This Notice was last revised on 24 May 2018.
Entropay is committed to respecting our customers' privacy and protecting their personal information from misuse or un-authorised disclosure and complying with privacy laws. Entropay values its reputation and aims to maintain high ethical standards in the conduct of our business affairs.
Entropay is a Card Payments Services company, specialising in virtual, disposable prepaid Visa cards, instant and global money transfers. Entropay also offers businesses white label solutions and facilitates corporate purchasing.
Organisation Size 50-70
Locations London and Malta
Data Controller Details
Email Address: [email protected]
Postal Address 2 Stephen Street
Data Protection Officer Details
Name: Denise Vella
email Address: [email protected]
The following is a very broad description of the way this organisation/data controller processes personal information. To understand how your own personal information is processed you may need to refer to any personal communications you have received, check any privacy notices the organisation has provided or contact the organisation directly to ask about your personal circumstances
We process personal information to enable us
From our website:
From our website's contact forms:
Sign Up forms:
From our Careers page:
Job Application Forms:
Depending on which of our services you use we may collect the following information:
From people who are interested in a career at Entropay we will also collect your name, address, CV, and any information it contains and your desired remuneration as well as information you may enter on “How did you hear about this job?” form
From our job application page, we may also collect any links you send us to any Website, Blog, portfolio, and LinkedIn link.
From any emails you send to our contact or support email addresses we will collect all the information you write or attach in the email.
For visitors who go on to register for one of our services we may collect:
For business Users we may collect:
We will not collect any information about you without your explicit consent.
We will ask your consent every time we need to collect personal information about you unless you are signing up to one of our services when we will then have a contractual obligation to collect this data.
We will explain in clear and simple terms why we want to collect your information and what we will do with it before seeking your consent, so you are fully informed, and you will be given a clear and unambiguous option to opt in to any communications or services we might want to offer you.
We collect information about you to process the financial services provided by Entropay, such as fund transfers to and from your credit card.
We collect information about you to manage your account and to protect your account against malicious activity.
We may collect and analyse information for the purpose of providing personalised products.
We also use it to recommend things we think you will like or to notify you about things you’ve told us you like.
We also use your information for business, regulatory and legal purposes such as dealing with any requests you make or content you submit.
Getting in touch if we need to tell you about something, like a change to our policies or issues with a service.
We also collect information for employment purposes.
We will store and process your data following industry best practice and security.
Some of that processing takes place at Entropay in London and Malta
Some of the processing may take place in areas outside of the UK and Malta but within the EEA and covered by GDPR.
Where processing takes place by one of our trusted data processors, we ensure that our contracts with those 3rd parties contain the appropriate GDPR model clauses and that all our 3rd parties are also compliant with the GDPR, this affords your data the same protection away from our organisation, as it does within it.
Some of the processing may take place outside of the EEA. Where processing takes place by one of our trusted data processors, we ensure that our contracts with those 3rd parties contain the appropriate GDPR model clauses and that all our 3rd parties are also compliant with the GDPR, this affords your data the same protection away from our organisation, as it does within it.
The data we collect through our online services may be processed by one or more of the following:
We process data within the EEA and countries deemed by the European Union as having adequate safeguards for protecting personal data. These countries are recognised by the EU as having suitable safeguards for the rights and freedoms of individuals and recourse processes by which data subjects can exercise their rights.
We will only consider transferring your data outside of the EU if the following conditions are met.
A transfer, or set of transfers, may be made where the transfer is:
Made with your explicit informed consent;
Necessary for the performance of a contract between the you and this organisation or for pre-contractual steps we need to take at your request;
Necessary for the performance of a contract made in your interest between this organisation and another person;
Necessary for important reasons of public interest;
Necessary for the establishment, exercise or defence of legal claims;
Necessary to protect your vital interests or those of other persons, where you are physically or legally incapable of giving consent;
Made from a register which under UK or EU law is intended to provide information to the public (and which is open to consultation by either the public in general or those able to show a legitimate interest in inspecting the register).
We keep your information in line with our data retention policy. For example:
This enables us to comply with legal and regulatory requirements or use it where we need to for our legitimate purposes such as managing your account and dealing with any disputes or concerns that may arise. We may need to retain your information for a longer period where we need the information to comply with regulatory or legal requirements or where we may need it for our legitimate business purposes, such as to respond to queries or complaints, fighting fraud and financial crime and responding to requests from regulators. Information that exceeds the retention periods is deleted or removed using industry best practices.
We respect the rights and freedoms of individuals and as such we would like to make you aware of the following. You have the:
You also have the right to lodge a complaint with our supervisory authority. Entropay’s main establishment is Malta, thus its supervisory authority is the IDPC in Malta. Their contact details are as follows:
Quick Links for exercising your rights
DPO email Address: [email protected]
Controller email address: [email protected]
Any and all data in respect of - Data We Collect, is collected directly from you, the individual.
We do not collect any of your personal data from any other sources. This included any publicly accessible list and or data sources, whether in the public domain or if we have a legitimate interest to be able to access those sources legally.