1.1 Change is to be considered a data controller in respect of your personal data collected and processed in respect of providing Services to the Users. Change can be reached via [email protected].
1.2 Change has appointed a data protection officer, whose identity information can be found on Change’s Website and who can be reached via [email protected].
1.3 Change is processing Users’ personal data for the performance of or entering into a contract, in the form of the Terms, concluded or to be concluded with the Users. Each User’s personal data is processed for the purposes of providing the Services to the User. Without processing the User’s personal data, Change would be unable to provide Services to the User.
1.4 For complying with our legal obligations deriving from applicable legislation, as specified in Section 0 above and for meeting our accounting/financial obligations, we are also processing Users’ personal data on the basis of legislation. For complying with our legal obligations, as specified in Section 0 above, Change may receive data from other sources than the User, e.g. from public and non-public sources.
1.5 The personal data of Users is being processed by the following categories of data recipients: Change’s employees responsible for specific tasks regarding the Services, data processors who help Change with providing the Services (e.g. service providers for the maintenance of our IT-systems and for fulfilling our legal obligations as stated in Section 0 above) and third parties to whom Change is required to transfer data under applicable legislation, e.g. relevant state institutions and sector-specific authorities.
1.7 Certain activities of Change may result in the transferring of personal data to Third Countries, meaning countries located outside the EU/EEA, and to countries in relation to which the EU Commission has not issued an adequacy decision, e.g. the US. For ensuring that the User’s data is protected, Change applies appropriate safeguards in the form of standard data protection clauses adopted by the European Commission for the transfers. In case the User wishes to know more about the safeguards and obtain a relevant copy of them, please contact Change using the details specified in Section 1.2 above.
1.8 Change is not responsible for the actions and processing activities of any third parties. Third parties are considered to be separate data controllers, whose services can be procured by concluding separate agreements with them. Third parties may transfer Users’ personal data to Third Countries and process it for independent purposes.
1.9 Users’ personal data is, generally, retained as long as the User is using the Services. After the User has stopped using the Services and the User Account has been closed, pursuant to Section 0 above, the User’s personal data shall be retained as long as any claims can be presented on the basis of such data under applicable legislation. Certain data, e.g. data necessary for accounting purposes, data obtained for the purposes of the fulfilment of obligations related to anti-money laundering and terrorist financing prevention, shall be retained as required under applicable legislation and industry standards. Generally, for 7 years since the date of closing the User Account.
1.10 Change shall maintain the confidentiality of all information of which Change became aware on the basis of its relationship with the User, including information concerning the User and the Payment Account and Payment Transactions thereof, unless the right or obligation to disclose information arises from legislation.
1.11 Change shall be released from the obligation to maintain confidentiality to the extent that the User has granted consent to the disclosure of information in writing or in Change Apps or Website or to the extent a disclosure of confidential information is allowed or required under applicable laws and/or mandatory orders by regulatory authorities.
1.12 For entering into and for the performance of a contractual agreement between the User and Change, Change is applying certain automated decision-making methods to assess the User’s capability and suitability, among other for the purposes indicated in Section 12 above, to enter into a contractual agreement between the User and Change. Change is applying the capability of human-intervention into the aforesaid assessment, however, in cases the User is seen as not suitable for User Account opening and thus entering into contractual agreement, in the form of the Terms, Change reserves the right not to open the User Account or stop providing the Services to User.
1.13 Each User, as a data subject, is, at any time, entitled to exercise the following rights:
1.13.1 The right to request the correction of the User’s personal data;
1.13.2 The right to request access to the User’s personal data;
1.13.3 The right to request the erasure of the User’s personal data;
1.13.4 The right to request the restriction of processing of the User’s personal data;
1.13.5 The right to object to the processing of the User’s personal data;
1.13.6 The right to exercise data portability in cases where such data has been provided for the performance of or entering into a contractual agreement by accepting the Terms or has been provided under the consent; and
1.13.7 The right to lodge a complaint to a supervisory authority.
Get started with Bitcoin.
© 2019 xChange AS
The Debit Card is an electronic money product and although it is a product regulated by the Financial Conduct Authority, it is not covered by the Financial Services Compensation Scheme. We ensure that any funds received by you are held in a segregated account so that in the unlikely event that Contis Financial Services Ltd becomes insolvent your funds will be protected against claims made by creditors.