Last revision on 2023-11-24
I. GENERAL PROVISIONS
UAB SEVEN SEAS EUROPE, a private limited liability company incorporated under Lithuanian law, listed within Lithuanian Register of Legal Entities with the registration number of 304632897 (hereinafter the Company) is committed to protecting the privacy and security of the Client’s personal information. The Company wants to share how it treats personal information about the Client that the Company receives in connection with the Client’s use of the Company Platform (the “Platform”).
This policy, together with the General Terms and Conditions and any other ancillary agreements between the Client and the Company constitute an entire legal agreements the Client accepts and consents to when visiting our Platform and/or using our Services (as defined in the General Terms and Conditions) among other things consenting to our use of the Client’s personal information as set out in this Privacy Policy. Any definitions used within this Privacy Policy shall have the meaning as defined in the General Terms and Condition.
This policy sets out the basis on which any personal data the Company collects from the Client, or that the Client provides to the Company, will be processed by the Company. For legal purposes, the data controller is UAB SEVEN SEAS EUROPE, with registration number 304632897 and registered office at A. Goštauto street 40-1, LT-03163 Vilnius, Republic of Lithuania. Company for any Data Protection related issues may be contacted by email at: [email protected].
Although the Company operates internationally, it is organized under the laws of the Republic of Lithuania. The servers that host this Platform and any data collected from the Client are in Lithuania, and any personal details the Client provides to the Company will be processed by the Company in Lithuania. If the Company transfers personal data out of the European Economic Area, the Company shall ensure that it has in place measures which provide an adequate level of protection as required by applicable laws and regulations. All information that the Client provides to the Company is stored on its secure servers. Any payment transactions carried out by the Company or its chosen third-party provider of payment processing services will be encrypted. Where the Company has given the Client (or where the Client has chosen) a password that enables the Client to access certain parts of our Platform, the Client is responsible for keeping this password confidential. The Company asks Clients not to share the passwords with anyone. Unfortunately, the transmission of information via the internet is not completely secure. Although the Company does its best to protect Clients personal data, the Company cannot guarantee the complete security of it. When using any social/personal interaction features (if made available by the Company) Clients must ensure that they do not submit any personal data that they do not want to be seen, collected or used by others.
II. PURPOSES AND LEGAL BASES FOR PROCESSING CLIENT’S DATA
a. PURPOSES OF DATA PROCESSING
The Company processes personal data for the following main purposes:
- Provision of banking platform services and performance of contractual obligations – i.e., contract drafting and execution, authentication of clients’ identity, communication with clients and the provision of Company services;
- Implementation of money laundering prevention requirements – i.e., the Company collects and stores personal data relating to criminal convictions and offenses in order to comply with the legal requirements;
- Processing of enquiries, complaints and requests – i.e. to respond appropriately to any enquiry, request or complaint from a Client;
- To manage the Company's social networks (Facebook, Instagram);
- To improve the Website, ensure its performance, increase its security and adapt its content and format to the needs of users;
- To defend our rights (dispute resolution) – i.e. filing and pursuing claims, complaints or lawsuits, and cooperating with law enforcement regulatory authorities in accordance with the procedures and in the cases established by law.
b. LEGAL BASES FOR DATA PROCESSING
The Company processes personal data based on the following legal grounds:
- The data subject has given his or her factual consent (sent a request) to the processing of his or her personal data for one or more specified purposes (Article 6(1)(a) of the GDPR);
- The processing is necessary for the performance of a contract to which the data subject is a party or in order to take action at the request of the data subject prior to the conclusion of the contract (performance of a pre-contractual relationship) (Article 6(1)(b) of the GDPR);
- The Company has an obligation to comply with legal obligations (Article 6(1)(c) of the GDPR);
- The processing is necessary for the legitimate interests of the Data Controller or of a third party, unless such interests are overridden by the interests of the data subject or by the fundamental rights and freedoms of the data subject, which require the protection of personal data (Article 6(1)(f) of the GDPR).
III. INFORMATION COMPANY COLLECTS
a. INFORMATION THE CLIENT SUBMITS TO US
This is information the Client gives the Company about the Client by filling in forms on the Platform, or by communicating with the Company. It includes information the Client provide when the Client registers to use the Platform, open an account, enter into any transaction on the Platform (such as purchase of Electronic Money, Payment Transaction and/or Redemption transaction and others), when the Client report a problem with the Services, or the Platform.
If the Client contacts the Company, it will keep a record of that correspondence (if contacted via e-mail or any other means made available on the Platform).
The information the Client gives the Company may include: Client’s full name, Client’s billing address, date of birth, e-mail address, phone number or any other identifier for communication (like skype name, WeChat account identifier, etc.), details of Client’s bank account including the bank account number, IBAN, copies of identification documents (collected for the Know Client’s Customer purpose are defined in the General Terms and Conditions), copies of documents required to prove source of funds, personal description and photograph and any other information the Client provide us in order to prove Client’s eligibility to use our services.
b. INFORMATION THE COMPANY COLLECTS ABOUT THE CLIENT AND THE DEVICE
Each time the Client visits the Platform (and in some cases disregarding if the Client accesses the Client’s account on the Platform or not) Company will automatically collect the following information:
Technical information: the internet protocol (IP) address used to connect Client’s device to the Internet, Client’s login information, browser type and version, time zone setting, browser plug-in types and versions, operating system, and platform.
Information about Client’s visit: full uniform resource locators (URL), services the Client viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page;
Transaction details: date, time, amounts, currencies used, exchange rates, Recipient details and details about other third parties involved in transactions (senders and receivers of funds from Client’s Account).
Details of Client’s visits to the Platform: transaction details relating to Client’s use of Services, including who the Client has sent funds or electronic money to, foreign exchange transactions the Client has entered into, the time, date and location of the place the transaction was entered into.
c. INFORMATION COMPANY RECEIVES FROM OTHER SOURCES (THIRD PARTY INFORMATION)
The Company closely works with fraud prevention agencies and user third-party databases in order identify possibly fraudulent transactions as well as to identify our customers; sources of funds and complete any other compliance procedures as requested by laws and regulations. By agreeing to this Policy, the Client consent that the Company may carry out various searches and checks to identify all information required for regulatory purposes. For avoidance of doubt the Company clearly states that will receive information about the Client from third parties the Company uses to verify Client’s identity.
IV. RETENTION PERIODS FOR STORING PERSONAL DATA
Personal Data collected in accordance with the relevant purpose shall be stored for the following periods:
- For the purpose of providing banking platform services and performing contractual obligations – for as long as the services provided by the Company are used and shall be stored for another 10 years after the cessation of their use;
- For the implementation of money laundering prevention requirements – for 8 years from the date of termination of transactions or business relationships with the customer. Data retention period may be extended for up to 2 years upon a reasoned instruction of a competent authority;
- For processing enquiries, complaints and requests – for 3 years after the end of the examination of the enquiries, complaints and requests. Personal data may be retained for a longer period of time if it is necessary for the Company to defend itself against claims, demands or lawsuits brought against it;
- For managing Company's social networks (Facebook, Instagram) – for 10 years;
- For improving the website, ensuring its performance, increasing its security and adapting its content and format to the needs of users – For more information on retention periods, please refer to the Cookie Policy adopted by the Company: https://sevenseasfinance.com/cookie-policy;
- For defending our rights (dispute resolution) – as long as legal proceedings are ongoing and 10 years after the relevant dispute has been settled by non-judicial procedure or in court.
V. DATA SUBJECT’S RIGHTS
Each data subject, i.e., the person whose data is being processed in the Company's activities, has the following rights:
- Know (be informed) about the processing of their personal data (Articles 12 – 14 of the GDPR);
- To have access to their personal data (Article 15 of the GDPR);
- To request the rectification of inaccurate personal data relating to them (Article 16 of the GDPR);
- To request the erasure of personal data relating to you (“right to be forgotten”) (Article 17 of the GDPR), but the right to be forgotten must be based on at least one of the following grounds:
- the personal data are no longer necessary to achieve the purposes for which they were collected or otherwise processed;
- the data subject withdraws his/her consent for the processing of personal data on which the processing is based and there is no other basis for processing the personal data;
- the data subject does not consent to the processing in accordance with Article 21(1) of the GDPR and there are no overriding legitimate reasons for processing the personal data.
- To restrict processing personal data (Article 18 of the GDPR), but restriction of processing is only possible where:
- personal data is inaccurate;
- the processing of the personal data is unlawful, but the person does not consent to the erasure of the data;
- the controller no longer needs the personal data for the fulfilment of its purpose, but the data subject needs them to assert, exercise or defend legal claims;
- the person objects to the processing in accordance with Article 21(1) of the GDPR, where the legitimate interests of the controller do not override those of the data subject.
- To transfer your personal data where the processing is based on consent or contract and the processing is carried out by automated means (Article 20 of the GDPR);
- To object to the processing of personal data on grounds relating to the particular case, where the processing is carried out for the legitimate interests of the controller or of a third party, unless the controller demonstrates that the processing is carried out for compelling legitimate grounds which override data subject's interests, rights and freedoms, or for the establishment, exercise or defence of legal claims (Article 21 of the GDPR);
- File a complaint to the State Data Protection Inspectorate if a person believes that the Company is unlawfully processing his/her personal data or is not exercising his/her personal rights. The contact details of the State Data Protection Inspectorate are: L. Sapiegos g. 17, 10312 Vilnius, tel. (8 5) 271 2804, 279 1445, e-mail [email protected] .
Upon receiving a request concerning the exercise of the data subject's rights, the Company shall, no later than within 1 (one) month from the date of the request, respond and perform the actions specified in the request, or shall inform the data subject of the reasons for its refusal to perform them. If necessary, the time limit may be extended by a further 2 (two) months, depending on the complexity and number of requests. In this case, the Company shall inform the person of such extension and the reasons for it within 1 (one) month from the date of receipt of the request.
To protect Client’s security and privacy, Company will take reasonable steps to verify Client’s identity prior to making changes to Client’s personal information or fulfilling a request for access to that information.
If you have any other requests or questions regarding the exercise of your rights or the processing of your Personal Data, please contact the Company by email: [email protected].
VI. WHO DOES COMPANY SHARE INFORMATION WITH?
The Company will not disclose Client’s personal information to third parties except as set out in this Privacy Policy or if the Client has consented to such sharing. The Company may share personal information about the Client that the Client provided to the Company with trusted companies The Company has hired to provide services for it, such as fulfilling orders the Client may submit, or collecting and processing information on Company’s behalf.
These companies – vendors – are contractually bound to use personal information that the Company shares with them only to perform the services the Company has hired them to provide and to have appropriate technological and organizational measures including security in place to protect such personal information.
If the Client enables third party services to be directly integrated into Client’s account (for example Facebook Connect), the Client agrees that the Company may pass the Client’s account information to the providers of such services to enable them to provide the Client with the services which the Client has requested. The Company does not exercise any control over such service providers, such service providers process Client’s account information independently and in accordance with Client’s own privacy policies.
The Company may also share Client’s personal information if the business of the Company is transferred to another entity by way of merger, sale of the Company’s assets, or otherwise. If the Client consents, the Company may share Client’s information with related entities and selected third parties so that they may provide the Client with or contact the Client regarding information and materials that may be of interest the Client. Please refer to the section below on opting in and out.
The Company may share Client’s personal information with a third party if the Company is required to do so to comply with applicable law or a court order, or if it is reasonable to do so, to enforce the Company’s Terms and Conditions or to assist with a legitimate investigation (for example, in relation to suspected fraud or third-party intellectual property infringement). If required by law or regulation, the Company reserves the right to disclose such information without first obtaining Client’s consent
The Company may also share Client’s personal information with its partners in order to provide Clients the service they have requested. These may be the partners that assist the Company in payment transactions services such as SWIFT, TARGET2, Bacs, Faster Payments, or currency exchange services.
VII. COOKIES
The Company use cookies to distinguish the Client from other users of the Platform. This helps us to provide the Client with a good experience when the Client use the Platform and allows us to improve our services. For detailed information on the cookies the Company use and the purposes for which Company use them, see our cookie policy https://sevenseasfinance.com/cookie-policy
VIII. THE NON-PERSONAL AGGREGATE DATA COMPANY COLLECT
The Company may also collect and group demographic and preferences information, responses to surveys and other personal information that the sCompany collect from the Client into an aggregate, anonymous form for disclosure to our existing or potential business partners, affiliates, sponsors or other third parties. However, please be assured that this aggregate data will in no way identify the Client as an individual or any other visitors to the Platform.
The Company may collect general, non-personal, statistical information about the use of the Platform, such as how many visitors visit a specific page on the Platform, how long they stay on that page and which hyperlinks, if any, they “click” on. The Company collects this information using “cookies” and other tracking technologies.
The Company collects this information to determine which areas of the Platform are most popular and to enhance the Platform for visitors. As with other aggregated data, the Company may disclose such data to its existing or potential business partners, affiliates, sponsors or other third parties, but this aggregate data will in no way identify the Client as an individual or any other visitors to the Platform.
IX. LINKS TO OTHER PLATFORMS AND PLATFORM ACCOUNTS
For Client’s convenience, the Company’s Platform may from time to time include links to third-party Platforms whose information practices may be different than ours. Visitors should consult the other Platforms’ privacy policies, as the Company has no control over information that is submitted to, or collected by, these third parties.
Platform accounts are pages on certain websites operated by other companies (for example, the Company page on Facebook), where the Company content is provided. The Terms and Conditions, this Privacy Policy and other applicable rules published on this Platform are binding on and apply to the users and visitors of Platform accounts. Users and visitors should carefully read the terms and conditions and privacy policies of such websites, over which the Company has no control. Company has Platform Accounts on the following websites: Facebook, Google+, Twitter, Pinterest, YouTube, and other social networks.
X. SECURITY OF INFORMATION
The Company uses industry standard security measures to safeguard information concerning and submitted by the Client. The Company provides access to this data only to those persons who need it for the purposes described in this Privacy Policy. Despite the security measures employed by the Company, the Client should be aware that it is impossible to guarantee absolute security with respect to information sent through the Internet. In this regard, although the Company is committed to doing its absolute best to protect your Personal Data, The Company cannot guarantee the absolute security of the Personal Data transmitted through its website. By transmitting any information, you assume the risks associated with the transmission of that information and you can and should protect your Personal Data without unreasonable disclosing it and by taking all security measures yourself.
XI. CHANGES TO THE PRIVACY POLICY
The Platform and services may change from time to time. As a result, it may be necessary for the Company to make changes to this Privacy Policy from time to time. the Company reserves the right to update or modify this Privacy Policy at any time and from time to time without prior notice by updating the Company’s Platform.
The Company asks that the Client reviews the Privacy Policy periodically, and especially before the Client provides personal information. This Policy was last updated on the date indicated above. Client’s continued use of this Platform after any modification of this Privacy Policy shall constitute Client’s acceptance of the modified Privacy Policy.
If you have any questions, requests or complaints regarding the information contained in this Privacy Policy, please contact us at [email protected].