Effective 10/01/2023
This Privacy Policy applies to all customers of First Digital Trade Europe UAB, a company registered in the Republic of Lithuania with 306129492 registration number and registered address at Kaykyos 18-10 01100 Vilnius Lithuania ("Royal Card", "Royal Card .com", "we", "us", "our"). Please read it carefully before providing us with any information about yourself.
Carta Reale (" CARTA REALE", "CartaReale", "Carta Reale .com") is a trademark of First Digital Trade Europe UAB under license from Casa Reale Holding Spa
1. Introduction
This policy shows our commitment to transparency and the protection of your privacy rights and sets out the basis on which any personal information we collect from you, or that you provide to us, will be processed by us.
It applies to the processing of personal data by First Digital Trade Europe UAB, in relation to:
• use of any of our products, services or applications (collectively the "Services"),
• visit or use our website, .com Royal Card ("Site") or mobile application ("App").
Please note that our Services, Site and Apps are not intended for children under the age of 18 and we do not knowingly collect data relating to minors.
Please contact us using the details provided at the end of the policy, for feedback or any privacy enquiries you may have. In order to use our services, you must agree to the terms and conditions of this Privacy Policy in its entirety.
2. Purpose
This Privacy Policy is intended to give you information about why and how we collect and process your personal data.
It aims to inform you about your privacy rights and how the data protection principles set out in the EU General Data Protection Regulation ("GDPR") and post-Brexit privacy law, publicly known as the UK GDPR, protect you.
It is important that you read this policy together with any other notices or policies we may provide on specific occasions when we collect or process personal data about you so that you are fully aware of why and how we are using your data. This policy supplements other notices and policies and is not intended to replace them.
3. Who we are
In the context of this Policy, First Digital Trade Europe UAB. is the Data Controller. The controller of your personal data is the legal entity that determines the "means" and "ends" of any processing activity it carries out.
4. Data Protection Officer
We have appointed a Data Protection Officer ("DPO") who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions or complaints regarding this Privacy Policy or our privacy practices, or if you wish to exercise your legal rights, please contact our DPO at [email protected]
5. Privacy Complaints
You have the right to lodge a complaint with a supervisory authority about the way we process your personal data. If you are a resident of an EEA (European Economic Area) Member State, you have the right to lodge a complaint about the way we process your personal data with the supervisory authority in the EEA Member State of your habitual residence, place of work or place of residence of the alleged infringement, or the Bulgarian Data Protection Authority (Personal Data Protection Commission).
We would, however, appreciate the chance to address your concerns before you approach a data protection regulator, so please do not hesitate to contact us in the first instance.
6. Our Duties and Your Duties in the Event of Changes
We regularly check our Privacy Policy. This version was last updated to the date marked at the beginning of this document. From time to time, there will be new versions of this document. In addition, we will also notify you about material changes to this Privacy Policy in a manner that will effectively bring the changes to your attention. It is important that the personal data we hold about you is up-to-date and accurate. Please note that it is your responsibility to keep us informed if your personal data changes during your relationship with us.
7. Third-Party Links
Our website and any applicable web browsers, as well as our mobile application or application programming interface required to access the Services ("Applications"), may include links to third-party websites, plug-ins and applications ("Third-Party Sites"). By clicking on such links or enabling those connections, it is possible for third parties to collect or share data about you. We do not control these third-party sites and are not responsible for their privacy policies and notices. When you leave our site or applications, we encourage you to read the privacy policy or policy of each third-party site you visit or use.
8. Information We Collect From You
You may provide us with certain information, such as when you request or request the Services, register to use and/or use any Service, by filling out forms on one of our websites, or by corresponding with us by phone, email, web chat, or otherwise. We may collect some of it through automated means, such as by using cookies when you visit our websites. Read our Cookie Policy to learn more. We may also obtain data about you from third parties, such as credit reference and fraud prevention agencies.
Carta Reale also collects non-personal information or may anonymize personal information to make it non-personal. Non-personal information is information that does not identify a specific individual, either directly or indirectly. Carta Reale may collect, create, store, use, and disclose such non-personal information for any reasonable business purpose. For example, Real Card may use aggregated transactional information for business purposes, such as trend analysis and the use of data analytics to gain information and insights into payment transaction patterns and usage.
To the extent that Internet Protocol (IP) addresses (or similar identifiers) are clearly defined as personal information under any local law, and where such local law is applicable to the Services, we will treat such identifiers as personal information.
Please note that Carta Reale provides services to both individual consumers and businesses, and this privacy policy applies to both and should be read and interpreted accordingly.
Depending on how and whether you use our Services, Website or App, we will collect, use, store and transfer different types of personal data about you which we have grouped into categories as follows:
8.1. Categories of data
Category of personal data |
Examples of specific pieces of personal data |
|
Identity data |
first name, maiden name, last name, username or similar identifier, title, date of birth and gender, biometric information, including a visual image of the face, national ID cards, passports, driver's licenses, or other forms of identification documents, A visual image of your face that we will use, in collaboration with our subcontractors. |
|
Social Identity Data |
the data of your Group/Company, Referral Information About You, Political Background, Close Connections, Behavioral Data, Rating risk assessment, conformity assessment |
|
Contact Information |
Home details, billing address, delivery address, home address, business address, email address, and numbers proof of address. |
|
Financials |
bank account, payment card details, virtual currency accounts, stored value accounts, amounts associated with accounts, external account details, source of funds and related documentation.
|
|
Transactional data |
bank account, payment card details, virtual currency accounts, stored value accounts, amounts associated with accounts, account details, account source of funds and related documentation. |
|
Technical Data |
Connectivity Data Internet, Internet Protocol (IP) address, operator and operator data, access data, browser type and version, device type, category, and model, time zone setting and location data, language data, application version, and location. and SDK version, browser plug-ins in types and versions, operating system and platform, diagnostic data such as crash logs anomalies and any other data that we collect for the purpose of measuring technical diagnostics and other stored information, or available devices that you allow us to access when you visit the Site, or use the Services or the App |
|
Profile Data |
your username and password, your user identification number, information about whether you have another App account, and the email associated with the your accounts, requests from you for products or services, your interests, preferences and feedback, other information generated by you when communicate with us, for example when you address a request to our customer service. |
|
Usage Data |
information about how you use the Site, Services, mobile applications, and other offerings we make available, including: device download, installation time, interaction type and time, event time, name, and source. |
|
Marketing & Communication Data |
your preferences in receiving marketing from us or from third parties, your communication preferences, your survey responses. |
|
Biometics data |
The biometric data related to you is used for the purpose of verification against the documents provided. The data is processed and retained by Sumsub. For more information, please check the provider's website: [https://sumsub.com/privacy-notice-service/](https://sumsub.com/privacy-notice-service/). |
|
8.2. Special categories of personal data
Certain types of sensitive personal data are subject to additional protection under the legislation applicable to you. These are called "special categories" of personal data. The special categories are:
• Personal data revealing racial or ethnic origin.
• Political opinions.
• Religious or philosophical beliefs.
• Trade union membership.
• Genetic data and biometric data processed for the purpose of uniquely identifying a natural person.
• Health-related data.
• Data concerning a natural person's sex life or sexual orientation.
We do not usually collect sensitive personal data or in cases where we are explicitly obliged to do so, we collect your consent and inform you first about the purpose.
8.3. Refusal to provide personal data
Where we need to collect personal data by law or under the terms of a contract we have with you and you refuse to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you – for example, to provide you with Services. In this case, we may have to cancel a product or service you have with us, but we will inform you if this is the case at the moment.
9. How we collect your data
We use a variety of methods to collect information from and about you, including:
9.1. Direct Interaction.
This happens when you visit our website or Application, request our services, open an account, etc.
9.2. Indirect Automated Interaction.
When you interact with us via our site or app, we will automatically collect technical data about your equipment, actions and browsing patterns. We collect this personal data using cookies, server logs, and other similar technologies. We will also collect Transactional Data and Usage Data. We may also receive technical data and marketing and communication data about you if you visit other websites that use our cookies.
9.3. Third Parties or Publicly Available Sources.
We also obtain information about you, including social identity data, from third parties or publicly available sources. These sources may include:
• fraud and crime prevention agencies,
• a customer who refers you,
• information that is publicly available on the Internet.
10. How we use your data
10.1. General Use
We use the information we collect about you to provide you with the products we offer, to inform you about changes to our products, and to improve our products. Your information may also be used to contact you about your account, your use of the Services, to alert you to potential issues, as well as to respond to your questions. We also use this information to provide you with information about other products that we or selected third parties offer that are similar to those you have used or shown an interest in, or that we think may be of interest to you. If you use one of our financial products, we will also use your information to assess your financial situation and to try to identify and prosecute fraud and other abuses of the financial system.
10.2. Legal basis
We will only use your personal data when applicable legislation allows us to do so. In other words, we need to make sure we have a legal basis for such use. Most commonly, we will use your personal data in the following circumstances:
• performance of a contract – we use this basis for the provision of our Services;
• legitimate interests – our interests (or those of a third party), where we ensure that we use this basis to the extent that your individual interests and rights do not override those interests;
• compliance with a legal obligation – processing your personal data where it is necessary to comply with a legal obligation to which we are subject;
• Consent – a free, specific, informed and unambiguous indication of your will by which, by a statement or by a clear affirmative action, you express your consent to the processing of personal data concerning you.
10.3. Marketing
We may use your identity data, contact data, technical data, transactional data, usage data, and profile data to form an opinion about what we think you might want or need, or what might be of interest to you. This is how we decide which products, services, and offers might be relevant to you. You will receive marketing communications from us if you have requested information from us and consented to receive marketing communications, or if you have purchased from us and have not opted out of receiving such communications. We will use your marketing and communication data for our respective activities.
10.4. Third-Party Marketing
We will obtain your consent before sharing your personal data with third parties for marketing purposes.
10.5. Cancellation
You can ask us to stop sending you marketing messages at any time by following the opt-out links on any marketing messages that have been sent to you.
In addition, you can let us know directly that you prefer not to receive any marketing messages by sending an email to [email protected]
If you choose not to receive marketing messages, this will not apply to service messages that are directly related to your use of our Services (e.g., maintenance, changes to terms and conditions, etc.).
10.6. Biscuits
You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or reject cookies, please be aware that some parts of the Services or the Site may become inaccessible or not function properly. For more information about the cookies we use, please see the Cookie Preferences.
10.7. Change of Purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably believe that we need to use it for another reason and that reason is compatible with the original purpose. If you would like to obtain an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
10.8. Sale or Transfer of Business
We may also need to process your data in connection with or during the negotiation of any merger, financing, acquisition, bankruptcy, dissolution, transaction or proceeding involving all or a portion of our stock, business or assets. This will be based on our legitimate interests in executing such a transaction or to comply with our legal obligations.
11. Disclosure of personal data
We will not disclose your personal information to anyone except as described in this policy.
We may share your personal information with other Group companies or with our partner companies.
Your personal information (if necessary, but generally limited to your full name and email address) may be shared with the recipient/sender of a payment in the context of the specific relevant transaction. This may involve the transfer of your personal data outside of the European Economic Area (EEA) or the United Kingdom. We may share your personal information with third parties to provide you with the products we offer, including service providers, credit reference agencies, and financial institutions. We may also share your personal information with third parties, including our or other applicable regulators and third parties with whom you may have dealt with to prevent crime and reduce risk, if required by law, where we deem it appropriate. , to respond to legal process, to investigate a violation of a third party's terms of business, or to protect the rights or property of Carta Reale, our customers, or others.
12. Data Retention
The information we collect from you may be transferred to, stored, and processed by recipients located in destinations outside the European Economic Area ("EEA"). These countries may have different data protection standards than those of the territory in which you reside. We will take reasonable steps to ensure that recipients use and protect your information securely.
If we have provided you with (or if you have chosen) a password, access code or any other secure means or access or authentication that enables you to access certain parts of our site, you are responsible for keeping this password confidential and for complying with our instructions. You must not share credentials with anyone else, and you authorize Carta Reale to act on instructions and information from anyone who enters your credentials.
The transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your data transmitted to our site. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
13. Data Retention
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of the personal data, the purposes for which we process the personal data, and whether we can achieve those purposes through other means, and legal requirements, applicable regulatory, tax, accounting or other regulations.
Here are some factors we usually take into account when determining how long we need to keep your personal data:
● in the event of a complaint;
● if we reasonably believe that there is a prospect of litigation in relation to our relationship with you or if we believe that we need to retain the information to defend any future legal claims (e.g., email addresses and content, chats, letters will be retained for up to 10 years after the end of our relationship, depending on the applicable limitation period in your country).
● to comply with any applicable legal and/or regulatory requirements in relation to certain types of personal data:
– under EU anti-money laundering legislation (Anti-Money Laundering Directives) we are obliged to keep your personal data for a period of 5 years after the end of the relationship between us as a company and you as a customer; this period may be further extended in certain cases if so provided for and in accordance with applicable legislation; the same also applies under UK anti-money laundering legislation;
– whether the information is necessary for audit purposes, etc.;
● in accordance with relevant industry standards or guidelines;
● in accordance with our legitimate business need to prevent abuse of the promotions we run. We will retain a customer's personal data for the period of the promotion and for a certain period after the end of the promotion to prevent the appearance of abusive behaviour.
Please note that, under certain conditions, you can ask us to delete your data – see your legal rights below for more information. We will respect your cancellation request ONLY if the conditions are met.
14. Your legal rights
You have rights that we need to make you aware of. The rights available to you depend on the reason for which we process your personal data. If you need more detailed information or wish to exercise any of the rights set out below, please contact us.
15. Charges
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is manifestly unfounded or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
16. Deadline for responding to a lawful request
The legal period under the GDPR to respond to a legitimate request is one month. This deadline may be extended by a further two months where necessary, taking into account the complexity and number of requests. Please note that we may require you to provide certain details necessary to verify your identity when you request to exercise a legal right relating to your personal data.
17. Contact Us
All comments, questions, and requests regarding our use of information are welcome. If you wish to exercise any of your rights, please contact us via dpo@Carta Royal .com.
It only takes a few minutes to register your FREE Bankio account.
Copyright © First Digital Trade Ltd | Designed by FirstDigitalTrade