Features
Resources
Company
eCommerce
Sign upSign up

Data Privacy Policy

1. The main points

  • We will always keep your personal information safe.
  • We will never sell your personal information.
  • You can manage and review your marketing choices at any time.
  • You can request details of the personal information that we hold on you at any time

2. Introduction

Currenxie Limited, (“Currenxie”, “CX”, “we” or “us”) together with its subsidiaries developed this privacy policy to explain how we may collect, use, store, access and disclose your Personal Information (as defined below) when you use Currenxie’s Services. We treat your information privacy very seriously and are committed to protecting the Personal Information you provide to us in accordance with this Privacy Policy.

The applicable law refers to European Union General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR), the United Kingdom General Data Protection Policy (GDPR UK), Australian Privacy Principles under the Data Privacy Act 1988, the Personal Data (Privacy) Ordinance (Cap. 486) of the Hong Kong Special Administrative Region (PDPO) and the Personal Information Protection law of China (PIPL).

Depending on your country of incorporation or residency there may be other data protection legislation applicable to you.

The term “Personal Information” in this Privacy Policy refers to personal data as defined under the GDPR and GDPR UK, ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

3. Collection of personal information

  1. When registering or creating an account using the Currenxie platform, Currenxie collects your name, phone number and such other information as Currenxie may deem necessary in order to identify you, maintain the security of your Currenxie application, and verify and control access to your account or online profile. If you make inquiries through the email links, forms or other contact methods provided on Currenxie’s website or application, we may retain the information included in these inquiries and maintain records of the correspondences so as to properly respond to your inquiries.

  2. Certain categories of personal information we collect are deemed sensitive data, such as biometric information or financial account information. Currenxie would obtain consent prior to collecting this category of personal information.

  3. In order for us to provide our services to you, Currenxie may collect from you and hold some or all of the following information about you and/or your recipient(s):

    • Name; address; telephone number; mobile number; email address; date of birth; nationality, information for the verification of identity, including identification document type and identification number and additional information that may be required for identity/account authentication.
    • Tax identification number.
    • Details of your company’s bank account, including the account number, sort code (if applicable) and IBAN.
    • Your image in a photo and video form, your voice (as part of our Know Your Client (KYC) checks and where we ask you to upload a photograph of yourself as part of your account security). We may also make recordings of any video calls we hold with you.
  4. Currenxie will also collect information about you from publicly available sources such as official registers and databases as well as selected social media websites or apps to carry out our due diligence checks. In addition we collect information from media stories and websites to ensure your business is legitimate and to verify screening results.

  5. We may also collect information about you from affiliates (by ‘affiliates’ we mean other companies that Currenxie has a contractual relationship with) who provide us with services such as ‘name screening’ and biometric data in order to help verify your identity which in turn allows us to improve the safety of our services. This includes being able to detect and respond quickly to any fraud or security risks.

  6. You acknowledge and agree that, where Personal Information relating to other individuals is disclosed to Currenxie by you, you have provided a copy of this Privacy Policy to such individuals prior to your disclosure of their Personal Information to Currenxie, and you have obtained all relevant consents from such individuals for the use of their Personal Information in the manner as described in this Privacy Policy. You further represent and warrant that you have complied with the requirements of all Applicable Laws with respect to such Personal Information and its use by us for the purposes set out herein.

  7. Currenxie and our marketing partners, or analytics or service providers, use technologies such as cookies, beacons¹, tags, and scripts, to analyse trends, administer and track users’ movements around websites and applications, and gather demographic information about Currenxie’s user base as a whole, with respect to the following purposes:

    • To assist Currenxie in providing Services to you;
    • To store your preferences and other information and to track activity on the Currenxie application;
    • To better understand the effectiveness of Currenxie’s promotional campaigns;
    • To deliver information specific to your interests on additional web sites.
  8. Currenxie may receive individual as well as aggregated customer reports based on the use of these technologies by these partners or service providers.

4. What legal basis do we have for processing your personal data?

We must have a legal basis (a valid legal reason) for using your personal data. Under GDPR and GDPR UK our legal basis will be one of the following:

  • Keeping to our contracts and agreements with you

We need certain personal data to provide our services and cannot provide them without this personal data.

  • Legal and Regulatory obligations

In some cases, we have a legal responsibility to collect and store your personal data (for example, under anti-money laundering laws we must hold certain information about our customers).

  • Legitimate interests

We sometimes collect and use your personal data, or share it with other organisations, because we have a legitimate reason to use it and this is reasonable when balanced against your right to privacy.

  • Consent

Where you’ve agreed to us collecting your personal data, for example when you have ticked a box to indicate you are happy for us to use your personal data in a certain way.

  • Substantial public interest

Where we process your sensitive personal data (sometimes known as special category personal data) to adhere to government regulations or guidance, such as our obligation to support you if you are or become a vulnerable customer.

5. Purpose

Currenxie will collect your Personal Information only for the purpose of, and in connection with, providing services to you, including but not limited to “Know Your Customer” and customer due diligence procedures, account set up and administration, facilitating transactions related to your account, credit risk assessments, delivering marketing and events communication, internal research and development purposes. Currenxie may also use your Personal Information in compiling aggregate statistics and data on our customers as a whole, for the purpose of managing and improving our services to you as well as our services generally. Your personal information may also be used as necessary to fulfil our legal and Regulatory obligations and meet internal and external audit requirements as well as contractual obligations with our partner Banks and Marketplaces. In the event that Currenxie wishes to use your Personal Information for any other purpose, Currenxie will notify you of such intent and obtain your consent before doing so, unless such new purpose is required by Applicable Laws.

Our legal basis is one or more of the following:

  • where necessary to perform or enter into the contracts and agreements with you;
  • legitimate interests (to ensure that our client accounts are well-managed and that you are provided with a high standard of service and to develop and improve our products and services ); or
  • where required to meet our legal and regulatory obligations.
  • Consent.

6. Does Currenxie make automated decisions about me?

We may make automated decisions based on technology that evaluates your biometric data to help verify your identity. Although, we would manually review this decision.

We may also make automated decisions relating to account opening such as anti-money laundering, fraud and sanctions checks.

If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk:

  • We may refuse to provide the services you have requested or we may stop providing existing services to you;
  • A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services or employment to you.

Our legal basis is:

  • where it is in our legitimate interests (to ensure that our business is run prudently, as well as ensuring our assets are protected);
  • Keeping to contract and agreements between you and us;
  • Legal and regulatory obligations.

7. Third parties

Currenxie may partner with a third party to either display advertising in the Currenxie application or on the Currenxie website, or to manage Currenxie’s advertising on other sites. Currenxie’s third party partner may use technologies such as cookies to gather information about your activities while using the application or website and other sites in order to provide you advertising based on your browsing activities and interests.

In addition, Currenxie automatically gathers and stores in log files certain information, such as Internet Protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. Currenxie does not link this automatically collected data to other information we collect about you. Currenxie as well as our third party partners may use local storage to store content information and preferences.

Our legal basis is one or more of the following:

  • where necessary to perform or enter into the contracts and agreements with you;
  • legitimate interests (to be efficient about how we meet our obligations and keep to regulations that apply to us).

8. Use of personal information

  1. Currenxie may from time to time, use your Personal Information to send you information that is relevant to our Services. If, at any time, you do not wish to receive that information, you may opt-out by notifying us at support@currenxie.com that you do not wish to be included in any future mail-outs.

  2. Your Personal Information held by us may be used for the following purposes:

  • Processing your request for our Services;
  • Management, operation, audit, and maintenance of the Services, and exercising our and your - rights under the Customer Agreement;
  • Collecting money due from you;
  • Assessing your credit risk;
  • Designing new, or improving existing, Services provided by us;
  • Communication between you and us;
  • Investigation of complaints, suspicious activities, and failed transactions;
  • Prevention or detection of crime or suspected crime;
  • Disclosure as required by Applicable Laws.

Our legal basis is one or more of the following:

  • where necessary to perform or enter into the contracts and agreements with you;
  • where required to meet our legal and regulatory obligations;
  • where it is in our legitimate interests (to ensure that our business is run prudently and we are capable of recovering the debts owed to us, as well as ensuring our assets are protected);
  • legitimate interests (to develop our products and services and to meet our legal, regulatory and contractual duties).
  • Consent.

9. Disclosure of personal information

  1. We will safeguard your Personal Information collected by us in accordance with Clause 15 below. Subject to our obligations therein, we may, for the purpose(s) set out in Clauses 3 above, transfer or disclose such Personal Information to the following parties:
  • our partner banks and financial services companies;
  • marketplace in order to facilitate your business with them²;
  • e-Commerce platforms with which we have a contractual agreement to share your personal information to ensure you can receive disbursements of your e-Commerce store proceeds into your Currenxie account;
  • our agents or contractors under a duty of confidentiality to us who provide administrative, telecommunications, computer, payment, data processing, professional advisory, audit or other services to us in connection with the operation of our business;
  • our affiliates which owe a duty of confidentiality to us;
  • any law enforcement agencies, judicial authorities, regulatory bodies and/or any person or entity to whom we have an obligation under Applicable Laws to disclose , but such disclosure will only be made under proper authority.
  1. In addition, Currenxie may disclose your Personal Information to third parties for the following purposes:
  • To protect our property, Services, and legal rights (including, but not limited to, debt collections);
  • To support our audit, compliance, and corporate governance functions, including, but not limited to, compliance with Applicable Laws;
  • To detect risks, prevent fraud, or assess suspicious activities;
  • To investigate violations of the Terms;
  • To manage credit reporting;
  • To facilitate a purchase or sale of all or part our business or assets;
  • In connection with a merger or acquisition involving Currenxie;
  • In accordance with obligations imposed on Currenxie by our third party service providers with respect to the provision of Services.
  1. Our network infrastructure involves computers, cloud-based servers, and third party service providers in multiple jurisdictions. The Personal Information that Currenxie collects from you may be transferred to, and stored at, a destination outside of Hong Kong. It may also be processed by persons operating outside of Hong Kong on behalf of Currenxie, our affiliate(s), or one of our service providers, providing Transaction processing, payment detail verification, as well as other Services-related support. Currenxie will take commercially reasonable steps to ensure that such Personal Information is treated securely and in accordance with this Privacy Policy within and outside of Hong Kong. However, we do not represent that our Services are appropriate or available in any particular jurisdiction. By using the Services or submitting your Personal Information, you consent to your Personal Information being transferred to, stored in, and processed in, a jurisdiction outside of Hong Kong, including jurisdictions that have different data protection rules than your home country.

Our legal basis is one or more of the following:

  • legitimate interests (to provide a high standard of service and to develop and improve our products and services and to provide you with the service you would normally expect and require from Currenxie);
  • substantial public interest (if we process your sensitive personal data to keep to legal requirements that apply to us);
  • where required to meet our legal and regulatory obligations.
  • Consent.

10. For UK and EEA residents only: Will my information go outside of the United Kingdom or Europe?

As we provide an international service, we may need to transfer your personal data outside the United Kingdom or the European Economic Area (EEA) in order for us to provide our services.

For example, if you ask us to make an international payment, we will send funds to banks outside of the United Kingdom or EEA. We might also send your personal data outside of the United Kingdom or EEA to keep to global legal and regulatory requirements, and to provide ongoing support services. We may share your personal data with fraud-prevention agencies and our partner Banks and Marketplaces, that are based outside of the United Kingdom or EEA.

We will take all reasonable steps to make sure that your personal data is handled securely and in line with this privacy policy and data protection laws.

11. International data transfer

When we, or fraud prevention agencies, share information with organisations in another jurisdiction, we will ensure they agree to apply equivalent levels of protection for personal data as we do. If this is not possible – for example because we are required by law to disclose information – we will ensure the sharing of that information is lawful. Also, if they are not in a jurisdiction that the Hong Kong, European and/or UK data protection authorities regard as having adequate levels of protections for personal data, or the information originates from China, we will put in place appropriate safeguards (such as contractual commitments, by adopting the EU model clauses or those formulated by the Cyberspace Administration of China), in accordance with applicable legal requirements, to ensure that your data is adequately protected.

For the international transfer of personal information under the PIPL, we would notify you of the details of the transfer and obtain separate consent. The notification would include the following:

  • the recipient name;
  • contact method;
  • purpose of processing and processing methods; and
  • the categories of the personal transferred, as well as ways for you to exercise your rights under the PIPL with the recipient.

12. Amazon payment services provider programme

If your Currenxie account is registered with Amazon, we will share with them certain data collected during the account sign-up process and account use. Currenxie subscribes to Amazon’s Payment Service Provider Program, which is designed to enhance Amazon’s ability to detect, prevent and take action against bad actors so Amazon and participating Payment Service Providers can continue to protect customers and sellers from fraud and abuse.

This may include, “Know Your Client” data such as identity data (e.g. name, nationality), contact information (e.g. address) and details regarding your Global Account. If your Amazon account is deactivated or terminated by Amazon due to abuse, fraud or illegal activity, we may share additional information, including limited transaction related information. Please see Amazon’s PSPP Policy Help page for important details here.

13. Limiting collection and retention of information

  • The amount and type of information collected by Currenxie will be limited to that which is necessary to provide Currenxie’s Services and the information shall be retained only for as long as may be necessary for the fulfilment of the purpose for which the information is collected.
  • You acknowledge that Currenxie is obliged under the relevant Hong Kong legislation to retain Personal Information for at least 7 years after the termination of a client relationship.
  • Subject to any legislative requirements, Currenxie will permanently destroy, erase, or make anonymous your Personal Information when it is no longer required to fulfil the purpose for which it has been collected.

14. Accuracy

  • Currenxie will make reasonable efforts to ensure that your Personal Information is sufficiently accurate, complete and up-to-date to minimise the possibility that inappropriate information may be used to make a decision about you.
  • Currenxie will not routinely update your Personal Information unless such a process is necessary to fulfil the purposes for which the information was collected. In accordance with the Customer Agreement, you must notify Currenxie as soon as possible if any of the information you have provided to us has changed.

15. Children’s privacy

The Currenxie website, application, and Services are not directed at or intended for use by children under the age of 18. Currenxie will not knowingly collect or maintain Personal Information from children under the age of 18. If we obtain actual knowledge that we have collected Personal Information from a child under the age of 18, we will promptly delete it, unless we are legally required to retain such information.

16. Safeguards

  • Currenxie has in place a range of security safeguards to protect your Personal Information held by us against loss or theft, as well as unauthorized access, disclosure, processing, copying, use, erasure, or modification, regardless of the format in which it is held.
  • The methods of protection Currenxie employs may depend on the sensitivity of the information and the format in which it is contained. Security measures may include all or a combination of: technological measures including SSL encryption for all data transfers over the internet, physical measures such as locked filing cabinets and restricted access to offices, and strategic measures such as security clearances and limiting access to a “need to-know” basis.
  • You acknowledge that authorized employees, agents, representatives and third parties may require access to your Personal Information in order to enable Currenxie to provide the Services to you. Currenxie uses commercially reasonable efforts to ensure that our staff and third party service providers are aware of the importance of maintaining the confidentiality of Personal Information. - We will not keep any Personal Information for longer than is necessary, and will observe the requirements of the Customer Agreement, including this Privacy Policy. However, you acknowledge and agree that we cannot accept responsibility for any unauthorized activities on their part.
  • You acknowledge that no data transmission over the internet or the telephone can be completely secure. Any Personal Information you submit to Currenxie either electronically or over the telephone is done at your own risk. Currenxie does not guarantee or warrant the security of information during such transmission. You acknowledge that third parties could unlawfully intercept your transmissions or may fraudulently instruct you to disclose Personal Information while posing as Currenxie representatives.
  • You further acknowledge and agree that you are solely responsible for securing and maintaining the privacy of your password(s) and account registration information. You are also responsible for ensuring that your Personal Information held by us is accurate and current.

17. Your rights: What are your rights?

  • You have the right to be told about how we use your personal data – right to be informed.

    We provide this privacy policy to explain how we use your personal data.

    If requested by you, we will provide a copy of the personal data we hold about you. We cannot give you any personal data about other people, personal data which is linked to an ongoing criminal or fraud investigation, or personal data which is linked to settlement negotiations with you. We also will not provide you with any communication we have had with our legal advisers.

  • You can ask us to correct your personal data if you think it is wrong – right of rectification.

    You can have incomplete or inaccurate personal data corrected. Before we update your file, we may need to check the accuracy of the new personal data you have provided. We will respond to your request within a reasonable time frame, take appropriate action to amend the information if warranted, and/or notify any third party of the correction as necessary.

  • You can ask us to delete your personal data – right to be forgotten, if:

    • There is no good reason for us to continue using it;
    • you gave us consent (permission) to use your personal data and you have now withdrawn that consent;
    • you have objected to us using your personal data;
    • we have used your personal data unlawfully; or
    • the law requires us to delete your personal data.

    There may be circumstances where we are unable to agree to your request. As a regulated Money Service Operator, we must keep certain customer personal data even where you ask us to delete it (we will explain this in more detail below). If you have closed your Currenxie account, we may not be able to delete your entire file because these regulatory responsibilities take priority. We will always let you know if we cannot delete your information.

  • You can object to us processing your personal data for marketing purposes – right to object.

    You can tell us to stop using your personal data for marketing.

  • You can object to us processing other personal data (if we are using it for legitimate interests) – right to object.

    If our legal basis for using your personal data is ‘legitimate interests’ and you disagree with us using it, you can object.

    However, if there is an overriding reason why we need to use your personal data, we will not accept your request.

    If you object to us using personal data which we need in order to provide our services, we may need to close your account as we will not be able to provide the services.

  • You can ask us to suspend using your personal data – right to restrict processing, if:

    • You want us to investigate whether it is accurate;
    • our use of your personal data is unlawful but you do not want us to delete it;
    • we no longer need the information, but you want us to continue holding it for you in connection with a legal claim; or
    • you have objected to us using your personal data (see above), however, we will need to check whether we have an overriding reason to use it.
  • You can ask us to transfer personal data to you – right of access and right of portability.

    If we can, and are allowed to do so under regulatory requirements, we will provide your personal data in a structured, commonly used, machine-readable format. You are free to store the data for personal use or transmit it to another data controller.

  • You can withdraw your permission.

    If you have given us any consent we need to use your personal data, you can withdraw your consent at any time by sending an email to cxcompliance@currenxie.com.

    (Note, it will have been lawful for us to use the personal data up to the point you withdraw your permission).

  • You can ask us to carry out a human review of an automated decision we make about you – rights relating to automated decision making.

    If we make an automated decision about you that significantly affects you, you can ask us to carry out a manual review of this decision.

    Your ability to exercise these rights will depend on a number of factors. Sometimes, we will not be able to agree to your request (for example, if we have a legitimate reason for not doing so or the right does not apply to the particular information we hold about you).

    If you would like to make a request in accordance with this clause, please email our Compliance Support team at cxcompliance@currenxie.com. There may be circumstances under which we may refuse your data access request or correction request, including where, in our judgement, such a request was made in bad faith or for illegal purposes, or where we determine, at our sole discretion, that provision of access would negatively affect our legal, investigative, security or proprietary processes or practice.

18. Complaints

  1. Currenxie has procedures in place to receive and respond to complaints or inquiries about our policies and practices relating to the handling of Personal Information.

  2. We take all complaints seriously and will investigate each of them.

  3. We may update this Privacy Policy to reflect changes to the Services, our information practices, or Applicable Laws. The revised Privacy Policy will be effective as of the published effective date. If we make any material changes, we will publish a notice of change on the Currenxie website or in the Currenxie application prior to the change becoming effective. Currenxie encourages you to periodically review this Privacy Policy for the latest information on our privacy practices.

  4. Should you wish to report a complaint or if you feel that Currenxie has not addressed your concern in a satisfactory manner, you may contact the following:

    Currenxie

    Currenxie UK

    Hong Kong

    • Email: communications@pcpd.org.hk
    • Address: Room 1303, 13/F, Dah Sing Financial Centre, 248 Queen’s Road East, Wan Chai, Hong Kong.

    UK

    • www.ico.org.uk
    • Tel: 0303 123 1113
    • Information Commissioner’s Office, Wycliffe House, Water Lane Wilmslow Cheshire, SK9 5AF

19. Contact

If you have any queries about this Privacy Policy, the Customer Agreement or any of our privacy practices, or wish to make a complaint, please contact our Data Protection Officer by email at cxcompliance@currenxie.com or by writing to us at Currenxie Limited 29/F, Cambridge House, Taikoo Place, 979 King’s Road, Quarry Bay, Hong Kong.


¹ NOTE: A “cookie” is a text file placed on your storage devices by a connected application, which allows for personalization of certain aspects of your visit to a connected service. “Web beacons” are transparent electronic images placed in code that collect non-personal data while visiting a website. Cookies and web beacons can usually be disabled by changing your browser preferences. Your browser usually has documentation on how to disable cookies and web beacons. Note that disabling cookies may limit the performance and functionality of Currenxie’s applications, and you may not be able to register or use your account.

² Our legal basis in this instance is Legitimate Interest under GDPR UK and GDPR EU, Necessity under PDPO and Consent under PIPL. This describes processing activities that you would normally expect from Currenxie, to enable us to provide you with the services that you require. The processing activity does not infringe on your rights and freedoms. There should be no impact to you since your personal information will only be shared within Currenxie to aid internal administration and third parties where the processing is necessary for your legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect your personal data which overrides those legitimate interests. It will not be shared for marketing purposes.