Privacy policy

Ria Financial Services Australia

Version 1.0 - June 2022

NO PART OF THESE GUIDELINES AND ITS CONTENTS MAY BE REPRODUCED IN ANY FORM, STORED IN ANY MANNER IN ANY SYSTEM, SENT, TRANSMITTED AND/OR DISTRIBUTED IN ANY FORM AND BY ANY MEANS WITHOUT THE PRIOR WRITTEN PERMISSION OF RIA FINANCIAL SERVICES AUSTRALIA PTY LTD

Amended record

Version Date Description of change Author

V 1.0

18.06.2022

This document replaces the previous Privacy Policy, formerly included in the Internal Compliance Manual Appendices v8.0 The new policy has been designed by the corporate Data Protection Officer, version April 2022 and adopted by RFSA in June 2022. The policy has been designed considering Australian regulations.

Nicholas Boetti

Yago Amat

V 1.1

17.10.2022

Modifications regarding the legal basis for marketing communications. General review

Nicholas Boetti

Yago Amat

Introduction

This data privacy notice (“Privacy Notice”) explains how we treat personal data (“Personal Data”). related to your use of our services, whether as a customer, a visitor and/or a user of our websites or mobile applications, or however you might otherwise interact with us. In this Privacy Notice, we also describe whether your Personal Data is shared with other parties and the privacy policies we have in place to protect your data.

We encourage you to review and check the Website / App regularly for any updates to this Privacy Notice. We will publish the updated version on the Website / App and by continuing to deal with us, you accept this Privacy Notice as it applies from time to time.

Who are we?

We are RIA, part of Euronet group of companies. You can find all our contact details here.

What type of data is collected?

We collect only the data we need to by law and local regulation. This includes:

  • Identification data
  • Financial data
  • Behavioral data

Why do we collect data?

We collect Personal Data for specific contractual and legal purposes. Your Personal Data may also be used for marketing purposes.

How long does Ria collect data for?

We will keep personal data only for as long as needed, as required by law and/or local regulation. Occasionally, legal requirements may translate into a longer retention period, but will be deleted once the requirements are fulfilled.

With whom do we share customer data?

We share customer Personal Data with other Euronet Group companies, legal authorities, and partners to meet our regulatory and contractual commitments.

Where does RIA keep your personal data?

We store customer Personal Data in secure locations with strict security measures in place. If we need to transfer customer Personal Data to other countries, we will take all necessary measures to comply with legal obligations and ensure a proper level of security.

What Personal Data we collect, how we collect it and why?

Identification data

This may include name, title, residential and/or business address, email, telephone and/or fax numbers and other contact data, date of birth, gender, images, signature, passport/visa details, voice recording and official credentials. We will only use strictly necessary identification data for the described purposes.

The reason to process your Personal Data Legal basis for using your Personal Data

Supply of Services.

Contractual obligation

Market research & consumer feedback: Any information that our customers voluntarily share with us about their experience of using our products and services.

Consent

Legitimate interest

Customer service: We will monitor and record (via automated means or transcripts) our telephone calls, emails, and chat conversations with our customers. We will use transcripts of these calls to confirm instructions you provide us.

Contractual obligation

Legitimate interest

Managing our customers’ accounts (registration and administration)

Pre-contractual/Contractual obligation

Requesting access to tools and information: Our customers may wish to have access to certain tools and information made available on the App, before or after deciding that they would like to register to use our services, including our foreign exchange and payment service.

Pre-contractual/Contractual obligation

Profiling: We use all our customer data to measure and evaluate personal habits based solely on automated processing in order to provide customers with a more personalized service.

Consent

Photographs or videos that our customers may have recorded and shared with us.

Consent

Participation in events and giveaway: Our customers may wish to take part in events organized by us or in a specific giveaway.

Consent

Contractual obligation

Correspondence including e-mails, faxes, and any kind of electronic communication, together with any records of their account. We also keep customer service letters and other communications between us and any Euronet Group company as well as our partners and suppliers

Legitimate interest

Contractual obligation

Credit worthiness check. We will use your identification data and economic data you have provided us to do a credit worthiness check in order to provide you with our services/products according to your economical capacity.

Legitimate interest

Financial details

We collect your personal financial data when you register as a customer. We collect financial data such as bank accounts, financial statements, transfer reason, occupation, or other documentation to demonstrate the source of funds you wish to transfer (this is similar to salary slips), in order to provide you with our services.

The reason to process your Personal Data Legal basis for using your Personal Data

Supply of Services

Contractual obligation

Anti-Money laundering

Legal obligation

Anti-Terrorist Financing and Criminal activity

Legal obligation

Managing your account

Contractual obligation

Legal profiling for credit reports

Legitimate interest

Behavioral and technical information

IP address of visitors, behavioral information (to understand the way you behave while using our products and services), browser type and version, time zone setting, screen resolution settings, browser plug-in types and versions, operating system, and platform. Visit our cookie policy here

The reason to process your Personal Data Legal basis for using your Personal Data

To measure the use of our website and services, including number of visits, average time spent on a website, App, pages viewed, page interaction data (such as scrolling, clicks, and mouse-hovers), etc., and to improve the content we offer to our customers.

Legitimate Interest

To administer the website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.

Consent

Legitimate Interest

As part of our efforts to keep the website safe and secure.

Consent

Legitimate Interest

To measure the impact of our emails.

Consent

Anonymous Profiling: We may combine collected data to enhance the customer experience for better use of our services.

Legitimate interest

Location

We may collect information about your location when you use our services.

The reason to process your Personal Data Legal basis for using your Personal Data

To provide our customers with a tailored experience on the App related to their location, such as displaying the local currency in the relevant location.

Consent

Legal obligation

Video surveillance

Image, video, and voice recording.

The reason to process your Personal Data Legal basis for using your Personal Data

We may use CCTV to ensure customer safety in our stores or offices.

Public interest

Legitimate interest

Biometrics data

Image, video record, and face scan. If we ever process any additional biometric data, you will be previously informed and under no circumstances we will process such Personal Data without your previous consent.

The reason to process your Personal Data Legal basis for using your Personal Data

To verify your identification during the registration process in our App and website, or at any time during the use of our services.

Consent

Transactional data

We collect personal data like the beneficiary details, bank account information, contact information, the destination where you are sending money and bank preferences. Depending on the local regulation, we collect details such as occupation, relationship with the beneficiary, transfer reason and additional documentation to demonstrate the source of funds.

The reason to process your Personal Data Legal basis for using your Personal Data

To place a transaction

Contractual obligation

To provide compliance information when placing a transaction

Legal obligation

Sensitive Personal Data

We may collect and process sensitive personal data (or other “special categories of personal data”), such as data concerning your physical or mental health or condition, in order to meet applicable legal or regulatory obligations.

The reason to process your Personal Data Legal basis for using your Personal Data

To fulfill legal and compliance obligations

Legal obligation

For reasons of public interest for the safeguard of your economic interest

Non-identifiable data

Whenever possible, we use data where you cannot be directly identified (such as anonymous demographic and usage data) rather than Personal Data. This non-identifiable data may be used to improve our internal processes or delivery of services, without further notice to you.

We may use aggregate data for a variety of purposes, including but not limited to evaluation and improvement of the services and analyze traffic to our services.

2. Accuracy of your Personal Data

We are committed to have your Personal Data accurate and up to date. For that, we take reasonable steps to ensure the accuracy of your Personal Data, by ensuring that the latest Personal Data we have received is accurately recorded and when considered necessary, run periodic checks in order to keep updated all your Personal Data.

If you notice that your Personal Data is not accurate, you can exercise your right to rectification by sending an email to dpo@euronetworldwide.com

3. e-KYC

In order to use our Services, you need to be registered. The method used for the registration is an e-KYC (electronic Know You Customer)

As expressed in section 1, we may use biometric data (when legally permitted) to identify you and validate any documentation you may have uploaded in our system to create your account. We also use this system in order to comply with all our legal obligations.

If you want to register but do not want to use the e-KYC solution, you may reach our customer care so they can support your onboarding.

4. Legitimate interest

When we use customer Personal Data to pursue our legitimate interests, we will make every effort to match our interests with yours so that your Personal Data will only be used as permitted by relevant law, or when it will not adversely affect your rights. Upon request, customers may request information on any processing based on legitimate interest.

5. How long does RIA keep Personal Data?

Personal data is used for a variety of purposes and is governed by a variety of rules and regulations. It is kept for as long as it is necessary to provide customers with the services they have requested and to comply with applicable legal, accounting, or reporting obligations. For example:

  • Legal and Regulatory Requirements: Your Personal Data il kept as long as necessary to comply with all our legal obligations.
  • Customer Service (administration of customer relationship, complaint handling, etc.): We will keep your Personal Data as long as you remain our customer.
  • Marketing: we will process your Personal Data for marketing purposes as long as you haven’t asked us to opt-out, according to section 8 of this privacy notice.
  • Contractual obligation: We will keep Personal Data for the duration of the contractual agreement. Customers can contact our Euronet Group Data Protection Officer to obtain a copy of our Retention Policy, which may vary according to the applicable law, and the specific business necessity depending on the country.

6. Does RIA share my Personal Data with other parties?

Euronet Group

We share customer’s personal data with Euronet and Euronet Group affiliates for compliance with group obligations.

As a result of a sale, acquisition, merger, or reorganization involving Euronet, a company within the Euronet Group, or any of their respective assets, we may transfer customer Personal Data to a third party. In doing so, we will take reasonable steps to ensure that their information is adequately protected.

Legal obligation

Contractual obligation

Third party service providers

Third-party service providers to manage, enable or facilitate certain aspects of the services

Compliance verification (e-KYC) and fraud prevention service providers

Legal obligation

Communications, infrastructure, and fulfillment providers including services and systems to enable the processing of the transactions

To maintain the required level of performance in our services (maintenance, security, and support)

Contractual obligation

For data Analysis for marketing, operational improvement and enhancement of our compliance and antifraud systems

Legitimate interest

Legal obligation

To personalize the placed advertisement in digital services and adapt to consumer preferences

Consent

Legal and Regulatory Authorities

We need to disclose your personal data to the authorities. We also disclose Personal Data to the authorities when disclosure is necessary to identify, contact, or bring legal action against someone who may be causing injury or interfering with the rights or property of RIA, the service, or yours.

Legal obligation

Strategic Partners

We will share your Personal Data when required by law with strategic partners so we are able to provide you with our Service.

Legitimate interest

For the purpose of verifying your identity via the Identity Matching Services provided by the Document Verification Service (DVS). For additional information on the processing of your Personal Data by DVS, you can visit DVS’s website at https://www.idmatch.gov.au/

Legitimate obligation

Consent

Professional Partners

We will share your Personal Data with advisers, lawyers, consultants, auditors, marketing services or accountants in order to comply with our legal obligations and to provide our Service according to your expectations and our contractual obligations and best practices.

Legitimate interest

7. Minors

We do not provide services directly to children under 18 or proactively collect their personal information. If you are under 18, please do not use the Sites or Offerings or share personal data with us. If you learn that anyone younger than 18 has unlawfully provided us personal data, please contact us at dpo@euronetworldwide.com.

8. Data Security

We are committed to protecting customer Personal Data and have put in place commercially reasonable and appropriate safeguards to prevent any loss, abuse, and alteration of the information you have entrusted us. At RIA, we will always strive to ensure your Personal Data is well protected, in accordance with international best practices. We maintain this commitment to data security by implementing appropriate physical, electronic and managerial measures to safeguard and secure your personal information.

To safeguard our systems from illegal access we use secure, sophisticated cutting-edge physical and organizational security measures which are continually enhanced to ensure the highest level of security in accordance with international best practices and cost efficiency according to the processed personal data. All Personal Data is kept in a secure location protected by firewalls and other sophisticated security mechanisms with limited administrative access.

Personnel who have access to your data as well as how they are processed are contractually bound to keep your data private and adhere to the privacy policy we have implemented in our organization.

While we aim to achieve the highest standard of data protection by adopting industry-standard measures to protect your privacy, no security system is completely flawless or impenetrable. As a result, we cannot (and do not) guarantee that Personal Data is completely secure.

9. Profiling and automated decision-making.

With expressly authorized approval, we provide you with tailored information and advice regarding our products and services. We undertake data analysis using third parties, in order to target appropriate communications and advertisements to you, including invitations to exclusive client events that we think you may be interested in as well as recommending products and services that we think might be suitable for you.

In some cases, we use automated decision-making and profiling, if it is authorized by legislation, and necessary for the performance of a contract. For example, the automated authorization for remittance services. The legal basis to proceed with the profiling and the automated decision-making is legitimate interest.

We also make automated decisions in such processes as transaction monitoring to counter fraud in compliance with the legal requirements related to prevention of money laundering terrorist financing and financial services. You have a right to request not to be subject to a fully automated decision-making, including profiling, if such decision-making has legal effects or similarly significantly affects you. This right does not apply if the decision-making is necessary in order to enter into or to perform an agreement with you if the decision-making is permitted under applicable data protection laws or we have received your explicit consent.

10. Marketing and Advertising

10.1 Advertising

Third-party advertisers provide advertisements that display on our website, our App, or elsewhere in our services. Third-party advertisers don't have access to any of the information our customers have given us directly. Typically, advertisers rely on cookies or some other web/app-based mechanism to assess which advertisements are apt to be interesting to you. We do not place “Targeting Cookies” or enable “Targeting” and “Location” on your system without your consent. If you have provided your consent by accepting Targeting Cookies on the Website or enabled Targeting on the App, we may use third parties to do so (remarketing and Similar Audience features). You can modify your cookies settings.

Third parties are not bound by our Privacy Notice. To understand the privacy policy of their notices, you should visit their website. You can find all the third parties that may use Cookies for targeting in our Cookie Policy.

10.2 Marketing communications

It can happen that, from time to time, we will process your Personal Data for marketing purposes, by sending you via e-email information about products, rates and services that we think may be of your interest. Such communication may include, among other, information about incoming promotions, raffles and any other information regarding the Service you have previously used from us.

For marketing purposes, the only Personal Data we will process if your identification data, including, but not limited, to your name and surname, email address and transaction history. You will be given the opportunity to unsubscribe at any moment from the marketing communication list by sending and email to dpo@euronetworldwide.com or by clicking on the unsubscribe bottom you will find in all our marketing communications emails.

Unless you have expressly accepted to, the information we will send you will only be information regarding Ria. We will not share or sell your Personal Data to any other entity for marketing purposes, nor you will receive any marketing communication from other entities of the group.

11. Email Assessment

We may use pixels in our marketing emails to tell us whether, and how many times, our emails are opened and to verify any clicks through to links or advertisements within the email. Uses of this information may include:

  • Learning which of our emails users found more interesting.
  • Determining users’ activity and engagement with our products and services.
  • Informing our advertisers (in aggregate) how many users have clicked on the adverts.
  • Which region our audience is located in.

12. What are my rights?

Customers may seek to access, update, modify or erase their Personal Data. Depending on your country, you might have different rights. However, regardless of your country, you can exercise at any time the following:

  • Request access to any Personal Data (“Subject Access Request”). While exercising your access right, you can ask us about all the Personal Data we hold about you, the processing activities we carry on with your Personal Data, the recipients of your Personal Data, the different categories of Personal Data, how long we process your Personal Data, and the existence of any automated decision regarding your Personal Data.
  • Request correction of any inaccurate Personal Data we might hold about you. If you have changed your email address, or you see there is a misspelling error on any of your Personal Data, you can exercise your right of modification.
  • Request to delete any Personal Data we hold about you. If you no longer want to receive any news from us, or you do not want to keep using any of our services, you can ask us to delete any Personal Data we hold about you. Please note, we might hold on to your Personal Data to fulfill any of our legal obligations. However, your Personal Data will not be used for any other purposes.

Customers also have the right to file a complaint with a competent data protection Authority or the courts if you feel we have failed to comply with our duties under this Privacy Notice or the applicable law. We encourage customers to notify us of any complaints that they may have, even if it is not required, and we will respond in accordance with our Complaints Procedure.

We will respond to your request as soon as possible and always within the timeframe stated in the applicable law.

For applicable rights, and to determine the exact amount of time we must respond to your request, please refer to the specific residents´ section below.

To exercise any of your rights, you must send an email to dpo@euronetworldwide.com. To help protect your privacy and maintain security we will take steps to verify your identity and/or may ask you to provide other details before granting you access or modifying any Personal Data. When required, if we don’t have a copy of your ID or any legal valid document that proves your identity, we will not be able to answer your request.

13. Privacy complaints procedure

Customers have the right to file a complaint with a data protection Authority or the courts if they believe we have failed to comply with our obligations under this Privacy Notice or the applicable law:

RIA reserves the right to amend this Privacy Notice at any time and will place notice of such amendments on RIA’s website or via any other mode RIA finds suitable.

14. Notice to California residents

This additional disclosure is intended to meet the requirements of the California Consumer Privacy Act ("CCPA”) and is to be read in conjunction with the Privacy Notice.

Customers who live in California will have the right to:

  • request and receive disclosure of our personal information collection practices during the prior 12 months, including the categories of personal information we collect, the categories of sources of such information, our business purpose for collecting or sharing such information, and the categories of third parties with whom we share such information.
  • request and receive a copy of the personal information we have collected about them during the prior 12 months.
  • request and receive disclosure of our information sharing practices during the prior 12 months, including a list of the categories of personal information sold with the category of third-party recipients and a list of the categories of personal information that we disclosed for a business purpose.
  • request that we not sell personal information about them (we do not sell your personal information) and;
  • request that we delete (and direct our service providers to delete) their personal information subject to certain exceptions.

For purposes of the CCPA personal information means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household.

In order to make a request for disclosure, California residents may contact us by:

  1. Toll-free telephone: 1-877-932-6640
  2. Email: dpo@euronetworldwide.com

We may request that you submit a signed statement under penalty of perjury that you are the individual you claim to be. We will acknowledge receipt of your request within ten (10) days and will endeavor to respond within forty-five (45) days of receipt of your request, but if we require more time (up to an additional forty-five days) we will notify you of our need for additional time. We cannot respond to your request or provide you with personal information if we cannot verify your identity and confirm that the personal information relates to you.

You may make a request for disclosure of our information collection practices, the information we collected about you, or our sharing practices up to twice within a 12-month period.

For requests for a copy of the personal information we have collected during the 12 months prior to your request we will endeavor to provide the information in a format that is readily useable, including by mailing you a paper copy or providing an electronic copy to your registered account, if you have registered an account with us.

For requests for deletion of your information California law permits us to retain certain information and not to delete it under certain circumstances (i.e. information relating to a transaction, security incidents, fraud etc.). By way of example, we are not required to comply with a request to delete information if the information is necessary for us to complete a transaction for you or otherwise perform a contract; to detect, protect against, or prosecute security incidents, fraud or illegal activity; to use the information only internally in ways reasonably aligned with your expectations as our customer (such as maintaining sales records), and to comply with legal obligations. If we receive such a request from you, we will notify any service providers we have engaged to delete your information as well.

We will not discriminate against you as a result of your exercise of any of these rights.

We do not sell your information for monetary consideration, and we do not disclose your information for other valuable consideration. If, in the future, we enter into arrangements that fall within the definition of a “sale” under the CCPA, we will update this privacy policy and our compliance with the CCPA.

You may submit a request through someone holding a formal Power of Attorney. Otherwise, you may submit a request using an authorized agent only if (1) you provide the authorized agent with written permission to make a request and (2) you verify your own identity directly with us. We will require the agent to submit proof to us that they have been authorized to make requests on your behalf.

During the past 12 months, we have collected the following categories of information from the listed sources, used it for the listed business purposes and shared it with the listed categories of third parties. The categories of information include information we collect from our website visitors, registered users, employees, vendors, suppliers and any other person that interacts with us either online or offline. Not all information is collected about all individuals. For instance, we may collect different information from applicants for employment or from vendors or from customers.

Category of Information Collected Source Business Purposes for Use Categories of Third Parties Receiving Information

Identifiers (name, alias, postal address, email address, phone number, fax number, account name, Social Security number, driver's license number, passport number, unique personal identifier, IP address)

  • Individuals submitting information to us.
  • information we automatically collect from site visitors
  • information we may receive from third-party marketing and data partners.
  • Auditing relating to transactions;
  • security detection, protection and enforcement;
  • functionality debugging/error repair;
  • performing services for you;
  • internal research and development;
  • quality control;
  • ad customization
  • Service providers (such as payment processors, mail houses, marketing partners, shipping partners, employee benefits partners);
  • affiliated companies;
  • law enforcement;
  • strategically aligned businesses;

Sensitive Information (name with financial account, medical, health, and health insurance information, username and password)

  • Individuals submitting information;
  • Employment applications;
  • Employees.
  • Auditing relating to transactions;
  • security detection, protection and enforcement;
  • functionality debugging/error repair;
  • performing services for you;
  • internal research and development; quality control;
  • Service providers (such as payment processors, mail houses, marketing partners, shipping partners, employee benefits partners);
  • affiliated companies;
  • law enforcement;
  • strategically aligned businesses;

Commercial information (transaction history, products/services purchased, obtained or considered, product preference)

  • Individuals submitting information;
  • information we automatically collect from site visitors;
  • information we may receive from third-party marketing or data partners.
  • Auditing relating to transactions;
  • security detection, protection and enforcement;
  • functionality debugging/error repair;
  • performing services to you;
  • internal research and development;
  • quality control;
  • ad customization.
  • Service providers (such as payment processors, mail houses, marketing partners, shipping partners, employee benefits partners),
  • affiliated companies,
  • law enforcement,
  • strategically aligned businesses.

Electronic network activity (browsing or search history, website interactions, advertisement interactions)

Information automatically collected from site visitors.

  • Auditing relating to transactions;
  • security detection, protection and enforcement;
  • functionality debugging/error repair;
  • performing services for you; internal research and development;
  • quality control;
  • ad customization
  • Service providers (such as payment processors, mail houses, marketing partners, shipping partners, employee benefits partners);
  • affiliated companies; government regulators;
  • law enforcement;
  • strategically aligned businesses.

Audio, video or similar information (customer service calls, security monitoring)

  • Individuals submitting information;
  • information we collect for security purposes.
  • Auditing relating to transactions;
  • security detection, protection and enforcement;
  • functionality debugging/error repair;
  • performing services for you;
  • internal research and development;
  • quality control.
  • Service providers (such as payment processors, mail houses, marketing partners, shipping partners, employee benefits partners);
  • affiliated companies;
  • government regulators;
  • law enforcement;
  • strategically aligned businesses.

Geolocation

Information we automatically collect from site visitors

  • Auditing relating to transactions;
  • security detection, protection and enforcement;
  • functionality debugging/error repair;
  • performing services for you;
  • internal research and development;
  • quality control; and customization.
  • Service providers (such as payment processors, mail houses, marketing partners, shipping partners, employee benefits partners);
  • Affiliated companies;
  • Government regulators;
  • law enforcement;
  • strategically aligned businesses

Professional, educational or employment related information

  • Information submitted by individuals;
  • information received from third parties in connection with vendor or employment status or applications;
  • information we observe in connection with vendor or employment oversight.
  • Auditing relating to transactions;
  • security detection, protection and enforcement;
  • functionality debugging/error repair;
  • ad customization;
  • performing services for you;
  • internal research and development;
  • quality control;
  • ad customization.
  • Service providers (such as payment processors, mail houses, marketing partners, shipping partners, employee benefits partners);
  • affiliated companies;
  • government regulators;
  • law enforcement;
  • strategically aligned businesses;

Inference from the above (preferences, characteristics, behavior, attitudes, abilities, etc.)

Internal analytics

  • Auditing relating to transactions;
  • security detection, protection and enforcement;
  • functionality debugging/error repair;
  • ad customization;
  • performing services for you;
  • internal research and development;
  • quality control;
  • ad customization.
  • Service providers (such as payment processors, mail houses, marketing partners, shipping partners, employee benefits partners);
  • affiliated companies;
  • government regulators;
  • law enforcement;
  • strategically aligned businesses;

Biometrics

Not collected

Not collected

Not collected

Protected classification information (race, gender, ethnicity, religion)

Not collected

Not collected

Not collected

*More specifically, the business purposes include:

1. Performing services for you:

  • To administer or otherwise carry out our obligations in relation to any agreement to which we are a party;
  • To assist you in completing a transaction or order;
  • To allow tracking of shipments;
  • To prepare and process invoices;
  • To respond to queries or requests and to provide services and support;
  • To provide aftersales customer relationship management;
  • To create and manage our customer accounts;
  • To notify you about changes to our services and products;
  • To administer any promotion, contest, survey, or competition;
  • To provide you information regarding our products and services,
  • To offer our products and services to you in a personalized way, for example, we may provide suggestions based on your previous requests to enable you to identify suitable products and services more quickly.

2. Auditing relating to transactions, internal research and development:

  • To provide for internal business administration and operations, including troubleshooting, Site customization, enhancement or development, testing, research, administration and operation of our Sites and data analytics;
  • To create products or services that may meet your needs;
  • To measure performance of marketing initiatives, ads, and websites “powered by” another company on our behalf.

3. Security detection, protection and enforcement; functionality debugging, error repair:

  • As part of our efforts to keep our Sites safe and secure;
  • To ensure the security of your account and our business, preventing or detecting fraud, malicious activity or abuses of our Sites, for example, by requesting verification information in order to reset your account password (if applicable);
  • To ensure the physical security of our premises through the monitoring of surveillance images;
  • To resolve disputes, to protect the rights, safety and interests ourselves, our users or others, and to comply with our legal obligations.

4. Quality control:

  • To monitor quality control and ensure compliance with our legal obligations, codes and ordinances, policies and procedures, To develop and improve our products and services, for example, by reviewing visits to the Sites and various subpages, demand for specific products and services and user comments.
  • Contact for More Information – For questions or concerns about our Privacy Notice and practices, please contact us using the contact information provided in the “who are we” section of this Privacy Notice.

15. Notice to European (EEA) residents

In accordance with the General data protection Regulation (GDPR), all resident of the Economic European Area (EEA) may exercise the following rights:

  • The Right to Information
  • The Right of Access
  • The Right to Rectification
  • The Right to Erasure
  • The Right to Restriction of Processing
  • The Right to Data Portability
  • The Right to Object

The Right to Avoid Automated Decision-Making

To exercise any of the rights listed above, you shall comply with the obligations set in section 12 of this Privacy Notice.

From the day we receive your request, we will respond to you within a maximum time of 30 days, unless an extension is requested.

16. Notice for Argentinian residents

In accordance with the Law Ley de Protección de Datos Personales 25.326, you have the right to Access, Rectification, Update and Erasure. To exercise your Rights or your right to revoke or to make any doubt or complaint regarding the processing of your Personal Data you can contact us at dpo@euronetworldwide.com following the instruction set in Section 12.

You are hereby informed that there are options available for you to limit the way we use or disclose your personal information for specific treatment.

From the day we receive your request, we will respond you within a maximum time of 5 days (for requests of deleting and updating your Personal Data) or within a maximum time of 10 days (for the request of accessing your Personal Data).

17. Notice to Mexican residents

Ria México (term defined below), with domicile to hear and receive notifications for privacy and personal data protection purposes indicated in Section 22, and in compliance with the Ley Federal de Protección de Datos Personales en Posesión de los Particulares (the "Mexican Law"), its regulations, and Guidelines, makes available to its users or potential users in their capacity as data subjects, the present Privacy Notice, prior to the collection of Personal Data, in strict compliance with the principles of legality, consent, information, quality, purpose, loyalty, proportionality and responsibility required by the Mexican Law.

For the purpose of providing the services in its capacity as money transmitter in terms of Article 81-A Bis of Ley General de Organizaciones y Actividades Auxiliares del Crédito, Ria México will collect Personal Data, if applicable, in accordance with the legal bases mentioned in Section 1, and in connection with the following purposes:

a) Verify that the Personal Data contained in the voting credential submitted to Ria México matches those contained in the registry of the Instituto Nacional Electoral.

b) Verify that the CURP data provided to Ria México matches with the data registered in the Registro Nacional de Población.

Additionally, and when necessary, in order to comply with articles 4 and 4 Bis of the General Provisions referred to in article 95 bis of the Ley General de Organizaciones y Actividades Auxiliares del Crédito applicable to money transmitters referred to in article 81-A Bis of the same law (the "Provisions"), Ria México is legally obliged to obtain information about your geolocation as well as recordings of your voice and facial image in order to identify its users or potential users in a non face-to-face manner, and to obtain other relevant data that will be explained in detail in the specific form available in the application required by the Provisions. We will always process such information based on your consent.

You have the rights of Access, Rectification, Cancellation and Opposition to Processing (the "ARCO Rights"); similarly, you also have the right to limit or revoke at any time the consent granted for the processing of your Personal Data, to the extent permitted by law. To exercise any of your ARCO Rights, to revoke your consent, or to submit any questions or complaints about the processing of your Personal Data, you may contact us at: dpo@euronetworldwide.com following the instructions in section 12.

We will respond to you no later than 20 days from the date we receive your request, and it will be effective no later than 15 business days after we notify you our response.

18. Notice to Chilean residents

In accordance with the Law, you have the rights of Access, Rectification, Cancellation and Opposition to the Treatment (the "ARCO Rights"); likewise, with the right to revoke at any time the consent granted for the processing of your Personal Data to the extent that the Law allows it. To exercise your ARCO Rights or your right to revoke or to make any doubt or complaint regarding the processing of your Personal Data you can contact us at dpo@euronetworldwide.com following the instruction set in Section 12.

You are hereby informed that there are options available for you to limit the way we use or disclose your personal information for specific treatment.

From the day we receive your request, we will respond you within a maximum time of 2 days.

19. Notice to Malaysian residents

In accordance with the Personal Data Protection Act 2010 (the “PDPA”), customers may provide us with their Personal Data for any of the purposes establish in Section 2 of this Privacy Notice. If we were to process your Personal Data for any additional purpose, we will previously inform you or ask for your express consent.

At any time, you may exercise the rights set forth in Section 10. You may also withdraw your consent unless the processing activity is necessary to fulfil any legal obligation or to provide you with any of our services. You may also object to processing if you consider such processing activity may cause any damage or distress to yourself.

From the day we receive your request, we will respond to you within in a maximum time of 21 days.

In accordance with the terms of the PDPA, RIA has the right to charge a fee for the processing of any data access request.

20. Notice to New Zealand residents

To all resident in New Zealand, the rights you may exercise regarding the processing of your Personal Data, are the rights listed in Section 12. Please note that for the exercise of any of your rights, you need to follow the instruction set in the above-mentioned Section 12.

From the day we receive your request, we will respond you in a maximum time of 20 days.

21. Notice to Australian residents

To all residents in Australia, the rights you may exercise regarding the processing of your Personal Data, are the rights listed in Section 12. Please note that for the exercise of any of your rights, you need to follow the instruction set in the above-mentioned Section 12. You can also ask us to explain our data policies and practices according to the applicable law.

From the day we receive your request, we will respond to you within a maximum time of 30 days.

22. Notice to Indian residents

To all residents in India, the rights you may exercise regarding the processing of your Personal Data, are the rights listed in Section 12. Please note that for the exercise of any of your rights, you need to follow the instruction set in the above-mentioned Section 12.

In addition, you may exercise your right to data portability and the right to not be subjected to automated decision-making producing legal effects such as profiling, if such profiling is not necessary to provide you with any of our Services.

From the day we receive your request, we will respond to you within a maximum time of 30 days.

23. Our companies by service

The controller is RIA represented by the companies below, depending on country and service:

Country Company to contact (controller) Contact details

Australia

Ria Financial Services Australia Pty Ltd

1/73-75 Castlereagh St, Sydney NSW 2000

New Zealand

Ria Financial Services New Zealand Limited

Level 4, 32 Mahuhu Crescent, Auckland CBD, Auckland 1010, New Zealand

United Kingdom

Euronet Payment Services Ltd.

Part 7th Floor, North Block, 55 Baker Street, London, United Kingdom, W1U 7EU

Europe (Digital)

Ria Lithuania UAB

Upes g.22, Vilnius LT.08120

Europe (Agents)

Ria Payment Institution EP SAU

Calle Cantabria 2, Planta 2 Alcobendas 28120 Madrid España

Switzerland

Ria Financial Services GmbH

Place de Cornavin 14 – 16, Geneva - 1201 *** The registered company address is Langstrasse 192, 8005 Zürich

United States

Continental Exchange Solutions, Inc.

6565 Knott Ave, Buena Park, CA 90620, USA

Puerto Rico

Ria Financial Services Puerto Rico, Inc.

 c/o Fast Solutions, LLC, Citi Tower 252 Ponce de Leon Avenue, Floor 20 SAN JUAN, PR 00918

Canada

Ria Telecommunications of Canada Inc

1000, rue De La Gauchetière O (#2500)
Montréal (Québec) H3B 0A2

Mexico

Ria México Payment Solutions, S. de R.L. de C.V.

Av. Insurgentes Sur, 686-B Despacho 1003, Colonia del Valle, Alcaldía Benito Juárez, C.P. 03100, Ciudad de México, México

Chile

Ria Chile Servicios Financieros SPA

Región Metropolitana de Santiago, Santiago, Catedral 1401

Argentina

EURONET PAYMENT SERVICES LIMITED

Sucursal de sociedad extranjera

República Argentina: Santa Fe 1752, 1° piso, departamento A, Ciudad Autónoma de Buenos Aires.

Turkey

Ria Turkey Ödeme Kuruluşu A.Ş.

Şirket Merkezi: Büyükdere Cad. No: 193 Plaza 193 Kat:2 34394 Levent Şişli/İSTANBUL

MERSİS No: 0735085750500016

Country Company to contact (controller) Contact details

Australia

Ria Financial Services Australia Pty Ltd

1/73-75 Castlereagh St, Sydney NSW 2000

New Zealand

Ria Financial Services New Zealand Limited

Level 4, 32 Mahuhu Crescent, Auckland CBD, Auckland 1010, New Zealand

United Kingdom

Ria Lithuania UAB

Upes g.22, Vilnius LT.08120

Malaysia

IME M SDN BHD

Unit 38-02, Level 38, Q Sentral 2A, Jalan Stesen Sentral 2, 50470, Kuala Lumpur

Singapore

Ria Financial Services Singapore PTE. LTD.

152, Beach Road, #19-01/02, Gateway East, Singapore 189721

Philippines

Ria Money Transfer, INC.

38th Floor, Philamlife Tower, 8767 Paseo De Roxas, Makati City, Philippines

Ria Stores and Currency Exchange Services

Country Company to contact (controller) Contact details

Italy

Ria Italia S.r.l. unipersonale

Via Francesco Benaglia, n. 13 – Roma, 00153

Switzerland

Ria Financial Services GmbH

Place de Cornavin 14 – 16, Geneva - 1201 *** The registered company address is Langstrasse 192, 8005 Zürich

France

Ria France S.A.S

1 Rue du 19 Mars 1962, 92230 Gennevilliers, France

Belgium

Ria Envia Belgium SPRL

Rue Joseph II, 36-38 - 1000 Bruxelles

Germany

Ria Deutschland GmbH

Friedrichstr. 200 10117 Berlin

Sweden

Ria Financial Services Sweden AB

Armégatan 40, 5 tr 171 71 Solna

Norway

Ria Financial Services Norway AS

Skippergata 33, 0186 Oslo

Denmark

Ria Financial Services Denmark ApS

Nørre Voldgade 21, 1358 København K

You can always submit a request to our Data Protection Officer, by sending an email to the following address: dpo@euronetworldwide.com