Privacy Policy

[PUBLICATION: January 11, 2022 / LAST AMENDMENT DATE OF THE PRIVACY POLICY: January 11, 2022]


1. DATA CONTROLLER.

The Data Controller is “Gelt Cash Transfer, S.L.U.”, a Spanish commercial entity with registered offices in Madrid, at calle Pajaritos, 24, holder of tax identification number B-88506191, registered in the Commercial Register of Madrid in Volume 39747, Page 128, 1st entry, Sheet M-706244 (hereinafter, “SENDITY”). SENDITY is the brand name under which the company that owns and manages the web domain www.sendity.com (hereinafter, the “Website”) and the mobile application “SENDITY” (hereinafter, the “Application”) operates.

You can contact SENDITY at the following e-mail address hola@sendity.com

SENDITY takes the privacy of Users very seriously, guaranteeing the confidentiality of the Personal Data to which it has access, and that this processing will always be carried out in accordance with this Privacy Policy and all applicable data protection and privacy legislation at all times.

SENDITY, in its capacity as Data Controller, guarantees Users that it will always apply the applicable technical and organisational security measures established in current legislation given the nature of the personal data processed and the circumstances of the processing, as well as those that are advisable given the state of technology, guaranteeing the integrity, security and confidentiality of Personal Data.

2. PERSONAL DATA COLLECTED

SENDITY will collect and process users' personal data in accordance with the provisions of this Privacy Policy, as well as in accordance with the specific data protection clauses for certain products or services that may be applicable in each case.
Personal Data of Users collected and processed by SENDITY are:

Mandatory personal data to register in the Application and/or on the Website:

  • Name and surname
  • E-mail address
  • Mobile phone number

Personal data required if the User sends money through SENDITY. 

Issuer data:

  • Name and surname
  • E-mail address
  • Phone number
  • Payment information:
    • Card number
    • Name of the card holder
    • Expiry date
    • Card security code
  • Agree to the terms and conditions of service
  • Photograph of the front and back of the identity card

Receiver's data (receipt of money in bank account):

  • Name and surname
  • E-mail address (non-mandatory)
  • Phone number (non-mandatory)
  • Bank account number
  • Swift code of the account
  • Identity card number (Spanish ID or Foreigners ID)

Receiver's data (receipt of the money at an official collection point):

  • Name
  • Surname
  • E-mail address (non-mandatory)
  • Phone number (non-mandatory)
  • Bank account number
  • Swift code of the account
  • Identity card number (Spanish ID or Foreigners ID)
  • City
  • Postal code
  • Collection point (from a list of available ones)

Payment information:

  • Card number
  • Name of the card holder
  • Expiry date
  • Card security code

The payment information detailed above will not be collected at any time by SENDITY, but will be entered by the User in the payment gateway provided by RevoluPAY. EP SLU, (hereinafter “RevoluPAY”).

SENDITY shall limit the collection and processing of personal data only for the purposes of personal data processing as detailed in sections three and four below.

3. PURPOSE OF THE PROCESSING.

The personal data collected will be processed for the purpose of:

  1. Providing the service.
  2. Undertaking reporting and analysis of the service.
  3. Creating new products and services.
  4. Providing user support.
  5. Managing the Website and the Application.
  6. Preventing fraud.
  7. Commercial/marketing communications with users.
  8. Analysing the use and impact of SENDITY services on its users.
  9. Sending newsletters to Users.

4. LEGAL BASIS.

The legal basis for the processing of personal data by SENDITY is:

  1. The free and explicit consent of the data subject.
  2. The provision of the performance of the Services provided by SENDITY.
  3. Legitimate interest of SENDITY to send commercial/marketing communications.


5. RECIPIENTS.

 

Data Processors: SENDITY will share personal data with Data Processors (SENDITY's service providers) for the purposes established by SENDITY and supported by a Data Processing Agreement in accordance with Spanish and European legislation on personal data protection. The Data Processors are both inside and outside the European Union. In the event that Data Processors are established outside the European Union, SENDITY shall ensure that they provide the appropriate guarantees, such as, for example, compliance with the standard contractual clauses established by the European Commission.

Third parties: SENDITY will not share personal data with third parties. Notwithstanding the above, SENDITY may share personal data collected with other companies in the group of companies GELT (“GELT”, “GELT GIRO” and “GELT CASH”).

International transfers: SENDITY does not perform international transfers of personal data. In this case, SENDITY will comply with all the provisions established in Spanish and European legislation on personal data protection.

Legal obligation: SENDITY, as a payment service provider, is obliged to provide Banco de España, electronically and every six months, with statistical data on fraud.

In compliance with the legal obligations related to money laundering and terrorist financing regulations, SENDITY must provide information on payment transactions to authorities or official bodies in other countries, both inside and outside the European Union, in the framework of the fight against the financing of terrorism and other serious forms of organised crime and the prevention of money laundering.

Likewise, SENDITY may also provide users' personal data to public authorities when required to do so in a reasoned and justified manner.

6. RETENTION PERIOD OF PERSONAL DATA.

SENDITY will retain the personal data provided by the user, as long as it is necessary for the provision of services. SENDITY will subject processed data to review periods in order to block (and subsequently delete) data that is no longer processed or is no longer necessary for the purpose of processing until it is definitively deleted in accordance with the deadlines set by current legislation. For example, after the end of the contractual relationship with SENDITY, under the Law on the Prevention of Money Laundering and Terrorist Financing, SENDITY is obliged to retain data for a period of at least 10 years.

Data retention periods according to current legislation:

  • 4 years: Law on Infractions and Penalties in the Social Order (obligations regarding affiliation, registration, cancellation, contributions, payment of wages, etc.); Arts. 66 et seq. General Tax Law (accounting books...).
  • 5 years: Art. 1964 Civil Code (personal actions without special time limit).
  • 6 years: Art. 30 Commercial Code (accounting books, invoices...).
  • 10 years: Art. 25 Law on Prevention of Money Laundering and Terrorist Financing.
  • No deadline: disaggregated and anonymised data.

7. RIGHTS.

The user or data subject may exercise the following rights over his/her personal data processed by SENDITY.

  • Right of access: a user / data subject has the right to access his/her personal data to verify that it is processed in accordance with the law.
  • Right of rectification: a user / data subject has the right to request the rectification of any inaccurate or incomplete personal data, in order to protect the accuracy of such information and to adapt it to the data processing.
  • Right of erasure: a user / data subject has the right to request that the controller erases his or her information and no longer processes such data. However, a number of exceptions are provided for in which this right does not apply.
  • Right to restriction of processing: a user / data subject has the right to request that the controller restricts the processing of his or her data.
  • Right of portability: a user / data subject has the right to request data portability, which means that a user / data subject can receive the personal data originally provided in a structured and commonly used format or can request the transfer of the data to another controller.
  • Right of opposition: a user / data subject who provides personal data to a data controller has the right to object, at any time, to the processing of data for a number of reasons, as provided for in the applicable law, without the need to justify his decision.
  • Right not to be subject to automated individualised decisions: a user / data subject has the right not to be subject to a decision based solely on automated processing, including profiling, if such profiling produces a legal effect on the user / data subject or significantly affects him or her.
  • Right to lodge a complaint with the Supervisory Authority: all users / data subjects have the right to lodge a complaint with a Supervisory Authority, in particular in the EU Member State of his/her habitual residence, place of work or place of alleged infringement if the data subject considers that the processing of personal data relating to him/her is in breach of the applicable regulations. In Spain, the supervisory authority is the Spanish Data Protection Agency (Agencia Española de Protección de Datos).

To exercise these rights, the User may contact SENDITY by ordinary mail or by sending an e-mail to legal@sendity.com  

8. THIRD PARTY LINKS.

The user may find links on the website to other websites controlled by third parties. SENDITY does not have the power to control the content provided by these other websites and is not responsible for the processing of users' personal data by those controllers of these websites. We remind you that this Privacy Policy only applies to Personal Data collected and processed by SENDITY through the Website. Therefore, SENDITY accepts no responsibility for any aspect related to the processing of User data that may be carried out by those controllers of these third-party websites.

9. INFORMATION ABOUT COOKIES.

SENDITY uses cookies, which are files that are stored on the computer of the user accessing and browsing the Website and, in particular, contain a number that uniquely identifies the user's computer or device, even if they change location or IP address.

For more information on the types of proprietary and third-party cookies used by SENDITY, their configuration and/or deactivation, read and accept our Cookies Policy.

10. AMENDMENTS AND UPDATES TO THE PRIVACY POLICY.

This Privacy Policy is effective as of the effective date set out above and visible in the heading. SENDITY reserves the right to amend this Privacy Policy at any time in accordance with applicable data protection laws in Spain and Europe. If SENDITY makes changes to this Privacy Policy, we will notify you by means of a notice on our website or, if applicable, by means of an e-mail communication or automatic notification in your user area on the Website.

In any case, the date of the last update will appear in the heading of this Privacy Policy.

By continuing to access or use SENDITY services after such amendments or updates, the user is subject to the modified Privacy Policy.

11. CONTACT.

If you have any questions about this Privacy Policy or the use of your Personal Data, please send an email to legal@sendity.com 
 

Sendity operates under license from RevoluPAY EP S.L.U. RevoluPAY EP is it Authorized Payment Entity, supervised by the Banco de España and registered in the Registry of Entities with license number 6900.

COOKIES POLICY