Privacy Policy & GDPR

This Privacy Policy will help you understand how we collect, use, and protect your personal information when you use our websites (carditeasy.com – collectively, ‘Our Sites’) or our mobile device applications (the ‘Apps’).

WHO WE ARE AND OUR CONTACT DETAILS

UAB CarditEasy (“CarditEasy”) is a company incorporated and existing under the laws of Lithuania registered under company number 306079744, with its registered address at Giruliu g.20, Vilnius, Lithuania.

CarditEasy has overall responsibility for the processing of your personal information. This means that CarditEasy is a ‘data controller’ under the General Data Protection Regulation (also known as the GDPR). If you have any queries about this Privacy Policy or how we process your personal information, please contact us by email: info@carditeasy.com.

WHAT INFORMATION WE COLLECT ABOUT YOU

The personal information we collect about you includes:

name, date of birth, and gender;
contact details, including address, telephone number and email address;
identification document details;
financial information and source of funds information;
identifiers assigned to your computer or other devices, including your Internet Protocol (IP) address

Furthermore, by using our Sites and our Apps, Cookies may be stored on your devices. You can find further information on Cookies below, under the title ‘Cookies’.

Sensitive personal data

CarditEasy does not intentionally collect sensitive personal data via our Sites or Apps unless we are legally required to do so. Sensitive personal information includes social security numbers or financial information.

Security

CarditEasy works to protect the confidentiality and security of the information it obtains in the course of its business. Access to such information is limited and policies and procedures are in place, designed to safeguard the information from loss, misuse and improper disclosure.

WHY WE COLLECT AND KEEP YOUR PERSONAL DATA

We retain Personal Data for the least amount of time required for business purposes to offer our services and for legal or regulatory obligations.

HOW WE COLLECT INFORMATION ABOUT YOU

Most of the personal information we hold about you is collected directly from you. We do this for example, when you:

visit our Sites and register to receive information from us or sign up to our services;
download PDFs or other files or information from our Sites;
contact us directly, by phone, by email or social media;
respond to communications or surveys;
start an application for our services but fail to complete it;
contact our customer service team;
use our Apps;
accept the use of Cookies.

We will also collect information about you if you get in touch through one of our external partners (for example, a screening agency to verify your submitted documents). In order to understand more about you and to verify your identity, we may supplement and combine the personal information that we collect from you with data obtained from other sources.

LINKS TO THIRD PARTY’S WEBSITES

A link to a third party’s website should not be construed as an endorsement by either CarditEasy or that third party of each other or its products and services. Furthermore, CarditEasy is not responsible for any information posted on those websites other than information we have posted ourselves. We recommend reviewing the privacy statement of each third-party site linked from our Sites to determine their use of your personal information.

REASONS FOR PROCESSING AND USING YOUR INFORMATION

We will store and use your personal information as is necessary for the performance of a contract between you and us, for compliance with our legal and regulatory obligations, for our legitimate interests or, for certain other additional purposes, based on your explicit consent. Examples of how we may use your personal information include:

administering your account;
carrying out anti-fraud and anti-money laundering (AML) checks and verifying your identity (as is necessary for compliance with our legal and regulatory obligations and/or as is necessary for our legitimate interests);
using your details to process payments (as is necessary for the performance of a contract between you and us and/or as is necessary for our legitimate interests);
sending you information about our products and services;
monitoring your usage and the effectiveness of our Sites and Apps;
undertaking market research and statistical analysis, including analysing your use of our Sites and developing new products and services (in line with the settings you chose for Cookie Consent);
fulfilling our obligations towards any relevant national authority in order to comply with our legal and regulatory obligations and/or as is necessary for our legitimate interests);

Using your data for fraud prevention

In certain situations, before we provide you with our services, we use your personal data to conduct checks for the purposes of preventing fraud and money laundering and to verify your identity. We use third-party service providers to assist in verifying your ID documents, to screen your name and country of residence against sanctions, and the list of Politically Exposed Persons as required by regulations. We may also share your details with other financial institutions and law enforcement agencies for the purposes of preventing fraud, money laundering, terrorist financing, and other financial crimes, within the limits of privacy regulations.

If we, or a fraud prevention agency, determine that you pose a risk of fraud or money laundering, we may refuse to provide you the services you have requested or stop providing existing services to you.

When CarditEasy and fraud prevention agencies process your personal data, we do so on the basis that we have a legitimate interest to process your data in such a way, in order to protect our business and to comply with the various laws that apply to us. Such processing may also be a contractual requirement in relation to the services you have requested from us.

Using your personal data for marketing

In addition to the purposes above, we may also process your personal information for the purposes of marketing, to send information promoting similar products and services by mail, email, text message, or other media platforms, if you have expressly consented to so. You can object to receiving marketing emails from us at any time by pressing the unsubscribe link in our marketing emails or text message; or by contacting us via email to info@carditeasy.com.

WHO WE SHARE YOUR DATA WITH

Where relevant given the nature of our relationship or of the products and services provided to you, we may also share your information with the following categories of third parties:

payment service providers and financial institutions;
third-party service providers who we instruct for the purposes of processing service information;
third-party service providers who support the operation of our business, such as financial institutions, fraud prevention agencies and associations, IT and marketing suppliers, financial service providers and other administrative support services to operate our Sites (as is necessary for the performance of a contract between you and us);
as required by a court order or any other legal or regulatory requirement specified by any relevant Authority who may have jurisdiction.

WHERE YOUR INFORMATION IS PROCESSED

The personal information that we collect from you, and which is shared with the third-parties mentioned above, may be transferred to and processed in a destination outside of the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for us or one of our suppliers. In these circumstances, your personal information will only be transferred on one of the following bases:

the country that we send the data to is approved by the European Commission as providing an adequate level of protection for personal information; or
the recipient adheres to GDPR regulations.
there exists another situation where the transfer is permitted under applicable data protection legislation.

HOW LONG IS YOUR INFORMATION KEPT

CarditEasy only ever retains personal information for as long as is necessary and we have strict review and retention policies in place to meet these obligations. Unless specifically mentioned otherwise, we keep your personal data as long as legally permitted or required.

YOUR RIGHTS

You have the right to:

obtain access to, and copies of, the personal information that we hold about you;
require that we stop processing your personal information if the processing is causing you damage or distress;
opt out of marketing communications;
ask us to erase your personal information;
receive from us the personal information we hold about you which you have provided to us, in a structured, commonly used and machine-readable format, including for the purpose of you transmitting that personal information to another data controller; and
require us to correct the personal information we hold about you if it is incorrect.

Please note that these rights may be limited by data protection legislation, and we may be entitled to refuse requests where exceptions apply.

COOKIES

We may place small data files on your access device. These data files may be cookies or other local storage provided by your browser or associated applications (collectively, “Cookies”). We use Cookies to recognise you as a customer, customise our services, content and advertising, measure promotional effectiveness, help ensure that your account security is not compromised, mitigate risk and prevent fraud, and to promote trust and safety across our Sites and services.

What Cookies do we use?

The Cookies used by our Sites or Apps can be:

Session Cookies – these are only stored temporarily during the time you visit the website. Session cookies will disappear when you log off the website or close your browser.
Persistent Cookies – these stay on your machine until expiry or deletion. Many are built with automatic deletion dates to help ensure your hard drive does not get overloaded. These Cookies often store and re-enter your log-in information, so you don’t need to remember membership details.

We use both types of Cookies. Additionally, Cookies can be first or third party Cookies. First-party Cookies are owned and created by CarditEasy. Third-party Cookies are owned and created by an independent company, usually a company providing a service to the website owners. These Cookies collect information relating to the origin of your visit, where you were exposed to CarditEasy advertising, what advertising feature you saw, whether you arrived directly or indirectly to our Sites, the device you used to visit our Sites or use our Apps and which downloads you performed, information about whether you have opened our newsletter email, when and how many times and your preferences for receiving newsletter emails from us

Your right to disable cookies

You are free to decline our Cookies by setting your preferences in the pop-up window in your first visit to our Sites. If you don’t accept these cookies you cannot visit or use our Sites.

Web Beacons

We use small graphics (also called tracking pixels or clear GIFs – collectively, “Web Beacons”) in Our Sites, Apps or emails which remain invisible to you but provide us with information about your experience and interaction with our Sites, Apps and emails such as which browser has been used, if an email was opened and similar. As part of our effort to track the success of our advertising campaigns, we may at times use visitor identification technology such as these “web beacons” which count visitors who have come to our Sites after being exposed to a CarditEasy banner ad on a third party site. Web Beacons often work in conjunction with Cookies. No personally identifiable or sensitive personal data is collected via Web Beacons.

COMPLAINTS

If you are concerned about an alleged breach of privacy law by CarditEasy, please contact us by email at info@carditeasy.com. If you are not satisfied with the way in which CarditEasy has resolved your complaint, you have the right to complain to the data protection authority in your country.

CHANGES TO THIS PRIVACY NOTICE

We may update this notice from time to time by publishing a new version on our Sites. You should check this page occasionally to ensure you are happy with any changes. If the changes are substantial, we may notify you of changes to this notice by email.

If you have any questions or concerns about this Privacy Policy, please contact us at info@carditeasy.com.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.