Monerium EMI would like to inform you that your privacy is of crucial importance to us. The success of our business depends on our ability to maintain the trust of our customers. During the course of our business, we are legally bound to gather information about our customers, and we would like to inform you about the type of information we gather, why we retain Personal Data, what we do with it, and how you can correct and/or modify the information you entrust us with.
Our Website is not intended for children and we do not knowingly collect data relating to children.
Monerium EMI is the controller and is responsible for your personal data.
Full name of legal entity: Monerium EMI ehf.
Postal address: Lækjargata 2, 101 Reykjavík, Iceland.
You have the right to make a complaint at any time to the Icelandic Data Protection Authority (Persónuvernd) at www.personuvernd.is. We would, however, appreciate the chance to deal with your concerns before you approach Persónuvernd so please contact us in the first instance.
For clarity, we will:
Always keep your data safe and private.
Never sell your data.
Allow you to manage and review your marketing choices if any at all times.
We collect information about you when you sign up and create an Account and use our Services. Furthermore, we may collect information about you when you visit our Website. The following information may be collected and stored for administrative, service-related, and/or legal purposes:
Registration and use information - When you register to use our Services by establishing an Account, we will collect Personal Data as necessary to offer and fulfill the Services you request. We may require you to provide us with your identity document, name, postal address, telephone number, email address, bank account number, bank sort code, IBAN, and identification information to establish an Account. We may require you to provide us with additional Personal Data as you use our Services.
Transaction and experience information - When you use our Services or access our Website, for example, to buy or sell e-money, we collect information about the transaction. That includes details about payments to and from you, your blockchain address submitted, as well as other information associated with the transaction such as the amount bought or sold, bank account information, as well as information about any funding instruments used to complete the transaction, device information, technical usage data, and geolocation information.
Information about you from third-party sources - We obtain information from third-party sources such as authorities, merchants, data providers, financial institutions, or similar entities, where permitted and/or required by law.
Device Information – Information that is automatically collected about your device (such as but not limited to, hardware, operating system, browser, etc.).
Location Information – Information that is automatically collected via analytics systems providers to determine your location, including your IP address and/or domain name and any external page that referred you to us.
Log Information – Information that is generated by your use of Monerium EMI that is automatically collected and stored in our server logs. This may include, but is not limited to, device-specific information, location information, system activity, and any internal and external information related to Monerium pages that you visit.
Other information we collect related to your use of our Website or Services - We may collect additional information from or about you when you communicate with us, contact our customer support, or respond to a survey.
We will only use your personal data when the law allows us to. Most commonly, we will Process your personal data in the following circumstances:
Where we need to perform the contract we are about to enter into or have entered into with you.
Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
Where we need to comply with a legal obligation.
We may Process your information for the following reasons:
To operate the Website and provide the Services, including to:
register you as a new customer;
issue and redeem e-money;
authenticate your access to an Account;
communicate with you about your Account, the Website, the Services, or Monerium;
compare information for accuracy and verification purposes; and
carry out customer due diligence measures.
To manage our business needs, such as monitoring, analyzing, and improving the Services and the Website performance and functionality. For example, analyzing buying behavior.
To manage risk and protect the Website, the Services, and you from fraud by verifying your identity, and helping to detect and prevent fraud and abuse of the Website or Services.
Marketing by delivering marketing materials about Monerium products and online Services and the products and services of unaffiliated businesses. We may also Process your Personal Data to tailor certain Services or Site experiences to better match our understanding of your interests.
To comply with our obligations and to enforce the terms of our Website and Services, including complying with all applicable laws and regulations.
To respond to your requests, for example, to contact you about a question you submitted to our customer service team.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data.
We send Personal Data to the following sets of data processors in order to perform the Monerium Services:
Fraud prevention agencies and other relevant authorities: In order to comply with relevant legislation we must be able in some situations to provide relevant authorities with your Personal Data. This is to verify your identity, protect against fraud, comply with anti-money laundering laws, and confirm your eligibility to use our Services.
Cloud storage providers: This is in order to safely and securely store your data with Monerium. Your Personal Data will always be encrypted when stored with third-party service providers.
IT, payment, and delivery services: We use such partners in order to help us provide you with our services.
Banking and financial services partners: Financial services providers that help us provide our Services including banking partners, banking intermediaries, payment service providers, payment networks, and other financial institutions.
Advertisers, analytics, and information search providers: If we decide to engage advertisers to promote our Products and Services, the advertisers and their advertising networks may require anonymized personal data to serve relevant adverts to you and others. We will never disclose identifiable information about individuals to advertisers, but we may provide them with aggregate information about our users (for example, we may inform them that 500 men aged under 40 have clicked on their advertisement on any given day). We may also use such aggregate information to help our advertising partners provide a tailored and targeted campaign, relevant to a subsection of our users (for example, women in Ljubljana). In some instances, we may use personal data we have collected from you to enable our advertising partners to display their advertisements to their target audience. We may use analytics and search engine providers to assist us in the improvement and optimization of our site.
Communications service providers: In order to help us to send you emails, push notifications, and text messages.
Companies within the Monerium group: In order to provide a unified service across all of our products and services, we may disclose your personal information to members of the Monerium group, which means any of our subsidiaries or related entities.
We may also disclose your personal information in the following circumstances:
If Monerium or substantially all of its assets are acquired by a third party, in which case Personal Data held by it about its customers will be one of the transferred assets.
If we are under a duty to disclose or share your Personal Data in order to comply with any legal or regulatory obligation or request.
In order to:
enforce or apply the Business Terms of Service and/or any other agreements between you and us or to investigate potential breaches; or
protect the rights, property, or safety of Monerium, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
With your consent: We also will share your Personal Data and other information with your consent or direction, including if you authorize an account connection with a third-party account or platform.
You can always withdraw your consent at any time after giving your explicit opt-in consent by contacting support and letting us know.
In addition, Monerium may provide aggregated statistical data to third parties, including other businesses and members of the public, about how, when, and why Users visit our Website and use our Services. This data will not personally identify you or provide information about your use of the Website or Services. We do not share your Personal Data with third parties for their marketing purposes without your consent.
Connecting your Account to a third-party financial services company, if you provide such company with your Account log-in credentials; or
accessing and/or using your Monerium account in a third-party platform; or
using your Account to make payments to a merchant or allowing a merchant to charge your Account.
If you choose to create an account connection, we may receive information from the third party about you and your use of the third-party service. If you connect your Account to other financial accounts, directly or through third-party service providers, we may have access to your account balance and transactional information, such as purchases and funds transfers.
We will only retain your personal data for as long as reasonably necessary to fulfill the purposes we collected it for, including the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation with respect to our relationship with you.
Monerium is obligated under the Anti Money Laundering and Countering The Financing of Terrorism Regulations to retain Personal Data about you and your Monerium Transactions for a period of five years. Also, as an FSA-authorized Electronic Money Institution, we are under further regulatory obligations to retain your data for a certain amount of time. Under the Electronic Money Regulations from 2013, Electronic Money Institutions must keep certain records for seven years. We, therefore, use this precondition for some personal data that we receive from you. In order to not hold your information for longer than is strictly necessary we will not hold any of your personal data for more than seven years after the termination of our business relationship.
Request access to your personal data (commonly known as a “data subject access request“). This enables you to receive a copy of the personal data we hold.
Request correction of your personal data that we hold. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us to continue to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request. As an FSA-authorized firm, Monerium is under certain obligations to retain certain data for a minimum of 5 years (see above). Please note that these retention requirements supersede any right to erasure requests under applicable data protection laws.
Object to processing of your personal data. This is in situations where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts your fundamental rights and freedoms. You also have the right to object to where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights. As an FSA-authorized firm, Monerium is under certain obligations to process and retain certain data for compliance purposes. Please note that these requirements supersede any right to objection requests under applicable data protection laws. If you object to the processing of certain data then we may not be able to provide the Monerium Services and it is likely we will have to terminate your account.
Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: a) if you want us to establish the data accuracy; b) where our use of the data is unlawful but you do not want us to erase it; c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it. Please note that any requests in relation to the restriction of the processing of your data mean that we may not be able to perform the contract we have or are trying to enter into with you (including the Monerium Services). In this case, we may have to cancel your use of Monerium Services but we will notify you if this is the case at the time.
Request the transfer of your personal data to you or to a third party. We will provide you, with your personal data in a structured, commonly used, machine-readable format, which you can then transfer to an applicable third party. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide the Monerium Services to you. We will advise you if this is the case at the time you withdraw your consent.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (including the Monerium Services). In this case, we may have to cancel your use of Monerium Services but we will notify you if this is the case at the time.
No security is foolproof, and the Internet is an insecure medium. We cannot guarantee absolute security, but we work hard to protect Monerium and you from unauthorized access to or unauthorized alteration, disclosure, or destruction of Personal Information we collect and store. We maintain technical, physical, and administrative security measures designed to provide reasonable protection for your Personal Data against loss, misuse, unauthorized access, disclosure, and alteration. The security measures include firewalls, data encryption, physical access controls to our data centers, and information access authorization controls. While we are dedicated to securing our systems and Services, you are responsible for securing and maintaining the privacy of your password(s) and Account registration information and verifying that the Personal Data we maintain about you is accurate and current. We are not responsible for protecting any Personal Data that we share with a third-party based on an account connection that you have authorized.
The Website and Services are not directed to children under the age of 18. We do not knowingly collect information, including Personal Data, from children or other individuals who are not legally able to use our Website or Services. If we obtain actual knowledge that we have collected Personal Data from a child under the age of 18, we will promptly delete it, unless we are legally obligated to retain such data. Please contact us if you believe we have mistakenly or unintentionally collected information from a child under the age of 16.
Where you have chosen (or we have given you) a password that enables you to access certain parts of our Services, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website, any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
We do not engage in automated decision-making.
Account means a Monerium user account.
Device Information: data that can be automatically collected from any device used to access the Website or Services. Such information may include, but is not limited to, your device type; your device´s network connections; your device´s name; your device´s IP address; information about your device´s web browser, and the internet connection being used to access the Website or Services; Geolocation Information; and biometric data (e.g., Touch ID/Fingerprint to verify your identity).
Geolocation Information: information that identifies with reasonable specificity your location by using, for instance, longitude and latitude coordinates obtained through GPS, Wi-Fi, or cell site triangulation. Some of our Services may ask you for permission to share your current location. Some of the WebSite and Services require this information to provide a specific product or online Service. If you do not agree to our collection of the geolocation information, our Website or Services may not function properly when you try to use them.
FSA: the Icelandic Financial Supervisory Authority (Central Bank of Iceland).
Personal Data: personal information that can be associated with an identified or identifiable person. Personal Data can include name, postal address (including billing and shipping addresses), telephone number, email address, payment card number, other financial account information, account number, date of birth, and government-issued credentials (e.g., driver’s license, national ID, passport, Social Security number, and Taxpayer ID). Personal Data does not include information that does not identify a specific User.
Process: any method or way that we handle Personal Data or sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, and consultation, disclosure by transmission, disseminating or otherwise making available, alignment or combination, restriction, erasure or destruction of Personal Data.
Services: any products, services, content, features, technologies, or functions, and all related websites, applications, and services offered to you by Monerium in connection with an Account.
Technical Usage Data: information we collect from your phone, computer, or other devices that you use to access the Website or Services. Technical Usage Data tells us how you use the Website and Services, such as what you have searched for and viewed on the Website and the way you use our Services, including your IP address, statistics regarding how pages are loaded or viewed, the website you visited before coming to the Website and other usage and browsing information collected through Cookies.
User: an individual who uses the Services or accesses the Website and has established a relationship in his own name or through a legal entity with Monerium (for example, by opening an Account and agreeing to the Monerium Terms and Conditions) or otherwise uses the Services.