Effective April 20, 2020

elyps is a company incorporated in Belgium with company number BE 0695 741 309, and whose registered office is at 54 Avenue Louise, 1050, Brussels, Belgium.

We treat your data confidentially and in accordance with national regulations and international agreements, including the Belgian Data Protection Act of 30 July 2018 and and Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of such data, and repealing Directive 95/46EC (General Data Protection Regulation, “GDPR”).

elyps uses its Customer’s personal data and acts in compliance with the privacy policy as set out above.

elyps will ensure that the personal data requested and/or communicated are adequate, accurate (and, where necessary, updated), relevant and not excessive in relation to the purposes for which they are harvested. elyps guarantees in addition to transparency, compliance with legal provisions, confidentiality, a level of security and respect for your rights.

This document explains what information we collect, how we use it, and your rights if you want to change how we use your personal information.

1. Scope of the policy

This policy provides information about the collection, use and processing of personal data when using elyps website or mobile application.

Personal data means all detailed information about personal or factual circumstances of a specific or identifiable natural person. They are his property. 

Personal data is processed as part of a business relation when the Customer decides to enter into a contractual agreement with elyps. In addition to that - if necessary for providing elyps services - elyps can transfer personal data to other companies who process the Customer data or to third party suppliers working with elyps to run part of the elyps operations.

Consent to the processing of personal data for specific purposes will always be required, the processing is permitted on the legal basis of this consent. This consent is revocable at any time. If the Customer has revoked consent any processing of personal data will become unlawful after the revocation. The Customer may request information about  given consents at any time.

Any changes will be updated on the website and when appropriate notified to the customers via the application. The new terms may require further consent to continue the use of the elyps services.

2. Controller

The controller within the meaning of the GDPR, in charge of  the collection, processing and use of personal data is:

Elyps SA

BE 0695 741 309

54 Avenue Louise

1050, Brussels, Belgium. 

If you have any concerns about how we use your personal information, you can contact our Data Protection Officer (DPO) at dpo@elyps.com.

The Data Protection Officer is in charge of : 

monitoring compliance with the GDPR and other data protection laws,

raising awareness of data protection issues, training  staff and conducting internal audits, and

cooperating with supervisory authorities.

For any queries regarding this policy, please contact the  support via the elyps in-App chat function.

3. Collecting and using your information

We collect your personal information from you and others when you use : 

our website at www.elyps.com;

the elyps app ; or, 

any of the services you can get access to through the elyps app or website (our services). 

The information collected will be used: 

to verify the Customer identity to protect against fraud, comply with financial crime laws and to confirm eligibility to use elyps products and services,

to notify the Customer about changes to elyps services,

to administer elyps website and the App for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes,

to improve the website & application,

to provide the Customer with information about other goods and services offered and to measure or understand the effectiveness of advertising,

to comply with our regulatory obligations.

to carry out elyps obligations required to process any transactions , including working with third party who deliver services to elyps.

3.1. Information provided by the Customer

This could be during onboarding or through the life of the relationship with elyps (for any transactions made through elyps or provided in any communications with elyps). 

The information given may include the full name, residential address, date and place of birth, e-mail address, phone number, card delivery address, username, password and other registration information, financial details of the bank account including the bank account number, bank sort code, IBAN, details of the debit and credit Cards including the long number, relevant expiry dates and CVC, identification document numbers, copies of identification documents (for example, passport, driving licence and utility bill) personal description, biometric data, National Identification Number, photograph and any other information the Customer provides in order to prove their eligibility to use elyps services.

Please note that it is not possible to open an account, if the Customer doesn’t provide personal data. Personal data will be verified before the account is open.

3.2. Information elyps collects

Each time the Customer visits the App or the website, the following information will be collected by administer elyps website and the App for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes; to improve the website & application

(i) technical information, including the internet protocol (IP) address used to connect the computer to the Internet, login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, device information and the type of mobile device used, a unique device identifier (for example Device's IMEI number, the MAC address of the Device's wireless network interface, or the mobile phone number used by the Device), mobile network information, mobile operating system, the type of mobile browser used, time zone setting "Device Information",

(ii) information about the visit, including the full uniform resource locators (URL), clickstream to, through and from  the website (including date and time), services viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, device information,

(iii) transaction information including date, time, amount, currencies used, exchange rate, beneficiary details, details and location of the merchant or ATMs associated with the transaction, IP address of sender and receiver, sender's and receiver's name and registration information, messages sent or received with the payment, device information used to facilitate the payment and the mobile device used,

(iv) information stored on the  Device, including if the Customer allows elyps access to contact information from the address book, login information, photos, videos or other digital content, check ins (Content Information). The App will periodically re-collect this information in order to stay up-to-date,

(v) details of use of our App or visits to the website including transaction details relating to the use of our services, including who the Customer has sent money or electronic money to, foreign exchange transactions entered, the time, date and location of the place the transaction was entered into,

(vi) elyps uses GPS technology and the Customer IP address to determine the location – this may be used when the App is running in the foreground and the background of the Device. This is used to prevent fraud, for instance if the Customer mobile phone is saying that the Customer is based in the UK but the Card is being used to enter into an ATM Withdrawal or point of sale purchase in Spain, elyps may not allow that transaction to be processed. The Card protection and fraud-prevention measures require this personal data for the feature to work. If the Customer wishes to use the particular feature, the Customer will be asked to consent to the data being used for this purpose. The Customer can withdraw consent at any time by disabling location permission  within device settings.

3.3. Information shared with third party

elyps works with third parties are business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies, fraud prevention agencies, customer service providers and developers. 

Fraud prevention agencies (to verify the identity, protect against fraud, comply with anti-money laundering laws and to confirm the Customer eligibility to use elyps products and services),

Identity verification and authentication providers,

Communications service providers,

Cloud storage providers (to safely and securely store data),

Banking and financial services partners (to provide banking services, including banking partners, banking intermediaries and international payments services providers),

Credit reference agencies (to assess the Customer credit score),

Card manufacturing/personalisation and delivery companies,

Regulatory bodies,

Any company part of the elyps group.

3.4. Information from social media

If the Customer has authorised elyps to, friends lists from Facebook and similar information from other third parties such as Twitter and Google will be collected– the App will periodically re-collect this information in order to stay up-to-date.

4. Storage security

All information provided is stored on secure servers. Any payment transactions carried out will be encrypted using Transport Layer Security technology or a secure virtual private network. 

Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our mobile application or our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

5. International transmission of data 

In order to ensure an appropriate level of protection by the recipient of the data, elyps uses the standard contracts of the European Union for the transmission of data outside the EU.

6. Retention of data

elyps retains personal data about customers and transactions for a period of ten years.  

7. Legal rights

Under the data protection laws, as a customer, you have the right to:

request access to your personal data to receive a copy of the personal data held by elyps,

request rectification / correction of the personal data held,

request erasure of personal data, where there is no good reason for elyps continuing to process it. Note that elyps may not be able to delete all data as elyps is under obligations to retain data for a minimum of 10 years after the termination of the business relationship,

request restriction of the processing,

withdraw consent at any time where we are relying on consent to process your personal data,

revoke concerning data processing for marketing purposes,

data portability. 

No fee will be requested unless the request is unfounded, excessive or repetitive. elyps will endeavour to respond within one month. If the request can’t be fulfilled within a month, elyps will notify customers.

8. Cookies

We use cookies to analyse how you use our mobile app and website. Please read the Cookies policy for more information about cookies. 

Appendix I - Definitions

“App” or “Mobile App” or “Mobile Application” means the mobile application accessible through your Mobile Device.

“Card” means the tangible plastic Card issued to Customers and allowing ATM Withdrawals and merchant purchases.

“Card PIN” means personal identification number, which is associated with the Customer’s Card.

“Electronic Money” means the monetary value stored against your account and kept electronically.

“Payment Account” means the elyps’ account of the Customer, which is monitored and kept under record by elyps.

“Funds” means electronically stored value.

"Information" means any confidential and/or personally identifiable information or other information, including but not limited to the following: name, email address, date of birth, tax identification number, billing/shipping address, phone number and financial information.

“Mobile Device” or “phone” means your smartphone or other electronic device upon which you have downloaded the elyps application.

“Mobile PIN” means your personal identification number which is entered onto the elyps application.

“Privacy Policy” or “GDPR policy” means our privacy policy which can be found on our website.

“Website” means our general website, the web address of which is www.elyps.com