PIN4, INC.  – PRIVACY POLICY (UK AND EU)

This Privacy Policy establishes the information we collect, how we collect and use it, as well as other information regarding disclosures required for Users in the United Kingdom and European Union.  We may hold and use User personal information either for our own purposes or on behalf of other persons, organizations or entities to whom we are providing services.

  1. PIN4 CASH

Pin4 provides services to banks, e-money entities, other financial institutions, businesses, governmental bodies and other entities (the “Issuer Parties”) in connection with the Issuer Parties providing Pin4 Cash, other ATM cash access and Pay-to-Bank services to consumers in the UK and EU.  In connection with providing these services, Pin4 will receive and process personal data of consumers from, or on behalf of, the Issuer Parties.  In this case, under UK and European data protection laws, the Issuer Parties are the “data controllers” and Pin4 is the “data processor” in regard to the personal data.

Pin4 has written agreements with the Issuer Parties and will process personal data (a) only as specified in those written agreements and (b) only for purposes of providing services to the Issuer Parties and not for its own purposes.

Pin4 also has written agreements with entities providing services to Pin4 in relation to the above activities.  These entities may receive and process personal data as “sub-processors” to Pin4.  In this case, the Issuer Parties will continue to be the data controllers. In Pin4’s agreements with these sub-processing entities, the entities agree to process personal data (a) only as specified in the written agreements and (b) only for purposes of providing services to Pin4 and the Issuer Parties and not for their own purposes.

For additional information regarding the use and processing of your personal data relating to the programs described above, please refer to the privacy policies of the applicable Issuer Parties.

  1. OTHER DATA OR PERSONAL INFORMATION

In Pin4’s other activities, such as the operation of its website and other interactions with consumers not related to operating the Pin4 Cash, Pay-to-Bank and other programs and being a data processor for the Issuer Parties, Pin4 may collect and use other information regarding consumers, including personal information:  Identity data (e.g., name, username, date of birth, gender); Profile data (e.g., user preferences, comment); Contact data (e.g., email address, phone numbers); Content data (e.g., personal information contained in messages); Support data (e.g., comments made in customer support efforts); Technical data (e.g., IP address, browser information); Usage data (e.g., how our services are used); and Marketing data (e.g., user preferences relative to marketing efforts).

In these cases, we are the data controller in respect of this data for UK and European data protection laws.  We collect and process this data as set forth below:

2.1  Information Collection

We collect data through direct interaction (express/overt use of the service) as well as through automated technologies (e.g., use of cookies).

2.2  Marketing 

We may use your information to form a view on what we think you may want or need, or what may be of interest to you and provide marketing materials regarding same.  At your request (through our unsubscribe process), we will cease sending messages or otherwise contacting you.

2.3  Sharing Information

We may share your personal data with certain other parties to carry out our lawful objectives.  Such parties may include our services providers and business partners.  We require all third parties to respect the security of your personal information and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our agreements and instructions.

2.4  Data security 

We engage appropriate security measures to prevent the loss, misuse or destruction of personal information. Additionally, we limit access to your personal information to those employees, agents, contractors and other third-party service providers who have a business need to know. They will only process your personal information in accordance with our agreements and instructions, and they are subject to a duty of confidentiality.   We have policies in place to address suspected personal data breaches and will notify you and any applicable regulator of a breach where we are legally required to do so.

2.5  Data retention 

We will only retain your personal information for as long as necessary to fulfil the purposes for which we collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

When considering retention terms, we take into consideration the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and the applicable legal requirements.

By law we may have to keep basic information about our Users for such periods as may be required by such laws.

2.6  Your Rights 

Under certain circumstances, you have rights under data protection laws in relation to your personal information.  This may include the following rights:

  • Access Rights. This is the right to receive a copy of the personal information we hold about you.
  • Correction Rights. This is the right to have any incomplete or inaccurate information we hold about you corrected.
  • Removal Rights. This is the right to ask us to delete or remove personal information where there is no good reason for us continuing to process it.
  • Process Restriction.  This right applies where we are relying on our legitimate interests (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
  • Transfer Rights.  This is the right to request the transfer of your personal information to another party.
  • Withdraw consent. This right applies only if we are relying on your consent to process any of your personal information. This will not affect the lawfulness of any processing carried out before you withdraw your consent.

If you wish to exercise any of the rights set out above, please contact Pin4’s Data Protection officer at the email address below. You will not have to pay a fee to access your personal information (or to exercise any of the other rights), unless such request is unfounded or excessive (in which case, a reasonable fee may apply, or we may refuse to comply with your request).

2.7  Data Protection Officer

Our “Data Protection Officer” is responsible for matters relating to privacy and data protection and can be reached at the following address:

 John Buckman
Pin4, Inc.
11 S. Passaic Avenue
Second Floor
Chatham, NJ 07928
John.buckman@pin4.com

 2.8  Cookies

Cookies are small pieces of information sent by a website to a visitor’s hard disk. Cookies cannot be used to run programs or deliver viruses to your computer. By continuing to visit our website or use our applications, you agree to the placement of cookies on your device. If you choose not to accept our cookies, we cannot guarantee that your experience will be as fulfilling as it would otherwise be. We may also place cookies from third parties for functional and marketing purposes.

Policy Effective Date:  March 24, 2021