Privacy Policy

1. INTRODUCTION

1.1. Daytona Capital Management Limited, a regulated financial institution, which also trades as Hello Paisa UK, its subsidiaries, sister-companies, parent company, related entities and/or divisions (we/us/our) having its registered offices at Office 02-107, 5 Merchant Square, London W2 1AY, England, United Kingdom. For the purpose of Data Protection Legislation (defined below), we are a data controller if you reside in a country where we provide our services and are a user of www.daytonacap.com and www.hellopaisa.co.uk (“our websites”) and/or of the Hello Paisa UK mobile application (“our app”).

1.2. Daytona Capital Management Limited is registered with the Information Commissioner’s Office with registration reference: ZA526445.

1.3. We take your right to privacy seriously, and keeping your personal data secure is one of our most important responsibilities. We comply with all legal obligations imposed on us to safeguard your personal data. We ask that you read this Privacy Policy (“policy’’) carefully as it is designated to inform you about how we intend to use and process your personal data and with whom we share your personal data.

1.4. We may sometimes refer to your information as “personal data”. We may also sometimes collectively refer to handling, collecting, protecting and storing your personal data as “processing’’ such personal data. Furthermore, the term “Data Protection Legislation” means the UK General Data Protection Regulation 2021 (“UK GDPR”), the UK Data Protection Act 2018 (“DPA”) and the European Union General Data Protection Regulation 2016/679 (“GDPR”); together with all other applicable legislation relating to privacy or data protection.

2. YOUR RIGHTS IN TERMS OF DATA PROTECTION LEGISLATION

2.1. As a data subject, you are entitled to the following rights:

2.1.1. To be informed about how we process your personal data;

2.1.2. To access your personal data;

2.1.3. To rectification of your personal data if any of your personal data, held by us, is inaccurate or incomplete;

2.1.4. To be forgotten – i.e. the right to ask us to delete any of your personal data. (We hold your personal data for a limited time. Should you wish for us to delete it sooner, you may contact us using the details listed herein);

2.1.5. To restrict (i.e. prevent) the processing of your personal data;

2.1.6. To data portability (i.e. obtaining a copy of your personal data to re-use with another service and or organization);

2.1.7. To notification in the event that there has been a data breach;

2.1.8. To object to us using your personal data for a particular purpose (i.e. if you believe that our legitimate interest might infringe upon your rights); and

2.1.9. Rights in respect of automated decision making and profiling. The right to not be subject to individual decisions made solely by automated means

2.2. There are certain exceptions where these rights may be superseded by laws and other requirements which may be applicable to regulated financial institutions.

2.3. If you have any cause for complaint about how we process your personal data you may contact us using the details provided herein. If we are unable to assist, you also have the right to lodge a complaint with the Information Commissioner’s Office.

2.4. For further information about your rights in terms of Data Protection Legislation, please contact the Information Commissioner’s Office.

3. WHAT PERSONAL DATA DO WE COLLECT

3.1.The personal data that we collect and/or hold will often come directly from you, this will include, but is in no way limited to, details such as your name, age, identity and/or passport number, customer number, email and/or physical address, telephone number, source of income, assets and liabilities, financial information such as banking details, account number, bank statements and your visit to our websites and/or our app.

3.2. For the purpose of money transfer, we also process personal data, as received from you, on other people (i.e. details of the recipient/s of your money transfers). By providing us with such data you confirm that you have obtained the necessary consent, if any, from such persons for the reasonable use of their data for such purpose, that you are otherwise permitted to give us this information on their behalf and that you ensure that such persons are aware of this policy and that the provisions of this policy are clearly communicated to them.

3.3. There is no obligation on you to provide us with your personal data. However, the decision not to provide us with your personal data may limit the products and/or services we are able to offer you.

4. WHY DO WE COLLECT AND/OR USE YOUR PERSONAL DATA

4.1. Our use of your personal data will always have a lawful basis, either because (i) it is necessary for us to carry out our obligations in performance of a contract entered into with you, (ii) you have consented to our use of your personal data (i.e. by subscribing to emails), and/or (iii) it falls within our legitimate interests.

4.2. Specifically, we may use your personal data for the following purposes:

4.2.1. To comply with our legal and regulatory requirements by conducting Know Your Customer (KYC) and Customer Due Diligence (CDD) checks. We use the services of reputable third parties namely GBG and Dow Jones which helps us to keep our services safe and secure;

4.2.2. To comply with our contractual obligations to you in respect of money transfers. We require personal data such as your bank account details and/or full names and addresses of both yourself and your recipient. Should we be unable to access such data we would be unable to transfer money on your behalf;

4.2.3. With your consent, to provide you with certain types of marketing communication that we believe will be relevant and/or of interest to you to help us provide you with a more personalized service which you shall be able to “opt-out” of our marketing at any time. We will not send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under Data Protection Legislation; and

4.2.4. To collect and analyse data such as our website and/or our app visit logs in order to improve the quality of our services.

4.3. Section 4.2.3 and 4.2.4 above fall under a legitimate interest in terms of Data Protection Legislation. A legitimate interest is a specific legal justification for the collection and processing of your personal data. It applies when we have reasonable grounds to collect and /or process your personal data to improve our services, as long as this does not infringe on your rights as listed in Section 2.1 above. Our legitimate interest may justify some examples of automated decision-making. One of those is our estimated transaction timing, which we use to determine the time in which the transfer will reach your recipient. You may object to us processing to us processing your personal data based on our legitimate interest at any time by contacting us at [email protected]

5. HOW DO WE COLLECT YOUR PERSONAL DATA

5.1. If you use our products and/or services you provide us with certain personal data including but not limited to your full name, address, and bank account number, as well as the full name and or/or where applicable other details of the recipient/s of the money transfer that you instruct us to carry out.

5.2. Your personal data may be provided to us when you complete forms and/or register on our website for us to contact you and/or you report a problem with our website and/or engage in our live chat service.

5.3. If you correspond with us via telephone and/or email your personal data may be collected.

5.4. Depending on the settings or the privacy policies for social media on your device, you might give us permission to access personal data from those accounts or services.

5.5. We may receive personal data about you from other sources, including but not limited to, publicly available databases, and combine this data with the personal data we already have . This helps us to update, expand and analyse our records and provide services that may be of interest to you.

5.6. Like most websites, we use “cookies’’ to help us improve our websites and the way you use it by helping our websites remember you. Cookies are small text files that websites transfer to your device. They improve website use and speed by automatically filling your name and address in text field. Please see our Cookies Policy for further information.

5.7. Each of your visits to our websites may automatically allow us to collect certain data such as browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. In addition, we may combine this automatically-collected log information with other information we collect about you.

5.8. When you download our app, in addition to the information mentioned above we:

5.8.1. Automatically collect information on the type of device you use, operating system version, and system and performance information. We may send you push notifications from time-to-time in order to update you about any events or promotions that we may be running. To ensure you receive proper notifications, we will need to collect certain information about your device such as operating system and user identification information. If you no longer wish to receive these types of communications, you may turn them off at the device level.;

5.8.2. May collect your location-based information for the purpose of locating a place that you may be searching for in your area. We will only share this information with our mapping provider for the sole purpose of providing you with

5.8.3. May use mobile analytics software to allow us to better understand the functionality of our mobile software on your device. This software may record information such as how often you use the app, the events that occur within it, aggregated usage, performance data and where the app was downloaded from. We do not link the information we store within the analytics software to any personal data you submit within the app.

5.9. As a data controller, we will never ask you to access our product and/or services and/or to update your account settings and/or personal information and/or pins and/or passwords via a link in an email or SMS.

6. WHO DO WE SHARE YOUR PERSONAL DATA WITH

6.1. In certain circumstances, we may be legally required to share certain data held by us, which may include your personal data, for example: (i) where we are involved in legal proceedings, (ii) where we are complying with legal obligations, a court order, or a government authority.

6.2. We may sometimes contract with third parties such as custodians to provide services to you on our behalf. These may include payment processing, order processing and fulfillment of your instructions in terms of money transfers. In some cases, the third parties may require access to some or all of your personal data. Where any of your personal data is required for such a purpose, we will take all reasonable steps to ensure that your personal data will be handled safely, securely and in accordance with your rights, our obligations and the obligations of the third party under the Data Protection Legislation.

6.3. We may compile statistics about the use of our website including data on traffic, usage patterns, user numbers, sales and other information. All such data will be anonymized and will not include any personally identifying data, or any anonymized data that can be combined with other data and used to identify you. We may from time to time share such data with third parties such as prospective investors, affiliates, partners, and advertisers. Data will only be shared and used within the bounds of the Data Protection Legislation.

6.4. The third-party data processors used by us and are located in the United Kingdom, however we may also sometimes use third party data processors that are located outside the European Economic Area (“EEA”). Where we transfer any personal data outside the EEA, we will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the United Kingdom and in accordance with Data Protection Legislation. Where we feel it is necessary or appropriate we may seek to rely on your consent as the legal basis for transferring your personal data to outside the EEA, however we do not generally do so, where we do, you may withdraw your consent at any time.

6.5. We will never sell your personal data to other organisations.

7. HOW WE PROTECT YOUR PERSONAL DATA

All personal data that you provide to us is encrypted on our secure servers. We restrict access of your personal data to our employees on a need-to-know basis. We ensure that there are appropriate technical, physical, electronic and administrative safeguards in place to protect your personal data from unauthorized access.

8. HOW YOU CAN CONTACT US

You can contact us on the following contact details:

e-mail: [email protected]