This Privacy Policy explains how we use the personal data we collect from you when you use our Services.

PLEASE READ THIS PRIVACY POLICY CAREFULLY. BY ACCESSING OR USING OUR SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTAND, AND AGREE TO BE BOUND BY ALL THE TERMS OF THIS PRIVACY POLICY AND OUR TERMS OF USE. IF YOU DO NOT AGREE TO SUCH TERMS, EXIT THIS PAGE AND DO NOT ACCESS OR USE OUR SERVICES.

What data do we collect?

RFC Pay collects the following dаta:

• Personal identification information (name, home address, passport details, date of birth, email address, phone number, username, signature). This information helps us to identify you.
• Information required by regulatory authorities (e.g. AML/CTF & KYC requirements) (identity documents, personal photo, incorporation documents for legal entities, information about the ultimate beneficiaries, proof of address, utility bills or bank statements, source of fund declaration, purposes of fund documents and source of wealth).
• Information related to usage of our Services (web requests, IP address, browser type, language, time zone settings, browser plug-in types and versions, operating system and hardware setting, phone number, information derived from network operator, GPS, base station and WLAN). This information helps our systems to ensure that our Services are accessible for Users across all platforms and can aid during criminal investigations. Your location information (determined through GPS and IP address) helps us to prevent fraud when your location and device type are different from what you would normally use.
• Information related to Transactions (account numbers, account balances, Transactions history, transaction activity, distribution history). We collect this information to monitor suspicious trading activity for fraud protection, legal case resolution and other purposes disclosed in this Policy.
• Communication information (communication that you send to us or generated through your use of our Services, including all messages, requests or other information you send in the course of your contract with us, all communications and file attachments in connection with your usage of our Services).

How will we use your data?

We collect your data so that we can:

• provide and maintain RFC Pay Services. We use the collected information to deliver, maintain and improve RFC Pay Services and verify our Users’ identities.
• protect our Users. We use the collected information to protect our Website, Platform, Users’s Accounts and archives. We use IP addresses and cookies to protect against automated abuse such as spam, phishing and other hacker attacks.
• comply with legal and regulatory requirements. We use the information in compliance with our legal obligations and government requests. In cases where it is strictly necessary to fulfill the purpose of public interest, to pursue our reasonable interests (without causing damage to the interests of our Users), we may process your personal information without your consent. We will not disclose or provide any of your personal information to third parties without a review from our legal team and/or your prior consent, except for the situations stated in this Privacy Policy or our Terms of Use.
• communicate with you. We use your personal information like your phone number or email address to interact with you directly when providing customer service or to keep you informed on logins, transactions, account security and other aspects. All direct communications are properly kept at RFC Pay or the service provider designated by RFC Pay, to be reviewed for accuracy, to be kept as evidence, or to be used to perform other statutory or contractual obligations.
• enforce our Terms of Use and other agreements with our Users. It includes, but not limited to reviewing, investigating, and preventing any potentially prohibited or illegal activities that may violate the foregoing provisions, or disclose the relevant information to a third party in accordance therewith.
• marketing and advertising. We may use your personal information for the purposes of targeting, modelling, and/or analytics as well as marketing and advertising.
• establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.
• Please do not supply any other person’s personal data to us, unless we prompt you to do so and/or we have agreed in writing prior to receiving the data from you. Any information that we receive that is not identified shall be notified to you and destroyed immediately.

Transfer of your personal data

You understand that we have the right to have all or some of the collected personal information transferred to or stored in other countries or regions than your country of nationality, your country of residence, or the country where the server is, without your specific consent, under the following circumstances:

• if it is necessary to protect, process, analyze, reasonably use the personal information;
• if it is necessary to enforce our Terms of Use and other agreements with our Users;
• if it is necessary for the public interest;
• if it is necessary to establish, exercise or defend the rights of us, our partners, or other Users;
• other circumstances required by law or government orders.
• We share your data with our partner companies or contractors to be able to provide you with Services. For example, your Transactions may be handled by external payment service providers.We may disclose your data to one or more of those selected payment services providers via APIs and/or other methods of integration to enable them to connect your Account with their services. Each such payment services provider will act as a data controller in relation to the data that we supply to it and can provide you a copy of its own privacy policy, which will govern that third party’s use of your personal data. Some of our Services or activities may be outsourced to third parties which will process your personal data (e.g. third party organisations that provide applications/functionality, data processing or IT services to us). We will share your personal data only to the extent necessary for the purposes defined in the relevant agreements. We use standard contract clauses, rely on the European Commission’s adequacy decision about certain countries, and when applicable, conduct data protection impact assessment prior to processing which may potentially result in a high risk to your rights and freedoms. By using our Services you give us your consent to process your personal data in third countries, including outside the EEA or the UK. You have the right to obtain copies of the standard contractual clauses, a summary description of the security measures we put in place for your personal data processing in third countries and a list of subcontractors used for your personal data processing. Please send your request to business@codegotech.com and we will provide you with this information within one month. You also have the right to revoke your consent at any time by sending us an email to business@codegotech.com.

How do we store and protect your data?

We take all necessary precautions to safeguard the privacy of your personal information. We use technical, contractual, administrative and physical security steps to protect your personal information. We adopted security measures such as restricted access, scanning, encryption, firewall to minimize the risk that your information may be lost, disclosed, misused, accessed without authorization, disclosed without authorization, or altered.

Please be aware that no data transmission over the Internet or via email is completely secure and therefore we cannot guarantee the protection of all personal information in all cases. As such, we request that you understand the responsibility to independently take safety precautions to protect your own personal information. You agree that we shall not be liable for any information leakage and other losses caused by our gross negligence, including but not limited to hacker attack, power interruption, or unavoidable technical failure, to the maximum extent permitted by Law.

Also, please remember that materials posted to online forums such as bulletin boards or chat rooms are public, not secure, and may be viewed by anyone. Any personal information you post may be collected and used by anyone and may result in unsolicited messages from other parties.

Marketing

We like to send you information about products and services of ours that we think you might like. If you have agreed to receive marketing, you may always opt out at a later date. You have the right at any time to stop us from contacting you for marketing purposes. If you no longer wish to be contacted for marketing purposes, please click on the unsubscribe link in the bottom of the marketing email and submit your request to unsubscribe.

What are your data protection rights?

We would like to make sure you are fully aware of all of your data protection rights. Every client is entitled to the following:

• The right to access You have the right to request us for copies of your personal data. We may charge you a reasonable fee for providing this service.
• The right to rectification You have the right to request that we correct any information you believe is inaccurate. You also have the right to request us to complete the information you believe is incomplete within a reasonable limit.
• The right to erasure You have the right to request that we erase your personal data, under certain conditions.
• The right to restrict processing You have the right to request that we restrict the processing of your personal data, under certain conditions. However, you should understand that such restriction of the processing may prevent us from providing you with some of RFC Pay Services.
• The right to object to processing You have the right to object that we process your personal data, under certain conditions. However, you should understand that such restriction of the processing may prevent us from providing you with some of RFC Pay Services.
• The right to data portability You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions. We may charge a reasonable fee for providing this service.
  If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: business@codegotech.com.
• Cookies Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our Website or Platform, we may collect information from you automatically through cookies or similar technology For further information, visit allaboutcookies.org.

How do we use cookies?

We use cookies in a range of ways to improve your experience on our Website and Platform, including:

• Keeping you signed in;
• Understanding your habits and preferences when browsing RFC Pay;
• Analyzing our performance and verifying the effectiveness of online advertising.
• We also use cookies as an element of security measures to protect access to your Account, including preventing fraudulent use of login credentials, and to protect our Website and Services generally.

What types of cookies do we use?

We use cookies for the following purposes:

• Authentication we use cookies to identify you when you visit our website and as you navigate our website;status – we use cookies to help us to determine if you are logged into our website;
• Personalization we use cookies [to store information about your preferences and to personalize the website for you;
• Security we use cookies as an element of the security measures used to protect user accounts, including preventing fraudulent use of login credentials, and to protect our website and services generally;
• Analysis we use cookies to help us to analyze the use and performance of our website and services; and
• cookie consent we use cookies to store your preferences in relation to the use of cookies more generally.
• Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless you delete it before the expiry date; a session cookie, on the other hand, will expire at the end of your navigation session, when the web browser is closed.

How to manage cookies

Most browsers are preset to accept cookies. You can adjust your browser setting to prevent cookies or to notify you as soon as cookies are loaded. However, stopping all cookies might mean that you cannot access or use some features of RFC Pay. Should you have any further questions, or if you wish to exercise any of your rights under the British Data Protection Act 2018 (DPA), the General Data Protection Regulation (GDPR) or the European Union Directive ePrivacy 2009/136/EC (ePR), please contact us at business@codegotech.com.

Privacy policies of other websites

Our Privacy Policy applies only to our Services. If you visit other third-party platforms or partner’s websites, apps via the links on RFC Pay, you should agree with and abide by their separate and independent privacy policies. We are not responsible for the content or the activities therein, you should read their privacy policy.

Changes to our Privacy Policy

We keep our Privacy Policy under regular review and place any updates on this web page. You shall regularly review the Privacy Policy and pay attention to its revisions. If you do not agree with the revised content, you shall stop accessing RFC Pay immediately. When an updated version of the Privacy Policy is released, your continued access to RFC Pay means that you agree to the updated content and agree to abide by the updated Privacy Policy.

How to contact us

If you have any questions about our Privacy Policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us. Email us at: business@codegotech.com

How to contact the appropriate authority

Should you wish to report a complaint or if you feel that we have not addressed your concern in a satisfactory manner, you may contact your National Data Protection Authority if you are a resident of the EEA, or the Information Commissioner’s Office in the UK. Residents of other jurisdictions may contact their national data protection authority.