Peak - Privacy Policy

Legal pages

05 July 2023 • By Peak Team

This policy (hereinafter: “Privacy Policy”) applies to the handling of personal data necessary to access the services (“Services”) offered by the peakfs.io website (“Website”) operated by Peak Card Services Limited.

Our priority is to protect our customers’ (hereinafter “You”, “Your”) privacy. This Privacy Policy is available to inform You about our collection and use of Your personal and non-personal data. This Privacy Policy is subject to the provisions of the Regulation (EU) 2016/679 of the European Parliament and of the Council (“GDPR”).

This Privacy Policy is also applicable to the visitors to the Website. By proceeding to use the Website and/or submitting information to us, You accept that Your data will be collected in according to the terms of this Privacy Policy.

Data controller

Peak Card Services Limited is the data controller of the personal data provided by You.

Peak Card Services Limited is registered in Gibraltar with registration number 111314 and registered offices at Suites 7B & 8B, 50 Town Range, Gibraltar.

The scope of personal data

Personal data means any information related to You which allows us to identify You.

This is information You give us about yourself by filling in forms on the Website, or by corresponding with us. If You contact us, we will keep a record of that correspondence. The information You give us may include Your name, Your e-mail address. We carefully safeguard the information we hold about You, including Your personal data.

Why do we use Your data?

Your personal data will be controlled to provide You the communication purposes and for the purposes determined by law (e.g crime prevention).

Transfer of Data

We will keep the personal data confidential but we may share it with other entities (who, according to the provisions of the GDPR, are also bound to keep it secure and confidential) if we have a duty to disclose it, if it is required for the provision of our services to You, or for legitimate purposes including business purposes and where Your rights or freedoms are not infringed.

We will never pass the personal information to a third party for them to use in their own direct marketing without Your consent.

In particular, we may share Your personal data with:

companies in the same group as Peak Card Services Limited;

our service providers (including their sub-contractors);

payment-processing service providers and others that help us process Your payments and/or provide our services to You;

anyone to whom we transfer or may transfer our rights and duties related to providing the Services;

fraud prevention agencies (in particular, we will always tell fraud prevention agencies if You give us false or fraudulent information. They will also allow other organisations, including law enforcement agencies, to access this information to prevent and detect fraud, money laundering or other crimes.;

any third party after a restructure, sale or acquisition of Peak Card Services Limited, provided that they use the Personal Information for the same purposes as it was originally given to us and/or processed by us.

If we are sharing Your personal data or Sensitive Data with organisations in another country (including outside of the EEA), we will ensure they agree to apply equivalent levels of protection as we do (for this purpose, we will take the necessary legal steps to ensure that such transfer is compliant with the law). If this is not possible – for example because we are required by law to disclose the personal data – we will ensure the transfer of the data is lawful.

An adequate level of protection of personal data will be ensured if a binding act of the European Union establishes it (a list of countries whose data protection standards have been qualified by the European Commission as appropriate, can be found at the following link:

https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu- countries_en # dataprotectionincountriesoutsidetheeu

Data Retention

We will keep the personal information for as long as we are allowed to under the applicable law and for legitimate business purposes, to help prevent fraud and other financial crime, and for other legal and regulatory reasons.

Updating Your personal data

To comply with the law and for Your own security, it is essential that You keep us informed of changes to Your contact, personal details or any other important changes that are relevant to us (e.g. residential address, mobile phone number, email address).

Your data protection rights

In accordance with the law You have the following rights:

Request information about whether we hold personal information about You, and, if so, what that information is and why we are holding/using it.

Request access to Your personal information (commonly known as a data subject access request). This enables You to receive a copy of the personal information we hold about You and to check that we are lawfully processing it.

Request correction of the personal information that we hold about You. This enables You to have any incomplete or inaccurate information we hold about You corrected.

Request deletion of Your personal information. This enables You to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove Your personal information where You have exercised Your right to object to processing (see below).

Object to the processing of Your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about Your particular situation which makes You want to object to processing on this ground. You also have the right to object where we are processing Your personal information for direct marketing purposes.

Object to automated decision-making including profiling, that is not to be subject of any automated decision-making by us using Your personal information or profiling of You.

Request the restriction of processing of Your personal information. This enables You to ask us to suspend the processing of personal information about You, for example, if You want us to establish its accuracy or the reason for processing it.

Request transfer of Your personal information in an electronic and structured form to You or to another party (commonly known as a right to “data portability”). This enables You to take Your data from us in an electronically useable format and to be able to transfer Your data to another party in an electronically useable format.

Withdraw consent. In the limited circumstances where You may have provided Your consent to the collection, processing, and transfer of Your personal information for a specific purpose, You have the right to withdraw Your consent for that specific processing at any time. Once we have received notification that You have withdrawn Your consent, we will no longer process Your information for the purpose or purposes You originally agreed to, unless we have another legitimate basis for doing so by law.

If You want to exercise any of these rights, You can do it:
a. Gibraltar Regulatory Authority, 2nd floor, Eurotowers 4, 1 Europort Road, Gibraltar.
b. verbally by calling the following telephone number: +36 1 7333 111;
c. in electronic form by using the contact methods provided on peakfs.io.

Based on Your consent, the Website places a small piece of data package, a so-called cookie on Your computer, which is read in case of a later visit.

Cookies are text files that help recognize Your browser if You visit our Website again. Cookies do not identify You personally, but the web browser of Your particular computer.

Only the information that You provided, or the choices made while visiting a website, can be stored in a cookie.

The scope of data includes Your IP address, visiting times, operation system installed, type of web browser, regardless of the reasons why You visited the Website.

Cookies that have an exact period of validity (permanent) are stored on Your computer until they are deleted, but no later than the expiration of their validity. You can delete Your cookie from Your computer or disable cookies in Your browser. Please note that certain features will be unavailable if cookies are disabled. We do not sell or convey the information collected by the cookies without Your consent.

Links to other websites

The Website links to other websites. These websites are outside of our control and therefore they are not covered by this Privacy Policy. If You access these websites by clicking on the links on the Website, the linked websites will be subject to the privacy policies displayed there, and those may differ from the Privacy Policy we have provided.

However, the high levels of security that we have formulated and applied provide protection only with certain security practices. Never, in any case, give Your login details to unauthorized persons. If You believe that Your login credentials are compromised, You may be able to change Your data after logging in. Also, please contact us and explain to us in detail why You feel Your data is in danger.

Phishing

Phishing is an illegal activity that seeks to steal personal information and financial information from the owner.

Phishers use fake e-mail addresses to try to steer users on fake websites and to give their personal information, including card identifier data, usernames, and passwords. We will not, in any case, send any messages in which we ask for such information or require Your password to be provided.

Should You receive a suspicious e-mail and asked to provide Your password to someone who claims to be our colleague, please forward the email to help@peakfs.io.

Updating the Privacy Policy

We reserve the right to update and reissue this Privacy Policy without prior notice. The new Privacy Policy will be effective after being published on the Website.