Travelex’s personal data privacy principles outline our commitments to you, our customers, clients, and prospective customers in relation to how Travelex will treat and safeguard your personal data. We take our responsibilities for your privacy very seriously and Travelex companies and our third party processors may only process your personal data in accordance with these principles and our regulatory responsibilities, and all our employees are trained against these principles.
- Collecting and using your Personal Data
We will collect the personal data we need in order to deliver the products and services that you have requested from us and we will only do so with your consent, for the performance of contract, or, if you have provided us with consent, to send you marketing communications. We will process your personal data in a fair and lawful way and we will be clear and transparent about how we process your personal data at Travelex
- Processing and Retaining Your Personal Data
We will only keep your personal data as long as is necessary to facilitate the delivery of our product and services to you, (except where required otherwise by applicable law). In storing your data we will only keep the parts of it which are vital in the provision our products and services, or when we are required to satisfy our legal and regulatory obligations. When we no longer require your data for these purposes it will be deleted
- Security and Confidentiality
We will keep your personal data secure and confidential, ensuring that access to your personal data will be limited appropriately only to those who need it to conduct business activities (except as otherwise required by applicable law). We adhere to industry standards for technology security and use tested administrative, technical and physical security measures to protect your personal data from unauthorized access, use, modification, disclosure or destruction. We also ensure that our employees undertake training in order to uphold these principles and commitments
- Data Sharing
We only share your personal data with third parties in accordance to our privacy notice, or where it has either been authorized by you. We do not share or use your details for third party marketing purposes unless you have expressly consented. Where your personal data is transferred outside of the European Union, in order to deliver the products or services that you require, for example with our third party processors or partners, we will always ensure that it is treated in accordance to local laws and regulations. Where we share your personal data with our processors, we also ensure that they adopt industry standard data security measures.
- Data Access and Your Rights
Travelex will uphold your rights about how your personal data is used at all times. If you request access to your personal data, Travelex will provide this to you in accordance to your rights and local laws and regulations. We will also inform you about how your personal data is processed by Travelex. If you think your data is inaccurate you can ask us to change it. Where you feel that there is no longer a valid purpose for us retaining your data, you may (in accordance with local laws and regulations) request us to erase your personal data. You may also change your mind about how we can use your personal data by withdrawing your processing consent at any time.
- Accountability
We will endeavour to uphold these principles to the best of our ability at all times and hold ourselves accountable for doing so. We will ensure that our employees, contractors, partners and third party processors will adhere to these principles and commitments. Note: Some countries may have differing data protection legislation, where this is the case Travelex will always meet its local legal and regulatory obligations.
For further information on how Travelex processes your personal data please refer to your product or service terms and conditions.
- Introduction
Your privacy and your rights are important to us. This privacy statement explains what information we collect about you and how we use it.
By ‘we’ or ‘us’ or ‘our’ we mean Travelex Limited and its subsidiaries, 4th Floor, Kings Place, 90 York Way, London, N1 9AG.
If you subscribe to, or have purchased, Travelex products and services (instore, online or via ATMs), you visit our websites or you download and use our mobile apps or services we provide within mobile device wallets or other third party applications, this Privacy Notice will apply.
This Privacy Notice you are reading now contains the most important points that you need to know. By clicking at any time on the links provided, you can jump to the full details of this statement. See more
- What Information we collect
We collect your information for the provision of Travelex Services or through interaction with our websites, participation in our surveys or promotions. The information we process is either information you give to us, information we collect automatically, or information we receive from third parties . See more
- Why we use the information we collect
The information we hold on you will be processed in a number of ways. This is generally to provide you with the services that you request from us, to keep you informed and to improve your customer experience and the quality of the Travelex Services. In some instances we use this information to send you marketing communications we think are relevant to you, but we only do this where it is lawful to do so and you have given your consent to receiving this information. You have the right to object to us sending you such request to stop processing your information at any time. See more.
- Information we share
Even where shared, we ensure your information will only be processed for the purposes outlined in this Privacy Notice.
We share your information with Travelex Group Companies, with third party product issuers, companies that provide services or communications to you on our behalf and where we are subject to (or reasonably believe that there is) a requirement to share such information to comply with our legal obligations.
We do not share your information with companies, organisations or individuals outside of Travelex for marketing purposes nor do we sell your information.
In the event that our business is acquired by a third party or we enter into any kind of merger or other acquisition type, your information where required would be shared with the relevant party. See more.
- How to opt in or opt out from direct marketing, third party marketing and surveys
You have the right to opt out of direct marketing from us at any time by visiting our Privacy Centre, sending an email to unsubscribe@travelex.com. See more.
- Third Party Marketing Cookies and Social Advertising
Travelex has relationships with online advertisers and social media networks (our Marketing Partners). These partners use cookies and similar technologies for marketing purposes and may serve you with targeted advertising about Travelex while you are on a third party website, at our request and only with your consent. See more
- Retention of your Information
We will process your information only for as long as is necessary for the purposes set out in this Privacy Notice and to fulfil our legal obligations. Where you are a customer this is usually at least for as long as you remain a customer and a period after this to be able meet our legal, to contractual obligations to you or third parties, and if necessary, to resolve any disputes. We will not process more information than we need. See more.
- Links to Third Party and Travelex Group websites
Our webites contain links to and from the websites of our group companies, selected partner networks, advertisers and affiliates, including websites which are outside of our control and are not covered by this Notice. See more .
- Security
We take all reasonable steps to ensure that all information collected through our websites is treated securely and in accordance with this Notice. We do this by applying appropriate technical and organisational measures that meet all of the current standards of our regulatory obligations, including regular review measures. See more.
- International Transfers
In providing the Travelex Services to you we sometimes transfer your information to other countries. Where we transfer your information outside the European Economic Union or EEA (i.e. countries that are members of the EU together with Norway, Iceland and Lichtenstein) we ensure that all data is processed with the same standards of security measures regardless of location, in accordance with our standards, policies, regulatory and legal obligations. See more.
- Your rights
Based on the AVG, you have a number of rights (subject to certain conditions) when it comes to your Personal Data. These include the right to ask us what information we hold about you, and to request us to modify any incorrect details, add missing information, or to delete the information we hold. You also have the right to object to us processing your data or ask us to restrict processing your information. If you want to use the information that we hold about you for services with others, you can ask us to provide your data in a commonly used electronic format. You can exercise any of these rights by contacting us using the contact details and form referred to in Section 14.
You can obtain further information about your rights, or make a complaint to the Autoriteit Persoonsgegevens (‘AP’) with regards to how we use your information, and Section 14 provides contact details should you need them. See more.
- Children's Privacy
In a very limited number of cases, we process Personal Data on children under the age of 16 when they use specific Travelex Services, but only with the consent of a responsible guardian or parent. See more.
- Changes to Our Privacy Notice
This policy was last updated on 7th November 2020. It may be updated from time to time to take into account changes to the Travelex Services or for example to reflect changes to applicable regulations. See more.
- Contact
For a full list of contacts and a form to contact us, please See more.
Travelex Privacy Statement
Content
- Introduction
- Data processing
- Purposes
- Legal basis
- Client due diligence and business integrity
- Mandatory provision
- Sharing personal data with third parties
- International data exchange
- Minors
- Automated decision-making or profiling
- Retention period
- Security
- Your rights
- Changes
- Complaints
- Contact details
1. Introduction
This Privacy Statement applies to the processing of personal data by Travelex N.V. ("Travelex"). Travelex is part of the Travelex Group Companies and is located at Coenecoop 530, 2741 PS, Waddinxveen, Netherlands, registered in the Trade Register of the Chamber of Commerce under number 33143504.
For Travelex, the protection of personal data is very important. We respect your privacy and always treat your data confidentially and in accordance with applicable legislation. In this privacy statement, we explain how we process your personal data.
2. Data processing
We may collect your personal data in different ways. We collect your personal data when:
- you use the website, any of our mobile software applications (apps) or platforms (collectively, the "websites");
- you use services from our bureaux de change through our online service, or by going to one of our shops;
- When you communicate with us through other channels, including via email, live chat, text messaging or social media platforms;
- you purchase or use Travelex branded products, or products we provide under the brand names of our partners. These services and products are collectively referred to in this notice as "Travelex services". Depending on how the services are provided to you, the partner's Privacy Notice may also apply;
- we take CCTV images of you as part of camera surveillance when you visit our premises, such as in our shops and (near) ATMs.
It is conceivable that we may combine personal data obtained about you through the various channels, with the exception of data collected under the Wwft. See about that also below under purposes of processing.
3. Doeleinden
Your personal data will be processed for the following purposes:
- Conduct client surveys of potential and existing clients;
- data exchange with our partners to provide Travelex services (these partners are disclosed to you at the time of provision of the relevant Travelex services);
- performing the agreement(s) concluded with you;
- administration;
- calculating, recording and collecting amounts due, including placing claims in the hands of third parties;
- to be able to interact with you and respond to queries raised by you;
- Your participation in competitions, promotions, surveys, loyalty programmes and similar actions;
- To keep you as informed as possible via our website, newsletters and other channels;
- improving Travelex's website, applications and services;
- analytical and statistical purposes;
- advertising purposes. Showing relevant and targeted ads on our online channels and third-party websites;
- handling disputes and enabling audits;
- the security of persons, premises and property;
- preventing, investigating and combating fraud and other crimes and in the context of public security;
- complying with legal obligations under the Sanctions Act 1977, Money Laundering and Terrorist Financing (Prevention) Act (Wwft), Financial Supervision Act (Wft) and obligations such as record-keeping and retention obligations and following supervisory instructions.
4. Legal basis
Travelex processes your personal data for the purposes set out above on the following legal bases:
- the consent given by you;
- taking pre-contractual measures at your request and/or implementing the contract concluded with you;
- meeting legal obligations;
- the furtherance of legitimate interests of Travelex or a third party.
For the purposes numbered above as 1 and 2 and 4 to 14, Travelex invokes the basis of legitimate interest. This legitimate interest consists of marketing purposes, internal management and historical and statistical research and fraud investigation.
We want to offer you, as a Travelex website visitor, the best possible experience. We can only do this if we know what your requirements are. This is why we conduct research and analyse data on our website, for example.
Do you object to this processing of your personal data? If so, you can read how to invoke the right to object later in this Privacy Statement.
5. Client due diligence and business integrity
Travelex is required by law to conduct business with integrity and to conduct client due diligence. Based on the results of the client investigation, Travelex may decide not to enter into an agreement with a potential client or to terminate an agreement with an existing client. Such refusal may be the result of a previous report of unusual transactions or we may consider for some other reason that entering into or continuing a relationship with a (potential) client goes against our policy of conducting our business with integrity. We are usually unable to disclose this, as doing so could potentially disclose (directly or indirectly) to you that a report of an unusual transaction has been made (by us or others). The law prohibits disclosing that information about (the report of) an unusual transaction. Failure to provide this information constitutes one of the exceptions to the right of inspection that you can exercise. See section 13 for more information on the right of inspection.
6. Mandatory provision
When we ask you for personal data, we make it clear to you whether the provision is necessary or required by law. In addition, we will tell you what the possible consequences are if you do not provide the data. The basic principle here is always that Travelex will not process more personal data than is strictly necessary.
7. Sharing personal data with third parties
We will only share your personal data with third parties to the extent necessary for in paragraph 3 purposes specified.
Service providers
To provide the best possible service, we share your personal data with our partners who have the role of 'processors'. These parties process your personal data only on behalf of Travelex. The service providers may therefore not process your personal data for their own purposes. The service providers include at least the following categories of parties:
- partners offering website and e-mail system maintenance;
- providers of cloud services and online security services.
Partners
These parties have the role of controllers and cannot process personal data for their own purposes. These are the following categories of partners:
- entities belonging to the Travelex group, of which Travelex is a member;
- payment gateways and payment service providers
- identity verification providers;
- partners we work with. We may share your personal data with companies we work with to offer Travelex services under that partner's brand name (for example, using their logos and through their websites or bureaux de change.) They may only market their own products or services if you agree to allow them to do so);
- parties that may be involved in dispute resolution, such as lawyers and bailiffs;
- parties that may be engaged in (fraud) investigations, such as fraud investigators, fraud prevention, anti-corruption and anti-money laundering providers;
Third-party cookies
Our websites contain links to and from the websites of entities within the Travelex Group Companies, selected partner networks, advertisers and affiliates. If you visit websites of these third parties via the links, these parties may collect personal data from you. For example, when you share an article from our website via a social media plug-in (e.g. Facebook, Twitter, LinkedIn or Google Plus), the relevant social network will record that you have done so. When you speak to an adviser about Travelex services, they will inform you that Facebook has access to your data. The processing of personal data by these third parties takes place in accordance with their own privacy statements. For more information, please also see our cookie policy.
8. International data exchange
In principle, your data is processed within the borders of the European Economic Area (EEA). If a transfer to countries outside the EEA (third countries) takes place, Travelex takes measures to ensure an adequate level of protection. Data exchange between entities within the Travelex Group Companies takes place on the basis of an intra-group agreement, with appropriate safeguards provided by standard clauses or binding corporate rules. Furthermore, Travelex bases transfers to third countries, where possible, on an adequacy decision adopted by the European Commission. If no adequacy decision has been adopted by the European Commission for a third country, Travelex takes appropriate safeguards by basing the onward transfer on and complying with standard contractual clauses adopted by the European Commission.
9. Minors
Travelex may process data of children under 16 in a limited number of cases. This only applies when a there is a direct transaction. We only collect this information with the prior consent of the responsible parent or guardian accompanying them.
We do not knowingly collect additional information from children under 16 years of age. If you are under 16, you should not register or provide any data on the Travelex applications. If we later obtain actual knowledge that a user is under 16, we will take steps to remove that user's data from our systems, with Paragraph 11 not applying. If you believe that we hold data from or about a child under 16, please notify us using the contact form in Paragraph 14.
10. Automated decision-making or profiling
Travelex uses automated decision making and/or profiling to assess personal aspects of a data subject, such as transaction history, Sanction screening, Pep screening, Transaction history. Using this assessment allows financial institutions to assess a transaction.
In automated decision-making, public sources, such as the Land Registry and the Chamber of Commerce, be consulted.
11. Retention period
Your data will never be kept longer than necessary or required by law. The following principles apply here. We keep your personal data:
- for the duration of the agreement concluded with you;
- for the purpose of dispute resolution;
- for periods required by law, such as on the basis of administration and anti-money laundering obligations.
12. Security
We will keep your personal data secure and confidential at all times and ensure that access to your personal data is limited to those who need the personal data for the purposes described. We use current standards for technology and security. We use (approved) administrative, technical and physical security measures to protect your personal data from unauthorised access, use, modification, disclosure or destruction. We also ensure that our employees are trained to comply with the measures.
13. Your rights
You have the following rights:
- Right to object to processing. You have the right to object to certain types of processing, including processing for direct marketing.
- The right to be informed. You have the right to clear, transparent and easy-to-understand information about how we use your data and what your rights are. That is why we provide you with information in this Privacy Statement.
- Right of access. You have the right to access your data (if we process it) as well as certain other data (similar to those in this Privacy Notice). This ensures that you are aware and can verify that we are processing your data in accordance with General Data Protection Regulation ("AVG").
- Right to rectification and deletion. You have the right to have your data corrected or deleted if it is inaccurate or incomplete. You can ask us to correct or delete any errors in the data we process.
- Right to restrict processing. You have the right to 'block' or limit use of your data. When processing is restricted, we can store your data but not use it further. We keep lists of people who have requested that further use of their data be 'blocked', to ensure that this restriction is respected in the future.
- Right to data portability. You have the right to obtain and re-use your data for your own purposes. For example, if you decide to switch to another service provider, you can easily move, copy or transfer your information between our IT systems and theirs, without compromising usability. However, this is not a general right and there are exceptions to this.
- Right to file a complaint. You have the right to lodge a complaint about the way we handle your data with the Personal Data Authority ('AP').
- Right to withdraw consent. If you have given your consent to all processing of your data, you have the right to withdraw your consent at any time (but doing so does not mean that anything we have previously done with your consent with your personal data is unlawful).
These rights are not absolute. It is conceivable that due to interests of others (e.g. the privacy of third parties) or of ourselves (e.g. our business operations) or due to other legal regulations, we may not be able to comply with a request or comply with it fully. Should that be the case, we will make this known where appropriate.
14. Changes
This Privacy Statement is subject to change. These changes will be published on the Travelex website.
Travelex may process your personal data for new purposes not yet listed in this Privacy Statement. In that case, we will contact you before using your data for these purposes. You will then of course be given the opportunity to refuse your participation.
15. Complaints
Furthermore, you are always free to file a complaint with the regulator. The regulator of privacy legislation is the Personal Data Authority. You can contact the regulator at www.autoriteitpersoonsgegevens.nl.
16. Contact details
For requests and information, please contact dataverzoeken@Travelex.com or: Travelex NV
Attn: the Data Protection Officer
PO Box 721
1000 AS AMSTERDAM