Privacy Policy for MiFinity

Privacy Policy


1. Introduction 

1.1 MiFinity UK Limited (hereinafter referred to as “MUKL”) takes your privacy very seriously. We ask that you read this Privacy policy carefully as it contains important information about what to expect when MUKL collects personal information about you and how MUKL will use your personal data.

1.2 MUKL’s registered office is at 28 School Road, Newtownbreda, Belfast, County Antrim, Northern Ireland. It has registered number NI611169.

1.3 This policy applies to information we collect about:
1.3.1 visitors to our website; and
1.3.2 people who do business with us or register for our service.

1.4 Please read this Privacy Policy carefully to understand our views and practices regarding your personal data, how we use it and how we will treat it. If you do not agree with this Privacy Policy, please do not use our services.

2. The information we collect about you
When you do business with us or register for our service we may collect the following personal information from you:
a) your full name, residential address, email address, residence, nationality, IP address, telephone number, date of birth and bank or payment card details and any proof of your identity and/or address that we may request;
b) details of any transactions you carry out through our website and of the fulfilment of your requests;
c) details of any bank account (including, but not limited to, account holder, account name, account number, sort code, online banking PIN, Transaction Authentication Number “TAN” and password, available balance and transaction history of your bank account,);
d) details of any credit, debit or other card used by you for transactions;
e) your participation in any promotion sponsored by us;
f) correspondence that you send us;
g) calls that we make to you or you make to us;
h) surveys that you complete;
i) information collected through cookies – please see section 5 Cookies for more details;
j) your IP address, log-in times, operating system and browser type;

2.1 In order to fulfil our legal obligations to prevent fraud and money laundering, we will obtain information about you from third party agencies, including your financial history, county court judgements and bankruptcies, from credit reference and fraud prevention agencies when you open an account with MUKL and at any time when we feel it is necessary to prevent fraud and minimise our financial risks.

3. Information about other individuals

3.1 If you give us information on behalf of someone else, you confirm that the other person has appointed you to act on his/her behalf and has agreed that you can:
3.1.1 give consent on his/her behalf to the processing of his/her personal data;
3.1.2 receive on his/her behalf any data protection notices; and
3.1.3 give consent to the transfer of his/her personal data abroad.

4. How we will use the information about you

4.1 We use information held about you in the following ways:
a) to operate and administer your account with MUKL and to provide the services that you have requested;
b) to carry out your instructions to make and receive payments and undertake transactions using our services, including verifying that you have sufficient funds in your nominated bank account to make such payments;
c) to allow you to participate in the interactive features of our website;
d) to notify you about changes to our service(s)/this website;
e) to improve our internal customer training;
f) to comply with financial services regulations including retention of financial information and transactions;
g) for financial and identity checks, fraud prevention and detection checks, anti-money laundering and credit checks;
h) for customer service, including answering questions and responding to feedback and complaints;
i) to enhance the security of our services;
j) to ensure that content on our website is presented in the most effective manner for you and for your computer;
k) for research, statistical. Analysis and behavioural analysis

5. Marketing

5.1 We may also wish to provide you with information about the special features of our website or any other service we think may be of interest to you. If you would rather not receive this information, please send a blank email message to gdpr@mifinity.com. If you agree to us providing you with marketing information, you can always opt out at a later date.

6. Cookies and other information-gathering technologies

6.1 Our website uses cookies. Cookies are text files placed on your computer to collect standard Internet log information and visitor behaviour information. These cookies allow us to distinguish you from other users of the website which helps us to provide you with a good experience when you browse our website and also allows us to improve our site.

7. How we protect your information

7.1 We have put in place the following security procedures and technical and organisational measures to safeguard your personal information:
7.1.1 access to your account is controlled by a password and username that are unique to you;
7.1.2 we store your personal data on secure servers;
7.1.3 MUKL automatically encrypts your confidential information in transit from your computer to ours using the TLS protocol with an encryption key length of 128-bits (the highest level commercially available). Before you even register or log in to the MUKL site, our server checks that you’re using an approved browser – one that uses TLS 1.1 or higher.

7.2 We will use all reasonable efforts to safeguard your personal information. However, you should be aware that the use of the Internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal information which is transferred from you or to you via the Internet. Further, the high level of protection we provide can only be effective if you follow certain security practices yourself. You must never share your account or login details with anyone. If you are concerned that any of your login details have been compromised, you can change them any time once you are logged on but you should always also immediately contact MUKL customer services and tell us why you think your login details have been compromised. Details of how to contact Customer Services are available from the “Contact” section of the website.

8. Retention of information

We are by law required to retain certain records for a period of at least five years after closure of your account with MUKL which will include your personal data such as your name, contact details, customer number and transaction history, etc.

9. Disclosure of Information

9.1 We may disclose your personal information to our associated companies, which means our subsidiaries and any subsidiaries of our shareholder(s) and/or any companies which provide outsourced services to us, who are based in different countries within the EEA and the rest of the World. We will disclose your personal data to Concentric Data Services Limited which provides outsourced IT facilities to MUKL and is under an obligation to process personal data in accordance with legislation implementing European Community Directives 95/46, 2002/58 and 2009/136, and any subsequent European Union legislation in relation to the protection of personal data. Concentric Data Services Limited is a company incorporated in the Republic of Ireland, with company number 502117 and registered address at Unit C1 Swords Enterprise Park, Feltrim Road, Swords, County Dublin.

9.2 Disclosure of your personal information may be necessary in order to, among other things, fulfil your request, process your payment details, provide support services and monitor fraudulent activities.

9.3 When sending money to a person who you wish to pay, we will pass on certain details to the recipient. Depending on the requirements of that other person and the type of payment involved, we may send other personal details such as your name, address and country of residence if the recipients request this information from us in order to improve the payment process, to reconcile payments with the commercial transaction or to conduct their own anti-fraud and anti-money laundering checks.

9.4 When you open an Account, at intervals of up to every 3 months and at any other time we feel it is necessary to do so to protect our financial interests and prevent money-laundering or fraud, we share certain information about you and your account with MUKL, financial history and transactions as part of our normal business operations with our banks, payment facilitator partners, credit/debit card processing services, identity verification service providers and credit reference agencies (including, but not limited to, identify and verify users, to limit our exposure to fraud and other criminal activities and to manage our financial risk. We can provide you with a list of the credit reference agencies we use upon your written request to gdpr@mifinity.com. When conducting identification or fraud prevention checks, the relevant parties may retain a record of our query along with your information and may share this information with other fraud prevention agencies. If you want to know what information these companies hold about you, you can write to them to request access to your information.

9.5 We will share your personal information with third parties only in the ways that are described in this Privacy Policy. We do not sell your personal information to third parties. We may also disclose your personal information to:

a) a prospective buyer of our business or a buyer of a substantial number of the shares in our business, if MUKL is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our website of any change in ownership or uses of your personal data, as well as any choices you may have regarding your personal data,
b) the police, the Financial Conduct Authority, the National Crime Agency and any other lawful enforcement body, regulatory body or court if we are under a duty or required by law to disclose or share your personal data , or to protect the rights, property, or safety of ourselves or our group companies, our customers, or others,
c) third parties we may occasionally use to provide you with the services that you have requested. We require these third parties to not use your personal information for any other purpose.

10. Overseas transfers

10.1 The information you provide may be transferred to countries outside the European Economic Area (EEA) that do not have similar protections in place regarding your data and restrictions on its use as set out in this policy. However, we will take steps to ensure adequate protections are in place to ensure the security of your information.

11. Your Rights

11.1 Access to personal data – You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information, please send an email to gdpr@mifinity.com or send a letter to The Compliance Officer, 28 School Road, Belfast, BT8 6BT. We may make a small charge for this service.

11.2 Correction of personal data – We want to ensure that your personal information is accurate and up to date. If any of the information that you have provided to MUKL changes, for example if you change your email address or name, please let us know the correct details by sending an email to gdpr@mifinity.com details above. You may ask us, or we may ask you, to correct information you or we think is inaccurate, and you may also ask us to remove information which is inaccurate.

11.3 Right to withdraw consent – Where we have relied upon your consent to process your personal data, you have the right to withdraw that consent. To opt out of marketing, please send an email to gdpr@mifinity.com

11.4 Right of erasure – You can request us to erase your personal data where there is no compelling reason to continue processing. This right only applies in certain circumstances; it is not a guaranteed or absolute right.

11.5 Right to data portability – This right allows you to obtain your personal data that you have provided to us with your consent or which was necessary for us to provide you with our products and services in a format which enables you to transfer that personal data to another organisation. You may have the right to have your personal data transferred by us directly to the other organisation, if this is technically feasible.

11.6 Right to restrict processing of personal data – You have the right in certain circumstances to request that we suspend our processing of your personal data. Where we suspend our processing of your personal data we will still be permitted to store your personal data, but any other processing of this information will require your consent, subject to certain exemptions.

11.7 Right to object to processing of personal data – You have the right to object to our use of your personal data which is processed on the basis of our legitimate interests. However, we may continue to process your personal data, despite your objection, where there are compelling legitimate grounds to do so or we need to process your personal data in connection with any legal claims.

11.8 Rights relating to automated decision making and profiling – You have the right not to be subject to a decision which is based solely on automated processing (without human involvement) where that decision produces a legal effect or otherwise significantly affects you. This right means you can request that we involve one of our employees or representatives in the decision-making process. We are satisfied that we do not make automated decisions of this nature.

12. Monitoring

We may monitor and record communications with you (such as telephone conversations and emails) for the purpose of quality assurance, training, fraud prevention and compliance.

13. Communicating with you

13.1 We may contact you by email to the primary email address registered on your account with MUKL or by telephone to the contact telephone numbers you have provided when registering for your account with MUKL. You can change your primary email address and/or contact telephone number at any time.

13.2 You may also receive system-generated transactional emails such as confirmation of uploads, notification of receipt of payments, notification of password changes, etc. which are necessary for the proper operation and administration of your account.

13.3 Phishing is the name given to attempts to steal personal details and financial account details from a website user. “Phishers” use fake or “spoof” emails to lead users to counterfeit websites where the user is tricked into entering their personal details, such as credit card numbers, user names and passwords. WE WILL NEVER SEND EMAILS ASKING YOU FOR SUCH DETAILS AND OUR STAFF WILL NEVER ASK YOU FOR YOUR PASSWORD. If you do receive such an email or are asked for your password by anyone claiming to work for us please forward the email or report the incident by email to our Data Protection Officer at gdpr@mifinity.com or by contacting Customer Services.

14. Your consent

14.1 By submitting your personal information you consent to the use of that information as set out in this policy.

15. Changes to Privacy policy

15.1 We keep our Privacy policy under regular review. If we change our Privacy policy we will post the changes on this page, and place notices on other pages of the website, so that you may be aware of the information we collect and how we use it at all times. We reserve the right to make changes to our Privacy Policy at any time, without notice, where such change is required by applicable legislation.

16. How to contact MiFinity UK Limited

16.1 We welcome your views about our website and our Privacy policy. If you would like to contact us with any queries or comments please send an email to generalinfo@mifinity.com.

17. Links to other websites

17.1 Our website contains links to other websites. This Privacy policy applies only to this website so when you access links to other websites you should read their own privacy policies.

18. Filing a Compliant

18.1 If you are not satisfied with how we manage your personal data, you have a right to make a complaint to your local Data Protection Authority.