Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
For the purpose of the Data Protection Act 2018 (the Act) as well as EU General Data Protection Regulation (GDPR), the data controller is KANTOX Ltd, 8 Devonshire Square, 5rd Floor, London EC2M 4PL, United Kingdom, +44 (0) 203 608 6984.
1. Information we may collect from you
We may collect and process the following data about you:
- Information that you provide by filling in forms on our site www.kantox.com. This includes information provided at the time of registering to use our site, subscribing to and using our service, posting material or requesting further services. We may also ask you for information when we process your application to use our services, when we deliver services to you, and when you report a problem with our site.
- If you contact us, we may keep a record of that correspondence.
- We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
- Details of transactions you carry out through our site or service and that we process for you. Such information may include payment amounts and personal details of persons to whom you are sending payments. Those persons may also give us their personal information. We retain such information for each of your transactions using our service and may add it to your account profile for use in relation to future transactions made through our service.
- The IP address of your computer and other information about the device you use to access our service, from which you may be identifiable. We retain this information to detect unauthorised transactions.
- Details of your visits to our site including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for purposes of providing you with our services or otherwise and the resources that you access.
- The above information about you may include your name, address, phone number, email address, client’s business name, registration number, business address, copies of ID of directors, director’s name, director’s date of birth, employment details and information relating to your financial circumstances. For us to provide our payment processing services to you, you must provide bank account information, “know your client” information, password information, and responses to security questions. In addition to the “know your client” information you provide when you apply for an account with KANTOX, we may ask you for further identification information in the course of providing services to you, in particular, if you send or receive high-value payments, or to comply with anti-money laundering regulations.
2. Information we may collect from third parties
In order to protect our customers against potential fraud, we may verify the information that you provide to us with other payment processors, banks, credit reference agencies, fraud checking agencies, providers of operational services, and regulators, such as the Financial Conduct Authority.
As described above, we may collect personal information about our customers’ payees, in order to remit payments to them. We will retain this information to keep a record of the transactions. Such payees are entitled to access and correct the information about themselves.
3. IP addresses and cookies
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration. This is statistical data about our users’ browsing actions and patterns and does not identify any individual.
For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer, or similar technologies for storing or retrieving information such as local shared objects (often referred to as “flash cookies”), web beacons or web bugs (including transparent or clear gifs).
Cookies are text files containing small amounts of information which are downloaded to your device when you visit a website. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognises that cookie. Cookies are useful because they allow us to recognise a user’s device.
Cookies do lots of different jobs, like letting you navigate between pages efficiently, remembering your preferences, and generally improve the user experience. They can also help to ensure that adverts you see online are more relevant to you and your interests.
The cookies used on this website have been categorised based on the categories found in the ICC UK Cookie guide.
Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better and more personalised service. They enable us to:
- Estimate our audience size and usage pattern.
- Store information about your preferences, and so allow us to customise our site according to your individual interests.
- Recognise you when you return to our site.
- Generate your email or other personal details on your registration from or other online documents to save your typing them.
- Identify you when you sign-in to any secured part of our site. This allows us to store your login credentials, and to remember any application settings you may define.
- Track the use of our websites, for the purpose of improving our service offering to you.
- Improve security.
According to the ICC UK Cookie guide, cookies may be categorised as follows:
- Category 1: Essential Cookies. These cookies are essential in order to enable you to move around the website and use its features, such as accessing secure areas of the website. Without these cookies services you have asked for cannot be provided. We remind you that under current law, cookies from Category 1 are strictly necessary and as such your consent for use is not required.
- Category 2: Performance Cookies. These cookies collect information about how visitors use a website, for instance, which pages visitors go to most often, and if they get error messages from web pages. These cookies don’t collect information that identifies a visitor. All information these cookies collect is aggregated and therefore anonymous. It is only used to improve how a website works. By using our website, you agree that we can place these cookies from Category 2 on your device.
- Category 3: Functionality Cookies. These cookies allow the website to remember choices you make (such as your user name, language or the region you are in) and provide enhanced, more personal features. For instance, a website may be able to provide you with local weather reports or traffic news by storing in a cookie the region in which you are currently located. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customise. They may also be used to provide services you have asked for such as watching a video or commenting on a blog. The information these cookies collect may be anonymised and they cannot track your browsing activity on other websites. By using our website, you agree that we can place these cookies from Category 3 on your device.
5. Where we store your personal data
All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, or to use our services, you are responsible for keeping this password confidential. We ask you to not share a password with anyone. Our representatives will not ask you for your password, so any communication or telephone or other request for your password should be treated with suspicion and reported to us at firstname.lastname@example.org. If you believe that someone else has obtained access to your password, please also change it as soon as you can by logging into your account and changing your customer details.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
6. Use of the information
We use your information in the following ways:
- To ensure that content from our site is presented in the most effective manner for you and for your computer.
- To provide you with information, products or services that you request from us or which we feel may interest you, when you have consented to be contacted for such purposes.
- To carry out our obligations arising from any contracts entered into between you and us.
- To allow you to participate in interactive features of our service, when you choose to do so.
- To notify you about changes to our service.
- To resolve disputes and to deal with queries about our services.
- For fraud detection and prevention purposes.
We will ask for your explicit consent to also use your data, or permit selected third parties to use your data, to provide you with information about products and services which may be of interest to you and we or they may contact you about these by post or telephone. You may opt out of this at any time by sending an email to email@example.com.
If you are an existing customer, where you have given your consent, we will only contact you by electronic means (e-mail or SMS) with information about goods and services similar to those which were the subject of a previous sale to you. You may opt out of this at any time by sending an email to firstname.lastname@example.org.
If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the form on which we collect your data (the application form).
7. Disclosure of your information
We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
We may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If KANTOX or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
We may share your information with:
- Merchants, other payment processors, banks, fraud checking agencies and providers of operational services, including outside the EEA, in order to provide our services to you, including transmitting payments and also to fulfil our obligations to them under our contracts with them relating to the services we provide to our customers.
- The persons mentioned above and with regulators, such as the Financial Services Authority or tax authorities or security and law enforcement agencies, including outside the EEA, for fraud detection and prevention purposes and in connection with their exercise of their regulatory functions.
- Third parties in connection with civil or criminal legal proceedings.
8. Your rights
|Your Rights||Our responsibility to you|
|You have the right to be informed about how we use your personal information.||We provide this privacy notice to explain how we use your personal information.|
|You can ask to see the personal information we hold about you (this is called making a ‘data subject access request’, or DSAR for short). You can also ask for information about what information we process and why.||If you make a Data Subject Access Request, we will provide a copy of the personal information we hold about you. We can’t give you any information about other people, information which is linked to an ongoing criminal or fraud investigation, or information which is linked to settlement negotiations with you. We also won’t provide you with any communication we’ve had with our legal advisers.|
|You can ask us to correct your personal information if you think it’s wrong.||You can have incomplete or inaccurate information corrected. Before we update your file, we may need to check the accuracy of the new information you have provided.|
|You can ask us to delete your personal information.||You can ask us to delete your personal information if:|
|✓ there’s no good reason for us to continue using it;|
|✓ you gave us consent to use the information and you have now withdrawn that consent;|
|✓ you have objected to us using the information;|
|✓ we have used the information unlawfully; or|
|✓ the law requires us to delete the information.|
|Just to let you know, we may not be able to agree to your request. As a regulated entity, the personal data provided will be kept for the period necessary to manage the service requested and, subsequently, the personal data will be kept blocked for the period necessary for the formulation, exercise and defence of claims that may arise from the processing of the same. If you’ve closed your account, we may not be able to delete your entire file because these regulatory responsibilities take priority. We will always let you know if we can’t delete your information.|
|You can object to us processing your personal information||You can tell us to stop using your personal information, at any time, for marketing purposes.|
|You can object to us processing other information (if we are using it for legitimate interests).||If our legal basis for using your personal information is ‘legitimate interests’ and you disagree with us using it, you can object.|
|However, if there is an overriding reason why we need to use the information (for example, legal reasons), we will not accept your request.|
|If you object to us using information which we need in order to provide our services, we may need to close your account as we won’t be able to provide the services.|
|You can ask us to restrict how we use your personal information||You can ask us to suspend using your personal information if:|
|✓ you want us to investigate whether it is accurate;|
|✓ our use of the information is unlawful but you do not want us to delete it;|
|✓ we no longer need the information, but you want us to continue holding it for you in connection with a legal claim; or|
|✓ you have objected to us using your information (see above), but we need to check whether we have an overriding reason to use it.|
|You can ask us to transfer personal information to you.||If we can, and are allowed to do so under regulatory requirements, we will provide your personal information in a structured, commonly used, machine-readable format.|
|You can withdraw your permission.||If you have given us any consent we need to use your personal information, you can withdraw your consent at any time by sending an email to email@example.com.|
|(Note, it will have been lawful for us to use the personal information up to the point you withdraw your permission).|
9. Exercising your rights, complaints or queries
To exercise any of your rights set out in the previous section, or to make a complaint or ask us a question you can contact us via email at firstname.lastname@example.org
For security reasons, we can’t deal with your request if we are not sure of your identity, so we may ask you for proof of your ID.
If you are unhappy with how we have handled your personal information you can complain to the ICO through their website.
We try to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring any concerns to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.
This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of our collection and use of personal information.