Book a demo

Privacy Policy
for FinqLink

Finqware Privacy Policy describes the privacy practices of FinqLink service.

If the information or content you provide while using the FinqLink service contains personal information of other people, you must have legal permission to share such personal information with Finqware.

If the data provided is likely to lead to the identification, directly or indirectly, of a natural person (“Data Subject”) when using our services, Finqware shall process personal data and ensure their protection according to the applicable legislation, including Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR).

Terms within the meaning of the General Regulation (EU) 2016/679:
“GDPR” means Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
“personal data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
“processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
“restriction of processing’” means the marking of stored personal data with the aim of limiting their processing in the future;
“controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
“processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
“third party” means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data;
“consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
“personal data breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed;
1

Categories of data we process

In this sense, at the time of initiating the payment or later, when the situation demands it (for example, in the case of a transaction carried out under suspicious conditions), Finqware SRL will process the following categories of data:

PSU contact details: email address;
Data on the payment method used: the bank that administers the account from which you chose to initiate the payment;
Transaction data: our client’s name and website, unique transaction identification code, payment recipient (name and IBAN account), transaction date, transaction amount and payment description;
Connection data: location, IP address, device, operating system and Internet browser used;
Transaction history data: data on FinqLink service usage history;
Data regarding fraudulent / potentially fraudulent activity carried out using FinqLink: data relating to suspected fraud or other illegal use of the services we provide.
2

We process the data obtained for the following purposes:

Processing the payment initiation request: to initiate the payment, we send to the bank that manages your account from which you chose to make the payment the unique transaction identification code, payment recipient (name and IBAN account), transaction amount and payment description;
Information on payment status: we may contact you by e-mail to send you information about the result of the payment made;
Communication: we may contact you by e-mail to send you information regarding the availability of our services or other elements related to the use of the service (security notifications, various notices of a legal nature, etc.);
Customer support: we use the data that is available to us to investigate, resolve and respond to notifications or complaints regarding the use of the service;
Settlement of disputes related to payments: in the event that disputes related to a payment that you have initiated arise, we need to process a series of data about the transaction that you have made and make them available to our partner client, i.e., the bank that administers your account from which you chose to make the payment;
Fraud prevention and payment security: as providers of payment initiation services, we have an obligation to ensure the prevention and identification of potential fraud and to keep our systems secure;
Our accounting records: when we invoice the services provided to our partner clients, we must keep accounting records regarding the transactions processed, for the purpose of fulfilling our legal obligations under financial, accounting and tax legislation;
Development of services: we use data, including feedback received through various channels, to carry out research and development activities in order to improve our services and to mitigate fraud risk.
3

We process the data obtained on the basis of the following legal grounds:

the performance of the contractual obligations to our customers who integrate our services for the initiation of payments, by which you wish to initiate a payment for goods or services;
performance of our service contract (as a result of your acceptance of the Terms and Conditions of the payment initiation service);
compliance with our legal obligations (such as know-your-customer legislation, tax and accounting legislation, etc.);
our legitimate interest to ensure the security of our platform, to prevent fraud and incidents related to payments, to resolve any disputes regarding payment and to monitor the quality of our services and the technical capacity of our platform, and to collaborate with our partners on the fulfillment of the obligations arising from Law no. 129/2019 to prevent and combat money laundering and terrorism financing.
4

How long we keep data

As a general rule, we will store your personal data for as long as necessary to provide the services used, as well as subsequently, in order to comply with the applicable legal obligations, including, but not limited to, provisions on archiving obligations.

Data related to cookies and similar technologies are kept according to the specific terms set for those technologies; the storage term may be between the duration of the browsing session (for session cookies) and a longer duration, for example for analytics cookies, etc. Please also read carefully the Cookies Policy.

You may request us to delete, modify, supplement or intervene on certain information regarding a right of yours at any time and we will comply with such requests, subject to the retention of certain information where required by applicable law or our legitimate interests. The request can be made in a written form, dated and signed, to Finqware at the email address: dpo@finqware.com

5

Data transfer

We limit access to data for third parties, but in certain cases we may transmit or provide access to certain personal data you have provided to us to the following categories of recipients: natural or legal persons acting as processors for Finqware in various fields (such as archiving documents, destruction of documents, or data storage, payment services, various services that we can outsource, such as in the field of human resources etc.), other persons, courts, authorities. In these cases, we will disclose data for legitimate reasons related to our activity, such as: document security, reduction of our activity, ascertaining, defending and exercising our rights or interests or those of another person.

If we have a legal obligation or if it is necessary to defend a legitimate interest, we may also disclose certain personal data to public authorities.
We make sure that access, to the data provided by you, by third parties – legal entities governed by public law – is done in accordance with the legal provisions on data protection and confidentiality of information, based on contracts concluded with them.

We do not transfer personal data or any part of it to other companies, organizations or individuals from third countries or to international organizations. If there are any changes in this regard, we will notify you so that you can exercise your right to accept or refuse such a transfer.

6

Your rights as a data subject:

Data access: the data subject may request information about the personal data we hold about him, including information about the categories of data we hold or control, what they are used for, how long they are processed and to whom this data is disclosed, if applicable. We will provide a copy of your personal data upon request. In certain situations, we may charge a reasonable fee for providing the data, based on our administrative costs.
Data rectification: the data subject may ask us to correct the information we process about him if it is incorrect or incomplete.

Restriction of processing: the data subject may ask us to cease processing the personal data we hold about him.

Data erasure (“right to be forgotten”): the data subject may ask us to delete the personal data we process about him in situations such as:

the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
the data subject withdraws consent on which the processing is based;
the data subject objects to the processing and there are no overriding legitimate grounds for the processing;
the personal data have been unlawfully processed.

Data portability: the data subject may request the transfer of his personal data, under certain conditions set by the GDPR, to another service provider.

The right not to be subject to an automated individual decision-making: the data subject has the right to be informed about automated decision-making, to request an examination of the automated decision by a person and challenge the automated decision if he or she has not explicitly accepted the automated decision, unless the automated decision is based on a law or on the performance of a contract.

The right to petition: the data subject may address at any time the National Authority for the Supervision of Personal Data Processing (ANSPDCP).

To exercise the above-mentioned rights or for any question related to how the data is used or if some of your data is incorrect, you may send a written, dated and signed request to Finqware to the e-mail address mentioned below.

In your request, please indicate whether you want the information to be communicated to a specific address (postal or e-mail) or by courier service to ensure that you receive the information personally. Please note that before complying with any such request, we reserve the right to verify your identity to ensure that the request comes from you. You also have the right to go to court for any violation of your rights regarding the processing of personal data. The information you provide to us will be used and stored only for the purpose for which you provided it, to administer, support and evaluate our services, including to prevent breaches of system security and to comply with the law and our contractual terms.

We aim to respond to any valid requests within a maximum of one month. We will let you know if we need more than one month. We may ask if you can give us more details or what you are concerned about. This will help us to act more quickly and shorten the response time to your request.

We must not comply with a request if it would adversely affect the rights and freedoms of other data subjects.

7

Contact details

Any request is valid if sent to the address or email mentioned below. If the request is made by post, it will be sent by registered letter with acknowledgment of receipt and shall be deemed received by the addressee on the date stated by the receiving post office on that acknowledgment. If the notification is made by courier or if it was delivered in person, it shall be deemed received by the addressee on the date of signature of receipt, and if it was sent by email, it shall be deemed received on the first working day immediately following the one on which it was sent.

Address: Strada Elena Caragiani, Nr. 21, Et. 3, Ap. 8, Sector 1, București.
e-mail: dpo@finqware.com

8

Updates

Finqware SRL reserves the right to modify and update the terms and conditions of use at any time without prior notice. Therefore, please visit this page periodically to check the applicable terms.
Date of last update: 12.12.2023.

Cookies Policy

This policy refers to cookies and similar technologies used in the FinqLink platform owned by Finqware.
Finqware may set or read cookies and device identifiers when you use the application or visit the www.finqware.com website. Please visit the website and read the Finqware Terms and Conditions and Policies for more details.

9

What is a cookie?

An “Internet Cookie” (also known as “browser cookie” or “HTTP cookie” or simply “cookie”) is a small file, consisting of letters and numbers, which will be stored on the computer, mobile terminal or other equipment of a user from which the Internet is accessed.

The cookie is installed by request sent by a webserver to a browser (for example: Internet Explorer, Firefox, Chrome) and is completely “passive” (it does not contain software programs, viruses or spyware and cannot access information on the user’s hard drive). The cookie stores certain information (for example, your preferred language or web page settings), which the browser you use may retransfer to us when you access the web page again (depending on the lifetime of the cookie).

Cookies themselves do not require personal information in order to be used and, in most cases, do not personally identify internet users.

10

Types of cookies

There are several types of cookies. Their classification is made according to their lifespan, role and source, as follows:

Types of cookies depending on their lifetime
Session cookies:
They are temporarily stored in the cookies folder of the web browser so that it can store them until the user leaves the respective website or closes the browser window (e.g., when logging in / logging out a webmail account or social networks).
Persistent cookies:
These are stored on the hard drive of a computer or device (and generally depend on the default lifetime for the cookie). Persistent cookies also include those placed by a website other than the one the user is currently visiting – known as ‘third party cookies’ – which can be used anonymously to memorize a user’s interests so that the most relevant advertising for the user is delivered.
Types of cookies depending on their role
Strictly necessary cookies:
These types of cookies are necessary for the websites to function properly. Without these cookies, we will not be able to provide certain features, such as, for example, automatic redirection to the least busy server etc.
Functionality cookies
Functional cookie modules record information related to the choices that users make and also allow website operators to customize the website according to user requirements. For example, cookies can be used to save preferences related to dashboard customization.
Performance and analytics cookies
These types of cookies enable website operators to monitor visits and traffic sources, how users interact with the website or certain sections of the website. The information provided by analytics cookies helps operators understand how visitors use the websites and then use this information to improve how the content offered to users is presented.
Targeting and advertising cookies
These cookies can provide the ability to monitor user online activity and establish user profiles that can then be used for marketing purposes. For example, based on cookies, products and services agreed by a user can be identified, this information subsequently serving to send appropriate advertising messages to that user.
First-party cookies vs third-party cookies

Every cookie has an “owner” (the website / internet domain) that places that cookie.

First-party cookies are placed by the Internet domain / website accessed by the user (whose address appears in the address bar of the browser). For example, if the user visits www.finqware.com, and the domain of the cookie placed on their computer is www.finqware.com, then it is a first-party cookie.

A third-party cookie is placed by a different Internet domain/website than the one accessed by the user; this means that the accessed website contains information from a third-party website, too – for example, an advertising banner that appears on the accessed site. So, if the user visits www.finqware.com, but the cookie placed on their computer has the domain doublecklick.net, then it is a third-party cookie.

Embedded content (buttons, apps and social media widgets)

Web pages allow the integration of social buttons or widgets from a third-party, which allow users to interact with the sites whose social buttons or widgets are implemented. The user’s interaction with the social buttons or widgets from a third-party allows the third-party to collect some information about that user, including the IP address, information in the page header, and information about the browser.

A widget is a simple extension of an application that is already installed on the telephone. An example is the Calendar widget, which provides a quick view of the upcoming events in your calendar without having to open the “Calendar” application.

How do targeting and advertising cookies work?

In general, data about Internet browsing activity is collected and analysed anonymously. If a specific interest emerges from this analysis, a cookie (small text file that is used by most websites to store certain pieces of useful information to make the browsing experience better) is placed on the user’s computer and this cookie determines what advertisement the user will receive, which is called interest-based advertising.

Interest-based advertising is a way of delivering ads to the websites you visit and making them more relevant to your interests. The common interests are grouped according to the previous browsing activity and only the advertising that matches their interests is served to users. In this way, advertising is relevant and as useful as possible.

10

Disabling/refusing cookies in your Internet browser settings

In general, browsers have integrated privacy settings that provide different levels of cookie acceptance, validity period and automatic deletion after the user has visited a certain site.

11

Other security aspects related to cookies:

Customize your browser cookie settings to reflect a comfortable level of cookie security for you.
If you are the only person using the computer, you can set, if you wish, long expiration periods for storing your browsing history and personal access data.
If you share computer access, you may consider setting your browser to delete individual browsing data each time you close the browser. This is an option to access sites that place cookies and delete any visit information when you close the browsing session.
12

Types of cookies and device identifiers we use

Below is the detailed list of cookies and device identifiers used.

 

If you want to find more information about cookies and what they are used for, we recommend the following links:

   https://support.microsoft.com/en-us/help/260971/description-of-cookies

   https://www.allaboutcookies.org

   http://www.youronlinechoices.com/ro/

 

At the moment FinqLink does not use cookies; if this will change in the future, we will mention here which cookies we use.

 

In addition, please also refer to the terms and conditions, as well as the policies of the bank on the page where you request payment authorization, as well as those presented on the FinqLink partner page, to be informed.

13

Governing Law & Disputes

The language governing this policy is Romanian. All communications shall be made in Romanian.
The law applicable to the Terms and Conditions, the Privacy Policy and the Cookies Policy, as well as any other policies presented, is the Romanian law.

In the event of a dispute, an amicable settlement will be attempted first, within 30 working days of the registration of the complaint.

Close
Search

Hit enter to search or ESC to close