This policy was last reviewed on 22 March 2022
1.1 Privacy statement
• are a visitor to our website
• work for one of our Members, or are a connected individual of that Member (for example directors, beneficial owners)
• work for one of our suppliers
• are one of our business contacts
1.3 Who is the Controller of your Personal Data?
This website is controlled by Fiat Republic Ltd, a UK company located at 14 Point Hill London, SE10 8QL, United Kingdom. If you are a visitor to this website, Fiat Republic Ltd is the Controller of your Personal Data in this context.
Our Services are offered through subsidiaries of Fiat Republic Ltd:
• Fiat Republic Netherlands BV, a Dutch company located at Joop Geesinkweg 501, 1114AB Amsterdam-Duivendrecht, The Netherlands
• Fiat Republic Canada, Inc, a Canadian company located at 67 Yonge Street, Suite 701, Toronto, ON M5E 1J8, Canada
• Fiat Republic US Inc, an American company located at 88574, 111 NE 1st St, 8th Floor, Miami, FL, Miami-Dade, United States
In these circumstances, the Fiat Republic Group company that your company engages with in relation to our Services is the Controller of your Personal Data.
2. LEGAL BASIS FOR DATA COLLECTION
We may collect, use, store and transfer different kinds of Personal Data about you which we have grouped together below in 3.1.
We do not collect any of the following types of Special Categories of Personal Data about you:
• Race or ethnicity
• Religious or philosophical beliefs
• Sex-life or sexual orientation
• Trade union membership
• Information about your health
• Genetic and biometric data
We may in some cases through the carrying out of checks required by anti-money laundering (AML) laws collect the following Special Categories of Personal Data:
• Political opinions (where you are identified as a Politically Exposed Person (PEP) by a third party service provider or open source search that we undertake)
• Criminal convictions or offences (where this information is publicly available and provided to us by a third party service provider or through open source research that we undertake)
2.2 The Legal Basis for Collecting That Data
There are a number of justifiable reasons under the GDPR that allow collection and processing of Personal Data. The main avenues we rely on are:
• “Consent”: Certain situations allow us to collect your Personal Data, such as when you tick a box that confirms you are happy to receive email newsletters from us, or ‘opt in’ to a service.
• “Contractual Obligations”: We may require certain information from you in order to fulfil our contractual obligations and provide you with the promised service.
• “Legal Compliance”: We’re required by law to collect and process certain types of data, such as fraudulent activity or other illegal actions.
“Legitimate Interest”: We might need to collect certain information from you to be able to meet our legitimate interests – this covers aspects that can be reasonably expected as part of running our business, that will not have a material impact on your rights, freedom or interests. Examples could be your address, so that we know where to deliver something to, or your name, so that we have a record of who to contact moving forwards.
3. HOW WE USE YOUR PERSONAL DATA
3.1 Our Uses
We will only use your Personal Data when the law allows us to. Set out below is a table containing the different types of Personal Data we collect when you access our website and Services and the lawful basis for processing that data. Please refer to section 2.2 for more information on the lawful basis listed in the table below.
Examples provided in the table below are indicative in nature and the purposes for which we use your data may be broader than described but we will never process your data without a legal basis for doing so and it is for a related purpose. For further inquiries please contact us.
|Data we collect||Reason for processing|
|Login Information, including information about the IP address you login from, the type of browser and version.||Contractual obligations
|Information required to fulfil certain regulatory requirements, including ‘Know-your-customer’ (KYC) and anti-money laundering laws (AML), including the following:
• Full name
• Addresses, including email, corporate and residential address
• Telephone number
• Business information, including certificates of incorporation, register of directors and shareholders and any other data required to validate beneficial ownership
• Date and place of birth, gender, citizenship and/or nationality
• Bank account information
• Your status as a politically exposed person
• Evidence of source of funds
• Identification documents to prove your identity, such as a passport or national identity card
• Fiat transaction history and account balances in connection with your use of certain Services
• Crypto wallet addresses and transaction information related to the provision of a connection fiat transaction
|Security Information, including passwords and device information used to conduct two-factor-authentication checks||Contractual Obligations
|Information we collect from other sources, including through our partners, suppliers and public sources:
• The bank accounts that you use to transfer money to/from us
• Analytics and search providers may aggregate and provide publicly held data about you to us, for example for compliance or advertising purposes
|Marketing and Communications Data: This is your preferences in receiving marketing information and other information from us.||Consent|
3.2 Marketing and Content Updates
You will receive marketing and new content communications from us unless you specifically request that you would not like to receive these communications. From time to time we may make suggestions and recommendations to you about goods or services that may be of interest to you through the Fiat Republic Consortium.
3.3 Change of Purpose
We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your Personal Data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your Personal Data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
4. YOUR RIGHTS AND HOW YOU ARE PROTECTED BY US
4.1 How Does Fiat Republic Protect Customers’ Personal Data?
We are concerned with keeping your data secure and protecting it from inappropriate disclosure. Any Personal Data collected by us is only accessible by a limited number of employees who have special access rights to such systems and are bound by obligations of confidentiality. If and when we use subcontractors to store your data, we will not relinquish control of your Personal Data or expose it to security risks that would not have arisen had the data remained in our possession. However, unfortunately no transmission of data over the internet is guaranteed to be completely secure. It may be possible for third parties not under the control of Fiat Republic Ltd to intercept or access transmissions or private communications unlawfully. While we strive to protect your Personal Data, we cannot ensure or warrant the security of any Personal Data you transmit to us. Any such transmission is done at your own risk. If you believe that your interaction with us is no longer secure, please contact us.
4.2 Opting Out Of Marketing Promotions
You can ask us to stop sending you marketing messages at any time by contacting us at any time. Where you opt out of receiving these marketing messages, we will continue to retain other Personal Data provided to us as a result of interactions with us not related to your marketing preferences.
4.3 How to Request your Data and the Process for Obtaining it
You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, if your request is clearly unfounded, we could refuse to comply with your request.
We may need to request specific information from you to help us confirm your identity and ensure you have the right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
4.4 How to make a complaint
You have the right to make a complaint at any time to your local data protection regulator, which in the UK is the Information Commissioner’s Office (the ICO) (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach your data protection regulator, so please contact us in the first instance.
5. YOUR DATA AND THIRD PARTIES
5.1 Will We Share Your Data With Third Parties?
We will not share your Personal Data with any third parties, except where we are required to do so by law, where we have a duty to disclose to our partners, suppliers or sub-contractors for the performance of a contract related to the provision of Services or where our legitimate business interests require us to do so. We will endeavour to make sure any information is shared on a need to know basis and ensure the third party is obligated to ensure the confidentiality of the information.
We may also share your Personal Data with other Fiat Republic Group companies and professional services firms such as lawyers, accountants, insurance and other advisors that we have contracted during the course of business in support of the provision of Services to you.
We may also share Personal Data with interested parties in the event that any Fiat Republic Group company anticipates a change in control or the acquisition of all or part of our business or assets or with interested parties in connection with the licensing of our technology.
6. HOW LONG WILL WE RETAIN YOUR DATA FOR?
We will only retain your Personal Data for as long as reasonably necessary to fulfil the purposes we collected it for. We may retain your Personal Data for a longer period than usual in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
7. INTERNATIONAL TRANSFER OF DATA
We may transfer your Personal Data outside the UK and European Economic Area (EEA) to other Fiat Republic Group companies and third parties for the provision of Services to you. To the extent that we transfer this information outside the UK and EEA we will ensure that the transfer is lawful and that the recipients are obliged to comply with equivalent standards of privacy to the UK and EU GDPR. If transfers of personal information are processed in the United States or to another third country outside of the UK or EEA, we may in some cases rely on standard contractual clauses.
8. NOTIFICATION OF CHANGES AND ACCEPTANCE OF POLICY
We have used the following words throughout this Policy:
|Controller||Means a company that decides how and why your Personal Data is used|
|Fiat Republic Group||Means Fiat Republic Ltd and all its subsidiaries|
|Member||Means a customer of Fiat Republic, a member of the Fiat Republic Consortium|
|Personal Data||Means any information relating to you, as an identified or identifiable natural person, including your name, an identification number, location data, or an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of you as a natural person. It does not include data where the identity has been removed (anonymous data).|
|Services||Means any of the services provided by Fiat Republic, including the issuing of e-money and processing of payments and services provided as part of membership of the Fiat Republic Consortium.|