We collect this information from the registration forms on the Web, solutions and/or forms in order for to be identified. We may also receive your personal information by any other means related to the Web.
In this respect, Payment Innovation Hub acts as the Data Controller for your personal data.
Type of personal information collected
Through different channels, Payment Innovation Hub can collect a series of personal data, which are detailed below.
Personal data provided by you:
We store all data provided by you at the time of registration in any of the services offered on our website, such as your full name or email address or any other information you provide in order to make use of the services offered on the Web, or any of our solutions.
Data derived from the use of the Web and the solutions offered:
Reports and statistics:
We store the data used in the form of statistics or aggregated reports for better performance and a better user experience.
Purposes for which the personal data are collected and legitimate bases for the processing
In order to collect and process your personal data, we rely on the following legitimizing bases:
(i) We process your data in order to provide you with the service you requested.
(ii) Need to comply with the legal obligations that Payment Innovation Hub has to meet.
(iii) Consent: for the sending of informative or commercial communications.
(iv) Legitimate interest: to conduct satisfaction surveys on the use of the Web or any of our solutions.
The main purpose for which we process your personal data is to manage the services offered that you wish to make use of.
Transfers and international transfers of your personal data
We will not transfer your personal data to third parties except in the following situations:
(i) At the time you make use of the services offered, your data can be transferred to third parties that provide services to the Payment Innovation Hub for the correct provision of these services or any of their functionalities.
(ii) On certain occasions, some personal data may be disclosed to any administrative or judicial authority competent for the prevention of money laundering and the financing of terrorism in compliance with the Money Laundering Prevention Act, in order to prevent any operation related to them.
(iii) You also agree that your personal data will be disclosed and/or transferred to third parties in order to comply with any relevant laws regarding the concentration of risk, the solvency capital requirement or our own resources or where such disclosure is required by any applicable regulation.
(iv) Also, due to the activity that we carry out, the data can be transferred to our Partners that are located within the European Economic Area (“EEA”), being the legitimizing base for the correct development and management of the services that we provide.
What security measures we impose
We are very aware of privacy and the need to protect the information we process and store. In this respect, we have adopted all the measures recommended by the General Data Protection Regulation (hereinafter the "GDPR"). These measures are appropriate taking into account the state of the art and the nature of the personal data to be processed.
How long we store your personal data
Your personal data processed to manage the services you make use of will be stored for as long as the processing remains necessary for the purposes for which they were collected, and once it expires, your personal data will be duly blocked during the period of prescription of any liability arising as a result thereof, making them available only to public administrations, judges and courts.
What rights you have under data protection law
At any time you may exercise your rights of access, rectification, cancellation, limitation, data portability, objection to processing and automated individual decision-making, writing to the e-mail address email@example.com, together with proof of your identity, that is, a copy of your identification card, passport or other valid identification document. You have the right to lodge a complaint with the Spanish Data Protection Agency if the Company does not comply with its data protection obligations.
You can contact our data protection officer at firstname.lastname@example.org.