1.1. This Policy describes general principles how VIA Payments processes Personal data. Specific details on the processing of Personal data might be also included in agreements entered or to be entered between the Customer and VIA Payments and is reflected in website vialet.eu.
1.2. VIA Payments ensure, within the framework of applicable law, the confidentiality of Personal data and has implemented appropriate technical and organisational measures to safeguard Personal data from unauthorized access, unlawful Processing or disclosure, accidental loss, modification or destruction.
1.3. VIA Payments may use authorised processors of Personal data Processing. In such cases VIA Payments takes needed steps to ensure that such data processors Process Personal data under the instructions of VIA Payments and in compliance with applicable law and requires adequate security measures.
1.4. VIA PAYMENT’s cookies policy is available on VIA Payments website vialet.eu.
2.1. Personal data may be collected from the Customer, from the Customer’s use of the financial services and from external sources such as public and private registers or other third parties.
2.2. Personal data categories which VIA Payments primarily, but not only, collects and processes are the following:
2.2.1. Identification data at account opening application, subscriptions or other forms such as name and personal identification code, date of birth, data regarding the identification document (such as copy of the passport, ID card), personal description and photograph and any other information you provide us in order to prove your eligibility to use our services, including information you provide when you register to use the App, download or register the App, subscribe to any of VIA Payments services, enter into any transaction on the App or the web site.
2.2.2. Contact data such as telephone number, email address or applying for particular products the residence address (if applicable), language of communication;
2.2.3. Data about the relationships with legal entities such as data submitted by the Customer or obtained from public registers or through third party for the execution of transactions on behalf of the legal entity in question, legal representatives (acting with relevant authorisation or on any other basis), contracting parties and contract participants, funds sources, ultimate beneficial owners (UBO), general manager of a company; shareholder; member of the management board or any other management body; Data about habits, preferences and satisfaction such as the activeness of using the services, services used, personal settings, survey responses, lifestyle, hobbies, Customer satisfaction;
2.2.4. Data obtained and/or created while performing an obligation arising from law such as data resulting from enquiries made by investigative bodies, notaries, tax administrator, courts and bailiffs, details of income, credit commitments, property holdings, and debt balances;
2.2.5. Data on origin of assets such as data regarding the Customer's transaction partners and business activities;
2.2.6. Data related to the services such as the performance of the agreements or the failure thereof, executed transactions, usage of ATMs, concluded and expired agreements, submitted applications, requests and complaints, interests and service fees;
2.2.7. Data about participation in games and campaigns such as the points gained, prizes won in games or campaigns;
2.2.8. Family data such as information about Customer’s family, heirs and another related person’s;
2.2.9. Professional data such as educational or professional career;
2.2.10. Financial data such as accounts, ownership, transactions, credits, income and liabilities (if applicable);
2.2.11. Depending on VIA Payments product the Customer has chosen data that enables VIA Payments to perform its due diligence measures regarding money laundering and terrorist financing prevention and to ensure the compliance with international sanctions, including the purpose of the business relationship and whether the Customer is a politically exposed person;
2.2.12. Depending on VIA Payments product the Customer has chosen data about the Customer’s tax residency such as data about the country of residence, tax identification number, citizenship;
2.2.13. Communication data - collected when the Customer communicates with VIA Payments via telephone, visual and/or audio recordings, e-mail, messages and other communication channels such as social media, data related to the Customer’s visit at vialet.eu web page or communicating through other VIA Payments channels (such as chat).
2.2.14. Location data - processed on an electronic communications network or processed by means of electronic communications services, indicating the location of the electronic communications terminal equipment, including the location of the terminal equipment (address), connection point address, GPS, Wi-Fi, etc.
2.2.15. VIA Payments may collect and store information (including personal information) locally on Customer’s device using mechanisms such as browser web storage and App data caches.
2.2.16. VIA Payments may use various technologies to collect and store information when Customer visit VIA Payments web pages vialet.eu, and this may include using cookies or similar technologies to identify Customer’s browser or device.
3.1. VIA Payments process Personal data only for specific and necessary purposes, based on certain legal bases, including VIA Payments’s legitimate interests.
3.2. VIA Payments process Personal data primarily to:
3.2.1. manage Customer relations in general and provide and administrate access to financial services offered by VIA Payments.
3.2.2. provide services and to execute contracts (deals) concluded. Processing is carried out on the basis of law and contract (transaction) basis;
3.2.3. perform credit and risk assessments;
3.2.4. notify Customer about changes to VIA Payments’s services
3.2.5. administer VIA Payments’s web pages and the App for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
3.2.6. improve VIA Payments’s web pages and the App to ensure that content is presented in the most effective manner for you and for your computer;
3.2.7. allow to participate in interactive features of VIA Payments’s service, when Customer choose to do so;
3.2.8. measure or understand the effectiveness of advertising VIA Payments serves to Customer and others, and to deliver relevant advertising to Customer;
3.2.9. to help VIA Payments better understand Customer financial circumstances and behaviour according to which VIA Payments may make decisions about managing Customer’s account;
3.2.10. protect the interests of the Customer and /or VIA Payments and examine the quality of services provided by VIA Payments and for the purpose of providing proof of a commercial transaction or of other business communication (recorded conversations) based on performance of an agreement or in order to take steps at the request of the Customer prior entering into an agreement or compliance with a legal obligation or consent from the Customer or VIA PAYMENT’s legitimate interests to prevent, limit and investigate any misuse or unlawful use or disturbance of VIA Payments financial services or quality assurance of services, establish, exercise, assign and defend legal claims;
3.2.11. provide additional services; perform customer surveys, market analyses and statistics. Offer to the Customer the services of VIA Payments or carefully selected cooperation partners, including personalized offers, based on consent from the Customer;
3.2.12. perform Customer’ surveys, market analyses and statistics; organize games and campaigns for a Customer based on VIA Payments’s legitimate interest to improve VIA Payments’s services, improve the Customer’s user experience of services and to develop new products and services;
3.2.13. depending on product, VIA Payments offers to comply with legal obligations and verification of identity. To comply with applicable law, for example related to implementing the principles of responsible lending, prevent, discover, investigate and report potential money laundering, terrorist financing, if the Customer is subject to financial sanctions or is a politically exposed person;
3.2.14. prevent misuse of financial services and ensure adequate provisions of services. To authorize and control access to and functioning of digital channels, prevent unauthorized access and misuse of those and to ensure the safety of information based on: performance of an agreement or take steps at the request of the Customer prior to entering into an agreement. To improve technical systems, IT infrastructure, customizing the display of the service to the device and to develop VIA Payments services such as by testing and improving technical systems and IT infrastructure;
3.2.15. execute transactions on VIA Payments’s system and process incoming and outgoing payments.
4.1. VIA Payments’s advertising and direct marketing communications (e.g. about VIA Payments’s Services and related campaigns) are sent to Customers who have consented to receiving direct marketing and commercial communications from VIA Payments. Such Customers receive VIA Payments commercial communications and direct marketing communications via their preferred means of communication. VIA Payments may market its services to the existing Customers on the ground of legitimate interest.
4.2. The Customer may give his/her consent to the receipt of commercial communications of VIA Payments by visiting https://vialet.eu/, registering on the website https://ib.vialet.eu or application, as well as by signing service application forms.
4.3. Client’s consent to receive commercial communications is valid until its withdrawal. Customers have the right to object to the processing of their Personal data for direct marketing purposes at any time and free of charge. To exercise this right, please contact the VIA Payments. Customers can also opt out of receiving the advertising and commercial communications using the link provided in the e-mail message or following other instructions as provided in such direct marketing communication.
5.1. VIA Payments access and use your personal data, if any of the following applies:
5.1.1. Customer intend to conclude or have concluded an agreement with VIA Payments;
5.1.2. Customer have given your consent;
5.1.3. processing of personal data is possible on the basis of legislative acts;
5.1.4. for the purposes of our legitimate interests, such as, e.g.:
220.127.116.11. to improve VIA Payments service quality, to ensure our operational consistency and sustainability, comprehensiveness of services adapting them to Customer's expectations to achieve maximum Customer satisfaction;
18.104.22.168. to bring an action or defend any legal claims and carry out other legal actions with the aim to avoid or minimise losses;
22.214.171.124. to systematically monitor and prevent illegal activities a perform continuous assessment of relevant risks (e.g., unauthorised use of payment cards or any other means of payment issued to Customer by VIA Payments, etc.).
5.2 If Customer fails to provide VIA Payments with personal data that is necessary for the conclusion and/or performance of an agreement or provision whereof is required by law or under the agreement, VIA Payments may be unable to provide services to Customer.
6.1. Profiling refers to the automatic Processing of Personal data used to assess certain personal characteristics of a Customer. Profiling is used for direct marketing purposes. Automated decision making is used for risk management and for transaction monitoring to counter fraud and is based on VIA PAYMENT’s legitimate interest, compliance with a legal obligation, performance of an agreement or consent from the Customer.
6.2. VIA Payments may process Personal data to improve the user experience of the digital services. Unless direct marketing has been restricted by the Customer, VIA Payments may Process Personal data for the purpose of providing general and personalized offers of VIA Payments’s services.
6.3. VIA Payments always ensure that Customers can make their choices and use a convenient tools to manage their privacy settings.
6.4. VIA Payments may also collect statistical data regarding the Customer, such as typical behaviour and lifestyle patterns based on demographic household data. Statistical data for creating segments profiles can be collected from external sources and may be combined with VIA Payments internal data.
7.1. VIA Payments use personal data, which Customer provides to VIA Payments when Customer seeks VIA Payments's services and use them, when Customer fill out Customer information forms, submit requests or file claims, also the ones VIA Payments document at website, app, by video surveillance equipment or telephone records, as indicated above.
7.2. Also, VIA Payments may collect your personal data from other sources, such as:
7.2.1. other financial institutions;
7.2.2. Bank of Lithuania, Ministry of Finance, Department of Statistics, State Social Insurance Fund Board, State Enterprise Centre of Registers, law enforcement institutions, other registers and institutions;
7.2.3. creditinfo Lietuva, UAB;
7.2.4. natural persons, when they provide data of their spouses, children, other relatives by blood or marriage, guarantors, go-borrowers, collateral providers, etc.;
7.2.5. documents that are dedicated for us and received from natural or legal persons when they execute contractual obigations towards us or obligations arising from legislation (information from contracts, reports, etc.);
7.2.6. legal entities, where you are a representative, employee, counterparty, shareholder, participant, owner, etc. of a relevant legal entity;
7.2.7. partners or other legal entities, who provide their services with our help
7.3. VIA Payments can collect personal information by monitoring technological tools and services, among other things, communication by email from or to VIA Payments. Another instance is when VIA Payments collect information and generate, where Customer provide VIA Payments with it, for instance, by identifying himself (herself) or by providing a comment by electronic means. Also, VIA Payments can obtain information from suppliers. VIA Payments can combine the information obtained from various sourced.
7.4. Personal data is shared with other recipients, such as:
7.4.1. Authorities (such as law enforcement authorities, tax authorities, supervision authorities);
7.4.2. VIA SMS group companies, a list of which is available at www.vialet.eu, it is necessarily required for financial records, audit, risk assessment or where we use joint information systems or common hardware (servers) or is necessary for provision of services;
7.4.3. Other banks and financial institutions, providers of payment and other services involved in the performance of a transaction in order to execute transactions on VIA Payments’s system;
7.4.4. Auditors, legal and financial consultants, or any other processor authorized by VIA Payments.
7.4.5. Third parties maintaining registers (such as to credit bureaus, population registers, commercial registers, or other registers holding Personal data);
7.4.6. Participants and/or parties related to domestic, European and international payment systems, such as SWIFT;
7.4.7. Debt collectors upon assignment of claims;
7.4.8. Courts, out – of - court dispute resolution body and bankruptcy or insolvency administrators.
7.4.9. Other persons related to provision of services of VIA Payments such as providers of postal services or analytical services or any other services.
8.1. As a general rule the Personal data are processed within the European Union/European Economic Area (EU/EEA).
9.2. The retention period may be based on agreements with the Customer, the legitimate interest of VIA Payments or applicable law (such as laws related to rendering consumer loans, bookkeeping, anti-money laundering, civil law, etc).
10.1. A Customer (data subject) has rights regarding his/her data Processing that is classified as Personal data under applicable law. Such rights are in general the following:
10.1.1. Require his/her Personal data to be corrected if it is inadequate, incomplete or incorrect.
10.1.2. Object to Processing of his/her Personal data, if the use of Personal Data is based on a legitimate interests, including profiling for direct marketing purposes (such as receiving marketing offers or participating in surveys).
10.1.3. Require the erasure of his/her Personal data, for example, that is being processed based on the consent, if he/she has withdrawn the consent. Such right does not apply if Personal data requested to be erased is being processed also based on other legal grounds such as agreement or obligations based on applicable law.
10.1.4. Restrict the Processing of his/her Personal data under applicable law, e.g. during the time when VIA Payments assesses whether the Customer is entitled to have his/her data erased.
10.1.5. Receive information if his/her Personal data is being processed by VIA Payments and if so then to access it.
10.1.6. Receive his/her Personal data that is provided by him/herself and were feasible transmit such data to another service provider (data portability).
10.1.7. Withdraw his/her consent to process his/her Personal data.
10.1.8. Not to be subject to fully automated decision - making, including profiling, if such decision - making has legal effects or similarly significantly affects the Customer. This right does not apply if the decision - making is necessary in order to enter into or to perform an agreement with the Customer, if the decision - making is permitted under applicable law or if the Customer has provided his/her explicit consent.
10.1.9. Lodge complaints pertaining to the use of Personal data with the State Data Protection Inspectorate, website address: www.ada.lt, the registered address at A. Juozapaviciaus str. 6, Vilnius, the Republic of Lithuania, phone No.: +370 5 271 2804, fax. +370 5 261 9494, email: email@example.com, if he/she considers that Processing of his/her Personal data infringes his/her rights and interests under applicable law.
10.2. VIA Payments takes every effort for the implementation of Customer's rights and for answering any and all questions that arise to Customer regarding the present Policy and matters envisaged in it. Customer may lodge a request regarding the exercise of the above-indicated rights as well as any complaints, notices or requests (hereinafter the ‘Request’) to VIA Payments Data Protection Officer by e-mail at firstname.lastname@example.org, at the postal address AS "VIA SMS group", 13. janvara 3, Riga, LV-1050 with a notice "Data Protection Officer", or at your nearest customer service unit.
10.3. VIA Payments will reply to Customer Request within a period of not more than 30 (thirty) calendar days since the day of receipt of the Request. In exceptional circumstances, which require additional time, VIA Payments will, by giving you a relevant notice, have the right to extend the deadline for the submission of the requested data or for the consideration of claims set out in the Request up to 60 (sixty) calendar days after the day of Customer's referral.
11.1. The principles VIA Payments observes when collecting and using personal data entrusted to VIA Payments as well as personal data obtained from other sources are as follows:
11.1.1. personal data are processed in a legitimate, fair and transparent manner (the principle of legality, fairness and transparency);
11.1.2. personal data are collected for specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes (principle of purpose limitation);
11.1.3. personal data are adequate, relevant and only such that are required in relation to the purposes for which they are processed (principle of data minimisation);
11.1.4. processed personal data are accurate and, where necessary, kept up to date (principle of accuracy);
11.1.5. personal data are kept in a form which permits identification of data subjects for no longer than it is necessary in view of the purposes for which the data are processed (principle of retention limitation);
11.1.6. personal data are processed in such a way that application of relevant technical or organisational measures would ensure adequate personal data security, including protection from unauthorised data processing or unlawful data processing and from accidental loss, destruction or damage (integrity and confidentiality principle).
11.2. In the process of collecting and using personal data entrusted to VIA Payments as well as those obtained from other sources, VIA Payments do undertake as follows:
11.2.1. to process personal data for explicit and legitimate purposes only;
11.2.2. to refrain from processing personal data for purposes other than those stated in the present Policy, unless otherwise laid down by relevant legislation;
11.2.3. to process personal data lawfully, accurately, in a transparent manner and so that accuracy, identity and security of the processed personal data is ensured;
11.2.4. to ensure that superfluous personal data are not processed;
11.2.5. to process personal data no longer than it is necessary for the purposes for which personal data are processed;
11.2.6. be responsible for the observance of the principles laid down in the present Policy and be able to prove their observance;
11.2.7. to perform other duties arising from the legislation.
13.1. Customers may contact VIA Payments with any enquiries, withdrawal of consents, requests to exercise data subject rights and complaints regarding the use of Personal data.
13.2. Contact details of VIA Payments are available on VIA Payments website vialet.eu.
13.3. Contact details of the appointed Data Protection Officer - e-mail: email@example.com, at the postal address AS "VIA SMS group", 13. janvara 3, Riga, LV-1050 with a notice "Data Protection Officer".
14.1. VIA Payments is entitled to amend the Policy at any time unilaterally, in compliance with the applicable law, by notifying the Customer of any amendments via website of VIA Payments not later than one month prior to the amendments entering into force.