Privacy Policy – Intraclear Ltd

Intraclear Limited (“ICL”) is a company incorporated in the Republic of Cyprus and having its registered office at Office 5, Sandiz Beach Complex, 60 Amathountos Avenue, Ayios Tychonas, Limassol, 4532 Cyprus (Company No: HE389967) and a licensed Payment Institution, regulated by the Central Bank of Cyprus, with License number 115.1.2.35 (hereinafter referred to as the "Company").

This Privacy Policy applies to individuals who are existing/potential clients of ICL or act as authorized representatives of legal entities who are existing/potential clients/counterparties OR are the Directors/Shareholders/Beneficial owners of legal entities who are existing/potential clients/counterparties, hereinafter referred to as "You/Your".

DEFINITIONS

“GDPR” - The General Data Protection Regulation (EU) 2016/679 is the EU regulation on data protection and privacy for all individuals within the European Union and the European Economic Area.

"Personal Data" and “Data Subject” - any information relating to an identified or identifiable natural person (name, ID, location and any other factors specific to the physical, genetic, mental, economic, cultural or social identity of that person); The information for legal entities such as businesses, partnerships, trusts or other organizations provided by its authorized person, signatory, partner, or like shall be considered as appropriate.

"Processing" - means obtaining, recording, storing, holding, using or carrying out any operation or set of operations on the information or data including organization, adaptation or consultation on the information or data, as well as disclosure by transmission, dissemination or otherwise making available, or combining, blocking, removing or destructing of the information or data.

"Controller" - the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data.

"Processor" - the natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the controller.

"Sub-Processor" - any processor engaged by the data importer or by any other sub-processor of the data importer and who agrees to receive from the data importer or from any other sub-processor of the data importer personal data exclusively intended for the processing activities to be carried out on behalf of the data exporter after the transfer in accordance with the data exporter’s instructions.

Your Personal Data below may be collected by ICL:

Personal information (name, email, telephone numbers, residential address, employment address, occupation, name of employer, identity card number, passport number, marital status, country of taxation, among others),
Financial information (income, sources and size of wealth and other relevant data) as required by European legislation for AML/CFT purposes (Anti-Money Laundering and Combating the Financing of Terrorism).

In addition to the above, ICL also has to collect and keep those documents (originals or certified copies) which confirm the accuracy of your personal and financial information (identity card, passport, utility bill, bank statements and or bank Reference Letters, CVs or any other information required by the Company so as to comply with all applicable laws). ICL will ensure that your submitted Personal Data is adequate, relevant and limited to what is necessary with regards to the purposes for which it will be collected and processed.

As per the GDPR, ICL acts as a Controller of the data subject’s Personal Data, therefore it can determine solely, or jointly with others, the main purposes and legal grounds for the collection and processing of such data. Such purposes and legal grounds may be:

Execution of the business agreement: The collection and processing of your Personal Data is necessary for entering into a business relationship between ICL and the data subject for the provision of payment services.
Legitimate interests pursued by ICL in order to protect its business rights, provided that such interests do not infringe the rights, interests and fundamental freedoms of the data subject; such interests can be, among others, to provide a better service, for the purposes of network or information security, or to prevent fraud or financial crime.
Compliance with the regulatory framework within which ICL operates e.g. the Provision and Use of Payment Services and Access to Payment Systems Law of 2018, and the Prevention and Suppression of Money Laundering Activities Laws of 2007 to 2018 of the Republic, in conjunction with other relevant laws applicable to the operation of the Company. These regulations require the Company to identify and verify personal information related to the data subjects and connected persons, as well as exercise anti-money laundering controls, keeping and collecting Personal Data for a particular period of time and disclose such information, if required, to the regulatory authorities.

Potential recipients of the Data subject’s PERSONAL DATA

ICL, in the course of performing its contractual and legal obligations, may disclose your personal data, subject to data protection and/or confidentiality agreements, to the following Controllers, Processors and Sub-Processors:

Employees, business associates and sub-contractors of the Company;
Supervisory, other regulatory and public authorities, including government bodies such as the Central Bank of Cyprus and the Unit for Combating Money Laundering;
Financial organizations, such as banks;
External third parties such as Statutory Auditors, legal firms, other agents and consultants and other professional advisors.

Unless expressly consented to by the data subject, your Personal Data collected and kept by the Company will not be disclosed to any third party other than the above-mentioned recipients.

Where ICL is required to transfer your personal data outside of the European Economic Area such transfer is subject to Article 49(1)(b) and Article 49(1)(c) of the GDPR. The Company ensures sufficient protection for any Personal Data processed by others on its behalf, whether transferred within or outside the European Economic Area.

Data Subject Rights

Data subjects can exercise the below rights, where applicable, by sending their request to

All Data Subjects have the following rights in relation to their Personal Data provided to the Company:

The right of access to, or have a copy of, their Personal Data;
The right to object to the processing of Personal Data, on the grounds of ICL’s legitimate interests and/or processing of Personal Data for direct marketing purposes;
The right to restrict processing of Personal Data;
The right to request rectification of incorrect data in relation to a data subject;
The right of data portability;
The right to request, on legitimate grounds, the erasure of relevant Personal Data;
The right to withdraw any consent, by written notice, if the processing of this data is based on consent. However, this does not affect the lawfulness of any processing that was based on the data subject’s consent before such consent was withdrawn by him/her;

In addition, data subjects have a right to lodge a complaint regarding the processing of their Personal Data by ICL, by sending a complaint to dpo@intraclear.com; the Company's Data Protection Officer will investigate the issues raised and revert accordingly; if and where You are not satisfied with our response, You have a right to submit a complaint to the Office of the Commissioner for Personal Data Protection by phone at +357 22818456, or by email at commissioner@dataprotection.gov.cy by following the required procedure as per the link:

http://www.dataprotection.gov.cy/dataprotection/dataprotection.nsf/page1i_en/page1i_en?opendocument

Keeping of Personal Data

In accordance with the laws and regulations of the Republic of Cyprus, ICL will keep and update Your Personal Data for as long as we provide our services to You. Upon the termination of the business relationship, all Personal Data shall be kept for a minimum of five [5] years; once the legally required period lapses, Your Personal Data shall be erased unless (i.e. keep Your Personal Data for a longer period of time) it is required by law, the competent authorities or other regulations (e.g. pending legal proceedings or investigations).

Cyprus Law

This Privacy Policy shall be construed and interpreted in accordance with the laws of the Republic of Cyprus and both parties, the data subject and the Company, irrevocably submit to the exclusive jurisdiction of the courts of the Republic of Cyprus in connection to any dispute arising from the terms of this Policy.

Safeguarding

The Company takes all reasonable and appropriate steps to protect Your Personal Data from misuse, loss or unauthorized disclosure, by having a range of appropriate technical and organizational measures.

Personal Data Breach – Notification to the data subject

If the Company becomes aware of a Personal Data breach, and this may result in a high risk to a data subject’s rights and freedoms, the Company will - without undue delay - notify the affected data subject of such a breach by providing the following details:

The nature of the breach;
Type of the Personal Data impacted;
How the Company intends to minimize any damage.

In case of any possible damage, loss or misuse of data that a breach may cause to You, please inform ICL the soonest possible by sending an email to dpo@intraclear.com so that appropriate rectifying action may be taken.

Cookies

Our website uses small files, known as cookies, to make it work better in order to improve user experience. Cookies are used to retain user preferences, store information (e.g. shopping carts) and provide anonymized tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better. However, if you prefer to disable cookies on this site you can do it by disabling cookies in your browser. You may consult the Help section of your browser or have a look at the About Cookies website which offers guidance for all modern browsers.

Analytics

ICL may use third-party Service Providers to monitor and analyze the use of ICL’s Service. Google Analytics is a web analytics service, offered by Google, which tracks and reports website traffic. It uses the data collected to track and monitor the use of our Service; this data is then shared with other Google services and it may use the collected data to personalize ads of its own advertising network. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en

Users of the ICL website can opt-out of Google Analytics having access to their activity on the Service by installing the Google Analytics opt-out browser add-on. The add-on prevents the sharing of information about visits activity with Google Analytics.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.