Naga Pay UK Limited (“we”, “us” or “our”) is committed to protecting and respecting your privacy.
The prospective or current client that accepts this policy as part of the business offering of us, accepts, acknowledges and confirms that he/she has read approved and confirmed the acceptance of the below conditions pertaining the sharing, processing and storing of his/hers data.
This policy together with our Terms and Conditions available through our website here, and any other documents referred to in them, sets out the basis on which any personal data we collect from you, or that we collect about you, on NAGA Pay(“App”) or when you communicate with us by email, telephone or post will be processed by us.
We will be the data controller of your personal data which you provide to us or which is collected by us about you. This means that we are responsible for deciding how we hold and use personal data about you and that we are required to notify you of the information contained in this policy. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. The terms and conditions of your account will identify which Naga Pay company is the controller of your personal data.
The Company is a distributor of EMI services, appointed by Contis Financial Services Limited, who is authorised by the Financial Conduct Authority under the Electronic Money Regulations 2011, for distribution and redemption of electronic money. Solaris is the brand name for the regulated entity, which is part of the Solaris Group. Naga Pay is an independent data controller and will also be acting as a processor of Solaris. For further information as to the type of personal data we share with the Solaris and the uses made by them of that data see the data sharing section of this policy below. You should also read Solaris privacy policy which is available on their website (https://www.solarisgroup.com/content/partner/solaris-contis-privacy-policy.pdf).
If you have any queries, you can contact us using the details provided at the end of this policy in the “Contacting Us” section.
We will only use your personal data where we have a lawful basis to do so. We will usually only use your data:
Further details of how we will use your personal data are provided below.
When you apply to create an account on the App or during our business relationship, we will need to collect some or all of the following details about you:
We will use this information for the purposes of processing your application and, if your application is successful, creating and managing your account and providing any products or services you request to you. If you have consented, we will also send our newsletter to you by email.
You will not be able to apply to create an account or order products or services from us without providing this information.
This information may be provided from us to Solaris, making Solaris the data controller of this information once they receive it from us.
In order to process your application and before we fulfil your order and provide services, goods or financing to you, we will use the information you provided to create your account to undertake checks for the purposes of preventing fraud and money laundering, and we may need to verify your identity. This may involve sharing your personal data with fraud prevention agencies. We will continue to carry out these checks on a regular basis while you are a customer of ours.
When we and fraud prevention agencies process your personal data, we do so on the basis that we have a legitimate interest in preventing fraud and money laundering, and to verify identity, in order to protect our business and to comply with laws that apply to us. Such processing is also a contractual requirement of the services or financing you have requested.
We, and fraud prevention agencies, may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime.
Fraud prevention agencies can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six years.
As part of the processing of your personal data, decisions may be made by automated means. This means we may automatically decide that you pose a fraud or money laundering risk if:
You have rights in relation to automated decision making: if you want to know more, please contact us using the details below.
If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services and financing you have requested, or we may stop providing existing services to you.
A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing, or employment to you. If you have any questions about this, please contact us on the details below.
Other than the automated processing set out above, we shall not carry out solely automated decision-making using your personal data.
When you contact us, we will need to collect personal data about you to verify your identity before we disclose any information to you for data security purposes. We will be unable to deal with your query unless you provide the information we request. We may also collect any other personal data you choose to provide to us when communicating with us. We will only use that personal data for the purposes of dealing with your enquiry.
We use your personal data for various purposes connected with your use of the account and services. We will only do so where we have a lawful basis to do so. We will usually only use your data:
We use your personal data for the following purposes:
find out more…
The table below sets out further information about the purposes for which we use data about you, with the corresponding methods of collection and legal basis that we rely upon for its use.
Purpose | Lawful basis for processing |
Creating and managing your account
| To fulfil our contractual obligations to you in providing the account and services. Our legitimate interests in operating and improving our services to you. Our legal obligations to comply with regulations that apply to us. |
Carrying out identification and fraud checks
| To fulfil our contractual obligations to you in providing the account and services correctly. Our legitimate interests in operating and improving our services to you and how we deal with financial crime. Our legal obligations to comply with regulations that apply to us. |
Facilitating your use of your account and card
| To fulfil our contractual obligations to you in providing the account and services. Our legitimate interests in operating and improving our services to you. Our legal obligations to comply with regulations that apply to us. |
Monitoring your use of the account and card to detect fraudulent behaviour
| To fulfil our contractual obligations to you in providing the account and services correctly. Our legitimate interests in operating and improving our services to you and how we deal with financial crime. Our legal obligations to comply with regulations that apply to us. |
Communicating with you and providing you with customer support
| To fulfil our contractual obligations to you in providing the account and services. Our legitimate interests in operating and improving our services to you. Our legal obligations to comply with regulations that apply to us. |
Sharing data with our suppliers and other third parties (such as banking institutions, payment facilitators, and card operators) where required
| To fulfil our contractual obligations to you in providing the account and services. Our legitimate interests in operating and improving our services to you. Our legal obligations to comply with regulations that apply to us. |
We are also working closely with third parties (including, for example identity verification agencies, marketing agencies and fraud prevention agencies) and we may receive information about you from them for the purposes of identity verification, marketing and fraud prevention.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will usually notify you and we will explain the legal basis which allows us to do so.
We will disclose your information to:
Your data is secured by encryption, firewalls and Secure Socket Layer (SSL) technology. This is industry standard encryption technology which manages the security of messages transmitted across the internet. When we receive your data, we store it on secure servers which can only be accessed by us. We store your passwords using one way encryption which means we do not know what your password is.
As part of the services offered to you, the information which you provide to us may be transferred to countries outside the European Union (“EU”). These countries may not have similar data protection laws to the UK. By submitting your personal data, you’re agreeing to this transfer, storing or processing.
If we transfer your information outside of the EU in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
Whenever fraud prevention agencies transfer your personal data outside of the European Economic Area, they impose the EU standard contractual clauses adopted by the European Commission on the recipients of that data in order to safeguard personal data when it is accessed from outside of the European Economic Area. They may also require the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing.
More information about the EU Standard Contractual Clauses is available here http://eurlex.europa.eu/legal-content/en/TXT/?uri=CELEX:32010D0087.
Any changes we make to our policy will be put on our Website and App and, where appropriate, notified to you by e-mail. Please check for updates from time to time.
We will retain your personal data for as long as you continue to use our services. Thereafter, we may retain your information for an additional period, taking into consideration:
It is important that the personal data we hold about you is accurate and current. Should your personal information change, please notify us of any changes of which we need to be made aware by contacting us, using the contact details below.
Data protection laws provide you with the following rights to:
You will not have to pay a fee to access your personal data (or to exercise any of the other rights above). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
If you are unhappy about how your personal data has been used, please refer to our complaints procedures which is available by contacting us.
If you have any questions about this policy, you can contact us by using the ‘Contact us’ facility on the App or in the following ways:
By post at:
Compliance Officer
Naga Pay UK Limited
Level 18, 40 Bank Street,
Canary Wharf, London,
England, E14 5NR
By email at: compliance@nagapay.com