logo

Privacy Policy

PURPOSE
Ubanx (The Firm) is sensitive to privacy issues, and it is important for us to protect the information you provide. Accordingly, The Firm provides this privacy and information practices policy (“Privacy Statement”) to inform you about the kinds of information we may collect, how we intend to use and share that information, and how you can correct or change such information.

SCOPE AND PRIVACY POLICY CERTIFICATION
This Privacy Statement describes the ways The Firm manages Personal Information it receives: (i) in the course of its operations involving current, prospective and former clients, (collectively, “Clients”); (ii) from visitors and guests (“Visitors”); (iii) from prospective employees in connection with applications for employment and from prospective clients in connection with consideration for contractual relationship to use the Firm’s product and services; and (iv) in the course of interactions with its current, prospective and former suppliers, vendors, subcontractors and business partners (collectively, “Suppliers”), including in each such case on The Firm’ website located at www.ubanx.io (together with any and all future websites operated by or on behalf of The Firm, the “Sites”). All individuals who Process Personal Information on behalf of The Firm are expected to protect those data by adherence to this Privacy Statement.

The Firm complies with the requirements of the EU General Data Protection Act 2018 (“GDPR”), as set forth by REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 regarding the collection, use and retention of Personal Information from European Union Member States and the European Economic Area (“EEA”), including the GDPR Principles. If there is any conflict between the terms in this Privacy Statement and the GDPR Principles, the GDPR Principles shall govern. To learn more about GDPR, and to view The Firm ‘certification, please visit https://ico.org.uk/about-the-ico/what-we-do/register-of-data-controllers/.
The GDPR Principles apply only to Personal Information of EEA-located persons. References to GDPR and to the GDPR Principles in this Privacy Statement should not be construed to apply to you if you are not located within the EEA.

Additionally, The Firm may endeavor to protect your data through other legally valid methods, including international data transfer agreements.

For the avoidance of doubt, The Firm will take steps designed to comply with all applicable local laws when Processing Personal Information, including any local law conditions for and restrictions on the transfer of Personal Information.

1.3 KEY TERMS
“EEA Citizen” or collectively, “EEA Citizens” means a lawful citizen or citizens of the EEA which is composed of the following thirty-one (31) countries: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Italy, Ireland, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden and United Kingdom.
“The Firm” means Ubanx
“Personal Information” is any information relating to an identified or identifiable natural person (“Data Subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“GDPR Principles” collectively means the seven (7) privacy principles as described in the Privacy Policy: (1) notice, (2) choice, (3) accountability for onward transfer, (4) security, (5) data integrity and purpose limitation, (6) access, and (7) recourse, enforcement and liability, as well as the supplemental privacy principles and the associated guidance set forth in those certain “Frequently Asked Questions” as agreed by the European Commission.
“Process” or “Processing” means any operation which is performed upon Personal Information, whether or not by automatic means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, acquisition, holding, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Sensitive Data” or “Sensitive Personal Information” is a subset of Personal Information which, due to its nature, has been classified by law or by policy as deserving additional privacy and security protections. Sensitive Personal Information includes Personal Information regarding EU residents that is classified as a “Special Category of Personal Data” under EU law, which consists of the following data elements: (1) race or ethnic origin; (2) political opinions; (3) religious or philosophical beliefs; (4) trade union membership; (5) genetic data; (6) biometric data where processed to uniquely identify a person; (6) health information; and (7) sexual orientation or information about the individual’s sex life.
“Third Party” is any natural or legal person, public authority, agency or body other than the Data Subject, The Firm or The Firm’ agents.

2.1 TRANSPARENCY / NOTICE – WHAT PERSONAL INFORMATION WE COLLECT AND HOW WE USE IT
The types of Personal Information we may collect (directly from you or from Third Parties) depend on the nature of the relationship you have with The Firm and the requirements of applicable law. We endeavour to collect only information relevant for the purposes of Processing. Below are the legal bases and some of the ways we collect information and how we use it.

2.2 CLIENTS
The data The Firm collects from or on behalf of its Clients include information such as title, name, address, phone number, email address, business or company affiliation, username and answer to a security question and password (if you have access to the secure online platform), government identification (driver’s license, passport), bank account information for return of funds purposes, agreements executed with The Firm and other details Clients may provide.
We Process Personal Information about or on behalf of Clients for a variety of business purposes including but not limited to:
provide our product and services;
generally manage Client information;
respond to questions and requests;
provide access to certain areas and features of the Sites;
verify Client identity;
communicate about Client account and activities on the Sites and systems, and, in The Firm’ discretion, changes to any The Firm policy;
tailor content, publications, advertisements and offers we believe may be of interest to Clients;
process transactions and payment for services chosen by Clients;
improve The Firm Sites and systems;
develop new services;
and further purposes disclosed at the time that Clients provide Personal Information, or otherwise with consent.

2.3 SUPPLIERS
The data The Firm collects from its Suppliers relate to the management of Supplier relationships and the exchange of requested products and services. They may include title, name, address, phone number, email address, invoicing and other payment information and agreements executed with The Firm.
We Process Personal Information about Suppliers for a variety of business purposes, including but not limited to:
generally, manage Supplier information;
respond to questions and requests;
provide access to certain areas and features of the Sites;
verify Supplier identity;
communicate about Supplier account and activities on The Firm Sites and systems, and, in The Firm’ discretion, changes to any The Firm policy;
process payment for products or services purchased by The Firm;
improve The Firm Sites and systems;
develop new products, processes, and services;
process applications and transactions;
and further purposes disclosed at the time Suppliers provide Personal Information or otherwise with consent.

2.4 VISITORS
If you visit a The Firm office, we may collect Personal Information about you, including, but not limited to, your title, name, address, phone number, email address, business or company affiliation, government identification (driver’s license, passport), and other details you provide. We Process this information for a variety of purposes, including to generally manage your visit, to verify your identity, to provide access to The Firm facilities and systems, for security and other safety purposes, to communicate with you regarding your visit, to provide information we believe may be of interest to you, including regarding The Firm’ services, for purposes disclosed at the time Visitor provides Personal Information or otherwise with consent.
Personal Information collected from Visitors to our Sites may include information you voluntarily provide to us. See also Section 2.10 of this Privacy Statement for a description of the non-Personal Information we collect.

2.5 RECRUITING
If you submit Personal Information to an email address specified therein or otherwise for applying for a position at The Firm, we will process such Personal Information solely for the purposes of considering applications and recruitment (and for purposes of our administration or management if you commence work for The Firm), and not to market to you.

2.6 SOCIAL MEDIA ACTIVITIES
Generally, online social media resources are interactive tools that enable Data Subjects to collaborate and share information with others. Social media resources include, but are not limited to, social networks, discussion boards, bulletin boards, blogs, wikis and referral functions to share website content and tools with a friend or colleague. The Firm may collect Personal Information to enable Data Subjects to use online social media resources. We may also enable you to use these social media resources to post or share Personal Information with others. When using social media resources, you should take into careful consideration what Personal Information you share with others. The Firm will comply with the terms of this Privacy Statement and the privacy policies applicable to the social media resources it uses

2.7 INFORMATION FROM THIRD-PARTY SOURCES
The Firm may collect information about you from Third-Party sources to supplement the information provided by you. This supplemental information allows us to verify or supplement information that you have provided to The Firm and to enhance our ability to provide you with information about our business and services. The Firm’ agreements with these Third Parties typically limit how The Firm may use this supplemental information.

2.8 DIRECT MAIL, EMAIL AND OTHER FORMS OF ELECTRONIC COMMUNICATION
Clients and Suppliers that provide us with Personal Information, or whose Personal Information we obtain from Third Parties, may receive periodic emails, mailings or other forms of electronic communication from us with information on our services, on news or developments or upcoming special events we believe may be of interest. We offer our Clients and Suppliers the option to decline these communications at no cost to the individual Client or Supplier.

2.9 RESEARCH / SURVEY SOLICITATIONS
From time to time, The Firm may perform research (online and offline) via surveys. We may engage Third-Party service providers to conduct such surveys on our behalf. All survey responses are voluntary, and the information collected may be used or disclosed for research, analytics and reporting purposes to help us to better serve Clients and Suppliers by learning more about their needs and the quality of the services we provide.

2.10 USERS OF OUR SITES – COOKIES, SIMILAR TOOLS, AND AGGREGATE INFORMATION
We may use cookies or similar tools to collect non-Personal Information about those who use our Sites. A cookie is data stored on a user’s hard drive containing information about the user. Cookies are utilized to track statistics about users of our Sites, but at no time are these linked to any Personal Information. Once you end your session by closing your browser, the cookie is deleted. We may also use other tools to collect aggregated data about users of our Sites, to analyze trends, conduct research or analytics, or to track movement throughout our Sites. We may share this information within The Firm and with Third Parties for our or their purposes in an anonymized or aggregated form that is designed to prevent anyone from identifying you.

2.11 MOBILE COMPUTING AND OTHER APPLICATIONS
The Firm may provide websites and online resources that are specifically designed to be compatible and used on mobile computing devices. Mobile versions of The Firm Sites may require that users log in with an account. In such cases, information about use of each mobile version of the Sites may be associated with user accounts. In addition, The Firm may enable Individuals to download an application, widget or other tool that can be used on mobile or other computing devices. Some of these tools may store information on mobile or other devices. These tools may transmit Personal Information to The Firm to enable Data Subjects to access user accounts and to enable The Firm to track use of these tools. Some of these tools may enable users to email reports and other information from the tool. The Firm may use personal or non-identifiable information transmitted to us to enhance these tools, to develop new tools, for quality improvement and as otherwise described in this Privacy Statement or in other notices The Firm provides.

3.0 CHOICE / MODALITIES TO OPT OUT
You have the right to opt out of certain uses and disclosures of your Personal Information, as set out in this Privacy Statement.
3.1 GENERAL
Where you have consented to The Firm’ Processing of your Personal Information or Sensitive Personal Information, subject to applicable legal and ethical obligations that may apply to us and to our lawful ability to enforce our rights or your obligations to us, you may withdraw that consent at any time and opt out. Additionally, before we use Personal Information for any new purpose not originally authorized by you, we will provide information regarding the new purpose and give you the opportunity to opt out.
Prior to disclosing Sensitive Data to a Third Party or Processing Sensitive Data for a purpose other than its original purpose or the purpose authorized subsequently by the Data Subject, The Firm will endeavor to obtain each Data Subject’s explicit consent (opt-in). Where consent of the Data Subject for the Processing of Personal Information is otherwise required by law or contract, The Firm will comply with the law or contract.

3.2 EMAIL AND TELEPHONE COMMUNICATIONS
An “Unsubscribe” button will be provided at the top or bottom of each email communication sent by The Firm so that you can opt-out. Furthermore, the same functionality is available on your account area on our online platform. However, we will continue to send transaction-related emails regarding our relationship and the services you have requested. We do not engage in telephone marketing.

4.0 ONWARD TRANSFER
4.1 INFORMATION WE SHARE
The Firm does not sell or otherwise disclose Personal Information about you, except as described in this Privacy Statement or as you explicitly consent. The Firm may share Personal Information with our service providers and affiliates for our internal business purposes or to provide you with a service that you have requested. Payment information will be used and shared only to effectuate your order and may be stored by a service provider for purposes of future orders. The Firm requires our service providers to agree in writing to maintain confidentiality and security of Personal Information they maintain on our behalf, including to provide at least the same level of protection as required by the Privacy Policy Principles, not to use it for any purpose other than the purpose for which The Firm retained them and to notify The Firm if they make a determination that they can no longer comply with that obligation. With respect to onward transfers to third-party agents under Privacy Policy, GDPR requires that The Firm remain liable should such agents Process Personal Information in a manner inconsistent with the GDPR Principles.
We may disclose information about you: (i) if we are required to do so by law, court order or legal process; (ii) in response to lawful requests by public authorities, including to meet national security or law enforcement requirements; (iii) under the discovery process in litigation or arbitration; (iv) to enforce The Firm policies, contracts or other rights; (v) to collect amounts owed to The Firm; (vi) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation or prosecution of suspected or actual illegal activity; or (vii) if in good faith we believe that disclosure is otherwise necessary or advisable. In addition, from time to time, server logs may be reviewed for security purposes – e.g., to detect unauthorized activity on the Sites. In such cases, server log data containing IP addresses may be shared with law enforcement bodies in order that they may identify users in connection with their investigation of the unauthorized activities.

We reserve the right to disclose or transfer any information we have about you in the event of a proposed or actual reorganization, sale, lease, merger, joint venture, assignment, amalgamation or any other type of acquisition, disposal or financing of all or any portion of The Firm or of any of our assets (including should The Firm cease to trade, become insolvent, enter into receivership or any similar event occur). Should such an event take place, we will endeavor to direct the transferee to use Personal Information in a manner that is consistent with this Privacy Statement.

5.0 RIGHTS OF ACCESS, RECTIFICATION, ERASURE, AND RESTRICTION
Under GDPR (if applicable to you), you may seek confirmation regarding whether The Firm is Processing Personal Information about you, request access to Personal Information, and ask that we correct, amend or delete that information if it is inaccurate or has been Processed in violation of the GDPR Principles. Where otherwise permitted by applicable law, you may use any of the methods set out in this Privacy Statement to request access to, receive (port), restrict Processing, seek rectification or request erasure of Personal Information held about you by The Firm. Such requests will be processed in line with applicable local laws. Although The Firm makes good faith efforts to provide individuals with access to their Personal Information, there may be circumstances in which The Firm is unable to provide access, including but not limited to: where the information contains legal privilege, would compromise others’ privacy or other legitimate rights, where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question or where the information is commercially proprietary. If The Firm determines that access should be restricted in any particular instance, we will endeavor to provide you with an explanation of why that determination has been made and a contact point for any further inquiries. To protect your privacy, The Firm will take commercially reasonable steps to verify your identity before granting access to or making any changes to your Personal Information.

6.0 RETENTION
The Firm retains the Personal Information we receive as described in this Privacy Statement as necessary to fulfil the purpose(s) for which it was collected, provide our services and products, and resolve disputes, establish legal defences, conduct audits, pursue legitimate business purposes, enforce our agreements and comply with all applicable laws and in accordance with our routine information storage policies.

7.0 SECURITY
The security of all Personal Information provided to The Firm is important to us, and The Firm takes reasonable steps designed to protect your Personal Information. Unfortunately, no data transmission over the Internet or storage of information can be guaranteed to be 100% secure. As a result, while The Firm strives to protect your Personal Information, we cannot ensure or warrant the security of any information you transmit to The Firm, and you do so at your own risk.

8.0 REDRESS / COMPLIANCE AND ACCOUNTABILITY
Questions or comments regarding this Policy should be submitted to the Firm by email to: [email protected]
The Firm will address your concerns and attempt to resolve any privacy issues in a timely manner and may contact individuals in relevant departments to assist in completing your requested task.
If, as an EEA Citizen, you believe that The Firm has not adequately resolved any such issues, you may contact the national data protection authority for your EU Member State. In the UK this is the Information Commissionaire Office https://ico.org.uk/

9.0 OTHER RIGHTS AND IMPORTANT INFORMATION
9.1 LINKS TO THIRD-PARTY WEBSITES
Please note that our Sites may contain links to other websites for your convenience and information. The Firm does not control Third-Party websites or their privacy practices, which may differ from those set out in this Privacy Statement. The Firm does not endorse or make any representations about Third-Party Websites. Any Personal Information you choose to give to unrelated Third Parties is not covered by this Privacy Statement. The Firm encourages you to review the Privacy Statement of any company or website before submitting your Personal Information. Some Third Parties may choose to share their users’ Personal Information with The Firm; that sharing is governed by that company’s Privacy Statement, not this Privacy Statement.

9.2 CHANGES TO THE PRIVACY STATEMENT
The Firm may update this Privacy Statement from time to time as it deems necessary or appropriate in its sole discretion. If there are any material changes to this Privacy Statement, The Firm will notify you by email, by means of a notice on our Sites or as otherwise required by applicable law. The Firm encourages you to review this Privacy Statement periodically to be informed regarding how The Firm is using and protecting your information and to be aware of any policy changes. Your continued relationship with The Firm after the posting or notice of any amended Privacy Statement shall constitute your agreement to be bound by any such changes. Any changes to this Privacy Statement take effect immediately after being posted or otherwise provided by The Firm.