Who is responsible for processing of your data?
Denarius Group XXI, S.L.
Company ID: ESB02669398
Registered Office: Calle Marqués de Larios nº.7 Primera planta, 29005 Málaga (Spain).
Information about the Data Protection Officer(‘DPO’):
DPO contact details:
2. Information and Acknowledgement
3. Mandatory provision of data
We want to inform you that Denarius will use and obtain IP addresses and further identifiers provided by your mobile device when you use the App correctly. Similarly, the personal data provided through Denarius’s Website or through the App are, unless otherwise specified, necessary for the purposes established. Denarius will not be able to offer its full services if that data is not provided.
4. How we use the data we collect? How do we use your data and for how long?
Denarius will process the data you provide as follows:
- Register you as a user of the App and fulfill the terms of your account. Please note that Denarius will need to exchange your data with third-party partners in order to offer you our services. We receive information from users that have registered in the App as well as from those who consult our services through the Denarius website, even if they have not created an account. We base this processing on the necessity to perform contracts concluded with you or in order to take steps (Article 6(1)(b) of the General Data Protection Regulation (‘GDPR’).
- Manage payments and execute your payment orders through the App and manage the correct functioning of the App. We base this processing on the necessity to perform contracts concluded with you (Article 6(1)(b) of the GDPR).
- Assess the risk of new payment transactions in Denarius. For this, we rely on our legitimate interest to control risk and manage our commercial exposure (Article 6(1)(f) of the GDPR).
- Prevent, investigate and/or discover fraud. We process data for this purpose to ensure compliance with our legal obligations (Article 6(1)(c) of the GDPR) and for our legitimate interest to protect ourselves, our users, or any third parties (Article 6(1)(f) of the GDPR).
- Send you, by any means, including electronic means, commercial communications in relation to products and services offered by Denarius. These communications will be adapted to your use of the App or Website. Denarius will process this data based on the relationship it has with the user, understanding that those communications will always be related to Denarius’s products and services. We will send you our commercial communications based on our legitimate interest to promote our business (Article 6(1)(f) of the GDPR). In some cases, where we cannot rely on our legitimate interest, we will send you communications on the basis of your consent (Article 6(1)(a) of the GDPR). We may also create a commercial profile of the user to offer tailored commercial actions, unless you do not want us to, or you oppose or withdraw your consent.
- Manage the commercial relationship with you, and answer any questions, problems, or incidents you may have when you contact us through the App. The legal basis for processing is our need to fulfill or facilitate the fulfillment of our contractual obligations to you (Article 6(1)(b) of the GDPR).
- Carry out the necessary requirements to manage candidate selection processes. We do this to fulfill our legitimate interests to manage our human resources and employment procedures (Article 6(1)(f) of the GDPR).
- Create anonymous statistical reports regarding the activity of users within the App. This is for our legitimate interest to manage our statistical data and improve our services (Article 6(1)(f) of the GDPR)
5. What information do we collect?
Denarius processes the following data:
- Identification data: name, last name, official identification document, phone number, email, address, personal picture, social media handle (when contacting us through those means).
- Security PIN
- Personal data and personal characteristics included in official identification document: place of birth, place of residence, date of birth, sex, nationality, and any other relevant information printed on your identity document.
- Financial data: details of your bank account, IBAN code, details of your debit and credit card, relevant expiry dates and CVV.
- Contacts of the user: phone numbers of the contact list of the user.
- Location information: we obtain information on your IP address when you use the App. We use technology to determine your location such as a GPS system or your IP address. You can always choose to share your location, but it is not required nor is it necessary for most of the services offered by Denarius. If you decide not to share it, we will not be able to offer you the services that require your location.
6. How long do we keep your data?
Personal data will be kept until you request its deletion, or, where personal data is processed on the basis of your consent, until you withdraw your consent. In absence of these actions, we store your data for the duration of our relationship with you and 6 years after the fiscal year in which our relationship ends in order to help comply with any legal investigations or requests from competent authorities.
7. Disclosure of your information
Denarius may disclose your data to:
- Public Administrations, Tax Authorities Courts, and other state institutions in order to comply with a legal obligation.
- Similarly, Denarius works with some third-party partners, and data processors, that could have access to your data and process that data on behalf of Denarius. This is needed to provide you with Denarius services.
Specifically, some of these partners are in the following industries: payment processors, NFC readers, legal counsels, software developers, physical security companies, mailing providers etc.
Some of these data processors such as Google Cloud Services, Mixpanel, and Twilio are outside the European Economic Space. However, all of them are listed in the EU_US Privacy Shield (www.privacyshield.gov/list) and guarantee the adequate protection of the rights of residents in the EU.
8. Marketing communication and promotions
We will use the data provided to us to inform you about promotions, offers, events or any other relevant information that could be of your interest. Every time we send out any of these communications, they will be directed to those users who have not specified their preference to be exempted from them.
If you do not wish to continue receiving commercial or promotional information, you can request it by email at [email protected].
9. Which are your legal rights?
As a user, you always have the right to freely exercise the following rights at no cost:
- Withdraw consent at any time wherever we are relying on consent to process your personal data.
- Obtain confirmation pertaining to whether or not Denarius is processing your personal data.
- Request access to your personal data.
- Request corrections to your personal data.
- Request erasure of your personal data, when, among other things, there is no good reason for us to continue processing your data.
- Object to processing of your personal data.
- Restrict processing of your personal data.
- Request the transfer of your personal data.
- File a complaint with a supervisory authority such as the Agencia Española de Protección de Datos (www.aepd.es), located at C/Jorge Juan, 6 de 28001 Madrid (Spain), whenever you feel Denarius has not respected your rights in accordance with data protection regulation.
In accordance with current regulation, you will be able to exercise your rights by sending a letter with details about what rights you wish to exercise along with a copy of your identification to the following address: Calle Marqués de Larios nº.7 Primera planta, 29005 Málaga (Spain), or by email to [email protected], addressed to the Data Protection Officer.
10. Websites and third-party services
Our website and our App can have links to other Websites, Apps, or to third-party-provided services. The data collected by third parties, including the geographical location or contact data, will follow their respective privacy policies. For this purpose, we recommend you review their privacy policies to be informed about the security measures they take to protect your data.
11. Security measures
Denarius will process your personal data in a strictly confidential way, respecting the privacy, secrecy, and security of your information, in accordance with the applicable regulation. In order to achieve this Denarius will implement the legal, technical, and organizational measures required to avoid the alteration, loss, unauthorized access, or processing of your data, given the state of technology, the nature of the data processed, and the risks to which it is exposed. Sadly, there are no perfect security measures, and security breaches can still happen. Should this be the case, we will take urgent measures to minimize any potential damage to you or others.
Denarius recommends that minors do not send personal data without parental consent. Denarius does not take responsibility for personal data that could have been provided to us by minors younger than 14 years of age without parental consent.