1. INTRODUCTION 

This Privacy Policy tells you what to expect when  VIP Payments Ltd (“VIPP”) (referred to as “the Company”, “we” “us” or “our”) collects, uses, protects, retains and shares personal information. The Company and its group is committed to safeguarding the data that our website visitors and service users share with us. This privacy policy explains how the Company processes information that can be used to identify directly or indirectly an individual (“Personal Data”) collected using its website and platform. 

For the purposes of this Policy, the Company defines the term “User”, “Visitor”, “Client” or “You” as a natural or legal person, either a visitor of the Company’s website or as the user with a trading account with the Company. 

Any information stored on the Company’s platform is treated as being confidential. All information is stored securely and is accessed by authorised personnel only. The Company implements and maintains appropriate technical, security and organisational measures to protect Personal Data against unauthorised or unlawful processing and use, and against accidental loss, destruction, damage, theft or disclosure. 

1.1 General 

All your data collected either under your consent, or for the performance of a contract between you and us or collected on our website, transferred, processed and maintained, is treated lawfully and for strict purposes. It is our responsibility to keep your information confidential and secure. 

The terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, unless otherwise defined in this Privacy Policy. 

2. CONTROLLER  

VIPP is the controller and responsible for your personal data in accordance with the applicable data protection laws. 

VIPP is incorporated and established under the Laws of United Kingdom with company Number 09841893 having its registered address at 39 Fitzroy Square, London, England, W1T 6EZ. The website  https://vip-360.com is owned by VIPP. 

VIPP is a small Payment Institution, registered with and regulated by the Financial Conduct Authority, under the Payment Regulations 2017 (URN 750503) and a licenced money transmitter with HM Revenue & Customs (XQML00000192379). 

3. CONTACT DETAILS 

Our full details are: 

Full name of legal entity: VIP Payments Ltd 

Email address: dpoUK@vip-360.com

Postal address: 39 Fitzroy Square, London, England, W1T 6EZ. 

Telephone Number: +44 (0) 208 095 0370. 

The supervisory authority responsible for us is: 

Information Commissioner’s Office 

Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF 

Tel No.: 0303 123 1113  

4. PERSONAL DATA COLLECTED 

The Data Controller shall collect the following categories of Personal Data: 

4.1 Voluntary contents and information provided by the User 

    • Contact information and contents: Personal Data that the User voluntarily provides to the Application during use, such as personal details, contact information, login credentials to services and / or products provided, transactions, and any other personal information as defined by the applicable legislation; 
    • If the User does not communicate Personal Data, for which there is a legal or contractual obligation, will be impossible to the Data Controller to provide, in whole or in part, its services. It will be impossible also in case that Personal Data is necessary requirement for the use of the service or for the contract conclusion; and 
    • The User who communicates to the Data Controller third parties Personal Data, is directly and exclusively liable for their origin, collection, processing, communication or disclosure. 

 4.2. Data and contents automatically acquired while using the Application 

    • Technical Data: the computer system and the software procedures functional to this Application may acquire, during their ordinary activity, any Personal Data whose communication is implicit in the use of internet communication protocols. Such information is not collected to be associated with identified Users, however, those Data, due to its nature, may identify Users in the Processing and through the association with Data held by third parties. This category includes IP addresses or domain names used by Users who connect to the Application, addresses of Uniform Resource Identifier (URI) of the requested resources, time of the request, method used submitting the request to the server, size of the file obtained, etc; and 
    • Usage Data: Data may be collected relating to the use of the Application by the User, such as the pages visited, the actions performed, the features and services used by the User. 

4.3. Personal Data collected through cookies or similar technologies 

This Application uses cookies, web beacons, unique identifiers and any other similar technologies to collect Data regarding pages, visited links and other actions, which you may perform while using our Services. They are stored for being communicated back to the same websites at the next visit of the User. 

During your visit to our website, your computer may be issued with cookies. Cookies are files containing a small amount of data that are commonly used as an anonymous unique identifier. These are sent to your browser from our website when you visit and are stored on your computer’s hard drive. 

Our website uses these “cookies” to collect information and to improve our service. You have the option to either accept or refuse these cookies and know when a cookie is being sent to your computer. If you choose to refuse our cookies, some portions of our service will not be available any longer. 

Cookies are commonly used on the Internet and do not harm your system. Cookies have several uses. 

The cookies used on our website fall into three categories: 

    • Functional: These cookies are used to enable core website functionality and do not contain any personal information; 
    • Analytics: These cookies allow us to count page visits and traffic sources, so we can monitor and improve the performance of our website; and 
    • Advertising cookies: We partner with affiliate networks and other websites to help promote our business. If you use their websites or have come to our site via these affiliates, then their cookies will be sent through our website. 

 When you enter our websites for the first time, we provide you with an opportunity to accept or decline the usage of cookies. You can also delete and block cookies at any time from this site through your browser, but some features on this site will not function without cookies. 

You can change the preferences or settings in your web browser to control cookies. In some cases, you can choose to accept cookies from the primary site but block them from third parties. In others, you can block cookies from specific advertisers or clear out all cookies. 

For further information, please refer to our the Cookies Policy found in our website. 

5. PURPOSES OF PROCESSING  

Collected Personal Data may be used for the performance of contractual and pre-contractual obligations and legal obligations. 

All your data collected either under your consent, or for the performance of a contract between you and us or collected on our website, transferred, processed and maintained, is treated lawfully and for strict purposes. It is our responsibility to keep your information confidential and secure. 

5.1. Other purposes 

We process the information provided by you for the following other purposes, on basis of the performance of a contract between you and us, to comply with applicable legal obligations and to provide you with good customer service: 

    • to conclude and execute agreements with you and provide services to you; 
    • to send administrative information to you, for example, information regarding our websites and changes to our Terms and Conditions; 
    • to process consumer transactions on behalf of you; 
    • to complete and fulfill your order, have your order delivered to you, communicate with you regarding the service and provide you with related customer service; 
    • to respond to your inquiries and fulfill your requests, such as to respond to your questions and comments; 
    • to contact you when we have an obligation to do so; 
    • to offer and facilitate the provision of services upon your request; 
    • to improve our service and develop new services; 
    • to resolve conflicts, manage litigation, resolve issues, and provide you with customer service (including troubleshooting in connection with customer issues); 
    • to provide you with updates and announcements concerning our products, promotions, and programs and to send you invitations to participate in special programs (direct marketing). The personal data collected for direct marketing purposes may be processed only with the unambiguous active consent of you, which clearly indicates that you agree with the processing of your personal data for direct marketing. You have a right to withhold your consent or withdraw previously given consent without any adverse effect; 
    • to personalise your experience on the website by presenting products and offers tailored to you. The legal basis for data processing is our legitimate interest; 
    • for our business purposes, such as analysing and managing our businesses, business mergers, and acquisitions, market research, audits, developing new products, enhancing our websites, identifying usage trends, determining the effectiveness of our promotional campaigns and gauging customer satisfaction; 
    • as we believe to be necessary or appropriate:  
    • under applicable law, including laws outside your country of residence;  
    • to comply with legal process; 
    • to respond to requests from public and government authorities, including public and government authorities outside your country of residence; 
    • to enforce our terms and conditions; 
    • to protect our operations or those of any of our affiliates; 
    • to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others; and 
    • to allow us to pursue available remedies or limit the damages that we may sustain. The legal basis for processing is in compliance with our legal obligation. 
 

6. VISITORS AND USERS OF OUR WEBSITE 

6.1. Log data 

Whenever you use our service or visit our websites, we collect information that your browser sends to us that is called Log Data. This Log Data includes information such as your computer’s Internet Protocol (“IP”) address, browser version, pages of our service that you visit, the time and date of your visit, the time spent on those pages, and other statistics, Google Analytics ID, internet browser and device type, and your language preferences. 

6.2. Contact us data 

If you are one of our existing customers and you prefer to get in contact with us, you can use the options provided on our “Contact Us” page. We also may contact you to provide you with information about our products and services. 

If you are not one of our customers yet or when you share data with us at events or exhibitions these data include your company name, name, email address, telephone number and other business-related information you give us. All this information is processed for our legitimate interest to contact you, to provide you with information in relation to our products and services. You always can opt out of receiving such information. 

7. SOCIAL MEDIA BUTTONS  

On our website, we use plugins from social media such as LinkedIn, Instagram, YouTube and Twitter which you can recognise by their respective logos. These plugins do not store any of your personal data unless you click on the logos or videos. By clicking on these logos or videos, the respective plugins are activated and automatically transmit data to the plugin provider. 

It is not in our influence what data these providers collect from you, or the extent to which they process data. For more information about the data processing by these providers, please refer to their privacy policies. 

8 PERSONAL DATA PROCESSING METHODS 

The Processing of Personal Data is performed with paper, IT and/or digital tools, with methods of organisations and with logics strictly related to the indicated purposes. 

In certain cases, subjects other than the Data Controller who are involved in the organisation of the Data Controller (such as personnel management, sales personnel, system administrator’s employees, etc.) or who are not (as IT companies, service providers, postal couriers, hosting providers, etc.) may access to Personal Data. These subjects will be appointed, where necessary, as Data Processors by the Data Controller and will have access to Users Personal Data whenever required and shall be contractually obliged to keep it confidential.  

The updated list of Data Processors may be requested via email at the email address supportUK@vip-360.com.

9. TRANSFER OF DATA TO 3RD PARTIES

We employ third-party companies and individuals that may be located outside of the European Economic Area (EEA) due to the following reasons: 

    • to facilitate our service; 
    • to provide the service on our behalf; 
    • to perform service-related services; and 
    • to assist us in analysing how our service is used 
 

We want to inform our service users that these third parties have access to your personal information. The reason is to perform the tasks assigned to them on our behalf. However, they are obliged not to disclose or use the information for any other purpose. 

Personal information will only be transferred in the following circumstances: 

    • To other companies that provide us with services. We share Personal Data with other partners who perform services and functions on our behalf. These partners, for example, provide services to you as defined in our service contracts; 
    • To financial institutions with whom we work together to develop or provide a product or service; 
    • To other parties when you use their services, such as: to merchants, and service providers: We may disclose information to other participants in your transactions when you use the services. The information we share includes person-related data required to complete the transaction; 
    • Personal Data needed by other transactional participants to resolve conflicts and to investigate and prevent fraud; 
    • Anonymised data and performance analytics that help us better understand the use of our services and increase the satisfaction of our customers; 
    • To third parties for our business purposes or as permitted or required by law; 
    • To protect the essential interests of a person; and 
    • To investigate violations of any User Agreement or other legal provision applicable to our services or to enforce such legal instruments to protect our assets, services and rights. 
 

10. GROUP COMPANIES  

To fulfill some of our processes we must transfer your personal data to other parts of our group companies, which are in other countries. We have assured that our group companies are in accordance with the requirements of the European Data Protection Regulation (EU 2016-679) and all other applicable data protection laws. 

11. LEGAL BASIS FOR THE PROCESSING 

The Data Controller processes Personal Data regarding the User under the following conditions: 

    • the User has given consent for one or more specific purposes; or  
    • for the performance of a contract between you and us. 

12. DATA ENCRYPTION AND TECHNICAL SECURITY MEASURES

To prevent illegal manipulation through a third person, the IP address of the logged-on computer will be requested and saved. In addition, all your personal data is protected from unauthorised access by a firewall, a computer that is fitted with complex security technology specifically designed to shield the company’s network from the Internet.  

We also use encryption and other security technologies to protect confidential information from unauthorised access. We ensure that information, personal data and data under our responsibility is properly backed up and that arrangements for recovery processes are in place. Additionally, the company uses reliable internal data protection mechanisms combined with a restrictive security system.  

13. PLACE  

Personal Data are processed in the operative offices of the Data Controller and in any other place in which the parties involved in the Data processing are located. For further information, you may contact the Data Controller at the following dpoUK@vip-360.com or at the following address: 

    • 39 Fitzroy Square, London, England, W1T 6EZ. 
 

14. SECURITY OF PROCESSING 

The Data Processing is performed through adequate methods and tools to ensure the Personal Data security and confidentiality, as the Data Controller has implemented appropriate technical and organisational measures which guarantee, in a provable way, that the Processing complies with the applicable law. 

15. PERIOD OF DATA STORAGE 

Please refer to our Data Retention Policy for full details.  

16. RIGHTS OF THE USER 

Under certain circumstances, you have rights under data protection laws in relation to your personal data: 

    • Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing; 
    • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us; 
    • Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request; 
    • Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which overrides your rights and freedoms; 
    • Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it; 
    • Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine -readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you; and 
    • Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing conducted before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.  

If you wish to exercise any of the rights set out above, please contact us to the following email: dpoUK@vip-360.com

    • In your email, please explain in detail your request. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. 

 

17. HOW WE OBTAIN YOUR CONSENT 

When we are requesting consent to process your Personal data, the following will apply to all means by which consent is obtained. We will: 

    • require a positive opt-in and will not use pre-ticked boxes or any other method of default consent; 
    • present a very clear and specific statement of consent to the data subject; 
    • keep consent requests separate from other terms and conditions; 
    • not use vague or blanket consent but will be specific and granular in all statements of consent; 
    • be clear and concise in all statements of consent; 
    • name any 3rd party who will rely on the consent; 
    • make it easy for people to withdraw consent and tell them how, by means of an email on initial consent and on any further correspondence to the individual, by providing a link to withdraw consent; 
    • keep evidence of consent, who, when, how, and what we told people; and 
    • review consent at least annually and on any changes to the process, content or use of gathering personal information. not make consent a precondition of service. 

The following message(s) will be clearly presented to the individual when requesting consent to process personally identifiable information. 

We will collect and store the information in this form for the following purposes: 

    • to contact you once you have submitted a form on our website 
    • to send you information which we think may be of interest to you 
    • to send you marketing communications related to our products and services 
    • to comply with regulations 

 

18. ROLES AND RESPONSIBILITIES

Our Board of Directors has an ongoing oversight of this policy and related procedures. The Data Protection Officer is responsible for providing support and co-ordination for senior management with a focus on managing risk associated with Privacy and to develop and deploy appropriate oversight, monitoring and controls to ensure compliance with applicable regulatory requirements this policy. 

19. AMENDMENTS TO THE POLICY 

This document is reviewed at least once in every 12-month period under the Compliance Monitoring Programme. It is also reviewed in the event that we become aware of any regulatory changes or other considerations that may affect the policies contained within it.  

20. INFORMATION, COMPLAINTS AND CONTACT 

If you have any further questions regarding the data the Company collects, or how we use it, then please feel free to contact us by email at: dpoUK@vip-360.com

VIP Payments Ltd, registered in England and Wales no. 09841893 as a Small Payment Institution with the Financial Conduct Authority no. 750503, of 39 Fitzroy Square, London, W1T 6EZ, UK. VIP Payments is a member of the BLK Financial Group.

© Copyright 2024 VIP Payments (operating under the brand VIP360). All rights reserved.