Nec Money Transfer Limited

Privacy Policy

A privacy policy is a legal document that outlines how an organization collects, uses, processes, and protects the personal information of individuals. It serves as a transparency mechanism, helping users understand how their data will be handled. Privacy Policy This Policy was last updated on 13 November 2023.

About this policy

Terms like "we," "us," and "Nec Money" in this privacy statement refer to Nec Money Limited.

Nec Money Transfer Limited registered offices are located at:

- United Kingdom: 624A Romford Road, Manor Park, E12 5AQ London

For more information on the act, please visit:

Australia: http://www.comlaw.gov.au/Series/C2004A03712

United Kingdom: https://www.legislation.gov.uk/ukpga/2018/12/contents/enacted

This statement emphasizes the commitment to customer privacy and security, as well as the importance of understanding the information collected and how it is shared. Here's a breakdown of key points:

→ Commitment to Privacy and Security: The statement opens by expressing Nec Money's commitment to Protect customers' privacy and security. This is a common introductory statement to assure users of the organization's dedication to safeguarding their information.

→ Review of Privacy Document: Users are encouraged to review a specific document to gain a comprehensive understanding of what information Nec Money collects and how it is shared. This is a good practice to provide users with detailed information about data practices.

→ Scope of Personal Information: The term "Personal Information" is mentioned, with a note that its definition aligns with relevant acts in the user's region. This indicates an awareness of and compliance with local data protection laws.

→ Reading the Document in Its Entirety: Users are advised to read the document in its entirety. This is important because privacy policies often contain crucial information about data collection, processing, and user rights.

→ Collection of Information: Nec Money asserts that it collects information through lawful and fair means only. This emphasizes adherence to ethical and legal standards in gathering user data.

The statement opens by expressing Nec Money's commitment to protecting customers' privacy and security. This is a common introductory statement to assure users of the organization's dedication to safeguarding their information.

Users are encouraged to review a specific document to gain a comprehensive understanding of what information Nec Money collects and how it is shared. This is a good practice to provide users with detailed information about data practices.

1. Collects the following types of personal information:

Profile Information: This can include a range of details that help identify and characterize an individual. In this context, it includes:

→ Name: Your full name.

→ Date of Birth: Information about your birthdate.

→ Address: Your physical or mailing address.

→ Email Address: Your email for communication.

→ Phone Number: Contact number for communication purposes.

Information to Verify Address and Identity:

→ Passport Number: A unique identification number associated with your passport.

→ Driver's License Number: The identification number associated with your driver's Photo ID: An identification document containing a photo, such as a government-issued ID card.

→ Biometric Information: This may include fingerprints, facial recognition, or other biometric data.

→ Selfies/Photos for Identity Verification: Pictures provided by you for identity verification purposes.

→ Bank Statement: A document from your bank providing information about your account.

→ Utility Bill: A bill from a utility service (e.g., electricity, water) to verify your address.

Breakdown of the mentioned financial information:

→ Bank Account Name: The name associated with your bank account.

→ Bank Account Number: The unique identifier for your bank account.

→ Bank Account Balances: Information about the amount of money in your bank account.

→ Bank Transaction History: A record of transactions made through your bank account.

→ Pay Slips: Documents providing details about your salary or source of income.

Website and application analytics, such as your IP Address, browser type, mobile device identifiers, your activities on our website and applications

The statement you provided is a common clause found in privacy policies. It indicates that the organization, in this case, Nec Money, reserves the right to collect additional information not explicitly listed in the privacy policy under certain circumstances.

2. How do we collect this information?

Nec Money collects personal information. To elaborate further:

A. Direct User Input: Information that users voluntarily provide directly to Nec Money through various channels, such as the website, applications, email, phone calls, and chat.

B. Service Usage Data: Information generated or created as users interact with Nec Money's services. This includes transaction profiles and data on how users engage with the website and applications.

C. Transaction Information: Details obtained when users transfer funds to Nec Money, which may include bank account name and number.

D. Third-Party Integrations: Information gathered through third-party software integrations, such as biometric data used for address and identity verification.

E. Information from Third Parties: Nec Money lawfully obtains information from third-party sources, such as verification service providers and credit reference agencies.

F. Indirectly Obtained Information: Data indirectly collected from users, including details about the hardware and software used to access Nec Money's services, IP addresses, pages visited on the website, and information about other websites visited before accessing Nec Money (referring domain).

4. Why does Nec collect information?

Service Provision:

Nec Money collects personal data to facilitate the processing of transactions and to provide support for its services. This implies that the information gathered is crucial for the core functions of Nec Money, such as executing financial transactions and offering customer support. however, if you don't, or we can't otherwise collect your information, it may affect our ability to provide our Service to you.

Nec Money must comply with as a regulated financial services business. While the specific requirements can vary depending on the jurisdiction and the nature of financial services provided, here are common elements associated with Know Your Customer (KYC) and Customer Due Diligence (CDD) checks, as well as record-keeping obligations:

KYC Checks:

Verification of customer identity: Collecting and verifying information to confirm the identity of individuals or entities involved in financial transactions.

Customer identification procedures: Establishing processes to ensure the accurate identification of customers, which may include obtaining government-issued identification documents.

Beneficial ownership information: Identifying and verifying the ultimate beneficial owners of entities involved in financial transactions.

CDD Checks:

Risk assessment: Conducting risk assessments to understand the level of risk associated with each customer and transaction.

Ongoing monitoring: Continuously monitoring customer transactions and account activities to identify any unusual or suspicious behaviour.

Enhanced due diligence: Implementing additional due diligence measures for higher-risk customers, transactions, or business relationships.

Transaction Record-keeping:

Retention of transaction records: Keeping detailed records of financial transactions, including information about the parties involved, transaction amounts, dates, and nature of the transactions.

Duration of record retention: Adhering to specific timeframes for retaining transaction records, which may be dictated by regulatory requirements.

Compliance with Legal and Regulatory Requirements:

Adherence to applicable laws: Ensuring compliance with all relevant local and international laws and regulations related to financial services, including anti-money laundering (AML) and counter-terrorism financing (CTF) regulations.

Reporting obligations: Reporting suspicious transactions or activities to the appropriate regulatory authorities as required by law.

It's important for Nec Money to stay abreast of changes in the legal and regulatory landscape to ensure ongoing compliance with these obligations. The details of these requirements can vary, so it's recommended to consult with legal and regulatory experts familiar with the specific jurisdiction in which Nec Money operates.

The AML/CTF Act 2006 in Australia

The 2017 Money Laundering Regulations in the United Kingdom

For marketing and promotional purposes:

We may use the data you provide to deliver customised push alerts, emails, texts, advertisements, and other materials regarding our service or the services of our affiliates.

For advertising and marketing objectives:

To create, the right path, maintain, and enhance our services;

For any other reason that is made clear to you when we gathered your information.

5. How your personal information is processed by us

In order to fulfil our obligations under our relationship with you and to further our legitimate business interests, we use, process, and retain your information as needed. This includes:

→ adhering to any applicable legal and/or regulatory requirements.

→ to finish the Customer Due Diligence (CDD) and Know Your Customer (KYC) processes. We occasionally try to confirm your identification by using the services of Credit Reference Agencies (CRAs). These are not assessments of credit performance, and they have no bearing on your credit score.

The purpose of their involvement is to assist us in managing our website, software, and/or services, verifying user identity for security, offering customised features and access, handling transactions, carrying out researc creating new features, and enhancing the features, algorithms, and usability of our website, software, and/or services.

In order to keep in touch with you on how you utilise our website, software, services, and product announcements.

→ to ask for any extra paperwork needed to fulfil our regulatory requirements.

→ Attending to your help requests, such as offering support for account verification if you're experiencing trouble logging into your account.

6. Email correspondence

We only send promotional emails to people who have explicitly consented to receive them, who have been referred to us by one of our current clients, or who are still in contact with consumers who have registered to utilise our service.

You have complete control over the messages you get, and you can always opt out of marketing at any time by sending us an email at marketting@necmoney.com or by clicking the unsubscribe link in each email you receive that promotes something.

Important information, account-related alerts and reminders, and any legally mandated communications will still be sent to customers.

→ to send you exclusive offers and direct marketing mailings, from which you can unsubscribe at any moment. Please refer to section 6, "Email Communications," below for additional details.

→ to solicit your opinions or include you in any research we undertake

7. Where your personal data is kept by us

The information we get from you might be sent to and kept at a location outside of the nation in which you currently reside. It's possible that the legislation of these nations differ from your own. You can be sure that if we disclose personal information to a third party in another nation, contractual protections will be in place to guarantee that your information is protected to the necessary legal standard. Examples of these protections include a website with a secure and encrypted connection, a valid and trusted certificate, and the provision of secure resources.

8. How we give third parties access to information

Nec Money will never rent or sell the data we get to any parties so they may use it for marketing. We might disclose your information to our subsidiaries, business partners, and service providers, including:

→ Third parties that assist us in completing credit checks, completing identity verification, or completing payments;

→ Software-as-a-service providers that we use to deliver the Service (like our support messaging platform provider);

→ Providers of cloud storage;

→ Marketing partners;

→ Data analytics or research partners;

→ Third parties that assist us in improving the security and safety of the Service;

International regulators,

→ Third party providers (e.g., Google, Facebook, and programmatic display) for use in marketing; additionally

→ Our expert advisors, insurers, accountants, solicitors, and consultants.

→ We work with service providers who help us satisfy our demands for hosting, delivering, and enhancing our services, among other business processes. For certain services and tasks, such as analytics, email correspondence, and customer assistance, we also engage service providers. Only as necessary to carry out their responsibilities to us and in accordance with our instructions may these service providers access, handle, or retain Personal Data.

→ Your personal data may be included in the transferred assets in the event that we sell, buy out, merge, or acquire all of our assets. In the event that something like this happens, we will let you know by posting a notice on our website.

→ In response to a formal request, subpoena, court order, or other legal procedure, as well as in situations where we sincerely believe that disclosure is required to abide by the law, report suspected illegal activity, or look into possible violations of our User Agreement, we may disclose information to law enforcement and government officials. This is to fulfil our responsibilities under the applicable AML/CFT laws.

→ As would be necessary under any other applicable legislation.

It's common for websites to include links to external platforms such as TrustPilot, social media platforms like Facebook and Twitter, and app stores like Apple Store and Google Play. These links serve various purposes, such as providing additional information, customer reviews, or avenues for engagement and downloads. Standard disclaimer commonly found on websites that include links to external sites. Let's break down the key points:

Limited Control: Nec acknowledges that it cannot control the privacy practices or content of other websites linked from their site. This is a disclaimer indicating that once users leave the Nec website by clicking on external links, they are entering a different online environment that operates independently.

User Responsibility: Users are encouraged to take responsibility for their privacy by familiarizing themselves with the privacy practices of the external sites. This is a reminder to users that they should review the privacy policies and terms of use of each linked website independently.

Protection of Personal Information: The statement specifically advises users to be cautious about submitting personal information to these external sites. This emphasizes the importance of understanding how each external website handles user data before providing any personal information.

In essence, this disclaimer is designed to inform and empower users. It's a standard practice aimed at promoting transparency, user awareness, and responsible online behaviour. Users are encouraged to be proactive in understanding and assessing the privacy practices of the websites they visit through external links.

9. How long do we keep your personal data on file?

We shall keep your information on file for a minimum of ten years following the end of the income year to which the records pertain, in order to fulfil our numerous legal duties. This is for service delivery purposes or for other purposes specified in this policy.

If you decide to close your account, we won't retain your personal information any longer than is necessary to fulfil legal requirements, like adhering to anti-money laundering laws in our various regions.

10. How to update your settings and personal data

By signing into your account, you can find options to see, edit, or update the personal data that Nec Money has saved about you. If you are unable to change or alter your personal information, please email privacy@necmoney.com

To reduce the number of times we need to get in touch with you and make sure the right data is used to make a decision about you, Nec will take reasonable measures to guarantee that all the information we have on file is accurate, full, and up to date. But, please be aware that Nec bears no liability for information that is not updated on your account, and as such, it is recommended to all customers to regularly check.

11. Requesting personal data from you

At any moment, you have the right to request access to all personal data that Nec Money has on file. You must send an email or support request to Nec Money directly in order to accomplish this. Nec Money will make sure that, to the extent that you are entitled to such information, it is supplied in accordance with our legal duties and, if feasible, in the way that you have asked. Nec Money will give the information in another appropriate format, such as by email or mail, if it is not practical to do so.

Nec Money will give you a written explanation of its decision and the channels via which you can file a complaint if it determines that it is unable to supply you with the requested information.

12. How we protect the security of your data

Data Security Measures: Implement robust security measures to protect the data from unauthorized access, breaches, and losses. This includes encryption, access controls, firewalls, anti-virus software, and regular security audits.

Access Control: Limit access to client documents to only those employees who need it for their job function. Implement role-based access controls and maintain logs of who accesses the data and when.

Data Transfer Protections: If data is transferred outside the European Union, ensure that the receiving country has adequate data protection laws as per GDPR or use mechanisms like Standard Contractual Clauses or Binding Corporate Rules.

Data Breach Protocols: Have a plan in place for responding to data breaches. GDPR requires data breaches to be reported to the relevant supervisory authority within 72 hours of becoming aware of it.

Data Subject Rights: Ensure mechanisms are in place to respond to data subjects' rights, such as the right to access, right to rectification, right to erasure, and right to data portability.

Regular Compliance Audits and Training: Regularly audit your data handling practices for GDPR compliance and keep our staff trained and updated on data protection policies and practices.

Data Protection Impact Assessments (DPIA): Conduct DPIAs for processing activities that pose a high risk to individuals' rights and freedoms. This helps in identifying and mitigating risks associated with data processing activities.

Data Protection Officer (DPO): Depending on the scale and nature of data processing, appoint a Data Protection Officer to oversee compliance with GDPR.

Network Security:

→ Implement firewalls to control incoming and outgoing network traffic based on an applied rule set.

→ Regularly update all network devices with the latest security patches.

Data Encryption:

→ Encrypt data both at rest (on the server) and in transit (as it moves across networks) using strong encryption standards.

→ Manage encryption keys securely, ensuring they are stored separately from the encrypted data. Regular Software Updates and Patch Management:

→ Regularly update the server's operating system and any other software to patch vulnerabilities.

→ Implement a patch management policy to ensure timely and consistent application of updates.

Data Backup and Recovery:

→ Regularly back up data stored on the server and ensure that backups are secure and can be recovered.

→ Test backup procedures to ensure they work effectively in a disaster recovery scenario.

Remember, GDPR compliance is not just about technological solutions but also about organizational practices and policies. Regular reviews and updates to these practices in line with evolving data protection laws and technologies are crucial.

13. Availability and modifications to this guideline

We reserve the right to modify this Privacy Policy at any time to reflect modifications to our privacy practises brought about by new laws, industry best practises, or website improvements. We will update this page with the new information so you are aware of it. If there are major changes, we might also decide to send you an email with the updated information and request your permission before making any legally-mandated modifications. As a user, it is your duty to regularly check this page for updates to ensure you are informed of any changes that have been made. Any modifications made to this page will take effect immediately upon posting.

Your right to privacy

You have rights over the personal data that pertains to you.

The rights to be informed are as follows: the right to receive clear and simple information about how we use your personal data; the right to access copies of your personal data from us; the right to have inaccurate or incomplete personal data corrected; and the right to have your personal data erased or deleted from our systems.

→ Right to data portability: the ability to ask that we move, copy, or transfer your personal information;

→ Right to restrict our use of your information: the ability to "block" us from using your personal information or limit how we can use it;

→ Right to object: the ability to object to our use of your personal information, including hen we use it for our legitimate interests or when we use it to conduct profiling to inform our market research and userdemographics. Unless there are very special circumstances, in which case we will notify you of the reason we're keeping your personal information processed, we will stop processing your personal information if you make an objection.

→ Rights concerning automated decision-making and profiling: you have the right to refuse to be the subject of a decision that is exclusively based on automated processing, including profiling, if such decision affects your legal situation.

In compliance with our legal obligation, we shall make a good faith attempt to ensure that you have access to your rights under data protection laws. Please take note that we might not be able to fulfil your request under these rights due to certain legal or regulatory limitations. In the event that this is the case, we will notify you and explain our decision. For contact information, refer to section 16 below.

Contact information

Nec Money considers every complaint carefully and will look into it appropriately.

Please email support@necmoney.com with any questions, concerns, or to use any of the rights mentioned in this privacy statement.

As an alternative, you can call +8801319992612 (WhatsApp), Or +61283171149 in Australia, and +442037696109 in the United Kingdom. Please be aware that you might not be able to utilise our services if you request that we restrict or alter how we use your information.

If you're not happy with how we handled your complaint or the conclusion or settlement, you can take the issue up with;

Office of Australian Information Commissioner

Post : GPO Box 5288

Sydney NSW 2001

Fax +61 2 6123 5145

Email to foi@oaic.gov.au or mail to the postal address

Information Commissioner’s Office, United Kingdom

Post: Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

United Kingdom

Helpline number: 0044 303 123 1113