At Remittance360 Ltd., safeguarding sensitive personal and financial data is paramount. We are steadfast in our commitment to complying with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018, foundational to our operations.
1. Categories of Personal Data
In our Money Transfer Platform (MTP), we process essential data such as Full Names, residence, address details, date of birth, account and identification numbers of both senders and beneficiaries. Additionally, we monitor the Full Names of Ultimate Beneficial Owners (UBOs) associated with our business partners.
2. Lawful Basis of Processing
We are mandated to retain transaction details, including sender and beneficiary information, for at least five years post-transaction to ensure compliance with regulatory requirements.
3. General Data Protection Provisions
We are subject to stringent data protection legislation, including the Data Protection Act 2018 and the GDPR, governing the obtaining, holding, use, or disclosure of information relating to individuals. Our processing of personal data is lawful and necessary for preventing money laundering or terrorist financing and is carried out in the public interest.
4. Agreement Provisions
Both parties in our Money Remittance Agreement are committed to using personal data for preventing money laundering and terrorist financing. We adhere to relevant Data Protection Laws and implement appropriate technical and organizational security measures against unauthorized processing and accidental loss of Personal Data. Each party maintains the confidentiality of the Personal Data received and only processes it to the extent necessary to perform obligations under the Agreement.
5. Policies, Procedures, and Training
We have robust policies and procedures to safeguard personal data and conduct regular staff training sessions to foster awareness on data protection, privacy, and responsibilities.
6. International Data Transfer Agreements (IDTA)
We implement standard IDTAs, ensuring the secure transfer of personal information to processors outside the UK.
7. AWS Data Protection Measures
We leverage the AWS infrastructure, adhering to stringent security measures such as robust encryption, access controls, and UK region data residency options.
8. ICO Registration
We are duly registered for GDPR with the ICO under registration number ZA819037.
We are committed to staying updated with evolving data protection legislation and continuously improving our practices. By diligently following the measures and provisions outlined, we ensure the security and confidentiality of personal data within our Money Transfer Platform (MTP) and foster trust with our partnering financial institutions.