Upd: Sep 24, 2024
This data privacy, use and retention policy (the “Privacy Policy”) applies to all personal data collection and processing activities carried out by Wirex Pte Ltd and its group (together, “Wirex”). In this policy, references to “we”, “us” or “our” are references to Wirex. Our principal address is Wirex Pte Ltd, 36, Robinson Road, #02-106, Singapore, 068877 and our privacy email address is privacy@wirexapp.com. We respect individuals' rights to privacy and to the protection of personal data. The purpose of this Privacy Policy is to explain how we collect and use personal data in connection with our business.
“PDPA” means the Personal Data Protection Act 2012 (as amended from time to time).“Personal data” means data, whether true or not, about an individual who can be identified from that data; or from that data and other information to which the organisation has or is likely to have access.
“Services” means the services that we, or our related entities, partners and/or vendors may provide to you.
We may update our Privacy Policy from time to time. When we do, we will communicate any changes to you and publish the updated Privacy Policy on our website. We would encourage you to visit our website regularly to stay informed of the purposes for which we process your information and your rights to control how we process it.
Our website uses small data files called cookies to improve functionality and your user experience. A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions and preferences (such as login, language, font size and other display preferences) over a period of time, so you don’t have to keep re-entering them whenever you come back to the site or browse from one page to another.
If you do not agree to the terms of this Privacy Policy, you must not access the platform or provide any Personal Data (as defined below) to us. In addition, if you are a customer of Wirex (“Customer”) or representative of the Customer, you must notify the DPO (as defined below) in writing of your decision to reject this Privacy Policy. Your rejection of this Privacy Policy or withdrawal of your consent to the collection, processing, use and/or disclosure of your Personal Data (as defined below) may affect the Services which Wirex is able to provide to you.
For the purpose of this Privacy Policy:
“DPO” shall mean the Wirex data protection officer. Their contact details are as follows:
Wirex Pte. Ltd.
36, Robinson Road,
#02-106,
Singapore, 068877
Email: privacy@wirexapp.com
We may collect, process and use various categories of personal data at the start of, and for the duration of, your relationship with us. We will limit the collection and processing of information to what is necessary to achieve one or more legitimate purposes as identified in this policy.
Personal data may include:
A. basic personal data, including name and address, date of birth and contact details;
B. financial information, including account and transactional information and history;
C. goods and services we provide to you;
D. visual images and personal appearance (such as copies of passports or real-time biometric facial scans); and
E. online profile and social media information and activity, based on your interaction with us and our websites and applications, including for example your login information, Internet Protocol (IP) address, smart device information, location coordinates, online and mobile app security authentication, mobile phone network information, searches, site visits and spending patterns; and
F. anonymised personal data from your contact book if you choose to enable the Send Money to Contacts Feature.
We may also process certain sensitive data for specific and limited purposes, such as detecting and preventing financial crime or to make our services accessible to customers. We will only process sensitive data where we've obtained your explicit consent or are otherwise lawfully permitted to do so (and then only for the particular purposes and activities set out at Schedule B for which the information is provided).
This may include biometric information, relating to the physical, physiological or behavioural characteristics of a person, including, for example, fingerprint or facial recognition or similar technologies to help us prevent fraud and money laundering. Where permitted by law, we may process information about criminal convictions or offences and alleged offences for specific and limited activities and purposes, such as to perform checks to prevent and detect crime and to comply with laws relating to money laundering, fraud, terrorist financing, bribery and corruption, and international sanctions. It may involve investigating and gathering intelligence on suspected financial crimes, fraud and threats and sharing data with taxation, law enforcement and regulatory bodies.
Your information is made up of all the financial and personal data we collect and hold about you or your business and the proprietors, officers and beneficial owners of that business and your transactions. It may include:
A. information you give to us;
B. information that we receive from third parties – including other Wirex group companies, third parties who provide services to you or us, credit reference, fraud prevention or government agencies,
C. and other financial institutions (where permitted by law);
D. information that we learn about you through our relationship with you and the way you operate your accounts and/or services, such as the payments made to and from your accounts;
E. information that we gather from the technology which you use to access our services (for example location data from your mobile phone, or an IP address or telephone number) and how you use it (for example pattern recognition).; and
F. first party and third party cookies when you access our services; and
G. information that we gather from publicly available sources, such as the press, the electoral register, company registers and online search engines.
We want to make sure you are aware of your rights in relation to the personal data we process about you. We have described those rights and the circumstances in which they apply in the table at Schedule A. If you wish to exercise any of these rights, or if you have any queries about how we use your personal data that are not answered here, or if you wish to complain to our Data Protection team, please contact us at privacy@wirexapp.com.
Please note that in some cases, if you do not agree to the way we process your information, it may not be possible for us to continue to operate your account and/or provide certain products and services to you.
Please note that Wirex will only comply with such requests to the extent it is legally obligated to and depending on your account activity until that date, certain personal data may be maintained in accordance with anti-money laundering and counter-terrorist financing legislation to which Wirex is subject.
From time to time, we may change the way we use your information. Where we believe you may not reasonably expect such a change, we will notify you and will allow a period
of at least 30 days for you to raise any objections before the change is made. However, please note that in some cases, if you do not agree to such changes, it may not be possible for us to continue to operate your account and/or provide certain products and services to you.
We will only use and share your information where it is necessary for us to lawfully carry out our business activities. Your information may be shared with and processed by other Wirex group companies. We want to ensure that you fully understand how your information may be used. We have described the purposes for which your information may be used in detail in a table in Schedule B – Purposes of Processing.
We may from time to time share and disclose your personal data and other data to third parties, some of whom may be located outside your home country. The circumstances under which such sharing and disclosure will take place may include without limitation the following:
A. where we have your permission;
B. where required to provide you with our product(s) or service(s);
C. where we are required by law and by law enforcement agencies, judicial bodies, government entities, tax authorities or regulatory bodies around the world;
D. with other financial institutions and third parties where required by law to help recover funds that have entered your account as a result of a misdirected payment by such a third party;
E. with third parties providing services to us, such as market analysis and benchmarking, correspondent banking, and agents and sub-contractors acting on our behalf, such as the companies which print our packing labels and provide the accounts;
F. with other financial institutions to help trace funds where you are a victim of suspected financial crime and you have agreed for us to do so, or where we suspect funds have entered your account as a result of a financial crime;
G. with debt collection agencies;
H. with credit reference and fraud prevention agencies;
I. with third-party guarantors or other companies that provide you with benefits or services (such as insurance cover) associated with our product or service;
J. where required for a proposed sale, reorganisation, transfer, financial arrangement, asset disposal or other transactions relating to our business and/or assets held by our business;
K. in anonymised form as part of statistics or other aggregated data shared with third parties; or
L. where permitted by law, it is necessary for our legitimate interests or those of a third party, and it is not inconsistent with the purposes listed above
If you ask us to, we will share information with any third party that provides you with account information or payment services. If you ask a third-party provider to provide you with account information or payment services, you're allowing that third party to access information relating to your account.
We are not responsible for any such third party's use of your account information, which will be governed by their agreement with you and any privacy statement they provide to you.
In the event that any additional authorised users are added to your account, we may share information about the use of the account by any authorised user with all other
authorised users. Wirex will not share your information with third parties for their own marketing purposes without your permission.
If your personal data in Singapore is sent outside Singapore, we will seek to ensure that your personal data is afforded a comparable level of protection as that provided by Wirex and as required by Singapore law.
Upon signing up to, and continued use of Wirex’s services, you consent to hear from us regarding marketing updates. We will send you relevant marketing information (including details of other products or services provided by us or other Wirex group companies which we believe may be of interest to you) by postal or electronic communication methods, including but not limited to email and SMS. If you change your mind about how you would like us to contact you, or you no longer wish to receive marketing material from us, you can simply unsubscribe from:
1. Our marketing emails. By clicking “unsubscribe” in any emails we have sent.
2. Our marketing text message. By texting “STOP” in any text messages we have sent.
3. Our postal marketing material. By contacting us at: privacy@wirexapp.com
We will contact you with information relevant to the operation and maintenance of your Wirex account (including updated information about how we process your personal data), by a variety of means including via, email, text message, and in-app notifications. If at any point in the future you change your contact details, you should tell us promptly about those changes. We may monitor or record calls, emails, text messages or other communications in accordance with applicable laws for the purposes outlined in Schedule B – Purposes of Processing.
We may access and use information from fraud prevention agencies when you open your account and periodically to:
A. manage and take decisions about your accounts;
B. prevent criminal activity, fraud and money laundering; and
C. check your identity and verify the accuracy of the information you provide to us;
Application decisions may be taken based solely on automated checks of information, for example from fraud prevention agencies and internal Wirex records. To help us make decisions on verifying your Wirex account, as well as transaction limits on your Wirex account, we look at information you give us when you apply for a Wirex Account; including biometric data such as your photograph and/ or facial scan, information regarding your location, age, nationality and/ or citizenship and other information which enables us to verify your identity and perform a risk assessment for money laundering and fraud prevention purposes.
We will continue to collect and monitor information about how you manage your Wirex account including your account balance, payments into your account, the regularity of payments being made, and any default in making payments, while you have a relationship with us. This information may be made available to other organisations (including fraud prevention agencies and other financial institutions) if required by orders by any law enforcement agency or the regulator or for any internal investigations. If false or inaccurate information is provided and/or fraud is identified or suspected, details will be passed to relevant fraud prevention agencies. Law enforcement agencies and other organisations may access and use this information.
We cooperate fully to the extent of our legal obligations in the prevention of fraud, money laundering and counter-terrorism. If we, or a fraud prevention agency, determine that you pose a fraud, money laundering or other criminal risk, we may refuse to provide the services you have requested, or we may stop providing existing services to you. A record of any fraud, money laundering or other criminal risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you. When fraud prevention agencies process your information, they do so on the basis that they have a legitimate interest in preventing fraud and money laundering, and to verify your identity, in order to protect their business and to comply with laws that apply to them.
By providing you with products or services, we create records containing your information, such as customer account records and activity and transaction records. Records can be held on a variety of media (physical or electronic) and formats, but they are primarily held electronically.
We manage our records to help us to better serve our customers (for example for operational reasons, such as dealing with any queries relating to your account) and to comply with legal and regulatory requirements. Records help us demonstrate that we are meeting our responsibilities and to keep as evidence of our business activities. Retention periods for records are determined based on the type of record, the nature of the activity, product or service, the country in which the relevant Wirex company is located and the applicable local legal or regulatory requirements.
We (and other Wirex group companies) retain customer records for up to five years after your relationship with Wirex ends. Retention periods may be changed from time to time based on legal and regulatory requirements. Where there has been no activity on your Wirex account since it was opened, we may delete your data after a period of 6 months, as you will be deemed an "unactivated user".
If there has been any transactional activity on your account, we will maintain your data until you request that we delete it, unless we are obligated to maintain such data to comply with our legal obligations. We may on exception retain your information for longer periods than those stated above, particularly where we need to withhold destruction or disposal based on an order from the courts or an investigation by law enforcement agencies or our regulators.
We will endeavour to anonymise or aggregate your data if we intend to use it for analytical purposes or trend analysis.
Wirex will use reasonable endeavours to maintain appropriate physical, electronic and organisational procedures to ensure that your personal data and other data is treated securely and in accordance with this Privacy Policy, and to protect such data against unauthorized access or unauthorized alteration, disclosure or destruction of data.
Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access. Wirex does not give any representation, warranty or undertaking that the personal data you provide to us will be secure at all times, and to the extent Wirex has fulfilled its obligations, under no circumstances shall Wirex be responsible for any losses, damages, costs and expenses which you may suffer or incur arising from unauthorised access to or use of your personal data.
If you would like more information about how long we keep your information, please contact us at: privacy@wirexapp.com
Rights Description
| Access – You have a right to get access to the personal data we hold about you. | Access – You have a right to get access to the personal data we hold about you. If you would like a copy of the personal data we hold about you, please write to: Wirex Pte Ltd, by emailing us at privacy@wirexapp.com; For more information on how to get access to your information and the documents we need you to submit, please email privacy@wirexapp.com. You will be required to complete a form outlining your request and will also need to provide proof of your identity (to ensure we are dealing with the account owner). |
| Rectification – You have a right to the rectification of inaccurate personal data and to update incomplete personal data. | If you believe that any of the information that we hold about you is inaccurate, you have a right to request that we restrict the processing of that information and to rectify the inaccurate personal data. Please note that if you request us to restrict processing your information, we may have to suspend the operation of your account and/or the products and services we provide to you. For more information on how to rectify your information and the documents we need you to submit, please email privacy@wirexapp.com. You will be required to complete a form outlining your request and will also need to provide proof of your identity (to ensure we are dealing with the account owner). |
| Restriction – You have a right to request us to restrict the processing of your personal data. | You may request us to restrict processing your personal data if you believe that: A. any of the information that we hold about you is inaccurate; B. we no longer need to process your information for the purposes for which it was provided, but you require the information to establish, exercise or defend legal claims; or C. we are not using your information in a lawful manner. Please note that if you request us to restrict processing your information, we may have to suspend the operation of your account and/or the products and services we provide to you. For more information on how to request a restriction of processing of your information and the documents we need you to submit, please email privacy@wirexapp.com. You will be required to complete a form outlining your request and will also need to provide proof of your identity (to ensure we are dealing with the account owner). |
| Portability – You have a right to data portability. | Where we have requested your permission to process your personal information or you have provided us with information for the purposes of entering into a contract with us, you have a right to receive the personal information you provided to us in a portable format. You may also request us to provide it directly to a third party, if technically feasible. We're not responsible for any such third party's use of your personal information, which will be governed by their agreement with you and any privacy statement they provide to you. If you would like to request a copy of the personal information you provided to us, please write to us at privacy@wirexapp.com. |
| Objection – You have a right to object to the processing of your personal data. | You have a right to object to us processing your personal data (and to request us to restrict processing) for the purposes described in Section C of Schedule B – Purposes of Processing (below), unless we can demonstrate compelling and legitimate grounds for the processing, which may override your own interests, or where we need to process your information to investigate and protect us or others from legal claims. Depending on the circumstances, we may need to restrict or cease processing your personal data altogether or, where requested, delete your information. Please note that if you object to us processing your information, we may have to suspend the operation of your account and/or the products and services we provide to you. |
| Withdraw consent – You have a right to withdraw your consent | Where we rely on your permission to process your personal data, you have a right to withdraw your consent at any time. We will always make it clear where we need your permission to undertake specific processing activities. |
We will only use and share your information where it is necessary for us to carry out our lawful business activities. Your information may be shared with and processed by other Wirex group companies. We want to ensure that you fully understand how your information may be used. We have described the purposes for which your information may be used in detail in the table below:
A. Contractual Necessity | |
| We may process your information where it is necessary to enter into a contract with you for the provision of our products or services or to perform our obligations under that contract. Please note that if you do not agree to provide us with the requested information, it may not be possible for us to continue to operate your account and/or provide products and services to you. This may include processing to: | A. assess and process applications for products or services; B. provide and administer those products and services throughout your relationship with Wirex, including opening, setting up or closing your accounts or products; collecting and issuing all necessary documentation; executing your instructions; processing transactions, including transferring money between accounts; making payments to third parties; resolving any queries or discrepancies and administering any changes. Calls to our service centre and communications to our mobile and online helplines may be recorded and monitored for these purposes. C. manage and maintain our relationships with you and for ongoing customer service. This may involve sharing your information with other Wirex group companies to improve the availability of our services, for example enabling customers to visit branches of other Wirex group companies; D. communicate with you about your account(s) or the products and services you receive from us. |
B. Legal obligation | |
| When you apply for a product or service (and throughout your relationship with us), we are required by law to collect and process certain personal data about you. Please note that if you do not agree to provide us with the requested information, it may not be possible for us to continue to operate your account and/or provide products and services to you. This may include processing to: | A. confirm your identity, including using biometric information and facial recognition technology and other identification procedures, for example fingerprint verification; B. perform checks and monitor transactions and location data for the purpose of preventing and detecting crime and to comply with laws relating to money laundering, fraud, terrorist financing, bribery and corruption, and international sanctions. This may require us to process information about criminal convictions and offences, to investigate and gather intelligence on suspected financial crimes, fraud and threats and to share data with law enforcement and regulatory bodies; C. share data with other financial institutions and third parties to help recover funds that have entered your account as a result of a misdirected payment by such a third party; D. share data with police, law enforcement, tax authorities or other government and fraud prevention agencies where we have a legal obligation, including reporting suspicious activity and complying with production and court orders; E. deliver mandatory communications to customers or communicating updates to product and service terms and conditions; F. investigate and resolve complaints; G. conduct investigations into breaches of conduct and corporate policies by our employees; H. manage contentious regulatory matters, investigations and litigation; I. perform assessments and analyse customer data for the purposes of managing, improving and fixing data quality; J. provide assurance that Wirex has effective processes to identify, manage, monitor and report the risks it is or might be exposed to; K. investigate and report on incidents or emergencies on Wirex’s properties and premises; L. coordinate responses to business-disrupting incidents and to ensure facilities, systems and people are available to continue providing services; and M. monitor dealings to prevent market abuse. |
C. Legitimate Interests of WirexWe may process your information where it is in our legitimate interests to do so as an organisation and without prejudicing your interests or fundamental rights and freedoms. | |
| We may process your information in the day-to-day running of our business, to manage our business and financial affairs and to protect our customers, employees and property. It is in our interests to ensure that our processes and systems operate effectively and that we can continue operating as a business. This may include processing your information to: | A. monitor, maintain and improve internal business processes, information and data, technology and communications solutions and services; B. ensure business continuity and disaster recovery and responding to information security and business incidents and emergencies; C. ensure network and information security, including monitoring authorised users’ access to our information technology for the purpose of preventing cyber-attacks, unauthorised use of our communications systems and websites, prevention or detection of crime and protection of your personal data; D. provide assurance on Wirex’s material risks and reporting to internal management and supervisory authorities on whether Wirex is managing them effectively; E. perform general, financial and regulatory accounting and reporting; F. protect our legal rights and interests; and G. enable a sale, reorganisation, transfer or other transaction relating to our business. |
| It is in our interest as a business to ensure that we provide you with the most appropriate products and services and that we continually develop and improve as an organisation. This may require processing your information to enable us to: | A. identify new business opportunities and to develop enquiries and leads into applications or proposals for new business and to develop our relationship with you; B. send you relevant marketing information (including details of other products or services provided by us or other Wirex group companies which we believe may be of interest to you); C. understand our customers’ actions, behaviour, preferences, expectations, feedback and financial history in order to improve our products and services, develop new products and services, and to improve the relevance of offers of products and services by Wirex group companies; D. monitor the performance and effectiveness of products and services; E. assess the quality of our customer services and to provide staff training. Calls to our Customer Support teams and communications to our mobile and online helplines may be recorded and monitored for these purposes; F. perform analysis on customer complaints for the purposes of preventing errors and process failures and rectifying negative impacts on customers; G. compensate customers for loss, inconvenience or distress as a result of services, process or regulatory failures; H. identify our customers’ use of third-party products and services in order to facilitate the uses of customer information detailed above; and I. combine your information with third-party data, such as economic data in order to understand customers’ needs better and improve our services. |
| We may perform data analysis, data matching and profiling to support decision-making with regards to the activities mentioned above. It may also involve sharing information with third parties who provide a service to us. It is in our interest as a business to manage our risk and to determine what products and services we can offer and the terms of those products and services. It is also in our interest to protect our business by preventing financial crime. This may include processing your information to: | A. carry out financial and insurance risk assessments; B. manage and take decisions about your accounts; C. carry out checks (in addition to statutory requirements) on customers and potential customers, business partners and associated persons, including performing adverse media checks, screening against external databases and sanctions lists and establishing connections to politically exposed persons; D. share data with fraud prevention agencies and law enforcement agencies; E. trace debtors and recovering outstanding debt; F. for risk reporting and risk management. |