WeCashUp

WeCashUp privacy policy

Concerned about the protection of your privacy, WECASHUP (service of INFINITY SPACE) undertakes to ensure the best level of protection of your personal data in accordance with the French Data Protection law of 6 January 1978 and the General Data Protection Regulation of 27 April 2016

WeCashUp’s privacy policy allows you to learn more about:

  • Information about processing of personal data by INFINITY SPACE
  • The details about collection and use of personal data
  • The rights that you enjoy
  • Our contact information

At INFINITY SPACE, we are concerned about preserving and guaranteeing the confidentiality, integrity and availability of your personal data. Thus, take the time to read our privacy policy carefully and if you have any questions, please do not hesitate to contact us.

You can consult the list of the treatments which concern you by contacting the Data Protection Officer (DPO) of the SAS INFINITY SPACE:

  • by postal mail to the following address:INFINITY SPACE
       – Délégué à la protection des données – 45 Rue Frédéric Joliot Curie – 13013 Marseille – France
  • or by e-mail at dpo@wecashup.com

    To learn more about your rights and duties, you can also consult the website of the « Commission Nationale de l’Informatique et des Libertés » www.cnil.fr. WECASHUP has been registered at the CNIL under the following number: S5v1956417G.

Overall, personal data are collected by INFINITY SPACE, 45 rue Frédéric Joliot Curie, 13013 Marseille – France.

We collect your data when:

  • You create your user account
  • You browse on our site and consult our products and services
  • You use one of our services (registration, questions and answers, download, request for quotation, quiz…)
  • You use one of our contact forms

1

Collection of information

Personal data are the information that can be used to identify you. The data we collect is used to significantly improve our services as well as the satisfaction of our users.

This data is collected as follows:

  • The information you provide to us : to access our services, either by creating an account, you provide us personal information such as: contact details (your name, e-mail address, address, telephone number, city, country…) and also financial data… which are necessary for the execution of the services offered by the site and registered with your account. The obligatory or optional nature of the data is indicated to you at the time of collection by an asterisk (*).
  • The information we collect from a variety of sources : we collect information about the services you use and how you use them. One of our collection sources is the use of cookies and other technologies that record Data about the use of our websites, websites that set up our Services, and about the use of our Services in general. It’s about that:
    • Data relating to the device used and the browser: such as IP address, device type, operating system type and type of Internet browser, screen resolution, operating system name and version, language, modules…
    • Location data: When using our services, we may collect and process data relating to your exact location.
    • Cookies and similar technologies: when you visit our website and use our services, we collect and process data relating to your browsing such as time spent on the Services, pages visited, language preferences, and other anonymous traffic data. A cookie policy describing in detail how to use cookies and other similar technologies has been implemented.
    • Contact list data : contact name, contact phone number with country code …
 
    • SMS information: content of financial transaction SMS exclusively, content of reinforced 2-Factor authentication SMS …
    • Android Accessibility Service API permission
 

All this data will be used on the one hand to adapt our contents and services to your needs, and on the other hand to compile statistics on the use of our services in order to make them more relevant.

The data that we collect may be shared with our acquiring banking partners to comply with local regulations of the countries that we cover for (but not limited to) Know Your Customer (KYC), Anti-Money Laundering (AML) and Counter Terrorism Financing (CTF). The data collected from users and shared with partners could also be used for user profiling, fraud detection, business intelligence, ad retargeting etc.

INFINITY SPACE (WeCashUp) is not a Financial Institution and your money never flow through us. We work as mandate with leading global acquiring financial institutions (Banks, Microfinance Organizations, Mobile Money Operators etc) in the countries we operate in and these banks need to monitor transaction data to comply with the local central banks regulations.

The legal basis for this data processing is consent given by the users and/or performance of the contract signed with the acquiring financial institutions.

If the user fails to provide the personal data requested, that user may not be able to use our services and may not be able to withdraw his/her money from our acquiring financial institutions.

2

Purposes of the data processing

We use the data collected to provide services, to protect our users while minimizing loss and damage, to promote and improve our services and products.

We may use your personal data to:

  • Allow you to use our services
  • Inform you about the services for which you have expressed an interest and which are offered on our site
  • Offer you advertising offers and information on our site related to your interests
  • Send you our communications
  • Allow us to compile statistics and counts of traffic and usage of the various sections and contents of our site and services in order to adapt these sections and contents according to your browsing experience
  • Allow us to put you in touch with a professional who can answer your request for an estimate
  • Allow us to geo-locate you and adapt our content and services according to your geolocation

Any use of data for purposes other than those set out in these Privacy Rules will require your explicit consent.

The WeCashUp mobile app needs your permission to identify which people in your contact list is already using this app, and to help you engage in discussions and financial transactions with them in our chat feature more easily by collecting and uploading your contacts list information to our servers in background even when the app is closed or not in use. We do not sell your data to third parties.

The app needs your permission to read SMS information to secure your sensitive transactions by reinforced 2-factor authentication by receiving SMS with random codes processed to authenticate you. It may also collect, process and upload some of your financial transaction related SMS information to our servers in background when you have an internet connection even when the app is closed or not in use to speed up transaction processing delays. If you have no internet connection, all the processing is done locally on your phone but may take a while. We do not sell your data to third parties.

 

Prominent disclosure:

WeCashUp leverages the Android Accessibility Services API to automate and simplify the dialing and execution of 

complex manual and time-consuming USSD and SMS-based transactions for innumerate under-served users living 

with disabilities, vulnerable populations, illiterate users in rural areas and places where there is no internet

connection in Africa. We want to make sure that no-one is left behind to maximize our financial inclusion and impact.

3

Update your personal information

When using our services, we want you to have access to your personal information. In the event of an error or change, we make sure that you can update or delete them quickly. Before responding to a request to update your personal information, we may ask you to identify yourself.

We reserve the right to refuse any unreasonable request due to its repetitive or systematic nature, any request requiring unreasonable technical efforts, compromising the confidentiality of third party data, or difficult to implement.

The right of access to and rectification of data constitutes a free service, except in the case where this service would involve an unreasonable effort. We take every precaution to protect the data managed within the framework of our services against accidental or deliberate destruction. As a result, even when you delete data used by our services, we do not immediately remove residual copies from our active servers or backup systems.

4

Data we share and transfer

INFINITY SPACE does not sell, or rent personal data to marketing agencies or non-partner third parties.

We only disclose your personal data to third parties or organizations in the following circumstances:

  • With your prior consent: for any data that we collect, we always ask your permission before communicating to third parties.
  • To partners and subcontractors: we share data with international entities under our joint control to provide services.
  • Providers for verification purposes: we transfer your personal data to trusted organizations that analyze it on our behalf, according to our instructions, in accordance with these Privacy Rules and in compliance with any other appropriate security and confidentiality measures. Their roles are to:
  • Detect, prevent or deal with fraudulent activities, security breaches or any technical problems;

  • Protect against any infringement of Infinity Space’s rights, property or security.

    However, we may publicly share information that does not personally identify the user, such as information about usage trends of our services.

We may disclose your personal information if required by law, regulation, or other legal subpoena or warrant. We may also disclose your personal information to a regulatory or law enforcement agency if we believe it to be necessary to protect the rights, property, or personal safety of WeCashUp, its customer or any third party.

5

The security of your data

We make every effort to ensure the security of your data against unauthorized access, modification, disclosure or destruction by:

  • Conducting internal audits on personal data processing procedures, including those related to information system security, to prevent unauthorized access to our systems.
  • Limiting access to data to only those who need it

Persons involved in the determination of a processing operation are subject to strict confidentiality obligations and may be subject to disciplinary sanctions, including dismissal in the event of failure to comply with those obligations.

In doing so, WeCashUp implements commercially reasonable technical and organizational measure to protect your personal data against abuse and loss. We store such data in secure environments. We provide training to our employees on data protection best practices.

Not being able to guarantee “zero” risk in the storage or transmission of your data, we invite you to contact us immediately if unfortunately you have the impression that the security of your account has been compromised.

6

International transfers of your personal data

Our acquiring financial partners generally operate in Africa, America, Asia, Oceania and Europe.

If you are a merchant based in Europe and targeting clients outside of the EEA, your data may be transferred to our acquiring financial partners who need to know you to collect payments on your behalf (KYC, AML, CTF etc.) and comply with the local regulations.

If you are a merchant based outside of the European Union (EEA) and targeting clients inside the European Union (EEA), your data may be transferred to our acquiring financial partners who need to know you to collect payments on your behalf (KYC, AML, CTF etc.) and comply with the local regulations.

7

Retaining and deleting personal data

This section 7 sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal data.

Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

We will retain your personal data as follows:

  • Know Your Customers Documents (Id Card, Passport, Work Permit, etc) to comply with banking regulations, Anti-Money Laundering Regulations, Counter terrorism Financing Regulations : minimum 5 years
  • Know Your Business Documents (Incorporation Documents, Bank details, etc) to comply with banking regulations and Counter Terrorism Financing : minimum 5 years
  • Transaction Data (sender’s personal data, receiver’s personal data, amount, currencies, products etc) to comply with banking regulations, Anti-Money Laundering Regulations, Counter terrorism Financing Regulations : minimum 5 years
  • etc.

In some cases it is not possible for us to specify in advance the periods for which your personal data will be retained. In such cases, the default period of retention will be at least 5 years.

Notwithstanding the other provisions of this Section 7, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

8

Amendments

We may update this policy from time to time by publishing a new version on our website.

You should check this page occasionally to ensure you are happy with any changes to this policy.

We will notify you of significant changes to this policy by email.

9

Your rights

Your principal rights under data protection regulation are:

  • The right to access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to object to processing (if processing is based on legitimate interests)
  • The right to data portability (if processing is based on consent and automated means)
  • To right to complain to a supervisory authority
  • The right to withdraw consent

The personal data that we automatically collect (such as the IP address and cookies) enables us to compile statistics relating to the consultation of the web pages of the Services and to link them to your user account. You have the right to object to this treatment by clicking HERE.

The personal data will also be used to adapt the advertising content inserted in our Services to your interests and, possibly, your location. You have the right to object to this treatment by clicking HERE. This opposition will have to be renewed on your various terminals.

You may exercise these rights at any time in the following manner:

  • by e-mail at dpo@wecashup.com or
  • by postal mail to the following address: INFINITY SPACE, 45 rue Frédéric Joliot Curie 13013 Marseille – France
      Proof of identity may be requested by postal mail at the above-mentioned address.

 

10

Data Protection officer

Our data protection officer contact details are:

  • by postal mail: INFINITY SPACE – Délégué à la protection des données – 45 Rue Frédéric Joliot Curie – 13013 Marseille – France
  • by e-mail at dpo@wecashup.com or

You can consult the list of the treatments which concern you by contacting the Data Protection Officer (DPO) of the SAS INFINITY SPACE:

  • by postal mail to the following address: INFINITY SPACE – Délégué à la protection des données – 45 Rue Frédéric Joliot Curie – 13013 Marseille – France
  • or by e-mail at dpo@wecashup.com

To learn more about your rights and duties, you can also consult the website of the « Commission Nationale de l’Informatique et des Libertés » www.cnil.fr. WECASHUP has been registered at the CNIL under the following number: S5v1956417G.