This policy describes how we collect and use data about you and when we share it with third parties. We value our relationship with you and place the highest importance on respecting and protecting your privacy. We will only process personal information in accordance with applicable law and this privacy policy
Like most companies, we collect various types of data about our customers. Some of it may be considered personal data, which means data that make you identifiable as an individual.
As a regulated financial institution, we are bound by the legal requirement to collect, verify and record certain data about you or recipients of your transactions. All types of data we gather may be used to prevent or detect crime.
We may collect and use the following data:
Basic personal data, such as (but not limited to):
This data is necessary for us to provide the Service to you. We will request this data when you sign up before the Service is provided.
Data for ‘Know Your Customer’ (KYC) regulations, such as (but not limited to):
This data will sometimes be needed to conduct Know Your Customer (KYC), Customer Due Diligence (CDD) and security checks, as required by local and international regulations. This helps us keep your money safe, and we will only request these details when necessary.
Data about your recipient, such as (but not limited to):
This data will sometimes be needed to conduct Know Your Customer (KYC), Customer Due Diligence (CDD) and security checks, as required by local and international regulations. This helps us keep your money safe, and we will only request these details when necessary. All data about your recipients will be treated in line with this Privacy Policy.
Data from other third party sources, such as (but not limited to):
We collect this data only when you provide the relevant permission to social media sites.
Technical data, such as (but not limited to):
This data is used to help us to understand how you use our Service so that we can improve it.
We collect your data to personalise and improve our Service for you. The specific purposes for which we collect your data include:
Transactional purposes
We need to collect data in order to process your transactions. Without data such as you and your beneficiaries bank account details or full name and address, we would be unable to transfer money for you.
Regulatory purposes
As regulated financial institutions, both OhentPay and our partners are required to conduct Know Your Customer (KYC) and Customer Due Diligence (CDD) checks to comply with our legal and regulatory requirements.
These include our requirements under Anti Money Laundering (AML) and Counter Terrorist Financing (CTF) legislation. All of this helps us keep our Service safe and secure.
Marketing purposes
We may process your personal data to provide you with certain types of marketing communication that we believe will be relevant and of interest to you. This helps us provide you with a more personalised Service. This kind of activity is permitted by our ‘legitimate interest’ (for more information on legitimate interest, please see Section 8 of this Policy). We will always endeavour to make these communications relevant and unintrusive, and you are able to object to marketing communication from us at any time.
Analytical purposes We may collect and analyse data such as website or app visit logs in order to improve the quality of our Service.
You do not have to disclose any of the above data to us. However, if you choose to withhold certain data, we may not be able to provide you with our Service.
All the data that you provide to us is encrypted on our secure servers. We restrict access to your data to specific employees of OhentPay who have an important business-related reason for handling it. Our communications are encrypted using the TLS (Transport Layer Security) technology protocol.
All of the data we collect from you or from other sources will always be stored in accordance with this Privacy Policy.
Depending on what purpose your data is used for, the length of time we keep it may vary. Either way, we will only hold your data as long as necessary to serve the purpose it is used for.
Regulatory
We are legally required to keep the data obtained for Know Your Customer (KYC), Customer Due Diligence (CDD) and security purposes (including transaction records and our communications with you) for at least 5 years after the most recent transaction.
Legitimate Interest
When the five years’ retention period and/or legitimate interest no longer apply, we may remove your data from our system. For more information on legitimate interest, please see Section 8 of this Policy.
Consent
In situations where you give us specific consent to process certain kinds of data, you are able to withdraw that consent at any time. We will then stop processing your data and, if the 5 years’ retention period and/or legitimate interest retention period does not apply, we will also erase your data from our system.
We may retain any data mentioned above for a longer period if required to protect the rights, property or safety of OhentPay or of the Service provided by us or our partners.
We share your personal data with third parties only when it is necessary for the fulfilment of the Service or to comply with applicable laws.
We will never sell your personal data to other organisations.
We work with partners who help us to complete your transactions. If they are based outside the EEA, we will share your personal data with them only when they apply essential safeguards, or if it has been established by EU institutions that the relevant country has an appropriate data protection regime in place, or when we otherwise ensure that the appropriate level of protection is applied for data processing.
The following are some purposes for which we may share your data with third parties:
When required by law
We may share your data when required by law, for example for the purposes of security, taxation and criminal investigations.
The law gives you a number of important rights in relation to your personal data, which are listed below.
There are certain exceptions where these rights may be superseded by laws and other requirements applicable to regulated financial institutions like OhentPay. An example of this would be the obligatory retention period (seen Section 5), which supersedes the right to data erasure.
Your rights are:
If you would like to read more about your rights in relation to your personal data, please refer to the Information Commissioner’s Office website.
Legitimate interest is a specific legal justification for the collection and processing of your personal data. It applies when we have reasonable grounds to collect and/or process your personal data to improve our Service, as long as this does not infringe on your rights.
Our legitimate interest may justify some examples of automated decision-making. One of those is our estimated transaction timing, which we use to determine the time in which the transfer will reach your recipient.
We believe that if you are an active customer of OhentPay, it is in your interest to receive occasional information about our Service. We may, therefore, send you communications about offers or promotions that we believe are relevant for you based on your previous use of the Service. If we notice that you are having problems using our Service, we may on our own initiative decide to contact you, in some cases by phone, to offer help.
We may also process your data to help develop new product features that we believe will improve the Service. We may contact you occasionally to assess your satisfaction with the Service. We may also use your data to determine the effectiveness of marketing or promotional campaigns. We may also contact you with information about any changes in the Service, and/or other important updates.
We will only share anonymised or encrypted data with the third parties. We may also provide our partners with anonymous aggregated data about our customers for marketing and analytical purposes, to help optimise our marketing communications.
You can object to data processing based on our legitimate interest at any time by contacting or by changing the settings on your account.
Cookies are small text files which are stored on your device when you access OhentPay. They allow us to recognise you and store data about your past activity and your preferences so that we can personalise and improve the Service for you.
Cookies and other similar technologies may collect data such as language preference, country and previously viewed pages.
We use the following cookies:
By using our Service, you agree to place the cookies described above on your device. You have the right to withdraw your consent at any time. If you would like to delete our cookies, you can do so by changing the settings of your browser.
Blocking or deleting cookies may mean that some features of the Service may not be available to you.
OhentPay may change this Privacy Policy from time to time. Any changes will be effective immediately unless stated otherwise.
Any dispute or claim arising in connection with this Privacy Policy will be considered in relation to the English version only.
Follow our latest news
OhentPay is registered and regulated by the Financial Conduct Authority (FCA) under the Payment Services Regulations 2017 under firm reference number 800178 with its registered address at 411 Ilford Lane, Ilford, England, IG1 2SN.
OhentPay is registered as a money service business with the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) under registration number M20343943.
OhentPay is registered as a money service business with the United States Financial Crimes Enforcement Network (FinCEN) under registration number 31000246878602.
All rights reserved © OhentPay 2024