Legal information
Privacy Policy
The Privacy notice, along with the Terms and Conditions, explains how personal data is collected, processed, used, and disclosed when using the website mybrocard.com. When registering, logging in, making payments, contacting support, filling out forms, or submitting data, personal data will be collected, used, and stored in the same way as described in this Privacy Policy.
Introduction
This Privacy Policy, together with our Terms and Conditions, explains how we collect, process, use, and disclose your personal data when you interact with our website.
When you register, log in, make payments using your wallet, contact support, fill out any forms on the site, or submit data through the ticket system, we collect, use, and store your data as described in this Privacy Policy.
The Data Protection Officer can be reached by email at info@mybrocard.com.
Data Controller and Data Protection Officer
The Data Controller is the entity that determines the purposes and means of processing your personal data.
Brocard is the Data Controller for the data processed while you use our services. You can contact our Data Protection Officer via email info@mybrocard.com.
What is Personal Data?
Personal data refers to any information related to an identified or identifiable natural person (data subject), directly or indirectly, by reference to an identifier such as a name, identification number, location data, or online identifier. In other words, personal data is any information about you that can identify you.
This Privacy Policy outlines how we collect and use your personal data.
Personal Data We Collect and Process
We obtain certain personal data from you directly:
Information you provide when you sign up:
When you verify your account:
When you initiate or receive a bank transfer:
When we inquire about your transactions to prevent fraud and misuse of your account:
When you communicate with us:
Transaction information:
Information from your device:
Information we may receive from third parties:
Legal Basis and Use of Your Personal Data
We process your personal data only where a lawful basis exists, which may include:
A) Performance of a Contract with You
We process your personal data to provide you with our services under the Terms and Conditions you accept when signing up.
We collect your data to set up and manage your account.
We also process your data to ensure secure access to your account, including sending one-time passwords or other access codes.
We use your data to process transactions such as transferring funds, making payments, adding money to a wallet, or withdrawing funds.
We process your data when you obtain an IBAN and share data with third parties that provide these services.
We may send you important information about the system, login confirmations, notifications of suspicious login attempts, and completed transactions, as well as provide technical and customer support.
We process personal data to assist you in resolving issues related to your account when you contact customer support via ticket, email, or phone.
B) Legal Obligation
We process your personal data to comply with legal obligations, particularly anti-money laundering (AML) and counter-terrorist financing legislation, and to verify your identity as part of the KYC procedure.
When you request an IBAN or initiate a bank transfer, we also send your data to service providers to meet AML requirements and follow KYC rules.
We may use your data to assist law enforcement authorities with their investigations or disclose data required by court order as mandated by law.
C) Legitimate Interests
We may use anonymized and aggregated data to analyze how customers use our services and evaluate the quality and convenience of our product, site operation, and functionality.
We may also use your data to notify you of changes to our policies or new features.
We take a risk-based approach to assess user profiles and transactions to detect and prevent fraudulent and illegal activities. We collect, use, and store personal data for these purposes.
When you contact support, we keep a record of the conversation to improve service quality, protect our interests in case of disputes, evaluate support staff performance, and provide training.
D) Your Consent
You may opt in to receive emails about our products and services, and allow us to measure the performance of marketing emails and analyze product use. You may withdraw your consent at any time.
To verify your account, we may ask you to undergo a liveness test to ensure that you are a real person and that the documents you submit belong to you. This requires you to activate your camera and turn your head so that a neural network can analyze your facial features. This analysis involves processing a special category of personal data and can only be carried out with your consent.
Your consent is valid only for the duration of the liveness check, and data processing is terminated immediately upon completion. Data collection and processing are carried out by a third party acting as a data processor on our behalf.
Automated Decision-Making
We use an automated risk assessment system to analyze user risk profiles and ongoing transactions to prevent illegal and fraudulent activities. However, any significant decisions affecting you will be made by our employees based on a manual review.
Cookies
We use cookies on our website. You can read more about this in our Cookies Policy.
How We Keep Your Data Secure
We are committed to protecting your personal data. We implement various security and organizational measures to ensure your data's safety when you enter it on our site or otherwise provide it to us.
We use data encryption techniques and authentication procedures to prevent unauthorized access to our system and your data. Only authorized employees have physical access to the premises where data is processed and stored, and the premises are monitored.
All sensitive information is transmitted via Secure Socket Layer (SSL) technology. Card payment information encryption complies with PCI DSS.
We grant access to your personal data only to employees who need it for their job functions (e.g., customer support staff). All employees with access to personal data are bound by a non-disclosure agreement. We provide ongoing training to our employees to ensure the security and confidentiality of personal data.
We continually improve our security procedures to comply with industry standards and maintain a high level of personal data protection.
We recommend that you also follow some simple rules to ensure your safety. Never use the same password for multiple accounts on different sites, and always use a strong password with mixed case letters, numbers, and symbols. Do not share your wallet password with anyone. Please remember that our employees will never ask for your password. If someone posing as a company employee asks for your password or other login information, do not provide it and notify us immediately.
How Long We Keep Your Data
Your personal data will be retained as long as necessary for the specific purpose for which it was collected.
Data collected for AML compliance and anti-fraud purposes will be kept for five years after you close your account. All data will be deleted once the statutory retention period has expired and the purposes for which the information was collected have been achieved.
Disclosure of Personal Data to Third Parties
To provide our services, we may need to share your information with third parties.
Cross-Border Transfer of Data
Some of our partners and employees may be located outside your jurisdiction, so we may transfer data to third countries. Such transfers will only take place if appropriate safeguards are in place to ensure an adequate level of protection for personal data subjects. Our partners and providers are required to provide an adequate level of data protection under the terms of our contract with them.
Links to Other Websites
Our website may contain external links to third-party resources, such as the services of our partners. We cannot control how third parties use your information, so please review the Privacy Policies of those websites.
Your Rights
You have the right to exercise control over how your personal data is processed:
You may exercise your rights by contacting our Data Protection Officer. Before providing any confidential information, we must verify your identity.
If requests are unfounded or excessive, particularly due to their repetitive nature, we may charge a reasonable fee to cover administrative costs or refuse to act on the request.
Please note that there may be legal reasons that prevent us from fulfilling your request.
Filing a Complaint
If you believe your rights have been violated, you may file a complaint with the appropriate supervisory authority in your jurisdiction. If you are located in the EU, you can find the relevant supervisory authority on the European Data Protection Board website.
Changes to Our Privacy Policy
We may update this Privacy Policy from time to time. If significant changes are made, we may notify you by email.
This Privacy Policy, together with our Terms and Conditions, explains how we collect, process, use, and disclose your personal data when you interact with our website.
When you register, log in, make payments using your wallet, contact support, fill out any forms on the site, or submit data through the ticket system, we collect, use, and store your data as described in this Privacy Policy.
The Data Protection Officer can be reached by email at info@mybrocard.com.
Data Controller and Data Protection Officer
The Data Controller is the entity that determines the purposes and means of processing your personal data.
Brocard is the Data Controller for the data processed while you use our services. You can contact our Data Protection Officer via email info@mybrocard.com.
What is Personal Data?
Personal data refers to any information related to an identified or identifiable natural person (data subject), directly or indirectly, by reference to an identifier such as a name, identification number, location data, or online identifier. In other words, personal data is any information about you that can identify you.
This Privacy Policy outlines how we collect and use your personal data.
Personal Data We Collect and Process
We obtain certain personal data from you directly:
Information you provide when you sign up:
- Name, surname;
- Email, hashed password.
When you verify your account:
- Mobile phone number;
- Identity document photo/scan;
- Facial image data, such as photos of your face (including selfies) and a photo or scan of the face on your identification document, videos, sound recordings;
- Biometric data, such as facial features.
When you initiate or receive a bank transfer:
- Proof of address document;
- Document confirming your citizenship/residence permit;
- Documents required to prove the source of funds;
- Bank account details, including the account number, sort code, IBAN, and payment comments;
- Payment-related details (amount, currency, time, etc.).
When we inquire about your transactions to prevent fraud and misuse of your account:
- Information required to prove the source of funds (e.g., bank statements, verbal explanations, screenshots);
- Information to indicate the purpose and economic rationale of the challenged transaction;
- Information you provide in a questionnaire to confirm that you are acting of your own free will and understand the nature of the transaction.
When you communicate with us:
- Your contact email;
- Content of your communication, messages, and files you attach to your messages;
- Unique ticket system identifier;
- Technical data related to your messages (including date, time zone, environment, etc.).
Transaction information:
- Details of your wallets and unique identifier in our system;
- Payments performed within your account, including date, time, amount, currencies, participants involved in the transaction, messages sent and received with the payment, merchant information, payment methods used, technical usage data, and geolocation information;
- Bank card details connected to your account, such as cardholder name, expiry date, first six and last four digits of the card number.
Information from your device:
- Name of your internet service provider (IP address), environment, log-in information, browser type and settings, time zone, operating system, device type, unique device identifier, screen size, mobile network information, mobile operating system and browser type, date, time, and length of your visit.
Information we may receive from third parties:
- Information from payment systems (Visa, Mastercard, UnionPay), payment service providers;
- Information received from card schemes, card program managers;
- Information from public authorities and law enforcement agencies;
- Information received via public sources (e.g., company registers and enhanced due diligence services).
Legal Basis and Use of Your Personal Data
We process your personal data only where a lawful basis exists, which may include:
- Performance of a contract with you;
- Legal obligation;
- Legitimate interests, considering your rights, interests, and expectations;
- Your consent.
A) Performance of a Contract with You
We process your personal data to provide you with our services under the Terms and Conditions you accept when signing up.
We collect your data to set up and manage your account.
We also process your data to ensure secure access to your account, including sending one-time passwords or other access codes.
We use your data to process transactions such as transferring funds, making payments, adding money to a wallet, or withdrawing funds.
We process your data when you obtain an IBAN and share data with third parties that provide these services.
We may send you important information about the system, login confirmations, notifications of suspicious login attempts, and completed transactions, as well as provide technical and customer support.
We process personal data to assist you in resolving issues related to your account when you contact customer support via ticket, email, or phone.
B) Legal Obligation
We process your personal data to comply with legal obligations, particularly anti-money laundering (AML) and counter-terrorist financing legislation, and to verify your identity as part of the KYC procedure.
When you request an IBAN or initiate a bank transfer, we also send your data to service providers to meet AML requirements and follow KYC rules.
We may use your data to assist law enforcement authorities with their investigations or disclose data required by court order as mandated by law.
C) Legitimate Interests
We may use anonymized and aggregated data to analyze how customers use our services and evaluate the quality and convenience of our product, site operation, and functionality.
We may also use your data to notify you of changes to our policies or new features.
We take a risk-based approach to assess user profiles and transactions to detect and prevent fraudulent and illegal activities. We collect, use, and store personal data for these purposes.
When you contact support, we keep a record of the conversation to improve service quality, protect our interests in case of disputes, evaluate support staff performance, and provide training.
D) Your Consent
You may opt in to receive emails about our products and services, and allow us to measure the performance of marketing emails and analyze product use. You may withdraw your consent at any time.
To verify your account, we may ask you to undergo a liveness test to ensure that you are a real person and that the documents you submit belong to you. This requires you to activate your camera and turn your head so that a neural network can analyze your facial features. This analysis involves processing a special category of personal data and can only be carried out with your consent.
Your consent is valid only for the duration of the liveness check, and data processing is terminated immediately upon completion. Data collection and processing are carried out by a third party acting as a data processor on our behalf.
Automated Decision-Making
We use an automated risk assessment system to analyze user risk profiles and ongoing transactions to prevent illegal and fraudulent activities. However, any significant decisions affecting you will be made by our employees based on a manual review.
Cookies
We use cookies on our website. You can read more about this in our Cookies Policy.
How We Keep Your Data Secure
We are committed to protecting your personal data. We implement various security and organizational measures to ensure your data's safety when you enter it on our site or otherwise provide it to us.
We use data encryption techniques and authentication procedures to prevent unauthorized access to our system and your data. Only authorized employees have physical access to the premises where data is processed and stored, and the premises are monitored.
All sensitive information is transmitted via Secure Socket Layer (SSL) technology. Card payment information encryption complies with PCI DSS.
We grant access to your personal data only to employees who need it for their job functions (e.g., customer support staff). All employees with access to personal data are bound by a non-disclosure agreement. We provide ongoing training to our employees to ensure the security and confidentiality of personal data.
We continually improve our security procedures to comply with industry standards and maintain a high level of personal data protection.
We recommend that you also follow some simple rules to ensure your safety. Never use the same password for multiple accounts on different sites, and always use a strong password with mixed case letters, numbers, and symbols. Do not share your wallet password with anyone. Please remember that our employees will never ask for your password. If someone posing as a company employee asks for your password or other login information, do not provide it and notify us immediately.
How Long We Keep Your Data
Your personal data will be retained as long as necessary for the specific purpose for which it was collected.
Data collected for AML compliance and anti-fraud purposes will be kept for five years after you close your account. All data will be deleted once the statutory retention period has expired and the purposes for which the information was collected have been achieved.
Disclosure of Personal Data to Third Parties
To provide our services, we may need to share your information with third parties.
Cross-Border Transfer of Data
Some of our partners and employees may be located outside your jurisdiction, so we may transfer data to third countries. Such transfers will only take place if appropriate safeguards are in place to ensure an adequate level of protection for personal data subjects. Our partners and providers are required to provide an adequate level of data protection under the terms of our contract with them.
Links to Other Websites
Our website may contain external links to third-party resources, such as the services of our partners. We cannot control how third parties use your information, so please review the Privacy Policies of those websites.
Your Rights
You have the right to exercise control over how your personal data is processed:
- Right to be informed: You are entitled to know how and why we process your personal data. We publish this Privacy Policy and are always ready to answer any of your questions.
- Right of access: You can ask us to confirm whether we are processing your personal data and request detailed information about how we collect, process, use, store, and share your data.
- Right to rectification: You can ask us to correct or update any inaccurate or outdated information.
- Right to erasure ("Right to be forgotten"): You may request the deletion of your personal data. However, if we are legally required to retain it, the right to erasure may not apply.
- Right to restrict and object to processing: You may restrict or object to the processing of your personal data.
- Right to data portability: You can request that we transfer your data to another entity providing similar services, if technically feasible and not prohibited by law. The data will be provided in a structured, commonly used, and machine-readable format.
- Right to withdraw consent: Where processing is based on your consent, you may withdraw it at any time by changing your account settings or sending an email. You can opt out of receiving marketing materials by clicking the "unsubscribe" link in emails.
- Right to complain: You may file a complaint if you believe your rights have been violated.
You may exercise your rights by contacting our Data Protection Officer. Before providing any confidential information, we must verify your identity.
If requests are unfounded or excessive, particularly due to their repetitive nature, we may charge a reasonable fee to cover administrative costs or refuse to act on the request.
Please note that there may be legal reasons that prevent us from fulfilling your request.
Filing a Complaint
If you believe your rights have been violated, you may file a complaint with the appropriate supervisory authority in your jurisdiction. If you are located in the EU, you can find the relevant supervisory authority on the European Data Protection Board website.
Changes to Our Privacy Policy
We may update this Privacy Policy from time to time. If significant changes are made, we may notify you by email.
Legal Basis and Use of Personal Data
At mybrocard.com, we only process your personal data where a lawful basis exists. We may rely on the following:
A) Performance of a contract we enter with you
We process your personal data to provide you with our services based on the Terms and Conditions that you accept when you sign up in our system. We collect and process your data to set up and administer your account, to ensure secure access to your account, and to process transactions that you make with your account, such as transferring funds, making payments, adding money to a wallet, or withdrawing funds. We may also send you important information about the system, login confirmation, suspicious authorization attempts, and completed transactions notifications, as well as provide technical and customer support.
B) Our legal obligation
We process your personal data to comply with our legal obligations, particularly the requirements of anti-money laundering and terrorist financing legislation, to verify and confirm your identity as part of the KYC procedure. When you request an IBAN or initiate a bank transfer, we also send your data to the providers of these services to meet AML requirements and follow KYC rules. We may use your data to assist any law enforcement authority with their investigation or disclose data required by a court order as we may be obliged by law.
C) Our legitimate interests
We may use anonymized and aggregated data to analyze how customers use our services and evaluate the quality and convenience of our product, site operation, and functionality. Likewise, we may also use your data to notify you about changes to our policies or new features of our service. We take a risk-based approach to assess both the profile of users and the transactions they make, as well as detect and prevent fraudulent and other illegal activities. We collect, use, and store personal data for these purposes. When you contact our support service, we keep a record of the conversation. We do this to improve the quality of our services and products, protect our interests in case of disputes, evaluate the quality of the work of the support staff, and train them.
D) Your consent
You may opt-in to receive emails from us about our products and services, and allow us to measure the performance of marketing emails and analyze product use. You may withdraw your consent at any time. To verify your account, we ask you to go through a liveness test to make sure that you are a living person and the documents submitted really belong to you. Such analysis constitutes the processing of a special category of personal data and can only be carried out based on your consent. The term of the consent is limited to the achievement of the purpose of the liveness check, so the data processing is terminated immediately once it is completed. The data collection and processing is carried out by a third party, acting as a data processor on our behalf. You can read more about this in the "Disclosure of personal data to third parties" section.
At mybrocard.com, we only process your personal data where a lawful basis exists. We may rely on the following:
A) Performance of a contract we enter with you
We process your personal data to provide you with our services based on the Terms and Conditions that you accept when you sign up in our system. We collect and process your data to set up and administer your account, to ensure secure access to your account, and to process transactions that you make with your account, such as transferring funds, making payments, adding money to a wallet, or withdrawing funds. We may also send you important information about the system, login confirmation, suspicious authorization attempts, and completed transactions notifications, as well as provide technical and customer support.
B) Our legal obligation
We process your personal data to comply with our legal obligations, particularly the requirements of anti-money laundering and terrorist financing legislation, to verify and confirm your identity as part of the KYC procedure. When you request an IBAN or initiate a bank transfer, we also send your data to the providers of these services to meet AML requirements and follow KYC rules. We may use your data to assist any law enforcement authority with their investigation or disclose data required by a court order as we may be obliged by law.
C) Our legitimate interests
We may use anonymized and aggregated data to analyze how customers use our services and evaluate the quality and convenience of our product, site operation, and functionality. Likewise, we may also use your data to notify you about changes to our policies or new features of our service. We take a risk-based approach to assess both the profile of users and the transactions they make, as well as detect and prevent fraudulent and other illegal activities. We collect, use, and store personal data for these purposes. When you contact our support service, we keep a record of the conversation. We do this to improve the quality of our services and products, protect our interests in case of disputes, evaluate the quality of the work of the support staff, and train them.
D) Your consent
You may opt-in to receive emails from us about our products and services, and allow us to measure the performance of marketing emails and analyze product use. You may withdraw your consent at any time. To verify your account, we ask you to go through a liveness test to make sure that you are a living person and the documents submitted really belong to you. Such analysis constitutes the processing of a special category of personal data and can only be carried out based on your consent. The term of the consent is limited to the achievement of the purpose of the liveness check, so the data processing is terminated immediately once it is completed. The data collection and processing is carried out by a third party, acting as a data processor on our behalf. You can read more about this in the "Disclosure of personal data to third parties" section.
Automated Decision-Making
We use an automated risk assessment system to analyze the risk profile of users and ongoing transactions to prevent illegal and fraudulent activities. However, any significant decisions that may impact you will be taken by our employees based on a manual review.
We use an automated risk assessment system to analyze the risk profile of users and ongoing transactions to prevent illegal and fraudulent activities. However, any significant decisions that may impact you will be taken by our employees based on a manual review.
Cookies
We use cookies on our website. You can read about it in our Cookies Policy.
We use cookies on our website. You can read about it in our Cookies Policy.
Data Security
We are committed to ensuring that your personal data is protected. We take various security and organizational measures to ensure the safety of your data when you enter it on the site or otherwise provide it to us.
We use data encryption techniques and authentication procedures to prevent unauthorized access to our system and your data. Only authorized employees are granted physical access to the premises where data is processed and stored, which are under surveillance.
All sensitive information is transmitted via Secure Socket Layer (SSL) technology. Card payment information encryption is compliant with PCI DSS.
We authorize access to your personal data only for those employees who need it based on their job requirements (for example, customer support staff). All employees who access personal data are bound by a non-disclosure agreement. We provide ongoing training to our employees to ensure the security and confidentiality of personal data.
We continuously improve our security procedures to comply with the best industry standards and maintain a high level of personal data protection.
We recommend adhering to some simple rules that will help ensure your safety. Never use the same password for multiple accounts on different sites and always use a strong password with mixed-case letters, numbers, and symbols. Do not tell anyone your Mybrocard wallet password. Please remember that our employees never ask for user passwords. If someone pretending to be an Mybrocard employee asks you for your password or other login information, do not give it to them and notify us immediately by email to info@mybrocard.com.
We are committed to ensuring that your personal data is protected. We take various security and organizational measures to ensure the safety of your data when you enter it on the site or otherwise provide it to us.
We use data encryption techniques and authentication procedures to prevent unauthorized access to our system and your data. Only authorized employees are granted physical access to the premises where data is processed and stored, which are under surveillance.
All sensitive information is transmitted via Secure Socket Layer (SSL) technology. Card payment information encryption is compliant with PCI DSS.
We authorize access to your personal data only for those employees who need it based on their job requirements (for example, customer support staff). All employees who access personal data are bound by a non-disclosure agreement. We provide ongoing training to our employees to ensure the security and confidentiality of personal data.
We continuously improve our security procedures to comply with the best industry standards and maintain a high level of personal data protection.
We recommend adhering to some simple rules that will help ensure your safety. Never use the same password for multiple accounts on different sites and always use a strong password with mixed-case letters, numbers, and symbols. Do not tell anyone your Mybrocard wallet password. Please remember that our employees never ask for user passwords. If someone pretending to be an Mybrocard employee asks you for your password or other login information, do not give it to them and notify us immediately by email to info@mybrocard.com.
Contact us
Just type your contacts
By clicking the button you agree to our Terms and Conditions and Privacy Policy