Customer Privacy Policy

Truevo Payments Ltd (hereinafter ‘Truevo’) is committed to protecting data subjects’ privacy in accordance with the General Data Protection Regulation (hereinafter ‘GDPR’). This privacy policy explains what information we gather about you as Merchants or Partners of Truevo, what we use that information for and who we give that information to. It also sets out your rights concerning your information and who you can contact for more information or queries. Click on the links below to take you to the more detailed sections of this policy.

Who this privacy policy applies to and what it covers

When applying to become a Merchant or Partner, Truevo Payments Ltd (hereafter referred to as “Truevo”) collects, processes and stores personal information about you. Such information is processed for a number of reasons, such as to process Merchant or Partner applications submitted through our online forms, as well as providing its service to such Merchants and Partners.

This policy aims to help you understand:

  • what information is collected and from where;
  • why we collect your personal information; and
  • how it is processed by Truevo.

What information do we collect?

When contacting Truevo for the provision of its services, for the purpose of the GDPR, Truevo collects personal data related to the contact person, authorised signatory, shareholders/ultimate beneficial owner(s), directors, company secretaries etc of the prospective Merchant/Customer and/or Partner. This may include:

  • Personal name
  • Personal street address
  • Personal telephone # (e.g. home, mobile)
  • Personal email address
  • Business email address, if identifiable (e.g. john.doe@provider.xyz)
  • Job title/function
  • Location data and online identifiers (e.g. IP/MAC addresses, weblogs, browser agents)
  • ID number
  • Social security number
  • Driver’s license #
  • Passport/Visa #
  • Birthdate/age
  • Gender
  • Source of wealth/funds
  • Bank account #
  • Bank statements
  • Call recordings
  • Payment history

How do we collect your information?

You directly provide us with most of the data we collect through the use of our online portals and application, by contacting us either via direct means by using the contact form on our website, or by submitting a Merchant or Partner application form via the following links:

https://truevo.com/start-your-truevo-application/
https://truevo.com/application/
https://signup.truevo.com/
https://truevo.com/partner/#partner-form
https://truevo.com/pos-partners/#partner-form

How do we use your information?

Information throughout the process of Merchant or Partner application and onboarding is used for the following processes:

  • Drawing up the Client Agreement and executing this Agreement by electronic/written signature.
  • Performance of all obligations undertaken by Truevo and arising from this Agreement and any subsequent addenda, including but not limited to disclosure of information to, and to the exchange thereof with, all Truevo employees and its subsidiaries, associates, agents, Visa and Mastercard, as well as any third party entitled to receive such information.
  • To comply with a legal or regulatory obligation. This will include maintaining records, compliance checks or screening and recording (e.g. anti-money laundering, financial and credit checks, fraud and crime prevention and detection, trade sanctions and embargo laws). This may include automated checks of personal data you provide about your identity against relevant databases and contacting you to confirm your identity or making records of our communications with you for compliance purposes.
  • Correspondence with the data subject in the performance of all obligations undertaken by Truevo and arising from this Agreement and any subsequent addenda.
  • Processing and retention of data subject ID documents and proof of address.
  • Monitoring, detection and prevention of criminal activity, such as money laundering and funding of terrorism which Truevo is legally bound to report
  • Processing for tax and financial reporting purposes.
  • Processing for the purpose of legal, judicial and regulatory obligations and/or disclosures.
  • Processing for support, research and development purposes by recording user actions on our website and online applications if you have given your explicit consent.
  • Processing for training and quality reasons.

How do we protect your personal data?

We use a range of physical, electronic and managerial measures to ensure that we keep your personal data secure, accurate and up to date. These measures include:

  • Education and training to relevant staff to ensure they are aware of our privacy obligations when handling personal data.
  • Administrative and technical controls to restrict access to personal data on a “need to know” basis.
  • Technological security measures, including firewalls, encryption and anti-virus software.
  • Physical security measures, such as staff security passes to access our premises.

Although we use appropriate security measures once we have received your personal data, the transmission of data over the internet (including by e-mail) is never completely secure.  We endeavour to protect personal data, but we cannot guarantee the security of data transmitted to us or by us.

Who do we share your information with?

We do not share your personal information with third parties unless we have a lawful basis for doing so. We rely on third-party service providers to perform a variety of services on our behalf, such as website hosting, electronic message delivery, data analytics, research, identity verification and screening. This may mean that we have to share your personal information with these third parties. When we share your personal information in this way, we put in place appropriate measures to make sure that our service providers keep your personal information secure.

From time to time, we may disclose personal information in response to a court order, subpoena, government investigation, or as otherwise required or permitted by law.

Other situations in which we may disclose your personal information to a third party, are:

  • to perform other services we request from service providers;
  • in the course of a sale or an acquisition of Truevo Payments Ltd;
  • where permitted by law, to protect and defend our rights and property; and
  • when required by law, and/or public authorities


We may also share aggregated information that cannot identify you for general business analysis, e.g. we may disclose the number of visitors to its websites or services.

Your personal information may be transferred to, stored, and processed in a country other than the one in which it was provided. When we do so, we transfer the information in compliance with applicable data protection laws. Where the transfer is to a country outside the EEA we use the European Commission’s approved Standard Contractual Clauses.

How long do we keep your information for?

We will hold your personal data in accordance with our Data Retention Policy. If the data types highlighted above are not covered by the Data Retention Policy, the criteria used for retention is that personal data will be held on our systems for the longest of the following periods:

  • as long as is necessary for the relevant activity or services;
  • any retention period that is required by law; or
  • the end of the period in which litigation or investigations might arise in respect of the services.

Your rights

You have various rights in relation to your personal data. In particular, you have a right to:

  • obtain confirmation that we are processing your personal data and request a copy of the personal data we hold about you;
  • ask that we update the personal data we hold about you, or correct such personal data that you think is incorrect or incomplete;
  • ask that we delete personal data that we hold about you, or restrict the way in which we use such personal data;
  • withdraw consent to our processing of your personal data (to the extent such processing is based on consent);
  • receive a copy of the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit such personal data to another party (to the extent the processing is based on consent or a contract); and
  • object to our processing of your personal data.

To exercise any of your rights, or if you have any other questions about our use of your personal data, please contact Truevo’s Data Protection Officer at privacy@truevo.com or write to us at the address below: Truevo Payments Ltd, The Watercourse, 3rd Floor, Triq L-Imdina, Zone 2 Central Business District, Birkirkara CBD2010, Malta

Complaints

If you are unhappy with the way we have handled your personal data or any privacy query or request that you have raised with us, you have a right to complain to the Office of the Information and Data Protection Commissioner. Find out how to send a complaint to the IDPC.

Changes to this privacy policy

We may modify or amend this privacy policy from time to time. To let you know when we make changes to this privacy policy, we will amend the revision date at the bottom of this page. The new modified or amended privacy policy will apply from the specified revision date. Therefore, we encourage you to periodically review this policy to be informed about how we are protecting your information.

This policy was last updated on 9th May 2022.