- Chapter II Collected Information
- Chapter III Processing Personal Information
- Chapter IV Data Protection
- Chapter V Transmission of personal information
- Chapter VI Rights as Data Subject
- Chapter VII Change to the Policy and Contact.
This chapter we will describe the personal Information we collect from the User and why do we need you to provide this.
To be able to use our services we must collect some Personal Information about you, to be able to provide our products and services, including our Apps and the Web Site; allowing you to make buys, sells, deposits and withdraws; also transfers between USD and Crypto wallets in a legal a proper manner and more important to comply with law enforcement and regulators especially concerning Anti Money Laundering.
For this propose we divide the way we collect the personal information in two categories:
1. Data Provided by the User.
When registering with us as a new customer, we ask you for detailed information, which we process to verify your identity and protect against fraud, among other reasons. We collect your Name; email and phone number; a government-issued identification number as well a picture of the actual ID, date of birth, physical address and finally a Selfie holding a paper with the present date and the word ‘Mercury Cash’ written.
Information about transactions you complete using our services, including the amount of funds associated with a Crypto transaction, the type of transaction executed, and other related information.
We gather other Personal Information at other times when managing your Mercury Cash account. You will be allowed to access, review, correct, and ensure the accuracy of the Personal Information you have provided from time to time. We will also do our part to ensure the accuracy of your Personal Information. Personal Information you provide during the registration process may be retained, even if your registration is left incomplete or abandoned. If you are located within the EEA, your Personal Information will not be retained without your consent.
We might also request further information such as proof of address and bank statements, to upgrade your account so you can have extended USD limits for your transactions.
2. Data we collect.
a) Cookies. As you interact with our website or software applications, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this information by using cookies, server logs and other similar technologies.
Disabling Cookies. You can prevent the setting of cookies by adjusting the settings on your browser. Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling certain functionality and features of the this site. Therefore it is recommended that you do not disable cookies.
The Cookies We Set.
b) Analytics. We use tools to collect data about your computer, mobile phone o or other device to improve your experience. When you use a location-enabled device with our Service, we may collect geographical location data or use various means to determine your location, this to comply with US regulations for high risk and Non- Cooperative Countries.
c) Application use data. Application use data. We may collect data on your interaction and use of our Service including visits to our website, sign-up activity, your bank account, credit card (all financial data is encrypted) and other payment details to enable you to enter into transactions on the Service and additional information you may disclose to our member support team to resolve problems you report to us. We never use your account to make third parties advertising or marketing.
d) For Business Accounts.
- About the Company;
- Business legal name;
- Employer Identification Number (‘EIN’) or any comparable identification number issued by a government;
- Doing Business As (DBA), if apply;
- Proof of legal existence (e.g., state certified articles of incorporation or certificate of formation, unexpired government-issued business license, trust instrument, or other comparable legal documents as applicable);
- For Owner, and all account signatories or partners with more than 10% ownership:
- Full legal name;
- Email address
- Mobile phone number (of all account signatories);
- Contract information of owners, principals, and executive management (as applicable);
- Proof of identity (e.g., driver’s license, passport or government-issued ID)
- Selfie for match with the ID
We need to gather this information about business account to comply with Anti-Money Laundering, Anti-Fraud and other regulations. We need to ensure the source of funds is clean and legal.
Processing Personal Information
The data we collect and the data you provide to us is processed for multiple propose the first and more important: providing our Service to you: It may sound obvious, but we need your data to provide our services. Without your name, banking information and other details, we simply could not offer you our great products.
As a financial institution, it is essential that we can confirm the true identity of our members we perform a hybrid automated and human Decision Making. We use automated processes to check Know-Your-Client (KYC) and Anti-Money Laundering (AML) data you provide to us to assess whether you are located in a banned country and, therefore, whether or not we are legally able to allow you to use our services. However, those automated process support a decision-making process that, in all cases, is conducted by humans, who will review any red flag issues raised by the automated processes.
Third party data: If you authorize applications or third-party integrations using our Service, these parties may receive detailed information about your personal information, your profile information and the uploaded documents some of them might record your visit to our website. Information collected by these applications or third-party integrations are subject to their terms and policies.
We also process your Personal Information to perform customer services, including to fulfill our contractual obligations toward you, and based on our legitimate interests, or your legitimate interests, to provide the best customer service we can.
Occasionally, we are obliged to look at your account activity in order to check and protect against fraudulent, unauthorized or illegal behavior.
For customer care, we strive to make sure you can easily use our products with no headaches, but sometimes you need help. under your consent, our customer care team will occasionally need access to your account data by impersonate service, in order to fix any issues or answer your questions.
Who normally access to Customer Information.
Based on our Internal Privacy Police, access to customer information via the institution’s computer information system is limited to those employees who have a business reason to know such information. Each employee is assigned a login code and password. All the Employees are obliged to use a Password Generator for all their Corporate email address, Social Media platforms, managing platforms and more. All our Employees are also obliged to share passwords using LastPass, so sensitive information is not kept in any message platform. References for new employees are checked. During orientation, each new employee will receive proper training regarding the institution’s Privacy and Customer Information Security policies and the importance of confidentiality.
We keep records of each customer personal information, and transactions by offline storage, we have safe-deposit box for the physical information, paper documents containing personal identifying customer information are shredded after the minimum 5 years exposed in our Recordkeeping Procedures. Since we have a ‘closed system’ with our data processor, (Backlayer, Inc.), these procedures minimize risk by limiting physical accessibility for customer information security.
About hacking and Cybersecurity.
As an institution that offers internet services we have certain threats of viruses and hackers attack, that is why we have implemented a Cyber Security Program and Business Continuity Program.
Measures we take include Anti-virus software, DDoS firewall with help of other artificial intelligence software and encryption of the Mercury Cash website communications with TLS 1.2; This protects us from attacks CSRF, SQL Injection and Any brute force attack that want to make us. Also required two-factor authentication for all sessions; we have a security technologic team working 24/7 for building a safe place, limiting technological risk.
Backlayer, Inc. provides security reports that are reviewed to ensure that no attempt has been made by non-employees or hackers to gain access to the institution`s computer information system. Also, system computer maintenance reports are reviewed to ascertain that no unauthorized changes have occurred to customer account information or personal data.
(If you have any questions about security, contact our data protection officer [email protected])
Rights as Data Subject
As a data subject you have the following rights which can be exercised by contacting our Data Protection Officer on [email protected]
– The right to confirmation and access
You have the right to ask us to confirm to you if we collect, process or store your Personal Information. Where we collect process, or store your Personal Information, you are entitled to access to your Personal Information.
– The right to rectification
You have the right to have any inaccurate Personal Information about you rectified and to have any incomplete Personal Information about you completed.
– The right to erasure
You have the general right to request the erasure or block of your Personal Information, although for legal reasons we cannot always do this.
– The right to restrict or object processing
You have the right to restrict the processing of your Personal Information under certain circumstances. As long as this does not limit compliance with other laws or regulations.
– The right to data portability
Where the legal basis for us processing your Personal Information is carried out by automated means, you have the right to receive your Personal Information from us in a structured, commonly used and machine-readable format, and also the right to transmit your Personal Information from us to another data controller without any hindrance from us where this is technically feasible. However, this right does not apply where it adversely affects the rights and freedoms of others.
– The right to complain to a supervisory authority
If you consider that our processing of your Personal Information infringes data protection laws applicable to you, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.
– The right to withdraw consent.
Where the legal basis for processing your Personal Information is your consent, you have the right to withdraw that consent at any time, including in respect of direct marketing and automated decision making. But in some case, it means that you would not be able to keep enjoining our service.
Changes to this Policy and Contact
- Email us at [email protected]
- Phone: +14074834057
- Fax: 3058516670