Privacy Policy of Express Remit

Key Details

This website privacy policy describes how Express Remit protects and makes use of the information you give to the company when you use this website.

If you are asked to provide information when using this website, it will only be used in the ways described in this privacy policy. This policy is updated from time to time. The latest version is published on this page.

This website privacy policy was updated on: [28/12/2018], If you have any questions about this policy, please email [hello@expremit.com] or write to:

17 High St North,
East Ham,
London.
E6 1HS,
UK

Introduction

We gather and use certain information about individuals in order to provide products and services and to enable certain functions on this website. We also collect information to better understand how visitors use this website and to present timely, relevant information to them.

We dont deal with minors (under 18s), anyone under 18 is not eligible to use our service and if we discovered any such account, we reserve the right to close it without issuing prior notice.

What data we gather

We may collect the following information about you whilst filling in web forms or by corresponding with us by phone, e-mail or otherwise. This includes (but not limited to) information you provide when you register with us, transfer or exchange money using our store locations or websites and when you report a problem to us.

• Name and job title
• Contact information including email address and Phone Numbers
• Date of Birth
• Demographic information, such as postcode, address and Proof of Address
• Financials, such as Source of Funds
• Any Government issued ID (Passport, Driving Licences etc)
• Reason for Payment
• Other information pertaining to special offers and surveys

How we use this data

Collecting this data helps us understand what you are looking from the company, enabling us to deliver improved products and services but we (or third party data processors, agents and sub-contractors acting on our behalf) may also use the information.

Specifically, we may use data:

• For our own internal records.
• To improve the products and services we provide.
• To contact you in response to a specific enquiry.
• To assess the risk of performing our services
• To customise the website for you.
• To send you promotional emails about products, services, offers and other things we think might be relevant to you.
• To send you promotional mailings or to call you about products, services, offers and other things we think might be relevant to you.
• To enable us to enforce our rights under our terms and conditions if necessary.
• To contact you via email, telephone or mail for market research reasons.

We may combine information we receive from other sources with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).

Date Storage

The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted [using SSL technology]. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

We will only retain your information for as long as is necessary for providing our service to you, usually no more than 5 years after the end of the business relationship.

Rights of Individuals under GDPR

1. The right to access –this means that individuals have the right to request access to their personal data and to ask how their data is used by the company after it has been gathered. We will provide a copy of the personal data, free of charge and in electronic format if requested.
2. The right to be forgotten – if consumers are no longer customers, or if they withdraw their consent from a company to use their personal data, then they have the right to have their data deleted. We will not use their data in further processing.
3. The right to data portability – Individuals have a right to transfer their data from one service provider to another. And it must happen in a commonly used and machine readable format.
4. The right to be informed – this covers any gathering of data by companies, and individuals must be informed before data is gathered. Consumers have to opt in for their data to be gathered, and consent must be freely given rather than implied.
5. The right to have information corrected – this ensures that individuals can have their data updated if it is out of date or incomplete or incorrect. We will update the information as informed.
6. The right to restrict processing – Individuals can request that their data is not used for processing. Their record can remain in place, but not be used. We will not use their data for further processing, if requested.
7. The right to object – this includes the right of individuals to stop the processing of their data for direct marketing. There are no exemptions to this rule, and any processing must stop as soon as the request is received. In addition, this right must be made clear to individuals at the very start of any communication.
8. The right to be notified – If there has been a data breach which compromises an individual’s personal data, we will inform the individual within 72 hours of first having become aware of the breach.

You can always exercise your right at any time by contacting us at hello@expremit.com.

Controlling information about you

When you fill in a form or provide your details on our website, you will see one or more tick boxes allowing you to:

• Opt-in to receive marketing communications from us by email, telephone, text message or post.
• Opt-in to receive marketing communications from our third-party partners by email, telephone, text message or post.

If you have agreed that we can use your information for marketing purposes, you can change your mind easily, via one of these methods:

• Sign in to our website and change your opt-in settings.
• Send an email to [hello@expremit.com].
• Write to us at: [17 High St N, East Ham, London E6 1HS, UK].

We will never lease, distribute or sell your personal information to third parties unless we have your permission or the law requires us to. Any personal information we hold about you is stored and processed under our data protection policy, in line with the Data Protection Act 1998.

Security

We will always hold your information securely.

To prevent unauthorised disclosure or access to your information, we have implemented strong physical and electronic security safeguards.

The GDPR mandates company to take technical and organizational measures to achieve a level of security appropriate to the imminent risk. This has become more urgent in wake of increasing cybersecurity threat to organisations. We advocates tokenisation, encryption of data, constant assurance of confidentiality, integrity, availability, and resilience of processing system and services to comply with GDPR. Our Privacy policy is embedded in the company’s design throughout its lifecycle.

We also follow stringent procedures to ensure we work with all personal data in line with the Data Protection Act 1998.

Accident or Breach Notifcation

The GDPR introduces mandatory security breach notification and requires administrative and technical safeguards for personal data to reduce identified risks and to prevent data breaches. The data subject is required to be notified without undue delay if the breach portends high risk to his rights and freedoms. Notification can be dispensed with if the data breach is unlikely to result in any risk to the data subject. We will inform the supervisory authority of data breach incident within 72 (Seventy-two) hours of discovery. In addition, the company has an incidence response plan and trained its employee on how to respond.

Cross-border data transfer

The “flow of personal data from countries outside the EU and International organisations are necessary for the expansion of international trade and cooperation.” Being a money remittance company our operations involve transfer of personal data of employees and clients across jurisdictions to manage our global workforce and ease operations as our processing is outsourced too but we have Binding corporate rules - our internal codes of conduct. We export personal data from the territory of the EU to other companies within our group located in third countries.

We also, follow following Steps for processing EU personal data to comply with GDPR:

• We will ensure consent is freely given and data subjects must “opt-in” rather than “opt-out” of data collection schemes. We will utilise personal data strictly for the purpose of collection and keep it only as long as needed.
• We will ensure security of personal data at rest and in transit with strong encryption. Tokenisation can be adopted to ensure safeguard.
• We have developed a data security breach response scheme and comprehensive incidence response plan. We trained our employees on how to identify a breach in real-time and spot potential threat. The notification and report should be prompt.
• We will review and regularly update our privacy policy, and other documentation and communications. Information provided in our privacy policy will always be easy to understand.
• We will conduct privacy and data security audit. Carefully evaluate the existing data subjects’ data and processing activities and detect potential inconsistency with the GDPR.
• We will regularly run compliance test before implementing a new technology.
• We will ensure Cross-border data transfer policy complies with the GDPR by our binding corporate rules.

Cookies and how we use them

What is a cookie?

A cookie is a small file placed on your computer's hard drive. It enables our website to identify your computer as you view different pages on our website.

Cookies allow websites and applications to store your preferences in order to present content, options or functions that are specific to you. They also enable us to see information like how many people use the website and what pages they tend to visit.

How we use cookies

We may use cookies to:

• Analyse our web traffic using an analytics package. Aggregated usage data helps us improve the website structure, design, content and functions.
• Identify whether you are signed in to our website. A cookie allows us to check whether you are signed in to the site.
• Test content on our website. For example, 50% of our users might see one piece of content, the other 50% a different piece of content.
• Store information about your preferences. The website can then present you with information you will find more relevant and interesting.
• To recognise when you return to our website. We may show your relevant content, or provide functionality you used previously.

Cookies do not provide us with access to your computer or any information about you, other than that which you choose to share with us.

Controlling cookies

You can use your web browser’s cookie settings to determine how our website uses cookies. If you do not want our website to store cookies on your computer or device, you should set your web browser to refuse cookies.

However, please note that doing this may affect how our website functions. Some pages and services may become unavailable to you.

Unless you have changed your browser to refuse cookies, our website will issue cookies when you visit it.

To learn more about cookies and how they are used, Visit All About Cookies.

Links from our site

Our website may contain links to other websites.

Please note that we have no control of websites outside the [www.expremit.com] domain. If you provide information to a website to which we link, we are not responsible for its protection and privacy.

Always be wary when submitting data to websites. Read the site’s data protection and privacy policies fully.

Our Contact

Please contact us you have any queries or require a copy of this policy.

We aim to provide the highest level of customer service possible. If you do experience a problem, we will always seek to resolve this as quickly and efficiently as possible. However, if you are unhappy and would like to make a complaint, please refer to our Complaints Policy for details of our internal process for dealing with complaints promptly and fairly. Our Complaints Policy is available on our Website or by contacting our customer service team at:

Complaints Officer
Express Remit
17 High Street North,
London.
E6 1HS
Phone:   0208 471 8435
Email:   hello@expremit.com

We will then investigate the matter and try to reach a satisfactory conclusion.

Complaints may be recorded and monitored for our internal use; we may submit an anonymous summary of complaints made to us during a particular period of time to our regulator. If you are not happy with our final response or if we have not concluded our investigation after 8 weeks, you may be able to refer your complaint to The Financial Ombudsman Service, South Quay Plaza, 183 Marsh Wall, London E14 9SR.