UPayCard is committed to respecting Your online privacy and recognizes Your need for appropriate protection and management of any personally identifiable information ("Personal Information") You share with us. Personal Information means any information that may be used to identify an individual, including, but not limited to, a first and last name, a home or other physical address and an email address or other contact information, whether at work or at home, credit card information, and Website usernames and passwords.
If You choose to provide UPayCard with Your Personal Information through its Website, or by facsimile, mail, or e-mail, UPayCard may transfer that Personal Information within UPayCard and transfer that Personal Information to UPayCard's Third Parties service providers, merchants with whom You have made transactions with for the purpose of assisting the merchant in resolving disputes across borders, and from Your country or jurisdiction to other countries or jurisdictions around the world.
UPayCard also collects government-issued identification numbers ("ID Numbers") to comply with existing Know Your Customer government regulations.
To protect Your privacy, UPayCard has adopted the following principles:
- Access / Accuracy
In this privacy statement, we describe how UPayCard, in its capacity as the data controller, collects, uses, shares, and keeps information about you in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (the General Data Protection Regulation). For the contact details of our Data Protection Officer, please see the “Query or Complaint” section.
From time to time, we may change this privacy statement. Depending on the nature of the change, we will inform you of any such change through our written communications with you or through our website, www.upaycard.com
- the application form for a card account and other documents you provide to us;
- when you request or utilise products, goods or services (e.g., use your card to make transactions with merchants, ATM operators, use concierge services or book travel);
- checks at credit reference agencies and fraud prevention agencies including personal and business records (if relevant) (for more information, please see the “Credit Reference Agencies and Fraud Prevention” section);
- you, through the way you communicate with us and use your account (e.g., telephone numbers provided during servicing calls);
- any research, surveys or competitions you enter or respond to or any marketing offers for which you register;
- third parties, such as in marketing lists which we lawfully obtain from Business Partners.
- deliver products and services, including to:
- process applications for our products, including making decisions about whether to approve your application;
- administer and manage your account, such as whether to approve individual transactions;
- communicate with you through email, SMS or any other electronic methods about your accounts, products, and services and to update you about new features and benefits attached to the products or services that you requested;
- service and manage any benefits and insurance programmes provided along with the products or services that you requested;
- answer questions submitted to us by you and respond to your requests;
- advertise and market products and services for UPayCard and our Business Partners, including to:
- present content that is personalised in accordance with your preferences;
- help determine whether you may be interested in new products or services;
- communicate promotions and offers to you (by mail, e-mail, telephone, SMS, via the internet or using other electronic means) in relation to products and services that may interest you or which are similar to your existing UPayCard products and services;
- improve our products and services and conduct research and analysis, including to:
- better understand our customers, their needs, preferences and behaviours;
- analyse whether our ads, promotions and offers are effective;
- conduct testing (to ensure security and when we update our systems), data processing, website administration and information technology system support and development;
- allow you to give feedback by rating and reviewing our products and services and those of our Business Partners;
- produce data analytics, statistical research, and reports on an aggregated basis;
- monitor and/or record your telephone calls with us or our Service Providers to ensure consistent servicing levels (including staff training) and account operations;
- manage fraud, operational and security risks (using automated processes and/or manual reviews) including to:
- review and approve individual transactions including those you make through digital channels;
- detect and prevent fraud or criminal activity;
- safeguard the security of your information;
- develop and refine our risk management policies, models and procedures for applications and customer accounts, relying upon information in your application or relating to your creditworthiness and account history (if applicable);
- comply with laws and regulations, including to establish, exercise or defend legal claims and assist in dispute resolution;
- process your application (or personalise your offers) for our products and services (using automated processes and/or manual reviews) including to:
- help us better understand your financial circumstances and behaviour so that we can make decisions about how we manage your existing accounts and what other products or services can be extended to you;
- inform our collection practices and share information with credit reference agencies and fraud- management agencies (for more information, please see the “Credit Reference Agencies and Fraud Prevention” section).
- credit reference agencies and similar institutions to report or ask about your financial circumstances, and to report debts you owe to us (for more information, please see the “Credit Reference Agencies and Fraud Prevention” section below);
- regulatory authorities, courts, and governmental agencies to comply with legal orders, legal or regulatory requirements, and law enforcement requests;
- collection agencies and external legal counsel to collect debts on your account;
- our Service Providers, regulatory authorities, law enforcement, governmental agencies and third parties such as your bank, building society or other payment card issuers;
- our Service Providers who perform services for us and help us manage your account and/or operate our business;
- Business Partners, including co-brand partners, to provide, deliver, offer, customise or develop products and services to you, either jointly or separately. We will not share your contact information with Business Partners for them to independently market their own products or services to you without your consent. However, we may send you offers on their behalf with your consent. Please note that if you take advantage of an offer provided by a Business Partner and become their customer, they may independently send communications to you. In this case, you will need to review their privacy statement and inform them separately if you wish to decline receiving future communications from them.
When you applyIf you are a director of a business, we will seek confirmation from CRAs that the residential address that you provide is the same as that shown on the restricted register of directors’ usual addresses at Companies House. CRAs will record information about your business and its proprietors and may create a record of the name and address of your business and its proprietors if there is not one already.
During the lifetime of your accountWe will continue to make searches at CRAs to assist in managing your account and this will include looking at the associated records of your financial associates. These searches will not be seen or used by other organisations to assess your ability to obtain credit. We will also carry out further credit checks whilst any money is owed by you on your account (including contacting your bank, building society or any referee approved by you).
We may tell CRAs the current balance on your account and we may tell them if you do not make payments when due. They will record this information on your personal and business credit files (as applicable) and it may be shared with other organisations for the purpose of assessing applications from you, and applications from any other party with a financial association with you, for credit or other facilities, for other risk management purposes and for preventing fraud and tracing debtors. Failure to make repayments may impair your credit rating. Records shared with CRAs remain on file for 6 years after they are closed whether settled by you or defaulted.
We will analyse your Personal Information to assist in managing your account and to prevent fraud or any other unlawful activity. We and other organisations may access and use your Personal Information to prevent fraud and money laundering.
We and other organisations may access and use from other countries the information recorded by FPAs.
For additional information about how CRAs gather and use your Personal Information, please review the Credit Reference Agency Information Notice (CRAIN) at www.callcredit.co.uk/crain. You are entitled to access your personal records held by credit and fraud prevention agencies. You can contact the CRAs currently operating in the UK; the information they hold may not be the same so it is worth contacting them all. They will charge you a small statutory fee.
- Call Credit, Consumer Services Team, PO Box 49, Leeds LS3 1WZ or call 0330 024 7574
- Equifax PLC, Credit File Advice Centre, PO Box 3001, Bradford BD1 5US or call 0800 014 2955 or log on to myequifax.co.uk
- Experian, Consumer Help Service, PO Box 8000, Nottingham NG80 7WF or call 0344 481 0800 or log on to experian.co.uk
Most browsers are initially set up to accept cookies. You can set Your browser to block cookies entirely, delete cookies when You leave the website, notify You when You receive a cookie giving You the chance to decide whether or not to accept it, or limit the subsequent retrieval of cookies by the website. In addition, there are number of privacy-enhancing tools and software that You may purchase that will enable You to identify and block cookies on a selective basis. Please note that for some websites that require an authorization, cookies are not optional. Users choosing not to accept cookies will probably not be able to access those websites where cookies are not optional.
Regardless of where we process your information, we will take appropriate steps to ensure the adequate level of protection for your information in other countries outside the UK or EEA including the USA, where data protection laws may not be as comprehensive as the UK or EEA.
When your Personal Information is no longer necessary for legal or regulatory needs, to administer your account or to deliver the products and services you have requested, we will take reasonable steps to securely destroy such information or permanently de-identify it.
- withdraw your consent for our use of your Personal Information at any time, where our processing is based on your consent;
- restrict and/or object to the use of your Personal Information;
- request a manual review of certain automated processing activities where your rights are affected;
- request a copy of your Personal Information we have about you.
If you want to exercise any of your rights or if you have any questions about how we process your Personal Information, you can contact firstname.lastname@example.org. You also have the right to contact the Information Commissioner directly at www.ico.org.uk.
Please be aware that if you choose not to receive such communications, certain offers attached to the products or services you have chosen could be affected.
We may contact you to ensure that the information we hold about your marketing preferences is up to date. Also, we will still communicate with you in connection with servicing your account, fulfilling your requests, or administering any promotion or program in which you have elected to participate.
Business Partners - third parties with whom we conduct business and have a contractual relationship, such as processors, suppliers, distribution partners, co-brand partners, insurance and travel service providers, and parties that accept branded cards for payments of goods/services purchased by you (i.e., merchants).
Personal Information – any information relating to an identified or identifiable natural person, such as name, addresses, telephone number, and email address and other information specific to that individual such as demographic details and transaction information.
Service Providers - any vendor, third party and/or company that provides services or performs business operations on our behalf, such as printing, mailing, and other communications services (email, direct mail, etc.), marketing, data processing and outsourced technology, servicing, collections, ad management, auditors, consultants and professional advisors.