This policy sets out the basis on which any personal data we collect from you, or that you provide to us, during the business relationship. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
We ask that persons under the age of 18 (which we treat as children and minors) refrain from using our Service or submitting any personal information to us. Persons under the age of 18 years are not eligible to use our Service and if we discover that someone under the age of 18 has registered a Profile with us, we will close it.
We collect certain information about you by filling in forms on our website or apps or by corresponding with us by phone, e-mail or otherwise. This includes (but is not limited to) information you provide when you register with us, transfer money using our IOS and Android Apps or our Helasend.com website and when you contact us. This also includes information you provide through your continued use of all of our services, your participation in discussion boards or other social media functions on our Website or Apps, through entering a competition, promotion or survey, and by reporting problems with our Services.
The information you give us may include:
The main reason we use this information is to provide you with details about our products and services, but we (or third party data processors, agents and sub-contractors acting on our behalf) may also use the information:
We may combine information we receive from other sources with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted [using SSL technology]. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
We are committed to ensuring that your information is secure. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
We will only retain your information for as long as is necessary for providing our service to you, usually no more than 7 years after the end of the business relationship.
Under the GDPR, individuals have:
You can always exercise your right at any time by contacting firstname.lastname@example.org
The GDPR mandates company to take technical and organizational measures to achieve a level of security appropriate to the imminent risk. This has become more urgent in wake of increasing cybersecurity threat to organizations. We advocate tokenization, encryption of data, constant assurance of confidentiality, integrity, availability, and resilience of processing system and services to comply with GDPR.
The GDPR introduces mandatory security breach notification and requires administrative and technical safeguards for personal data to reduce identified risks and to prevent data breaches. The data subject is required to be notified without undue delay if the breach portends high risk to his rights and freedoms. Notification can be dispensed with if the data breach is unlikely to result in any risk to the data subject.
We will inform the supervisory authority of data breach incident within 72 (Seventy-two) hours of discovery. In addition, the company has an incidence response plan and trained its employee on how to respond.
The “flow of personal data from countries outside the EU and International organisations are necessary for the expansion of international trade and cooperation.”
Being a money remittance service provider, our operations involve transfer of personal data of employees and clients across jurisdictions to manage our global workforce and ease operations as our processing is outsourced too but we have Binding corporate rules - our internal codes of conduct. We export personal data from the territory of the GCC and EU regions to other companies and regulators located in third countries.
We also, follow the following Steps for processing EU personal data to comply with EU GDPR:
4th Floor, Kalson Towers
The Chief Compliance Officer - Helasend