VirtualCards Privacy Notice
Version 2, 8th February 2019
1.1. This privacy notice is an integral part of the VirtualCards Terms and Conditions and it applies to personal data collected or used by Virtual Cards S.R.L. (the Company) hereinafter referred to as the administrator of the site/ application. The personal data processing activities are carried out under the responsibility of the Virtual Cards S.R.L. Operator, headquartered in Bucharest, 3-5 Pierre de Coubertin Boulevard, Office Building, 3th floor, Room 3a, 2nd district, registered with the Virtual Cards Register under no. J40 / 1213/04.02.2019, having unique registration code 40553964, telephone 021 209 5679, Email: firstname.lastname@example.org.
1.2. We appreciate your interest in our company and services by accessing the website www.virtualcardsapp.com, the VirtualCards application, or the associated communication channels, including, but not limited to our social media pages and / or channels, and our blogs (collectively referred to as "VirtualCards Pages"). This privacy notice applies to all personal data that Virtual Cards S.R.L. collects when you interact with VirtualCards, such as when you visit our sites, when you use VirtualCards services, subscribe to newsletters, contact customer support, and interact with VirtualCards as a customer, vendor, or partner business, etc.
2. Why we ask you to share your personal data
2.1. We ask you to share personal data with us for purposes that include:.\
· Using VirtualCard services;
· Activating or registering certain products and services or improving functionality;
· Receiving information about the products, the offers and the services of the partner merchants;
· Participating in VirtualCards online communities, including our social media channels/ pages and blogs;
· Storing your preferences for future interactions and communications from VirtualCards;
· Helping us to develop products and services and create campaigns that are designed around you, optimize customer service, and improving continuously our websites;
· Helping us to improve our services and allowing the company to keep you informed or to involve you in testing new products and services;
· Managing relationships with partner customers;
· Facilitating access to information;
· Improving communication;
· Analyzing and understanding customer interactions;
· Implementing security programs;
· Helping VirtualCards participate in certification programs;
· Answering your questions or the resolution of your product and service requests as well as informing you about the status thereof.
We process your personal data only for those purposes that we have communicated with you. If we use it for other (closely related) purposes, additional data protection measures will be applied and it will be used only with your consent.
3. Different ways of collecting personal data
3.1. You can share your personal data with Virtual Cards S.R.L. through:
· Registering as VirtualCards user;
· Registering as merchant on VirtualCards Business Platform;
· Your communications with Virtual Cards S.R.L. This can be related to services and may include the contents of your questions to us or the requests that you addressed to us;
· Communicating with one of the representatives of the VirtualCards Customer Support Center via e-mail, phone or in writing;
· Occasionally by participating in a promotion, game or contest;
· Participating in a social media activity related to promoting VirtualCards, for example, by clicking the "Like" button or the "Share" button;
· Asking to receive on your mobile phone/ device;
· Subscribing to a VirtualCards newsletter;
· Sending feedback / reviews through the VirtualCards application or through the application stores;
· Connecting to social networks, for example, using your Facebook login to create or to access an account;
· When using VirtualCards services, you share usage data or location to receive offers from merchant shops in your immediate proximity;
· Cookies placed on your computer or mobile device when you access our sites.
4. Types of personal data we may collect
4.1. When you interact with VirtualCards, for example when registering to VirtualCards Business Platform, we ask you certain data such as:
· Company name;
· Contact person;
· Phone number;
This data is associated with a new merchant account and is used exclusively for the following purposes:
· Drafting service contracts;
· Drafting tax invoices and proforms;
· Providing information about the violation of law to legal authorities;
· Managing the relationship between users, developer, and partner merchants;
· Answering to requests providing support to the merchant.
4.2. For authentication in the VirtualCards application, we may request data such as:
· First name;
· Last name;
· E-mail address;
· GPS coordinates;
· Your social profile.
Each User, at his own option, provides some of his or her personal data to create a valid account and to benefit from the service provided by the Site / Application Administrator.
4.3. Also, depending on your choices about in-app loyalty cards, certain personal data may be shared with our partners where you hold or request a card directly via VirtualCards. When signing up for your account, you agree to the use of your personal information in order to be informed by e-mail or other forms of communication about the application's update, websites, new opportunities offered by merchants, and additional information in the interest of as well as newsletters with useful information.
4.4. In addition, we may collect personal data via cookies or similar techniques, including, but not limited to:
· Your IP address;
· Your cookie ID;
· Your web browser;
· Your location;
· The web pages you visit on our sites;
· Ads you've viewed or clicked on;
4.5. If you no longer want VirtualCards to use your personal data, you can let us know at any time by contacting us at email@example.com or you can modify or delete the data associated with your account directly in the application , on the "Account Data" section of the main menu or in the "Account Settings" section of the CMS for merchants.
5. Sharing your personal data with others
5.1. We may share your personal data with service providers, business partners and other third parties, in accordance with applicable law.
For example, VirtualCards may provide information about a product or may offer you a service in a common marketing effort with another company (business partner). The agreements with these business partners will limit the purposes for which your personal data can be used and disclosed, and will require your personal data to be adequately safeguarded. We will let you know that such a relationship exists and who these companies are prior to processing your data for such joint marketing efforts.
5.2. VirtualCards may disclose your data to other data management support partners and other parties that have a mandatory VirtualCard relationship to provide its services (e.g., e-mail marketing campaigns, push notifications, contracts).
5.3. Also, we will communicate your data to you (if you make a request for accessing the data). At the same time, starting with 25th May 2018, we may also communicate your data to another operator upon your request to guarantee the data portability right (to the extent we have the obligation and the data portability rules applicable under the General Data Protection Regulation starting with 25th May, 2018 and under the technological conditions at the time of your request). You can download your .csv data provided to a merchant via the card issuer form. This option is available for all the saved cards in the "More" section - "Personal data". If you no longer want your data to be accessible to a merchant, you will also have the "Delete Card" option in the "More" section.
5.4. VirtualCards will disclose personal data only in conformance with this privacy notice and/or when required by law.
6. Your rights
6.1. We want to know you better to serve you better. At the same time, we respect your choices on how to use personal data. Under the applicable law, you have the following rights: the right to be informed, the right of access, the right to rectification, the right to delete the data, the right to restrict the processing, the right to data portability, the right to oppose, the right not to be subjected to an automated decision-making process, including the creation of profiles, the right of opposition, the right to lodge a complaint with the supervisory authority, the right to appeal to the courts and to claim damages for violation of personal data protection rights.
· Once you have provided us with your personal information, you have permanent access to this information.
· You can request us free of charge at firstname.lastname@example.org access to personal data, the right to portability of your data or the rectification of data we hold about your person, as well as information about the types of processing performed. You can also personally change or delete the privacy settings of your VirtualCards account by signing in to your account and accessing your personal settings from the app's main menu or from the "Account settings" section of the CMS for merchants.
· You may at any time withdraw consent to the processing of your data for direct marketing, so that you will never be subject to an automated individual decision without your consent. You can always choose to unsubscribe / disable services using the permissions section of the application menu.
· You can contact the National Supervisory Authority for Personal Data Processing (www.dataprotection.ro) or the courts to verify that your rights are respected.
· According to the law, we have the obligation to reply, within one month, to your requests in writing. Thus, if you request us as above, we will return to you in writing using your contact details or those you expressly indicate in your request. If, depending on the complexity of the request, we cannot implement the requested measures within a period of less than one month, this period may be extended, according to the applicable legislation, for a maximum of two months. In this situation, you will receive information within one month of receipt of the request, of the reasons for the delay.
· For any request regarding the use of your personal information, you can contact us at:
Phone: 021 209 5679
Address: Bucharest, 3-5 Pierre de Coubertin Boulevard, Office Building, 6th floor, Room 6m and 6g, 2nd district
We encourage you to keep your personal settings and personal data complete and current.
6.2. Personal data can be transferred from your home country to other merchants in different locations around the world in order to keep you informed about products, services, or special offers that might be of interest to you. If local law requires it, we will ask for your prior consent to the transfer of personal data outside of your geographic region.
· To guarantee the portability of the data, you can download at any time your data provided to a merchant through the card issuance form. Download in .csv format from the "More" section - "Personal data". If you no longer want your data to be accessible to a merchant, you'll also have the "Delete Card" option in the "More" section.
6.3. Where required by local law, we will ask you to "adhere" or give your consent to the processing of your personal data. For example, we will send you newsletters only if you have subscribed to them.
6.4. Since VirtualCards allows you to save or generate loyalty cards from merchants, we may have provided your personal data beforehand through the application forms. The decision not to register now will not affect the personal data you have already provided to VirtualCards. Of course, you will always have the option of unsubscribing from any VirtualCards targeted communication or modifying your personal account information as described above.
6.5. Two-factor authentication is an additional level of security for merchant accounts. Such additional action is applied when the merchant accesses the platform on a device for the first time. To verify his/ her identity at login, next to the access password set up when creating the account, the platform requests the merchant 6-character alphanumeric verification code, received on the phone number indicated in the "Mobile Phone *" field in Account Settings. In situations where, but not limited to, the merchant does not have the phone ready to hand, no signal, no battery, etc., he/ she has the option to receive the verification code at the email address. The "I do not want sms, send code by email" option is available on the next page after the merchant has entered the e-mail address and password.
7. Criteria and period of data storage
7.1. The data associated with your account and other supply data through the application will remain in the possession of Virtual Cards S.R.L. only for the duration of the services provided by VirtualCards and strictly to comply with the legal requirements in force (eg archiving deadlines) and to protect the legal rights and interests of the Company. If you wish to waive your VirtualCards account, to the extent that data will no longer be required to comply with applicable legal requirements and to protect the Company's legal rights and interests, these will be deleted or anonymised. Anonymised data will be used strictly for subsequent statistical analyzes.
8.2. To manage your cookie preferences, you can always change the cookie settings in your browser settings. You can accept all or some of the cookies.
8.3. Below you can find more information on how you can change the cookie settings for the browser you are using:
9. Linking to other websites
9.1. During your online journey to VirtualCards websites, you may encounter links to other websites for your convenience and information. These websites can work independently from VirtualCards and may have their own privacy notice, statements, or policies. We encourage you to review them in order to understand how personal data may be processed in connection to those websites, as we are not responsible for the content of non-owned or non-managed sites by Virtual Cards S.R.L. or for the use or privacy practices of those sites.
10.1. VirtualCards may store your personal data in a cloud. This means that your personal data can be processed on behalf of Virtual Cards S.R.L. by a cloud service provider and can be stored in different locations around the world. Virtual Cards S.R.L. makes use of organizational and contractual measures to protect your personal data and to impose similar but in no way less restrictive requirements on our cloud services providers, including requirements that your personal data be processed exclusively for the purposes mentioned above.
11. How we protect your personal data
11.1. We assume and take seriously our responsibility to protect the personal data you entrust through the VirtualCards application to avoid loss, misuse or unauthorized access. Virtual Cards S.R.L. uses a variety of security technologies and organizational procedures to help protect your personal data. For example, we implement access commands, firewall and secure servers, and encrypt certain data types, such as financial information and other important information. In addition, we hold the ISO / IEC 27001: 2013 certification on security, confidentiality, integrity and availability of information. Through this certification, users are assured that VirtualCards applies best practices for planning, installing, configuring, using and maintaining information systems.
12. Special informations for parents
12.1. Although VirtualCards sites do not target children under the age of 16, the VirtualCards policy is to comply with laws when parental or legal guardian's permission is required before collecting, using or disclosing information about children.
12.2. VirtualCards strongly recommends that parents take an active role in supervising their children's online activities. If you think we have collected personal data from people under the age of 16, please contact us at email@example.com.
13. Changes to this privacy notice
13.1. The services that VirtualCards provides are always evolving and the form and nature of the services that VirtualCards provides may change from time to time without prior notice to you. For this reason, we reserve the right to change or add to this privacy notice from time to time and will post any material revisions on our websites.
13.2. We will post a prominent notice on our privacy notice page to notify you of any significant changes to this privacy notice, and will indicate at the top of the notice when it was most recently updated. We encourage you to check back often to review the latest version.
13.3. The new privacy notice will be effective upon posting. If you do not agree to the revised notice, you should alter your preferences, or consider stopping using the VirtualCards pages. By continuing to access or make use of our services after the changes become effective, you agree to be bound by the revised privacy notice.
14. How to contact us
Contact us at the e-mail address firstname.lastname@example.org
Phone number: 021 209 5679