of your data for commercial purposes.
(1). Commercial offer of products and services through the selected channels
Purpose: The purpose of this data processing is to make commercial offers available to you only through the channels that you have authorized by giving us your consent.
We will only carry out this processing of your data if you have given us your consent to do so. Your consent will remain in effect as long as you do not withdraw it.
txt_programa- Tarjetas-privacidad-sefide-text6-1-title1-line3 ='If you cancel all your products or services with the SEFIDE Group companies, but you forget to withdraw your consent, we will do it automatically.';
Categories of processed data: The category of data that we will process for this purpose, whose content is detailed in section 5, is:
(two). Transfer of data to companies that are not part of the SEFIDE group
Purpose: The purpose of this treatment is to transfer your data to companies that are not part of the SEFIDE group with which we have agreements, in order for them to make commercial offers of products that they market. Those third companies to which we could transfer your data are dedicated to banking activities and consulting services.
That you authorize us to transfer your data does not mean that we do so immediately. If we reach an agreement with a third company to transfer your data, the recipient company will inform you of this circumstance, as well as the details of the treatment it intends to carry out.
We will only carry out this processing of your data if you have given us your consent to do so. Your consent will remain in effect as long as you do not withdraw it.
If you cancel all your products or services with the SEFIDE Group companies, but forget to withdraw your consent, we will do so automatically.
Categories of processed data: The category of data that we will process for this purpose, whose content is detailed in section 5, is:
(3). Identification of clients and signature of documentation through the use of biometrics
Purpose: The purpose of this data processing is to use technical means that use biometrics to verify your identity and your signature in the relations you maintain with SEFIDE.
Your authorization to this treatment will allow us to request the registration of your facial image, voice or fingerprints with the help of biometric recognition methods, to later contrast them with the originals when we need to verify your identity or your acceptance of contracts or operations. The registration of your biometrics is completely voluntary, and we will only carry out this processing of your data if you have given us your consent to do so. Your consent will remain in effect as long as you do not withdraw it.
If you do not give us your consent for this treatment, it does not mean that you stop accessing any product or service offered by SEFIDE. In that case we will carry out the tasks of verifying your identity and signature by means that do not use biometrics.
If you cancel all of your products or services, but forget to withdraw your consent, we will automatically do so with the cancellation of the last of your products and/or services.
Categories of processed data: The category of data that we will process for this purpose, whose content is detailed in section 5, is:
Responsible for the treatment: The person in charge of this treatment is SEFIDE. There are no treatments in co-responsibility with other responsible parties.
(4). Application of personal conditions in co-ownership contracts
Purpose: The purpose of this data processing is to be able to apply discounts or preferential conditions to which you are entitled by SEFIDE's commercial offer, in contracts in which you are not the sole owner.
Within our commercial offer, customers can sometimes access discounts or advantages associated with personal characteristics, such as age, employment status, the number of contracted products, account balances, or similar.
If those discounts or preferential conditions apply in contracts in which you share ownership with other clients, they could know that you meet, or have not met, the requirements that give access to those discounts or preferential conditions.
For example, if you were entitled to access discounts for belonging to a certain professional group, such as health personnel or security forces, the rest of the holders would know that you meet this characteristic when they see that these discounts are applied to the account .
Due to the foregoing, and given that this circumstance could affect your privacy, we will apply your commercial conditions in the contracts in which you are the sole owner, and we will only carry out this treatment in contracts that you share with other parties if you have given us your consent, which will remain in force as long as you do not withdraw it.
If you cancel all of your products or services, but forget to withdraw your consent, we will automatically do so with the cancellation of the last of your products and/or services.
Categories of processed data: The categories of data that we will process for this purpose, whose content is detailed in section 5, are:
Responsible for the treatment: The person in charge of this treatment is SEFIDE. There are no treatments in co-responsibility with other responsible parties.
6.2. Treatments necessary for the execution of contractual relations
These data treatments have as a legal basis the fact that they are necessary to manage the contracts that you request or in which you are a party, or to apply, if you request it, pre-contractual measures, as established in art. 6.1.b) of the General Data Protection Regulation (RGPD).
Therefore, they are necessary treatments for you to establish and maintain Contractual Relations with us. If he opposed them, we would end those relationships, or we would not be able to establish them if we had not already started them.
The treatment necessary for the execution of contractual relations is indicated below as point (1). It is indicated: the description of the purpose (Purpose), whether or not they are treatments carried out under a co-responsibility regime (Joint Controllers/Responsible for the treatment), and the categories of data used (Categories of processed data).
(1). Formalization, maintenance and execution of Contractual Relations
Purpose: The purpose of this data processing is to formalize and maintain the Contractual Relations that you and we establish.
This includes the treatment of your requests or mandates, the procedures prior to a contract (pre-contractual relationships) and the processing of your requests for access to draws, promotions or events.
This data processing involves collecting the information necessary to establish the relationship or manage the request, evaluate the suitability of the contract and process the information necessary for the correct maintenance and execution of the contracts.
The treatment operations that are carried out in the formalization, maintenance and execution of the Contractual Relations, are:
Categories of processed data: The categories of data that we will process for this purpose, whose content is detailed in section 5, are:
Responsible for the treatment: The person in charge of this treatment is SEFIDE. There are no treatments in co-responsibility with other responsible parties.
In addition, if the product or service you contract is marketed by SEFIDE, but it is issued by another company, this company will be responsible for processing your data in relation to that contract.
6.3. Treatments necessary to comply with regulatory obligations
These data treatments have as legal basis the fact that they are necessary to comply with a legal obligation that is required of us, as established in art. 6.1.c) of the General Data Protection Regulation (RGPD).
Therefore, they are necessary for you to establish and maintain Contractual Relations with us. If he opposed them, we would have to end those relations, or we would not be able to establish them if we had not already started them.
The treatments necessary to comply with regulatory obligations are indicated below, ordered from (1) to (3). We will indicate for each of them: the description of the purpose (Purpose), whether or not they are treatments carried out under a co-responsibility regime (Co-responsible/Responsible for the treatment), and the categories of data used (Categories of processed data)
(1). Treatments to comply with the regulations for the prevention of money laundering and the financing of terrorism
Purpose: The purpose of these treatments is to adopt the measures imposed on our activity by Law 10/2010, on the Prevention of Money Laundering and the Financing of Terrorism. The treatment operations that are carried out to comply with the regulations on the prevention of money laundering and the financing of terrorism are:
Categories of processed data: The categories of data that we will process for this purpose, whose content is detailed in section 5, are:
(two). Treatments to comply with tax regulations
Purpose: The purpose of these treatments is the adoption of the measures imposed on our activity by Law 58/2003, of December 17, General Tax, and other current tax regulations.
The processing operations carried out to comply with tax regulations are:
Categories of processed data: The categories of data that we will process for this purpose, whose content is detailed in section 5, are:
(3). Treatments for the fulfillment of the obligations derived from the policies of sanctions and international financial countermeasures
Purpose: The purpose of these treatments is to adopt the measures imposed on our activity in the international financial sanctions and countermeasures programs adopted by the European Union and the Kingdom of Spain.
The processing operation carried out to comply with international financial sanctions and countermeasures programs is:
Categories of processed data: The categories of data that we will process for this purpose, whose content is detailed in section 5, are:
6.4. Treatments based on the legitimate interest of SEFIDE
These treatments have as a legal basis the satisfaction of legitimate interests pursued by SEFIDE or by a third party, provided that your interests or your fundamental rights and freedoms do not prevail over those interests, as established in art. 6.1.f) of the General Data Protection Regulation (RGPD).
Carrying out these treatments will imply that we will have made a weighing between your rights and our legitimate interest in which we will have concluded that the latter prevails.
Otherwise, we would not carry out the treatment. You can consult at any time the weighting analysis of the legitimate interest of a treatment by sending your query to the email address dpo@sefide.com
Likewise, we remind you that you have the right to object to processing based on legitimate interest. You can do so easily and free of charge through the channels indicated in section 4.
We detail these treatments below, ordered from (1) to (3). We will indicate for each of them: the Legitimate Interest of SEFIDE, the description of the purpose (Purpose), whether or not they are treatments carried out under a co-responsibility regime (Joint Controllers/Data Controller), and the categories of data used (Categories of data treated)
(1). Performance management of employees, agents and suppliers
Legitimate Interest of SEFIDE: The legitimate interest of SEFIDE to carry out this treatment is to carry out a management of relations with employees and suppliers based on the analysis of their professional performance.
Purpose: The purpose of this treatment is to analyze the operations and contracts that employees, agents and suppliers maintain with clients, in order to monitor their professional performance.
In these data treatments, the information of the clients is treated, but their information is ancillary to the purpose pursued. These treatments have no effect or consequence for the owner of the data.
The treatment operations that are carried out management of the performance of employees, agents and suppliers is:
Categories of processed data: The categories of data that we will process for this purpose, whose content is detailed in section 5, are:
Responsible for the treatment: The person in charge of this treatment is SEFIDE. There are no treatments in co-responsibility with other responsible parties.
(two). fight against fraud
Legitimate Interest of SEFIDE: The legitimate interest of SEFIDE to carry out this treatment is to avoid fraud that supposes economic or reputational losses.
Purpose: The purpose of this treatment is to fight against fraud that may affect both SEFIDE and you and the rest of our clients.
The processing operations carried out in the fight against fraud are:
Categories of processed data: The categories of data that we will process for this purpose, whose content is detailed in section 5, are:
Responsible for the treatment: The person in charge of this treatment is SEFIDE. There are no treatments in co-responsibility with other responsible parties.
(3). Creation of statistical reports for the monitoring and management of SEFIDE's activity
Legitimate Interest of SEFIDE: SEFIDE's legitimate interest is to monitor the evolution of the Entity's business, study the behavior and evolution of the client portfolio, products and services and design new ones.
Purpose: The purpose of this treatment is to carry out statistical reports and mathematical models that allow the monitoring of the Entity's activity.
The treatment operations that are carried out in the creation of statistical reports for the monitoring and management of SEFIDE's activity are:
Categories of processed data: The categories of data that we will process for this purpose, whose content is detailed in section 5, are:
Responsible for the treatment: The person in charge of this treatment is SEFIDE. There are no treatments in co-responsibility with other responsible parties.
7. Data recipients
Responsible and co-responsible for data processing
The data that we process as a client of SEFIDE is processed by SEFIDE.
Authorities or official bodies
Credit institutions, electronic money institutions (such as SEFIDE) and other payment service providers may be legally obliged to provide information about the transactions we carry out to the authorities or official bodies of other countries located both within and outside the European Union. . This obligation occurs within the framework of the fight against the financing of terrorism and serious forms of organized crime and the prevention of money laundering, as well as within the framework of the prudential supervision of credit institutions carried out by the Bank of Spain and the European Central Bank.
Payment systems and service providers may also be subject to this obligation.
technology with which we maintain relationships and to which we transmit data to carry out transactions.
Files of compliance or non-compliance with monetary obligations
If you fail to pay any of the monetary obligations that you have contracted with us regarding our Contractual Relations, we may communicate, under the conditions and with the requirements provided in the regulations, the data of the non-payment to the following credit information systems:
Likewise, we inform you that you can exercise your rights of access, rectification, opposition, deletion, limitation, portability and forgetting of your personal data and not be subject to an automated decision, in accordance with the law, before these files of compliance or non-compliance in the addresses that we have indicated.
Data communication in service outsourcing
Sometimes, we use service providers with potential access to personal data. These providers provide adequate and sufficient guarantees in relation to data processing, since we carry out a responsible selection of service providers that incorporates specific requirements in the event that the services involve the processing of personal data.
The type of services that we can order from service providers is:
8. Data retention periods
Conservation for the maintenance of Contractual Relations
We will treat your data while the Contractual Relations that we have established remain in force.
Conservation of authorizations for treatments based on consent
We will process data based on your consent, until you revoke it.
If you cancel all your contracts for products and services with the companies of the SEFIDE group, but you do not revoke the consents that you have given us, we will automatically cancel them as soon as you are no longer a client.
Conservation for the fulfillment of legal obligations and formulation, exercise and defense of claims
Once the authorizations for the use of your data have been revoked by withdrawing your consent, or the contractual or business relationships you have established with us have ended, we will keep your data only to comply with legal obligations and to allow the formulation, exercise or defense claims during the statute of limitations for actions arising from contractual relationships.
We will treat this data applying the necessary technical and organizational measures to guarantee that they are only used for these purposes.
data destruction
We will destroy your data when the retention periods imposed by the rules that regulate the activity of SEFIDE and the statute of limitations for administrative or judicial actions arising from the relationships established between you and us have elapsed.
9. Data transfers outside the European Economic Area
SEFIDE does not transfer data to third countries or to countries that have not been declared to have an adequate level of security.
In the event that SEFIDE needs to use service providers that carry out treatments outside the European Economic Area or in countries that have not been declared with an adequate level of protection, as established by both the General Data Protection Regulation ("RGPD") such as Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (" LOPDPyGDD "), SEFIDE will ensure to guarantee the security and correct treatment of customer data.
To do this, we require the appropriate guarantees from these service providers in accordance with the provisions of the RGPD so that they have, for example, binding corporate regulations that guarantee the protection of information in a similar way to that established by European regulations or that subscribed to the standard clauses of the European Union.
Likewise, SEFIDE would inform you of the existence of these transfers to third countries.
10. automated decisions
If during the Contractual Relations that it maintains with SEFIDE, through the enabled channels, SEFDIE adopts decisions based exclusively on automated processing, that is, without human intervention, that could produce legal effects on the Client or that could significantly affect him, such as It may be the denial to formalize the contracting of a SEFIDE product, you will be informed about it in compliance with current regulations.
Likewise, SEFIDE will adopt measures to safeguard the rights and interests of the Client, facilitating the right to challenge the decision and obtain human intervention.
SEFIDE will only carry out automated decisions when based on:
11. Revision
We will review this Privacy Policy whenever it is necessary to keep you duly informed, for example, due to the publication of new rules or criteria or the performance of new treatments.
We will notify you through the usual communication channels whenever there are material or important changes to this privacy policy.
This policy explains when and why we collect personal information about you, how we use it, the conditions under which we may disclose it to others and how we keep it secure.
We are committed to safeguarding the privacy of your information. By “your data”, "your personal data”, and “your information” we mean any personal data about you which you or third parties provide to us.
We may change this Policy from time to time so please check this page regularly to ensure that you're happy with any changes.
Who are we?
Transact Payments Malta Limited (“TPML”, “we”, “our” or “us”) is the issuer of your payments card and is the Data Controller for the personal data which you provide to us in relation to the card only. TPML is a private limited liability company incorporated and registered in Malta with company registration number C91879 and registered address at Vault 14, Level 2, Valletta Waterfront, Floriana, FRN 1914, Malta. TPML is authorised by the Malta Financial Services Authority as an Electronic Money Institution.
B2B FINTECH SOLUTIONS SL (“Hubuc”) is the Program Manager for your card program and, except as set out in its own Privacy Policy, is the Data Controller for any personal data which you provide which is not related to the card. Hubuc is incorporated in Spain with registration number B67552141 and registered office at Ronda Universitat 31 Planta 2, Puerta 1, 08007, Barcelona.
How do we collect your personal data?
Information is collected from you when you apply in person, online or via a mobile application for a payments card which is issued by us. We also collect information when you use your card to make transactions. We also obtain information from third parties (such as fraud prevention agencies) who may check your personal data against any information listed on an Electoral Register and/or other databases.
On what legal basis do we process your personal data?
Contract
Your provision of your personal data and our processing of that data is necessary for each of us to carry out our obligations under the contract (known as the Cardholder Agreement or Cardholder Terms & Conditions or similar) which we enter into when you sign up for our payment services. At times, the processing may be necessary so that we can take certain steps, at your request, prior to entering into that contract, such as verifying your details or eligibility for the payment services. If you fail to provide the personal data which we request, we cannot enter into a contract to provide payment services to you or will take steps to terminate any contract which we have entered into with you.
Legal/Regulatory
We may also process your personal data to comply with our legal or regulatory obligations.
Legitimate Interests
We, or a third party, may have a legitimate interest to process your personal data, for example:
What type of personal data is collected from you?
When you apply for a card, we, or our partners on our behalf, collect the following information from you: full name, physical address, email address, mobile phone number, phone number, date of birth, gender, login details, IP address, identity and address verification documents.
When you use your card to make transactions, we store that transactional and financial information. This includes the date, amount, currency, card number, card name, account balances and name of the merchant, creditor or supplier (for example a supermarket or retailer). We also collect information relating to the payments which are made to/from your account.
How is your personal data used?
We use your personal data to:
Who do we share your information with?
When we use third party service providers, we have a contract in place that requires them to keep your information secure and confidential.
We pass your information to the following categories of entity:
Sending personal data overseas
To deliver services to you, it is sometimes necessary for us to share your personal information outside the European Economic Area (EEA), e.g.:
These transfers are subject to special rules under European and Malta data protection law.
These non-EEA countries do not have the same data protection laws as Malta and EEA. We will, however, ensure the transfer complies with data protection law and all personal information will be secure. We will send your data to countries where the European Commission has made an adequacy decision, meaning that it has ruled that the legislative framework in the country provides an adequate level of data protection for your personal information. You can find out more about this here.
Where we send your data to a country where the European Commission has not made an adequacy decision, our standard practice is to use standard data protection contract clauses that have been approved by the European Commission. To obtain a copy of those clauses, please go to the European Commission's website.
If you would like further information, please contact our Data Protection Officer on the details below.
How long do we store your personal data?
We will store your information for a period of 5 years after our business relationship ends in order that we can comply with our obligations under applicable legislation such as anti-money laundering and anti-fraud regulations. If applicable legislation requires us to retain your data for a longer period of time, we shall retain it for that period. We will not retain your data for longer than is necessary.
Your rights regarding your personal data?
You have certain rights regarding the personal data which we process:
How is your information protected?
We implement security policies and technical measures in order to secure your personal data and take steps to protect it from unauthorised access, use or disclosure.
While we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Complaints
We hope that our Data Protection Officer can resolve any query or concern you may raise about our use of your personal information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in Malta is the Office of the Information and Data Protection Commissioner. Their contact details are as follows:
IDPC,
Floor 2, Airways House, Triq il-Kbira, Tas-Sliema, SLM1549, Malta.
(+356) 23287100 / info@idpc.org.mt
Other websites
Our website may contain links to other websites. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.
Changes to our Privacy Policy
We keep our Privacy Policy under review and we regularly update it to keep up with business demands and privacy regulation. We will inform you about any such changes. This Privacy Policy was issued on 2nd December 2021.
How to contact us
If you have any questions about our Privacy Policy or the personal information which we hold about you, please send an email to our Data Protection Officer at DPO@transactpaymentsltd.com.
version: 1.0
1. What is 3DS?
3DS (also known as "Mastercard SecureCode", "Identity Check" and "Verified by Visa") is a standard that helps reduce fraud and provides additional security to your online payments. Authentication is the process by which you identify yourself by sharing secure information that is only available to you. 3DS 2.0 is the latest version and provides a much simpler and more secure process for you to authenticate your payments.
2. What is the use of authentication?
Authentication provides an extra layer of security for online transactions, making it harder for fraudsters to access your payment details.
3. Is 3DS active on my card?
Yes, your card has been enrolled in Mastercard SecureCode (3DS) so whenever you see the Mastercard SecureCode logo online, your card number will be automatically recognized during checkout. Your card provider is contacted during the payment process to confirm your identity as the genuine cardholder.
4. What is the authentication process?
You will receive a 6-digit One Time Password (OTP) for each online purchase you make at participating merchants. The OTP will be sent via SMS or email to the mobile phone or email address you have registered with your card provider. Simply enter the OTP on the displayed authentication page and press the "Submit" button. Your card provider will then verify the OTP and the transaction will either be approved or declined.
5. How will I know if the registered mobile number or email address is correct?
The partially masked mobile number and email address will be displayed on the authentication page so you can verify that those details are correct. If the mobile phone number and email address are incorrect, cancel the transaction and update your information on the portal or contact Customer Services by calling 965 168 192 or writing to info@flexoh.com.
6. What if I suspect fraud has occurred on my card?
If you ever suspect that a fraudulent purchase has been made with your card, contact Customer Services by calling 965 168 192 or writing to info@flexoh.com immediately.
GENERAL CONDITIONS
This agreement for opening an electronic money account and processing transactions with electronic money, as well as, where appropriate, the attached annexes, (collectively referred to as the “Contract”) is a contract between the Client, whose data must be duly filled out in the Particular Conditions form or in the access form for the provision of electronic money services and, on the other hand, SEFIDE, EDE, SLU (hereinafter “SEFIDE”), an electronic money institution duly authorized by the Ministry of Economy and registered in the Official Registry of Entities of the Bank of Spain with code number 6705. The Client must read and, if they agree, accept and sign this contract , whose General Conditions are defined below.
EXPOSE
Hereinafter, the Client and SEFIDE will also be referred to individually as the “Party” and jointly as the “Parties”. Consistent with the foregoing, the Parties signing this contract, carry it out, in accordance with the provisions of the following
STIPULATIONS
1.- Request to open an electronic money account
1.1 By this contract, in accordance with the provisions contained therein and, where appropriate, with the particular conditions agreed by the parties, the opening of an Electronic Money account is formalized, in favor of the Client.
2.- Object of the Contract
2.1 The provision of services by SEFIDE will allow the client to have an electronic money account to which a "mirror account" will be associated in Banco Inversis SA, with which they will have an IBAN in the National Electronic Compensation System that It will allow you to have direct debit services and the issuance and receipt of transfers.
2.2 Due to the Entity's operations, SEFIDE has signed an agreement through which Banco Inversis makes an omnibus account available and owned by SEFIDE through which the debit service will be provided.
Through this omnibus account, each client will have an account at Banco Inversis , called a "mirror account" which will be the one used to carry out payment services, since this account will have an IBAN recognized in the exchange system.
2.3 If requested by the client, the contract model between the Entity and Banco Inversis for the provision of the service may be made available to them. The Entity guarantees the absolute separation of client funds in the Banco Inversis account and will be responsible for any damages that could be caused to clients by their confusion.
2.4 The client consents, by signing this contract, to the transfer to Banco Inversis of those personal data that are strictly necessary to carry out the operations covered by this contract.
2.5 These mirror accounts will have a unique IBAN, will be owned by SEFIDE and will be linked to the settlements made in the user's accounts due to the operations carried out by the latter. In this way, SEFIDE will make information about the IBAN code available to the user so that the following operations can be carried out:
SEFIDE guarantees that, in the cases of use of the Mirror Accounts, the obligations of separation and control of funds are fulfilled as indicated in the fifth point below.
2.6 The electronic money account will be operational once the necessary documentation requirements are met to carry out the corresponding customer registration process, (" onboarding " in its Anglo-Saxon terminology), corresponding to the identification and verification of the customer's identity, of the beneficial owner and the purpose and nature of the business relationship.
2.7 Once the electronic money account is operational, the Client will be able to exchange fiat money for electronic money through top-ups through various means of payment, from an account opened in a credit institution operating in Spain, which can be extended to any country of the European Union or the European Economic Area if expressly agreed in the Particular Conditions. Once the funds are received, SEFIDE will issue the corresponding electronic money, SEFIDE always complying with the safeguard obligation imposed by Law 21/2011, of July 26, on electronic money.
3.- Entry and reimbursement of funds for the issuance of electronic money
3.1 SEFIDE offers different options for the Client to top up the funds in their electronic money account, among others, by bank transfer and by transfer from another electronic money account opened in SEFIDE or by means of a card issued by a Credit Institution. The funds delivered by the Client will be exchanged immediately for electronic money. These funds will not constitute deposits or other reimbursable funds from the public in the sense of what is established in the banking legislation. Likewise, no interest of any kind will be generated in favor of the Client.
3.2 Ownership of the electronic money account is non-transferable and may be subject to certain limitations on deposits, payments and withdrawals in accordance with the legislation in force, especially the legislation on the prevention of money laundering and the financing of terrorism.
3.3 The Client may make transfers from his electronic money account to other users who have an electronic money account also opened in SEFIDE.
3.4 The client may request the reimbursement of his electronic money balance in the terms provided in this contract, in such a way that SEFIDE will reimburse the holder of the electronic money when he so requests, at all times and for its nominal value, is that is, the monetary value of the electronic money available at the time of requesting the aforementioned reimbursement. If the Client does not indicate otherwise, the refund will be made to the same account from which the funds were deposited. If this is not the case, the funds may only be reimbursed to another account of which the Client is the owner and opened in a Credit Institution within the Spanish national territory.
3.5 The Client will be able to access the history of the movements and transactions carried out in his electronic money account. The movements in your electronic money account will be identified with their corresponding day and time, and will appear in your transaction history. It is recommended to periodically check the balance of your electronic money account and your transaction history, as well as read the messages related to your account sent by SEFIDE, immediately informing SEFIDE of any irregularity through the email address customerservice@sefide.com.
4.- Guarantees of the funds received
4.1 SEFIDE safeguards the funds received from its clients, in exchange for the electronic money issued in favor of them , by depositing them in a separate account in a Credit Institution in accordance with the applicable legislation. SEFIDE has posted on its website (www.sefide.com) the asset safeguard policies.
5.- Responsibilities
5.1 The Client is responsible for the proper use of their electronic money funds. Fraudulent use, both of the electronic money account itself and of the top-up means, will be considered a very serious act and will entail a violation of contractual good faith, without prejudice to the legal responsibilities that this entails. SEFIDE reserves the right to block and/or restrict the functionality of the electronic money account opened by the Client.
5.2 In order to avoid fraudulent actions, the Client must notify SEFIDE of any message received or website visited, other than www.sefide.com, which leads him to request passwords or personal data relating to his account opened at SEFIDE. If you suspect that someone has accessed your electronic money account, you should immediately contact SEFIDE. On the other hand, if SEFIDE suspects that someone has accessed your electronic money account without your authorization, or that its security has been affected in any other way, at any time it may suspend or restrict the functionality of the account, until the its security is restored. Transactions managed by SEFIDE may require additional security measures, which will be notified to you at the respective time.
5.3 Likewise, the Client must notify SEFIDE without undue delay, as soon as he becomes aware of the unauthorized use of his electronic money account. In the event that an unauthorized transaction is executed, SEFIDE will return to the Client, once the necessary investigations and inquiries have been carried out, the amount of the unauthorized operation. However, the Client will bear all the losses incurred as a result of unauthorized transactions that are the result of his fraudulent action or the breach, deliberate or due to gross negligence, of one or more of his contractual or legal obligations.
5.4 SEFIDE reserves the right to block the use of the electronic money account for objectively justified reasons related to security, such as suspicion of unauthorized or fraudulent use. Likewise, it may block it if it has reason to believe that, in any way, the Client is involved in any fraudulent activity, money laundering, financing of terrorism or other criminal activity, if it has reasonable reason to believe that its electronic money account has been been compromised or for any other security reason. The suspension will be notified before carrying it out, and if the notification is not possible according to the circumstances at the time, it will be notified as soon as possible after it is carried out, unless there is some legal impediment to making such notification.
6.- Privacy Policy
6.1 SEFIDE will comply at all times with the provisions of current regulations on data protection, in particular, the provisions of Regulation (EU) 2016/679, of April 27, 2016, regarding the protection of natural persons. regarding the processing of personal data (“RGPD”), as well as Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (“LOPDGDD”).
6.2 The personal data collected will be treated fairly and lawfully in accordance with the principles and rights contained in the LOPD and other development regulations.
6.3 For the opening of the electronic money account, the management of the electronic money account and the payment and reimbursement operations, SEFIDE will use, where appropriate, the personal data of the Client.
6.4 The Client accepts that their data and nominative information, collected by SEFIDE for the purposes of this document, will only be transmitted to the operational providers with whom they have contracted to execute the Payment Operations and provide the services, provided that the third parties recipients of these personal data are subject to regulations that guarantee a sufficient level of protection.
6.5 SEFIDE will not carry out any transfer of personal data outside the European Union. In the event that SEFIDE needs to transfer personal data outside the European Union, it will inform the Client in advance. In such a case, SEFIDE undertakes to respect the legal framework in force at all times and to implement any necessary measure to guarantee the security and confidentiality of the data thus transferred.
6.6 Some data collected and kept by SEFIDE for the purposes of this contractual relationship may give rise to the exercise of access and rectification under the conditions provided in Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of rights. digital. The Client may at any time obtain a copy of the personal data concerning him, simply by requesting it from the Data Protection Officer at the following address DPO@SEFIDE.COM, you can also request it in writing to the address of Avenida de la Ciencia number 2, 3rd floor, CP 18006, Granada.
6.7 SEFIDE will keep the information and personal data for the maximum applicable legal or regulatory period, depending on the purpose of each specific data process. In particular, SEFIDE must keep for a period of ten years the documentation that formalizes compliance with the due diligence obligations for the prevention of money laundering and the financing of terrorism, in accordance with the provisions of Law 10/2010. .
7.- Conditions of the electronic money account
7.1 The conditions that currently apply to the electronic money account will be those agreed upon by the Parties in the Specific Conditions, if applicable.
8.- Non-remuneration of electronic money funds
8.1 In accordance with the legal provisions, the granting of interest or any other benefit related to the time during which an electronic money holder is in possession of it is prohibited.
8.2 In relation to the balance that the Client has in the electronic money account, at no time can it be understood as capturing deposits, for which the funds in electronic money cannot be and will not be, in any case, remunerated, as expressly stated in article 8 of Law 21/2011, of July 26, on electronic money.
8.3 Likewise, debit positions will not be possible in the electronic money account opened by the Client in SEFIDE.
9.- Revocation of payment orders and refunds. I do not repudiate
9.1 The Client will not be able to revoke any payment authorization by means of electronic money that he has given to SEFIDE once said transaction has been processed. The Client may not revoke a payment order after it has been received by SEFIDE.
9.2 In accordance with the principle of authenticity and non-repudiation in the payments of the security system used, the parties agree that the use of SEFIDE electronic money in the conditions indicated in this contract authentically identifies the User, and it is not possible for the User to repudiate subsequently the transactions carried out, considering that said transactions have been carried out by persons endowed with sufficient powers for this purpose.
10.- Blocking electronic money accounts
10.1 SEFIDE may block the electronic money account and any payment instrument linked to it when it has objectively justified reasons related to the security of the electronic money account and any payment instrument linked to it, or when SEFIDE suspects a unauthorized or fraudulent use. In such a case, SEFIDE will inform the Client, in the agreed manner, of the blocking of the electronic money account and of any linked payment instrument and of the reasons that have given rise to it. This communication will take place prior to the blocking and, if this is not possible, immediately afterwards, unless the communication of such information is compromised for objectively justified security reasons or is contrary to any other regulatory provision.
10.2 SEFIDE may block electronic money accounts when it can be deduced from the transaction history that the Client is using the electronic money account for an illicit purpose.
10.3 The blocking of electronic money accounts, temporarily or indefinitely, will not generate any type of compensation or economic remuneration in favor of the Client.
11.- Necessary documentation to register the electronic money account
11.1 This stipulation regulates the necessary documentation to open the electronic money account in SEFIDE:
Registration of legal entity clients:
Registration of natural person clients:
11.2 SEFIDE will only proceed to open the electronic money account once the Client's registration process ( onboarding , in Anglo-Saxon terminology) has been completed satisfactorily.
11.3 The documentation required by SEFIDE indicated above may be updated and expanded unilaterally by SEFIDE, provided that this is necessary for a diligent action by SEFIDE, as well as to be able to comply with the regulations for the prevention of money laundering and financing of the terrorism. In particular, you may request additional or updated documentation regarding the obligation of formal identification; identification of the beneficial owner; obtaining information about the purpose and intended nature of the business relationship; application of continuous monitoring measures to the business relationship, as well as application of due diligence and enhanced diligence measures.
11.4 Likewise, SEFIDE may require more documentation and information depending on the nature of the operations, as well as the volumes of transactions, that are carried out in the open electronic money account.
12.- Duration, modifications and termination of the contract
12.1 The contract is concluded for an indefinite period. However, it may be resolved by any of the parties without the need for any reason, and with a minimum notice of two (2) months in advance if the resolution is at the request of SEFIDE. The resolution of the contract will determine the full reimbursement of the monetary value of the electronic money available to the Client.
12.2 SEFIDE may make changes to the initially agreed conditions at any time, communicating them at least two (2) months in advance of the date on which the new conditions are to come into force, by the means agreed for communications. Said modifications will be considered accepted by the Client if he does not expressly communicate his non-acceptance prior to the proposed date of entry into force. The opposition of the Client to said changes and the notification of objection to them, will constitute a cause for termination of the contract.
12.3 All those modifications that are more favorable for the Client may be applied immediately, without any waiting period or prior notice being necessary for this. Similarly, neither the prior notice nor the waiting period will be applicable in cases where the modification refers to a new service, additional functionality for an existing service or any other change that can be reasonably considered. that does not reduce your rights or increase your responsibilities. In these cases, the change will be made without prior notice and will take effect as soon as it is notified or published.
12.4 Either party may terminate this agreement. To do this, you must notify the other party at least two (2) months in advance. However, the contract may be subject to immediate termination by SEFIDE in the following cases:
12.5 Likewise, the contract may be terminated, without the notification indicated in the previous paragraph, in the following cases:
13.- Claims
13.1 In the event that the Client wishes to make a complaint or claim, they may contact SEFIDE's Customer Service, through the email address atencionalcliente@sefide .com and can also be submitted on paper at the address of SEFIDE indicated above.
13.2 The SEFIDE Client Defense Regulations are available to the client at www.sefide.com.
14.- Contract documentation
14.1 Without prejudice to the fact that the execution of this contract is recorded on a durable medium that allows the client to store and retrieve it easily, and its reproduction without changes of the stored information, at any time the Client, who so requests, will have the right to receive in paper or on another durable medium the contractual conditions of this contract.
15.- Prevention of Money Laundering and the Financing of Terrorism
15.1 SEFIDE will adopt the necessary technical and operational measures to comply with the obligations derived from the regulations on the prevention of money laundering and the financing of terrorism, in accordance with the legislation in force at any time.
15.2 SEFIDE may adopt, among other measures, establish the quantitative limits indicated in article 16 of Royal Decree 304/2014, of May 5, which approves the Regulation of Law 10/2010, of April 28, of prevention of money laundering and financing of terrorism.
16.- Non-compliance not attributable in the provision of the service
16.1 SEFIDE will not be responsible for the total or partial breach of the Contract when this is due to a fortuitous event or cause of force majeure, and without said breach being a cause for termination, and SEFIDE must, in any case, take all measures that were necessary to restore the service in the shortest possible time.
17.- Confidentiality
17.1 The terms of this agreement are strictly confidential. Both Parties undertake not to disclose or transmit to third parties (except to collaborators or advisors of the Parties who may need said information solely in the context of this contract), without the prior written consent of the other Party, the existence, terms and content of this contract, as well as the information contained therein, or that would have been provided by the disclosing party within the object of this contract.
17.2 The receiving party of the information shall refrain from using, duplicating, reproducing or keeping all or part of the information provided by the other party for purposes unrelated to the fulfillment of this contract, except for information that:
18.- Use of the SEFIDE Technology Platform
18.1 The Parties acknowledge that the provision of the services object of this contract will be carried out through the interconnection of the SEFIDE technological platform with the client's technological platform. In this sense, the Client is responsible for all the activities that take place when using the SEFIDE technological platform, including the “ sandbox ” and the “ API's ”. The Client undertakes to make good use of the platform, understanding good use to be that which is in accordance with current legislation, good faith and public order. Likewise, you agree not to use it for fraudulent purposes and not to carry out any conduct that could damage the image, interests and rights of SEFIDE.
18.2 The Client undertakes not to carry out any act that would have the purpose of damaging, rendering useless or overloading the website, or that would prevent, in any way, its normal use and operation . Specifically, the following activities are prohibited:
18.3 To the extent that the Client obtains knowledge or receives confidential information related to the SEFIDE technological platform, he must treat said information with strict confidentiality and may not disclose it to third parties, both during the period of validity of his registration on the platform and after that registration ceases.
18.4 Upon termination of this Agreement, Customer must destroy any copies of Confidential Information in its possession and/or that of its subcontractors or agents and, if required, certify such destruction.
18.5 The property of the technological platform of SEFIDE, including the “ sandbox ” environment and the “ API's ” to which access is given through it are the property of SEFIDE and are protected by the legislation on intellectual property.
18.6 SEFIDE's technological platform and all the information contained therein is provided "as is". The Client is responsible for evaluating the accuracy, completeness or usefulness of any information in the APIs or any other content available on the SEFIDE technology platform.
SEFIDE will not be liable: a) for the use made by the Client when he is not following SEFIDE's instructions; and b) of the effects or consequences that are derived for the Client for having made a negligent or malicious use.
19.- Assignment of the rights derived from the Contract
19.1 The Parties expressly agree that the rights and obligations arising from this Agreement may not be assigned, in whole or in part, without the express written consent of the other party.
20.- Communications
20.1 The parties agree that the transmission of information or notifications between them will preferably be done by email and in the Spanish language. To this end, the Customer must maintain a valid email address in their account profile at all times, being responsible for checking incoming messages periodically and frequently. You can contact SEFIDE at any time by sending a message to the email address: operaciones@sefide.com or customerservice@sefide.com.
21.- Applicable law and submission to jurisdiction
21.1 This contract will be interpreted and fulfilled in its own terms and, in matters not foreseen, will be governed by Spanish legislation on the matter, adjusting the obligations and responsibilities of the parties to it.
21.2 The parties submit to the jurisdiction of the Courts and Tribunals of Granada capital for any matter related to the interpretation, compliance or execution of this contract, expressly waiving any jurisdiction that may correspond to them.
21.3 And in proof of conformity, the parties sign this electronic money account opening contract, in duplicate, in the place and on the date indicated in the signing footnote of this contract.
FLEXOH DEBIT CARD OF THE COMPANY'S OWN FUNDS - TERMS OF USE
These terms and conditions of use ("Terms"), and the provisions of the annex ("Exhibit"), in connection with the use of the Debit Card issued by Transact Payments Malta Limited (collectively the "Agreement") constitutes a binding agreement between You and Transact Payments Malta Limited.
"You" and "Your" means the "Contract Holder" of the Card and, where applicable, the Card User on behalf of the Contract Holder. "We" and "Our" means Transact Payments Malta Limited, a company incorporated in Malta with its registered office at Vault 14, Level 2, Valletta Waterfront, Floriana FRN 1914 and Company Tax ID No. 91879 and authorized by the Malta Financial Services Authority ("TPML"). Program Manager means B2B Fintech Solutions SL (trading as "HUBUC") incorporated and registered in Spain with company CIF number B67552141 and registered office at Ronda Universitat 31 Planta 2, Puerta 1, 08007 Barcelona.
You will be asked to confirm your acceptance of this Agreement when you apply for the Cards through the Corporate Accounts Platform. If you refuse to accept this Agreement, the Program Administrator will not be able to complete your order for Cards. The Agreement will be governed by the Conditions and the Program in force, as they appear on the Website and in the Corporate Accounts Platform.
Please read the Terms and Conditions carefully and keep a copy for future reference.
1. Definitions and interpretation
Account: is the electronic money account in the name of Kibibyte SL, also known as “Flexoh”, provided by SEFIDE EDE SLU, opened in accordance with the Account Conditions of SEFIDE EDE SLU and which account with Flexible Remuneration Benefits. For the avoidance of doubt, the issuance of electronic money is not governed by this Agreement.
Mobile app refers to the mobile application indicated in the annex, in which card users can carry out certain operations in relation to their card, such as activation, viewing of transactions, viewing of the remaining flexible compensation benefits, blocking and unblocking and making inquiries to customer service in relation to the use of the card.
applicable law means any applicable law (including, but not limited to, any local law of the jurisdictions in which the Card is supplied and the Program is operated), statute, statutory instrument, act , regulation, rule, order, supervisory guide, policy, instruction or requirement stipulated by an applicable Regulatory Authority, or interpretation promulgated or published by any Regulatory Authority, any order issued by a court having jurisdiction over a party, or any applicable rule or requirement of any Card System related to the issuance, sale, authorization or use of the Card and/or the services provided under this Agreement or any other rule that TPML deems valid from time to time.
business day means Monday to Friday, 9:00 a.m. to 5:00 p.m. (CET), excluding Maltese general, national and public holidays.
Card means each plastic or virtual debit card, as set out in the Addendum, issued by us in accordance with the card system license, with an underlying account that maintains the balance of the card card in the denominated currency. References to the Card include all Card details, security details and PIN numbers.
Card Plan has the meaning defined in the Annex.
Card Services means any services provided by us, the Program Administrator or any third party service provider in connection with a Card.
Card User is a person to whom a card is issued and who is validly authorized by Kibibyte SL and by You to use the funds in the account through a card subject to this Agreement and in her name. Current Bank of India legislation prevents the provision of Cards to residents of India.
Holder of the contract is You, the legal person to whom the Cards are issued and who, subject to your agreement with the Corporate Accounts Platform, authorizes the use of the available funds that make up the Benefits of Flexible Remuneration that the Card User can use.
The Corporate Accounts Platform refers to the online platform where the Cards can be requested. The use of the Corporate Accounts Platform is regulated by an agreement signed between the Contract Holder and Kibibyte SL
Customer Service is the department of Kibibyte SL in charge of providing customer service for the Card, as indicated in the Annex.
Denominated Currency has the meaning given to it in the Schedule.
Flexible Compensation Benefits means the funds available in the Account that are provided by the Flexible Compensation Provider pending payment by the Contract Holder, in accordance with the Corporate Platform Agreement.
Event of insolvency: Occurs, with respect to any party, in the event of
Personal Data means any registered personal identity data related to the use of the Card, including (but not limited to) name, date of birth, address, email address and telephone number (landline and /or mobile) of a person. Full details of the Personal Data we process are set out in our Privacy Policy.
PIN or PIN Code is the personal identification number used to access certain Card services, provided to the Card User.
Regulatory Authority means, depending on the context, any regime and/or any regulator or agency that has jurisdiction over the Issuer or the Program Manager in relation to the issuance, marketing, sale, authorization or the use of the Cards, the Programs or the services provided under this agreement, including, without limitation, the Malta Financial Services Authority.
Security data refers to certain information, including personal information, provided by you on behalf of the card user when applying for the card and reported by you to the program administrator from time to time.
Program Manager means B2B Fintech Solutions SL (trading as HUBUC), incorporated and registered in Spain with company registration number B67552141 and registered office at Ronda Universitat 31 Planta 2, Puerta 1, 08007 Barcelona , according to clause 19.2, the administrative and technical manager of the Card.
Transaction means your use of the Card to make a payment or a purchase of goods or services from a merchant over the Internet, by telephone or by mail.
Website: the website indicated in the Annex, on which Card Users can perform certain operations in relation to their Card, such as activation, viewing Transactions, blocking and unblocking and the formulation of queries to the Customer Service in relation to the use of the Card.
2. Purpose of the card
2.1 The Card, whether plastic or virtual, is a debit card with immediate charge to the Account and systematic authorization. The Card allows its Users to access the available funds that have been previously credited to the Account for the purpose of paying the Flexible Remuneration Benefits. The Card is not a credit card and its use is limited to the amount of the Account and any other limits mentioned in this Agreement.
2.2 The Card is issued by us at the request of the Contract Holder and upon acceptance of such request to the Program Manager through the Corporate Accounts Platform. Plastic Cards will be shipped directly to Card Users (as directed by the Contract Holder) to the address specified in the Card order form completed on the Corporate Accounts Platform.
2.3 The Card can be used in Spain to purchase food and travel services only in the places where the symbol of the Card Network appears (subject to the local laws and regulations of the country of use), provided that there are sufficient funds available. in the Account for the Transaction, including applicable fees (subject to local laws and regulations of the country of use).
2.4 The Card remains our property at all times and must be returned or destroyed at our request. The use of the Card is personal to You and the Card Users. You may not assign your rights under this Agreement, and the Card User is strictly prohibited from transferring or assigning the Card to any third party or allowing any third party to use the Card. Authorization for You and/or Card Users to use the Card may be revoked at any time, in accordance with clause 10 below.
2.5 The Contract Holder will be responsible for all acts and omissions of the Card Users that are intended to be carried out by virtue of the activities provided for in this Agreement. The Contract Holder warrants, represents and undertakes to ensure that all Card Users are aware of the contents of this Agreement and understand the obligations relating to the use of the Card.
3. Use of the card
3.1 Activation and general use of the card
3.1.1 The Card cannot be used unless it has been activated within the period notified by the Card User. An activation procedure will be provided with each Plastic Card. You must know, and ensure that Card Users know, and follow the steps necessary to activate the Plastic Card and the instructions must be followed. You will only supply the Card to the Card User and you will be responsible for ensuring that each Card User complies with this Agreement where applicable.
3.1.2 The Card can only be used by the Card User and expires on the date on the face of the Card. The Card cannot be used after its expiration.
3.1.3 The amount corresponding to each transaction and the associated commissions will be deducted from the balance of the Account. The card can only be used to pay for meals and public transport.
3.1.4 When using the Card at certain merchants, including hotels and restaurants, the merchant may hold an additional amount to cover tips/gratuities, temporarily reducing the available balance on the Card.
3.1.5 The Card may not be used as: (i) a payment guarantee, for example as a deposit for hotels, cruise lines or car rentals, as merchants such as these may estimate the final bill and this amount does not will be temporarily available to access or spend or as (ii) an arrangement for recurring billing as any debits as a result of such arrangements will be deemed to have been authorized by You.
3.1.6 We do not recommend using a virtual card to purchase an item online that subsequently requires the presentation of a physical reference device to obtain the item. Examples of this are certain purchases of theater tickets, hotel stays, car rentals and online purchases collected in person.
3.1.7 You agree to accept a credit to the account if a card user is entitled to a refund for any reason for goods or services purchased with the card.
3.1.8 We are not responsible for ensuring that Point of Sale ("POS") terminals accept the Plastic Card.
3.1.9 As far as plastic cards are concerned, some points of sale, in particular those located on movable property such as trains and ships, and some static payment machines, such as those in car parks and toll roads, are not connected in real time to the approval of the card system. We do not accept any responsibility, and shall not be liable, for the inability of card users to use their cards at such POS terminals or machines.
3.1.10 The user must comply with all laws and regulations (including any exchange controls) with respect to the Card, in the country of purchase and/or use.
3.1.11 You can only use the card in the denominated currency.
3.2 Funds available
3.2.1 The card user must check in the mobile application that there are sufficient funds in the account before attempting any transaction with the card to avoid disappointment or embarrassment if the card is rejected.
3.2.2 If there are insufficient funds to pay for a transaction, the card may be declined or the retailer may allow the balance to be paid by some other means.
3.2.3 The Card can only be used if you have enough Flexible Compensation Benefits remaining in the Account to pay for the Transaction.
3.2.4 The card user can obtain certain information about the card and recent transactions through the website, the mobile application or by contacting customer service by phone.
3.3 Temporary blocking of the card
3.3.1 The Card User and/or the Contract Holder may request the temporary blocking of the Card by contacting Customer Service or temporarily blocking the Card in the Mobile Application.
3.3.2 You and/or the Card User may request the unblocking of the Card at any time through the Corporate Account Platform or the Mobile Application (as applicable) using the information and according to the procedures established in the Exhibit.
3.3.3 The request for a temporary blocking of the Card does not satisfy the obligation of the Card User or the Contract Holder to inform the Program Manager of the loss, theft, improper or fraudulent use of the Card or related data.
3.3.4 If we block or suspend a Card, the Program Administrator will notify You and/or the Cardholder by email, if possible before blocking or suspending the Card, and at the latest, immediately thereafter, to unless we reasonably believe that providing such information would constitute a security risk or we are not permitted to provide such information by any applicable law. The user and/or the cardholder may request at any time that the blocking of their card be removed by contacting Customer Service through the contact details specified in the Annex, but the decision to unblock the card or resuming the provision of our services will be at our discretion.
3.4 Card renewal
any renewal of the Card, if applicable, will be subject to the Schedule
3.5 Refund
goods or services paid for with the Card cannot be refunded by a merchant unless there has been a prior Card Transaction charged to the Account by that merchant in an amount equal to or greater than the refund requested. If the Card User and the merchant agree on a refund, the merchant may process it through a point of sale terminal. The amounts credited to the Account by the retailer as a refund will be available within a maximum period of 3 (three) days from receipt of the refund order. If an amount other than a refund is credited to the Card, we reserve the right to terminate the agreement.
4. Card limits
4.1 Transaction limits may apply to the Card as detailed in the Addendum.
4.2 Each time the card user uses the card, the value of the transaction will be debited from the account. If the value of the Transaction exceeds the balance of available funds in the Account, the Transaction will be declined.
5. Card security
5.1 Card users must sign the back of the plastic card as soon as they receive it.
5.2 You must treat the Card as if it were cash. If your card is lost or stolen, you can lose some or all of the money on your card, just as if you lost cash.
5.3 You must keep the card, security data and PIN (as applicable) in a secure condition by taking appropriate measures, including the following
5.4 You will never be asked to provide your PIN over the phone or online to pay for goods or services or to carry out a transaction. If someone asks you to reveal a PIN, you must decline the request and notify Customer Service.
5.5 The PIN may be disabled if an incorrect PIN is entered three (3) times at a point of sale terminal. If the PIN is deactivated, contact Customer Service to reactivate it. There may be a twenty-four (24) hour delay in reactivating your PIN.
5.6 You undertake, represent and warrant to us that the transactions that the card user will carry out using the card do not violate any applicable law and that you and the card user will comply at all times with all applicable laws in relation to the performance of its obligations under this contract.
5.7 The Card User must obtain a receipt for each Transaction carried out with the Card. The Card User should keep their receipts to verify their Transactions.
5.8 Card users will not in any case send their active card, either to us or to third parties, by post or by any other non-secure delivery method.
5.9 Information sent over the Internet may not be completely secure. The Internet and online systems are not controlled or owned by us and we cannot guarantee that they will be secure or functional at all times and we do not accept any responsibility for unavailability or interruption.
6. Transaction Authorization
6.1 You will need to consent to each transaction, if any, a) using your PIN or other personal security code; b) signing a purchase voucher; c) providing the card data and/or providing any other personal data about you and/or your card. Once you have consented to the transaction, it will be considered authorized.
6.2 If a transaction order is received after 4:00 p.m. on a business day, it will be deemed to have been received on the following business day.
6.3 Once you have authorized a transaction, it cannot be revoked and the time of receipt of a transaction order is when it is received by our processing partner.
6.4 Your ability to use or access the Card may be interrupted from time to time, for example, if the Program Administrator or any third party service provider needs to perform maintenance on their systems or websites. Please contact Customer Service if you experience any problems using your Card or Account, which will be resolved as soon as possible.
7. Loss, theft and misuse of cards
7.1 If the Card is lost, stolen, misused or may be misused by a third party, or if You or the Card User suspect that another person may know the PIN or related Security Data, or has made a Transaction unauthorized use, you must stop using the Card and notify Customer Service directly as soon as you become aware of any such loss, theft, misappropriation or unauthorized use of the Card. The Card will be suspended to prevent further loss once You notify Customer Service in accordance with this clause.
7.2 We may also suspend a Card with or without notice if we suspect that the Card, PIN or any other security information relating to the Card has been, or may be, misused, if any Transaction is considered suspicious and/or is identified as fraudulent, if we have reason to believe that you have breached a material condition of these Terms or have repeatedly breached any term or condition and have not ceased such breach, or if we suspect illegal use of the Card.
7.3 You and/or the Card User may be required to assist us, the Program Manager, our representatives or the police if the Card is stolen or if we suspect that the Card is being misused.
7.4 Replacement cards will be sent to the most recent address you have provided.
7.5 If the lost card is subsequently found, it must not be used unless you contact Customer Services and obtain approval.
8. Our liability to you
8.1 We will not be liable to you for any losses you or the card user may suffer in connection with or arising from the card, except where such losses are due to our breach of this agreement or our negligence. In addition, we will not be responsible for disputes regarding the quality of goods or services purchased from any merchant that has accepted a Card, or for additional fees charged by the operator of the point-of-sale terminals (for example, when you are offer dynamic currency conversion at a point of sale). In particular, we will not be liable for any loss due to (i) any failure due to events beyond our reasonable control; (ii) any system failure or labor dispute that is beyond our control; (iii) that any retailer refuses or is unable to accept the Card; (iv) the manner in which any refusal to accept the Card is communicated to you; (v) any violation by you of any currency laws; (vi) for us to take any action required by any federal or state government law or regulation, or by court order; or (vii) anything specifically excluded or limited elsewhere in this Agreement.
8.2 Unless otherwise required by law, we will not be liable for any direct or indirect loss or damage that you may suffer as a result of the use of all or part of or the inability to use your card, or the use of your card by third parties. (including fraudulent or unauthorized transactions and subsequent unsuccessful chargebacks).
8.3 You agree to indemnify us for any and all actions, claims, costs, damages, demands, expenses, liabilities, losses and proceedings directly or indirectly incurred by us or brought against us if you have acted in fraudulently, has been negligent or has misused the card or any of the services we provide to you.
8.4 The above exclusions and limitations set out in this paragraph will apply to any liability of our affiliates, such as the Plans, and other suppliers, contractors, representatives of and any of their respective affiliates (if any), to you, which may arise in connection with this Agreement. For all purposes of the law, we also appear herein as agents of our affiliates, such as the schemes, and other suppliers, contractors, representatives and any of their respective affiliates (if any), in a limited way for the purposes of this clause.
9. Termination of this Agreement
9.1 This agreement will continue in force until the termination of your Corporate Account Platform agreement with Kibibyte SL or unless otherwise terminated in accordance with this clause 9 or clauses 10 and 13.3.
9.2 The Agreement may be terminated at any time by the Agreement Holder by giving 30 days' prior written notice to Customer Service or by us, or the Program Administrator by us, by sending a written notice 30 days in advance to the User.
9.3 Once your plastic card has expired or if it is found after you have reported it lost or stolen, you must destroy it by cutting it in two at the magnetic stripe.
10. Causes of termination
10.1 We reserve the right, at any time and without prior notice, to terminate the Agreement, block or suspend the use of the Card, restrict its functionality and/or require the return of the Card if any of the following circumstances occur:
10.2 Subject to clause 3.3, we will remove the block from the Card as soon as possible after we are reasonably satisfied that the reasons for blocking or suspending the Card no longer exist. If the circumstances to block or suspend the card continue for one month, we may terminate the contract.
10.3 Any termination or expiration of the Agreement, however caused, shall be without prejudice to any obligations or rights of either party that may accrue prior to termination or expiration, and shall not affect any provision of the Agreement which, whether express or implied, is intended to be effective upon or continuing to be effective upon such termination or expiration.
10.4 The Contract Holder shall be responsible for ensuring that all Card Users have been notified of the termination of the Contract.
11. Penalties
11.1 In addition to constituting such actions a violation of the provisions of this Agreement, any illegal or fraudulent use of the Card by the User or with knowledge thereof, may be reported to the Police or any other relevant regulatory authority.
11.2 You will be liable to us for all losses, fees and other expenses we incur in connection with the recovery, cancellation or reversal of transactions resulting from misuse of the card by you or the card user, or when you breach any material provision or repeatedly breach any provision of this Agreement and fail to cure it.
12. Confidentiality and data protection
12.1 TPML is the Data Controller of Your Personal Data associated with the application and use of this Card and will collect certain information about the Contract Holder and Card users for the purpose of operating the Card programme. Your provision of your personal data and our processing of such data is necessary for each of us to perform our obligations under this agreement. On occasion, processing may be necessary for us to take certain steps, at your request, before entering into this Agreement. If You do not provide the Personal Data we request, We will take steps to terminate this Agreement in accordance with clause 10.1(vi) above.
12.2 We will manage and protect your personal data in accordance with all applicable data protection laws. For complete and comprehensive information on when and why we collect personal information about you, how we use it, and the conditions under which we may disclose it, please see our privacy policy https://flexoh.com/privacy-policy, which is provided to you at the time we collect your personal data.
13. Agreement Variations
13.1 We may, at Our discretion, amend this Agreement at any time.
13.2 We will instruct the Program Manager to give you 15 (fifteen) days' notice by post or email before we make the change, unless the change is required to apply earlier by any applicable law, regulation or rule by the card network, or if it is related to a change in the exchange rate. The version of this Agreement that appears on the Website and the Corporate Accounts Platform at any time will constitute the binding version and will render any previous version obsolete. You understand that the Website and the Corporate Accounts Platform must be reviewed regularly.
13.3 If you do not agree to the change, you must terminate the contract in accordance with the provisions of this contract. If you do not, we will assume that you agree to the change and it will take effect after the notice period has elapsed.
14. Warranty
14.1 The Program Administrator will at any time replace a card declared to be defective. The defective product must be returned to the Program Administrator in that state by certified mail. Shipping costs will be reimbursed by adding them to the Account if the product is proven to be defective after being inspected by the technicians of the Program Administrator.
14.2 If our inspection of a returned Card found to be faulty by you or the Card User proves it to be incorrect, the Card will be returned to you or the Card User and we may apply administrative charges to the account, which will be deducted from available funds according to the schedule.
15. Exclusions
15.1 The above guarantee does not apply if:
16.Overall
16.1 Nothing in this Agreement confers on any third party any benefit or right to enforce this Agreement.
16.2 We may assign any of our rights and obligations under this Agreement to any other person or company, provided that such party continues to perform its obligations to you hereunder.
16.3 We may contact you by letter or email using the contact details you provide on the company account platform.
17. Claims
17.1 The card program is managed by B2B Fintech Solutions SL operating as HUBUC. If you wish to contact us or make a complaint about any aspect of our service, please contact complaints@hubuc.com.
17.2 If after receiving a response from our customer services team you are not satisfied with the outcome, you can raise your complaint with the Transact Payments Malta Limited Complaints Department at complaints@transactpaymentslimited.com.
17.3 We will do our best to reach a resolution of your complaint, if we cannot resolve your problem to your satisfaction we will explain the reason for our decision.
17.4 In the unlikely event that we are unable to resolve your issue, you have the right to refer your claim to the Financial Services Arbitrator at Office of the Arbiter for Financial Services, 1st Floor, St Calcedonius Square, Floriana FRN 1530, Malta (Telephone+ 356 21249245, Website: https://financialarbiter.org.mt
18. Law, jurisdiction and language
18.1 This Agreement and any dispute arising under it shall be governed by and construed exclusively in accordance with the laws of Malta and shall be subject to the exclusive jurisdiction of the Maltese courts.
18.2 The English version of this Agreement and any communication and content on the Website shall take precedence over any other language versions that we may publish from time to time.
19. Card issuer and card service provider
19.1 Your Card is issued by Transact Payments Malta Limited under its Card Scheme licence, authorized by the MFSA as an electronic money institution and to provide payment services.
19.2 B2B Fintech Solutions SL, doing business as HUBUC, manages and provides the card issued by Transact Payments Malta Limited. HUBUC provides the IT platform and will carry out due diligence on you, if required.
19.3 Kibibyte SL is at your disposal to offer you a customer service if you have any questions. Kibibyte SL also carries out activities such as marketing and provision of the Corporate Accounts Platform.
ANNEX TO THE APPENDIX REFERRING TO THE DEBIT CARD PROPERTY OF THE FLEXOH COMPANY
This addendum ("Addendum"), together with the Mastercard Card Terms ("Terms"), govern the use of the Card. The Addendum and the Terms are both referred to as an Agreement. Your card is a plastic and/or virtual card.
You will be asked to confirm your acceptance of this Agreement when you apply for the Cards through the Corporate Accounts Platform. If you refuse to accept this agreement, we will not be able to fulfill your card order.
Unless specifically stated otherwise, words and expressions in this Addendum have the same meaning and interpretation as defined in the Terms.
Definitions
Card system: Mastercard International Incorporated . Mastercard is a registered trademark of Mastercard International Incorporated .
Currency denomination: Euro
Website: https://flexoh.com/
Mobile application: Flexoh
Customer Services: You can contact Customer Service through the following channels:
1. Information to be provided to activate the card
The card user must activate the physical card as soon as it is received, following the detailed instructions in the information documents that accompany the card.
The card user can set their PIN during the activation process in the mobile application.
2. Your account limits
Limits for physical and virtual card profiles are listed below . The limits are in the currency of the card.