Effective from 14th November 2022
Ibanera Pte Ltd and Ibanera LLC are both Financial Institutions, regulated respectively by the Monetary Authority of Singapore and FinCEN. Both of these institutions formulate a group of Ibanera.
Ibanera LLC, a limited liability company, established in Wyoming with the legal entity code 2020-000936644 and with registered address at 2120 Carey Avenue, Cheyenne, WY 82001, United States. Ibanera LLC is registered with FinCEN as a Money Service Business.
Ibanera Pte Ltd, legal code: 201804993R registered address: 62 Ubi Road 1 #03-08 Oxley Bizhub 2, Singapore 408734 Singapore, holder of a Major Payment Institution license by the Monetary Authority of Singapore.
Please note that in case you provide IBANERA with the information about any person other than yourself, your employees, counterparties, advisers or suppliers, you must ensure that they understand how their information will be used.
You can contact IBANERA by writing an e-mail to firstname.lastname@example.org or post us at our mailing office address at 78 SW 7th St 7-118, Miami, FL 33130, United States.
2. Principles of Processing Personal Data
The principles we follow in order to comply with the need to protect your Personal Data are as follows:
- principle of legality, fairness and transparency – means that the Personal Data with respect to you is processed in a lawful, honest and transparent way;
- purpose limitation principle – means that the Personal Data is collected for specified, clearly defined and legitimate purposes and shall not be further processed in a way that is incompatible with those purposes;
- data reduction principle – means that the Personal Data must be adequate, appropriate and is only necessary for the purposes for which it is processed;
- accuracy principle – means that the Personal Data must be accurate and, if necessary, updated. All reasonable steps must be taken to ensure that Personal Data which is not accurate in relation to the purposes for which it is processed shall be immediately erased or corrected;
- principle of limitation of the length of the storage – means that the Personal Data shall be kept in such a way that your identity can be determined for no longer than is necessary for the purposes for which the Personal Data is processed;
- integrity and confidentiality principle – means that the Personal Data shall be managed by applying appropriate technical or organizational measures in a way, which would ensure the proper security of the Personal Data, including the protection from an unauthorized processing or processing of an unauthorized data against accidental loss, destruction or damage.
3. Information Collected by Ibanera
The categories of Personal Data that IBANERA may collect about you are as follows:
- Basic personal data – name, surname, job title etc.
- Identification information and other background verification data – your and / or your representative’s, ultimate beneficiary owners of legal entities (natural persons who directly or indirectly own or control a legal unit with a sufficient number of shares or voting rights, including through bearer share management) name, surname, personal identification code, date of birth, nationality, address, gender, a copy of passports or ID card, passport’s or ID card’s number, issuance place and date, evidence of beneficial ownership and / or the source of funds, number of shares held, voting rights or share capital part, visually scanned or photographed image of your face or image that you provide through a mobile application or camera, video and audio recordings for identification, telephone conversations to comply with client due diligence/”know your client”/anti-money laundering laws and collected as part of our client acceptance and ongoing monitoring procedures.
- Information related to legal requirements data – data resulting from enquiries made by the authorities, data that enables to perform anti-money laundering requirements and ensure the compliance with international sanctions, including the purpose of the business relationship and whether customer is a politically exposed person and other data that is required to be processed by the Company in order to comply with the legal obligation to “know your client”.
- Financial transaction data – beneficiary details, date, time, amount and currency which was used, name/IP address of sender and receiver; accounts number (e.g. IBAN), details of debit cards and credit cards if relevant, amount of transactions, income, currency, location, etc.
- Contact Data – registered/actual place of residence, phone number, e–mail address etc.
4. Purposes and Legal Basis for Personal Data Processing
IBANERA collects personal data for the purposes listed below:
- Conclusion of the contract or for performance of measures at your request prior to the conclusion of the contract
For this purpose, IBANERA may process your Basic Personal Data, Identification data and other background verification data, Contact Data, and other Personal Data (in order to identify the possibility of providing services). The legal basis for the processing of the above-mentioned data are the following: to take necessary steps before the conclusion of the contract, to fulfil legitimate interests and/or fulfil the legal obligations applicable to IBANERA.
- For the fulfilment of a contract concluded with you, including but not limited to provision of services of issuance, distribution and redemption of e-money and provision of payment services
For this purpose, IBANERA may process your Basic Personal Data, Identification data and other background verification data, Financial transaction data, information related to legal requirements, Contact Data and other Personal Data provided to IBANERA by or on behalf of the client or generated by IBANERA in the course of providing services.
The legal basis for the processing of the above-mentioned data is the following: performance of a contract, fulfilling legitimate interests and/or compliance with legal obligations applicable to IBANERA.
- To comply with legal obligations (e.g. implementation of the obligations under the Law on Money Laundering and Terrorist Financing Prevention of the Republic of Lithuania and other fraud and crime prevention purposes) and risk management obligations
For this purpose, IBANERA may process your Basic Personal Data, Identification and other background verification Data, Financial transaction Data, Information which is related to legal requirements, Contact Information and other Personal Data provided to us by or on behalf of you or generated by us in the course of providing services.
The legal basis for the processing of the above-mentioned data is the following: fulfilling legitimate interests and/or compliance with legal obligations applicable to IBANERA.
- To provide an answer when you contact IBANERA through the website or other communication measures
For this purpose, IBANERA may process your Basic Personal Data, Contact Data and other Personal Data provided to us by or on behalf of you.
The legal basis for the processing of the above-mentioned data is the following: your consent, fulfilling legitimate interests of IBANERA.
Contract performance means: processing your Personal Data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
Legitimate interest means: the interest of IBANERA as a business in conducting and managing IBANERA services to enable IBANERA to provide to you and offer the most secure experience.
Legal obligation means: processing your Personal Data where it is necessary for compliance with a legal or regulatory obligation that IBANERA is subject to.
5. How Ibanera Obtains your Personal Data
Personal Data that IBANERA may collect from third parties:
- when it is provided to IBANERA by a third party which is connected to you and/or is dealing with IBANERA, for example, business partners, subcontractors, service providers, merchant etc.;
- third party sources, for example, register held by governmental agencies or where IBANERA collects information about you to assist with “know your client” check-ups as part of IBANERA client acceptance procedures, such as sanctions list, politically exposed persons list, etc.;
- from banks and/or other finance institutions in case the Personal Data is received while executing payment transactions;
- from publicly available sources – IBANERA may, for example, use sources to help IBANERA keep your contact details that IBANERA already possesses accurate and up to date or for professional networking purposes or for providing IBANERA services;
from other entities which IBANERA collaborates with.
In order to make your identity verification, we are using Jumio and Refinitiv solution. Jumio and Refinitiv are used for comparing live photograph data or video record of yourself and your ID card/passport in order to comply with client due diligence / ”know your client” / anti-money laundering laws and other legal requirements. The result of the face recognition (match or mismatch) will be retained how long it is necessary to carry out identity verification and for the period required by anti-money laundering laws.
IBANERA conducts your identity verification using Jumio and Refinitiv solution on a consent basis.
If you do not feel comfortable with this method, you may contact us by email email@example.com for alternative way to identify yourself.
6. Sharing of Personal Data
IBANERA may transfer your Personal Data to the following categories of recipients:
- State Tax Inspectorate, other state and municipal institutions, bodies, organizations, and other public administration entities;
- Financial Crime Investigation Service, other pre-trial investigation bodies, courts, bailiffs, notaries;
- IBANERA business partners, agents or intermediaries who are a necessary part of the provision of IBANERA products and services;
- commercial banks, other financial institutions;
- law, finance, tax, business management, personnel administration, accounting advisors, etc.;
- service providers who make your identity verification by using their IT solutions;
- Companies providing services for money laundering, politically exposed persons and terrorist financing check-up and other fraud and crime prevention purposes and / or companies providing similar services;
- external service providers (that provide such services as, for example, system development and/or improvement, audit services);
- beneficiaries of transaction funds receiving the information in payment statements together with the funds of the transaction;
- other persons with whom IBANERA intends to conclude or has concluded a contract (s);
- other persons who are required access to the data in order to exercise their legal obligations, by a legitimate interest or with the consent of the shareholders or the beneficiary.
7. International Transfers of Personal Data
As IBANERA provides international services, your Personal Data may be transferred and processed outside the United States (hereinafter – USA).
The transfer of Personal Data may be considered as needed in such situations as, e.g.:
- in order to conclude the contract between you and IBANERA and/or to fulfil the obligations under such contract;
- in cases indicated in laws and regulations for protection of IBANERA lawful interests, e.g.
- in order to bring proceedings in court/other governmental bodies;
- in order to fulfil legal requirements or
- in order to realize public interest.
This can be done in a number of different ways, for example:
- the country to which IBANERA sends the Personal Data, a territory or one or more specified sectors within that third country, or the international organization is approved by the European Commission as having an adequate level of protection;
- the Data recipient which is in the third country has signed standard data protection clauses which are approved by the European Commission;
- if the Data recipient is located in the US, it may be a certified member of the EU–US Privacy Shield scheme;
- special permission has been obtained from a supervisory authority.
IBANERA may transfer Personal Data to a third country by taking other measures if it ensures appropriate safeguards as indicated in the GDPR.
8. Retention Terms of Personal Data Processing
IBANERA will keep your Personal Data for as long as it is needed for the purposes for which your data was collected and processed but no longer than it is required by the applicable laws and regulations. This means that IBANERA stores your data for as long as it is necessary for providing services and as required by retention requirements in laws and regulations.
If the legislation of the Republic of Lithuania does not provide any period of retention of Personal Data, this period shall be determined by IBANERA, taking into account the legitimate purpose of the data retention, the legal basis and the principles of lawful processing of Personal Data as well as following the principle of storage limitation.
- as long as your consent remains in force, if there are no other legal requirements which shall be fulfilled with regard to the Personal Data processing;
- in case of the conclusion and execution of contracts – until the contract concluded between you and IBANERA remains in force and up to 10 years after the relationship between you and IBANERA has ended;
- the Personal Data collected for the implementation of the obligations under the Law on Money Laundering and Terrorist Financing Prevention shall be stored in accordance with the Law on Prevention of Money Laundering and Terrorist Financing of the Republic of Lithuania up to 8 (eight) years. The retention period may be extended for a period not exceeding 2 (two) years, provided there is a reasoned request from a competent authority.
In the cases when the terms of data keeping are indicated in the legislative regulations, the legislative regulations are applied.
Your Personal Data might be stored longer if:
- it is necessary in order for IBANERA to defend itself against claims, demands or action and exercise its rights;
- there is a reasonable suspicion of an unlawful act that is being investigated;
- your Personal Data is necessary for the proper resolution of a dispute / complaint;
- under other statutory grounds.
9. Your Rights in Relation to the Personal Data
You as a data subject have rights in respect of Personal Data IBANERA holds on you. Under certain circumstances and in accordance with EU or other applicable data protection laws, you may have the right to:
- get familiar with your Personal Data and how it is processed – you have the right to obtain information about which Personal Data about you that IBANERA processes. Your right to access may, however, be restricted by legislation, protection of other persons’ privacy and consideration for the Company’s business concept and business practices. The Company’s know-how, business secrets as well as internal assessments and material may restrict your right of access;
- demand rectifying incorrect or incomplete data – if it turns out that IBANERA processes Personal Data about you that is inaccurate, you have the right to request a rectification of the Personal Data. You can also request to have incomplete Personal Data about you completed;
- erasing your Personal Data – you have the right to have any or all of your Personal Data erased. In certain cases, IBANERA cannot erase all of your Personal Data. In such case this would be due to the fact that IBANERA needs to store your Personal Data due to a contractual relationship or law;
- restricting the processing of your Personal Data – you have the right to demand that IBANERA’s processing of your Personal Data be restricted for a period of time. This can pertain, for example, to a situation where you believe data about you is inaccurate and IBANERA needs to verify it. It can also pertain to a situation where you object to processing that IBANERA bases on a legitimate interest. In such case IBANERA must verify if IBANERA grounds override yours;
- transfer your Personal Data to another data controller or provide directly to you in a convenient format (NOTE: applicable to Personal Data which is provided by you and which is processed by automated means on the basis of consent or on the basis of conclusion and performance of the contract);
- object to any processing based on the legitimate interests ground unless IBANERA reasons for undertaking that processing outweigh any prejudice to your data protection rights;
- to withdraw your consent so that IBANERA stops that particular processing when processing is based on consent. However, such consent withdrawal does not affect the lawfulness of processing based on consent before its withdrawal;
- not to be subject to a decision based solely on automated processing;
- lodge an appeal to the office of the State Data Protection Inspectorate – if you have an objection about how IBANERA has processed your Personal Data, you can turn to the supervisory authority concerned.
IBANERA will exercise your rights only after receives your written request to exercise a particular right indicated above and only after confirming the validity of your identity. The written request shall be submitted to IBANERA by sending it to the address of our registered office by ordinary mail, e-mail firstname.lastname@example.org or submitting such request via your account.
Your requests shall be fulfilled or fulfilment of your requests shall be refused by specifying the reasons for such refusal within 30 (thirty) calendar days from the date of submission of the request meeting IBANERA’s internal rules and GDPR. The afore-mentioned time frame may be extended for 30 (thirty) calendar days by giving a prior notice to you if the request is related to a great scope of Personal Data or other simultaneously examined requests. A response to you will be provided in a form of your choosing as the requester.
10. The Right to Lodge a Complaint
You can submit a complaint to IBANERA if you reasonably believe that processing of Personal Data related to you is performed in violation of the applicable legal requirements.
You can file a complaint regarding the Personal Data in the same manner as specified above the section “Your rights in relation to the Personal Data”. It must include your name, surname, contact details, relevant information, which would indicate why you reasonably believe that the processing of the data related to you is performed in violation of the applicable legal requirements. You can add other available evidence that justifies the need for such a complaint.
In case you consider that IBANERA’s processing of your Personal Data is processed in a way that violates your rights and legitimate interests stipulated by applicable legislation, you may also lodge a complaint with a supervisory authority – the State Data Protection Inspectorate.
If you access IBANERA information or services through the website, you should be aware that IBANERA uses different cookies.
For more information on how to control cookies and browser settings or how to delete cookies, please read IBANERA Cookies Policy available on the website www.ibanera.com.