Privacy Policy

Last updated 05.01.2024

ALIKASSA (referred to as “we”, “us”, “our” or the “Company”) provides products and services related to electronic money and payment services. We understand that you are aware of your privacy and care about it, we take this seriously and commit to protect your privacy and handle your personal data in a transparent manner in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679, Law providing for the Protection of Natural Persons with regard to the Processing of Personal Data and for the Free Movement of such Data of 2018 (Law 125(I)/2018) with amendments and/or replaced from time to time, and any other applicable law. This Privacy Policy describes the policies and practices regarding our collection and use of your personal data and sets out your privacy rights. “You” in this Privacy Policy may refer to a visitor of our Website, a customer who intends to use or already uses our products or services, including any shareholders, beneficial owners, directors, leaders, representatives, contacts and employees (hereinafter referred to as the “Customer”).

Who we are

ALIKASSA - LONGSARK OPERATIONS LIMITED, a Nicosia company, registered at: MITSI BUILDING 1, Floor 1, Flat/Office 4, 1060, Nicosia, Cyprus, registration number: ΗΕ 390119.

When processing your personal data, we guarantee that all data:

1.1. processed legally, fairly and in a transparent manner in relation to the data subject. This means that we provide you with information about the processing of your personal data (transparency), the processing corresponds to the description provided to you (good faith) and that it is based on at least one of the legal grounds set out in the GDPR (legality).

1.2. collected for specified, explicit and legitimate purposes and not further processed in a manner incompatible with these purposes (“limited purposes”). This means that we clearly indicate for what personal data is collected, the purpose of use and limit the processing of personal data only to what is necessary to achieve the relevant purpose.

1.3. are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (“data minimization”). This means that we do not process any personal data beyond what is necessary.

1.4. stored in a form that enables identification of data subjects for the period necessary for the purposes for which their personal data are processed (“storage limitation”). This means that we store personal data only for the maximum period necessary and delete them immediately in such a way as to limit or stop identifying the data subject.

1.5. processed in a manner that ensures adequate security of personal data, including protection against unauthorized or illegal processing and against accidental loss, destruction or damage using appropriate technical or organizational measures (“integrity and confidentiality”).

2. Personal data we may collect and process.

2.1. We collect and process various types of personal data provided by you or your representatives in the course of providing our products and services. We may also collect and process personal data that we legally receive from other entities within our group, state authorities, customer representatives or from publicly available sources (such as online registers, websites, search queries and social networks).

2.2. We collect information that you provide when you:

  • Visit our website;

  • Complete any of our documents;

  • Contact us (by phone, messenger or email);

  • Register to open an account or use any of our services;

  • Perform transactions; or

  • Contact us for any other reason.

Such personal data may include, among other things:

  • Government IDs and other identifying information such as your passport, national ID card, social security number, taxpayer identification number, and any other document you provide for identification purposes;

  • Contact information such as your first name, last name, address (including proof of address such as a utility bill), telephone number, fax number, email address, country of residence and details of the device you use (phone, computer or tablet);

  • Personal characteristics such as date of birth and country/place of birth, nationality;

  • Financial data such as transaction data, details of your payment instrument including but not limited to account number, card number, card expiration date, CVC/CVV code, details of the credit/financial institution and/or issuer and information related to the products or services purchased including the location and time of the transaction, financial information including source of wealth, tax income, earnings;

  • Functions and powers of the relevant representative(s);

  • Employment and professional information (including, but not limited to, resume, professional membership, position and duties, professional qualifications);

  • Records of correspondence/communication and/or telephone calls if you contact us. Such records may include your first name, last name, email address, telephone number, your company name and other personal information that you may disclose to us during such communication;

  • Your username and other registration information;

  • Your image in the form of a photo or video (if required as part of our Know Your Customer (KYC) checks);

2.3. If you provide us with personal data belonging to other persons (for example, your representative, secretary, employee), or ask us to provide their personal data to third parties, you confirm that you have brought this policy to their attention in advance.

3. Other data

3.1. We may also collect non-personal information about you that does not identify you as a specific individual. Such non-personal information that we may collect includes:

  • Browser and device data, such as IP address operating system and browser type. These are statistical data about the browsing actions and patterns of users of the Website, which don’t identify any individual;

  • Cookie data such as time spent on the Website, pages visited, language preferences and other anonymous traffic data;

  • Company information such as company name, products and services offered, jurisdiction.

4. Use of services by minors

4.1. We do not provide any services to minors; however, some transactions may involve such persons. We may collect personal data from minors under the age of fourteen (14) only if we have obtained the explicit consent of their parents or legal guardians or as otherwise permitted by law.

5. Purposes of the processing of your personal data

5.1. We may process your personal data for the following purposes:

  • Fulfillment of our obligations within our business relationships and/or agreements concluded between us and our partners, including in relation to the provision of financial services;

  • Processing transactions/payments;

  • Customer acceptance and onboarding procedures, communicating with customers;

  • Maintaining and developing our business;

  • Maintaining our IT systems, including administrative and management systems, processes and policies;

  • Monitoring for any potential fraud, money laundering, terrorist financing or criminal risks;

  • Developing identity verification procedures and processes to comply with legal/regulatory requirements;

  • Conducting market research and marketing activities;

  • Ensuring that content from the Website is presented in the most effective manner and that our Website is safe and secure;

  • Allowing you to use interactive features of our Website;

  • Administration of our Website.

6.1. Your personal data will only be used for the purpose for which we collected it, unless there is a reasonable basis for using it for any other reason compatible with the original purpose. We process your personal data for the purposes set out above on the following grounds:

  • Processing is necessary to comply with a legal obligation: We are required by law to carry out various actions to prevent fraud and money laundering.

  • Processing is necessary to enter into or fulfill a contractual obligation: We process your personal data to fulfill our contractual obligations to you as our Client or Payer.

  • Processing is necessary for the purposes of our legitimate interests: We process personal data based on our various legitimate interests, such as prevention of crime, fraud and anti-money laundering activities, activities to administer our business and further develop our services, direct marketing, risk management, initiating legal claims and preparing defence in the event of legal proceedings, disclosing information to other data recipients such as our service providers, auditors and technology providers and/or to monitor and improve our relationship with you and/or to maintain our internal records and/or to track communications to/from you using our systems and/or to protect the integrity of our IT systems.

  • Processing is based on your consent. Since you have given us specific consent for processing, the lawfulness of the processing is based on your consent.

7. Data storage

7.1. We will retain your personal data for the period necessary to fulfill the purposes listed above, unless a longer retention period is required or permitted by applicable law. Please note that we may need to retain your personal data for various legal or regulatory reasons, such as to ensure proper processing of transactions, settlements, refunds or returns, as well as to investigate any potential fraud and to comply with anti-money laundering and counter-terrorism financing laws and other legal requirements. This means that if you as a Payer or Client stop using our services, we will still retain certain personal data to comply with our legal obligations.

8. To whom we reveal your personal data

8.1. Under certain circumstances, we may disclose personal data we have collected about you to the following categories of recipients:

  • Our group of companies. In order to provide our services/products, we share personal data with our group companies. We are the entity responsible for the overall use of personal data by other group companies in connection with the services/products we provide;

  • Third party financial institutions. These may include card companies, payment processors, financial institutions based in Cyprus or abroad to facilitate transactions and any other services you request, and credit/financial institutions with which you, as a customer or payer, maintain your payment account or other type of account;

  • Global compliance databases in accordance with our «Know Your Customer» and «Due Diligence» procedures.

  • Credit reference agencies. We may share personal data with credit reference agencies for the purpose of carrying out credit checks and obtaining credit reports;

  • Third party service providers. We disclose personal data to service providers only where necessary to enable the provision of our services, including but not limited to payment/transaction processing or other services;

  • Our IT service providers and other companies that assist us in the efficient operation of our business by providing technology expertise, penetration testing, file storage and records management, logistics services and solutions, and other subcontractors.

  • Cloud computing and storage providers;

  • Our clients. We may disclose certain personal data that you have provided to us, or that we have obtained about you as a Payer, to relevant Clients to assist them in complying with their legal obligations or their obligations to you as their client;

  • Third parties in connection with legal obligations or if we are permitted to do so by law. In certain circumstances, we may be required to disclose or share your personal data with auditors, regulators or law enforcement agencies to comply with legal obligations;

  • Individuals acting on behalf of beneficial owners/shareholders of our clients/counterparties that are legal entities, including payment recipients, beneficiaries, nominal account holders, intermediary banks, correspondent banks and agents;

  • Third parties in connection with a business transfer. For example, if we sell any business or assets, or merge with another legal entity, it may be necessary to disclose personal data to potential business owners or partners;

  • Companies that provide video surveillance and security management services for attendance at meetings or visits to our offices;

  • Companies or individuals with whom you ask us to share your personal data.

9. Data transfer to third countries

9.1. Your data may be transferred to countries outside the European Economic Area to the recipient,

  • who is located in a country that ensures an adequate level of protection of personal data, or

  • In compliance with the appropriate safeguards in accordance with the provisions of applicable data protection laws (for example, by agreement in the form of standard data protection clauses adopted by the European Commission), a form of which is available at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en . In some circumstances, we may carry out such transfers if

    • we have obtained the explicit consent of the relevant data subject in relation to the proposed transfer, provided that the data subject has been informed of the possible risks of such transfer (due to the absence of an adequacy decision and appropriate safeguards);

    • transfer is necessary for the performance of the contract between the data subject and us, or

    • transfer is necessary for the performance of the contract concluded in the interests of the data subject between us and another person, or

    • transfer is necessary for the establishment of the implementation or defense of legal claims.

10. Automated decision-making, including profiling

10.1. We do not make decisions solely on the basis of automated processing. However, some of your personal data may be processed by automated means to evaluate certain personal aspects of you in the following cases:

  • Conducting assessments of data, which may include payment transactions, in the context of measures to prevent fraud, money laundering and terrorist financing. These assessments are carried out for your protection.

  • Marketing of our services and products, if you have given your consent to this.

11. Your rights

11.1. You have certain rights in relation to how we process your personal data:

  • Right of access. You have the right to request a copy of the information we hold about you. You have the right to confirmation as to whether we process your personal data and, where we do, to access the personal data together with certain additional information. Such additional information includes, in particular, information about the purposes of the processing, the categories of personal data concerned and the categories of recipients of the personal data. The right to receive a copy of your data shall not adversely affect the rights and freedoms of others.

  • Right to rectification. You have the right to request the rectification of inaccurate or incomplete personal data concerning you. You have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed.

  • Right to erasure (“right to be forgotten”). You have the right to request that personal data be erased if one of the following grounds applies:

    • Personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;

    • You withdraw your consent on which the processing is based and where there is no other legal ground for the processing;

    • You object to the processing and there are no overriding legitimate grounds for the processing, or you object to the processing for direct marketing purposes;

    • Personal data have been processed unlawfully;

    • Personal data must be erased for compliance with a legal obligation.

  • The above does not apply if the processing is necessary

    • to the right to freedom of expression and information;

    • for compliance with a legal obligation which requires processing by law to which we are subject; and

    • for reasons of public interest; or for the establishment, implementation or defense of legal claims.

  • Right to restrict processing. You have the right to receive a processing restriction if one of the following conditions applies:

    • Accuracy of the personal data is contested for a period enabling us to verify the accuracy of the personal data.

    • Processing is unlawful and you object to the erasure of such data and instead request the restriction of its use.

    • We no longer need the personal data for the purposes of the processing, but you require its retention for the establishment, implementation or defense of legal claims.

    • You have objected to processing based on our legitimate interests, pending verification whether the grounds on which we process your information override your rights and freedoms.

  • If processing has been restricted on the basis of the above, we will continue to store your personal data. However, otherwise we will only process it

    • with your consent;

    • for the establishment, implementation or defense of legal claims;

    • to protect the rights of another person or entity; or

    • for reasons of important public interest.

  • Right to portability. You have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format, and you have the right to transmit that data to another organisation and/or ask us to do this for you, provided that:

      • Processing is based on your consent, performance or conclusion of a contract.

      • Processing is carried out by automated means.

  • Right to object. You have the right to object to the processing of your personal data at any time and for reasons related to your specific situation, when the legal basis on which the processing activity is based is our legitimate interests. If you exercise this right, we will no longer process personal data unless we can demonstrate a compelling legitimate reason for processing that overrides your interests, rights and freedoms, or to establish, exercise or defend legal claims. If you object to processing for direct marketing purposes, we will no longer process your personal data for such purposes.

  • Right to withdraw consent. If the processing is based on your written consent, you have the right to withdraw consent at any time.

  • To the extent that the legal basis for our processing of your personal data is consent (if applicable), you have the right to withdraw that consent at any time, without affecting the lawfulness of the processing prior to the withdrawal.

  • Right to lodge a complaint. You can contact us with any questions regarding personal data using the details provided. If you are not satisfied or still have concerns, you can lodge a complaint with the Office of the Data Protection Commissioner. You can find out how to lodge a complaint on their website. (http://www.dataprotection.gov.cy/dataprotection/dataprotection.nsf/page1i_gr/page1i_gr?opendocument )

12.1. Our website uses cookies to improve your experience with us. To find out more about how we use cookies, please see our cookie policy.

13. Data security

13.1. All information provided to us by you is stored securely and we use appropriate organizational, technical and administrative measures to protect your personal data. Once we have received your information, we use strict security procedures to prevent any unauthorized access. However, please note that neither the transmission of information over the Internet nor its storage is completely secure, nor no information system can be completely secure. If you have reason to believe that your interaction with us is no longer secure, please contact us immediately.

14. Changes to this privacy statement

14.1. We may update this Privacy Policy from time to time by posting a new version on our website. You should occasionally check this page to make sure that you are satisfied with any changes. If the changes are significant, we can notify you by email.

15. Contact information

15.1. Further information and/or requests regarding the processing of your personal data and any of your rights in relation to your personal data can be requested by contacting us in writing as follows:
By e-mail: [email protected]