2. Information about the Personal Data Controller and the Personal Data Protection Inspector
"Personal data controller" is the company that determines the purposes and means of processing personal data.
The controller of the personal data we process is BeFive FZE LLC registered under No. 4719 Bronze Package - A-28-01-01-11 - Flamingo Villas, Ajman
You can contact our Personal Data Protection Officer at: [email protected]
3. Your consent
4. What is "personal data"?
The General Data Protection Regulation (GDPR) (EU Regulation 2016/679) defines personal data as “any information relating to a data subject, i.e. an identified or identifiable natural person, i.e. a person who can be directly or indirectly identified, in in particular, by reference to an identifier, such as a name, an identification number, location data, an online identifier.” Simply put, personal data is any information about you that allows you to be identified.
The personal information we collect and use is listed in this Policy.
5. What personal data do we collect and process?
A. Information you provide:
- by filling out any form, including when registering to access our services, subscribing to our newsletter, or reporting problems to us;
- interacting with us in any way;
- requesting information about our products and services;
We collect the following information:
- Your name, surname, patronymic, address and date of birth;
- Your email address and device information;
- Your username, password and other registration information;
- details of your bank account, including account number, bank branch number, SWIFT code and international bank account number (IBAN);
- details of your Be5Club account, the debit card linked to it, as well as any other debit and credit cards that you register in our System, including the expiration dates of such cards and CVC codes (the last three digits of the number indicated on the back of the card);
- data and information obtained in the course of due diligence, including identification documents, copies of any other documents you provide in order to identify you, as well as any other information necessary for the provision of our services, your image in photo or video format ;
- financial information where applicable.
B. Information we receive from third parties
We may also obtain your personal information through third parties, including but not limited to the following information:
- information received by a company that is part of the BeFive FZE LLC Group of Companies;
- information received by the payment processor (for example, Visa, Mastercard, etc.), anti-fraud organizations, credit reference agencies, executive authorities and law enforcement agencies;
- information obtained from publicly available sources, such as company registers, websites designed for in-depth verification of counterparties;
- information from social networks.
B. Transaction Information
- Information about receipts and payments on your account, including information about the date, amount, currency, participants in the payment transaction, information about text messages sent and received with payments, information about merchants, payment methods used, technical usage data, and geolocation data.
D. Information from your device
When you use our site, we may collect the following technical information:
- name of your Internet service provider (IP address), network environment data, credentials, information about the type of browser and its settings, information about the time zone, device used, unique device identifier, information about the mobile network, mobile operating system and type of mobile browser , as well as information about the date, time, and duration of the session.
6. Legal bases for the use of your personal data
We process your personal data only if there are legal grounds to do so. The following legal grounds may exist for the processing of personal data:
- Contractual obligations
- legal obligation
- Legitimate interests
A) Contractual obligations
We will use your personal data to fulfill our obligations under the contract concluded with you.
We will use your personal data to verify and verify your identity in order to create and administer your account.
We will use your personal data to process transactions through your Be5Club account and/or card, as well as to fulfill your orders on your account.
We will provide you with important information about available products and services, as well as provide the necessary technical support and maintenance.
B) Legal obligation
We will use your information to comply with our legal obligations, to verify and verify your identity as part of our KYC (“customer identification, verification and investigation”) procedures, and to assist authorities as necessary in conducting investigations in accordance with the requirements of the current legislation. We may collect and retain your personal data for risk management purposes and to detect and prevent fraudulent and other illegal or prohibited activities.
C) Legitimate interests
We may monitor and record all communications sent to and received from you for record keeping purposes, to improve the quality of our services and products, and for educational purposes.
With your express consent, we may use your personal data to contact you via email to provide you with information about our products and services or for other commercial purposes. You may revoke such consent at any time.
7. Automated decision making
We do not use automated decision making in processes that may affect the services we provide to you. Checking your user profile for risk assessment or fraud prevention purposes is done manually.
9. Data security
We are committed to protecting your personal information. We take various measures to ensure the security of your personal information when you place an order or enter, submit or access your personal information.
We use data encryption methods and authentication procedures to prevent unauthorized access to our system and your data.
All confidential information provided is transmitted via the Secure Socket Layer (SSL) protocol.
Access rights to your data are granted only to those of our employees who need such access to perform their job duties. We regularly train our employees and tell them about the importance of maintaining the confidentiality and secrecy of personal data.
We are refining our security procedures to ensure that we comply with the most stringent industry-leading standards, thereby ensuring the highest level of protection for your personal data.
For your part, you can also follow a number of rules. Always use a strong password and do not use the same password for multiple accounts. Do not share your password with anyone. Our representatives never ask for user passwords, so you should be careful about all such requests and report them to us by contacting technical support.
10. Data storage
Your personal data will be retained by us for no longer than is necessary for the particular purpose or purposes for which it was collected, unless longer retention is required or permitted by law. As soon as your personal information is no longer needed, we will permanently delete it.
11. Disclosure of your personal data to third parties
When we provide services, we may need to transfer your personal data to third parties, in particular:
|To whom we may share your data||Why we share your data|
|Financial and banking institutions such as bank card issuers and bank card acquirers, payment networks including Visa and Mastercard||To complete payment transactions initiated by you using our network, your bank card and/or your bank account.|
|External analytics providers||To collect metrics and information about your use of the Service, including evaluating how Agents and End Users use the Service (“Usage Data”), to develop new features, improve existing features, or inform sales and marketing strategies based on our legitimate interest in improving the Services. During the processing of Usage Data, all personal information is anonymized.|
|Other business partners and vendors (including IT service providers, card manufacturers, delivery services, etc.)||For the performance of a contract we have entered into with them or with you.|
|Potential or existing sellers or buyers of the enterprise||In the event that we decide to sell or buy any business or assets, or in the event of an actual or potential merger or similar business combination, we may transfer your data to a new Personal Data Controller. The basis for such processing is a legitimate interest. In such cases, the transfer of personal data is required to complete the transaction.|
|Third parties, such as courts, law enforcement or government agencies, or authorized third parties where required by law, where such disclosure is reasonably necessary||
We may disclose your information to comply with our legal obligations, comply with requests related to criminal investigations, in connection with any alleged or suspected illegal activities, as well as any other actions in connection with which we or other users may be held legally responsible, and to enforce our business policies, safeguard and protect our rights and property, and the rights and property of third parties.
12. Cross-border data transfer
13. Links to Third Party Sites
14. Rights of the data subject
Under the General Data Protection Regulation, you have the right to control how your personal data is processed. You have the following rights:
The right to receive information. You have the right to receive information about the processing (collection and use) of your personal data.
Access right. You have the right to request confirmation as to whether we are processing personal data relating to you. You may also request information about how we collect, share and use your personal information.
Right to clarification. You have the right to check your personal data and correct outdated or inaccurate personal data.
Right to erasure (“right to be forgotten”). You have the right to require us to delete your personal data if there is no objective need to process such personal data for legitimate business purposes provided for in this Policy or applicable law.
Right to restriction of processing and right to object. You have the right to request that we restrict the processing of your personal data, to object to the processing of your personal data, and to object to the use of automated decision-making methods.
Right to data portability. Where technically possible, we will, at your request, provide you with your personal data or transfer it to another personal data controller in a structured, commonly used and machine-readable format.
Right to withdraw consent. Where we have specifically asked for your consent to process your personal data and we have no other legal basis for processing your personal data, you have the right to withdraw your consent at any time by changing the settings in your account or by sending a corresponding letter to the address , indicating which specific consent you are withdrawing. You may opt-out of receiving communications from us electronically by clicking on the "Unsubscribe" link included in every email we send to you.
The right to lodge a complaint with a supervisory authority. You have the right to lodge a complaint about the actions taken by the Controller regarding the processing of personal data with the supervisory authority of your location. The procedure for filing a complaint is described in detail in Section 13 of this Policy.
Reasonable access to your personal data will be granted within one month from the date of receipt of your request. If access cannot be granted within the above period, we will notify you of the exact date when the information will be provided.
You can use all the rights listed above by sending a corresponding message to [email protected]. Before disclosing any personal information to you, we may ask you to provide proof of your identity.
We may charge a fee for providing access to personal data to cover our own costs associated with providing you with information about the personal data we hold about you.
Please note that we will try to comply with any requests you make as part of the exercise of your rights, however, in some cases there may be legal or other grounds for which we cannot or are not required to comply with such a request. In this case, we will be forced to reject your request or fulfill it only partially.
15. Filing a complaint
In accordance with the General Data Protection Regulation, a data subject has the right to lodge a complaint with a supervisory authority in the Member State of his habitual residence, place of work or place of alleged infringement, if the data subject considers that the processing of personal data relating to him violates that Regulation.
If you are not satisfied with the answer received from Be5Club, you can file a complaint with the supervisory authority in your Member State of residence. You can find the relevant supervisory authority by clicking on the link below:
17. Contact person