1. About Kashing
Kashing Limited operates under the name Kashing.
Kashing is registered with the UK data protection authority (the Information Commissioner’s Office or ICO) under number ZA225445.
Kashing is committed to protect and respect the privacy of any individual whose personal data they process as part of using their products and services.
The below explains how, why and what personal data Kashing processes and for what purposes. It also describes your rights towards Kashing and how to exercise them.
Got a question about something in this notice, or want to contact Kashing’s Data Protection Officer (DPO)? Chat through the Kashing webchat or send them an email at [email protected] (LINK)
Your continued use of Kashing’s website or services will signify your acceptance and consent to the practices described in this Policy and Kashing’s processing of your personal data. You also agree to Kashing’s use of electronic communication channels to send you information. Please read the following carefully to understand Kashing’s views and practices regarding your personal data and how Kashing will treat it.
2. The Information Kashing holds about you and how they use it
Information Kashing may collect from you:
Kashing collects Personal Data from their Merchants and their Merchant’s customers (“Cardholders”) in order to enable them to provide Services. Broadly speaking, Kashing collects information in three ways:
(i) when you provide it directly to them,
(ii) when Kashing obtains information about you or your company through trusted third parties (e.g. booking engines, banks, credit bureaus, card brands), and
(iii) passively through technology such as “cookies” (described below in the section referring to “cookies” and see Kashing’s Cookies Policy).
Information you give Kashing. You may directly or indirectly give Kashing information about yourself in a variety of ways, such as when you sign-up for a Kashing merchant account, subscribe or use Kashing’s services, when you place an order on a merchant’s site, choose to pay with one of Kashing’s payment methods, contact Kashing, use Kashing’s chat portal, participate in Kashing’s surveys or other social media functions on Kashing’s site or any other Kashing’s services where you submit personal data. This may be:
- Personal and contact information – name, date of birth, copy of your ID document, national identification number, title, billing and shipping address, email address, mobile phone number, etc.
- Payment information – credit and debit card data (card number, validity date, and CVV code), invoice information, bank account number, etc.
Information Kashing collects about you. Personal data is all information that directly or indirectly may refer to you. The types of Personal Data that Kashing collects and their use of that Personal Data will depend on whether you are a Cardholder or a Merchant:
The following categories of Personal Data may be processed when you use Kashing:
- (i) Contact information – name, title, address, email address, mobile phone number etc.
- (ii) Payment information – card number, invoice information etc.
- (iii) Information on goods/services – details about the items/services you purchase etc.
- (iv) Historical information – information about your previous purchases, payment history, possible rejection etc.
- (v) If you choose to pay by card, we may also process the card data (card number, validity date, and CCV code).
- (vi) Device information - such as IP address, language settings, browser settings, and screen resolution.
- (vii) Geographical information
Merchants must sign-up to Kashing to get a Merchant account. By applying for an account, Kashing collects or obtains the Personal Data the Merchant provides and/or when verifying information through trusted third parties, such as the following:
- (i) Name, company name, location, email address, phone number, and account password, to set up an account
- (ii) Business and personal tax, or other government-issued identification numbers, as well as date of birth, to verify an identity for underwriting purposes
- (iii) Bank account information, to settle funds for transactions
- (iv) IP addresses, devices, and locations used to access Kashing, which will be linked to the account for fraud detection/prevention purposes
The information you give Kashing, as well as the information on goods/services and your financial information, is generally required to enter into a contractual relationship with Kashing, while the other information Kashing collect is generally necessary to pursue other purposes, as explained below.
3. Kashing’s reason for using your information?
Provide, operate and improve our services. All data is used to provide, operate and improve Kashing’s services. Kashing processes personal data for the following purposes and based on the following legal bases:
Process your Personal Data:
- Due to Contractual obligations
- To confirm your identity and verify your personal and contact details
- To administer your payment and the business relationship, i.e. to carry out Kashing’s obligations arising from any contracts entered into between you and Kashing and to provide you with the information, products and services that you request from Kashing
- To consider and approve your application for a Merchant account, for example by carrying out internal and external risk assessments and verifications
- For customer analysis, to administer Kashing’s services, and for internal operations, including troubleshooting, data analysis, testing, research, and statistical purposes.
- To carry out risk analysis, fraud prevention and risk management
- To ensure that content is presented in the most effective manner for you and for your device
- To prevent misuse of Kashing’s services and violation of relevant terms and conditions as part of their efforts to keep their services safe and secure
- Pursue legitimate interest
- To improve Kashing’s services and for general business development purposes, such as improving risk models in order to e.g. minimize fraud, develop new products and features and explore new business opportunities..
- Due to Legal Obligations
- To comply with applicable laws, such as anti-money laundering and bookkeeping laws and regulatory capital adequacy requirements.
4. Who Kashing shares your information with?
Kashing may transfer to or share your information with selected third parties, as follows. We take all reasonable legal, technical, and organisational measures to ensure that your data is treated securely and with an adequate level of protection when transferred to or shared with such selected third parties.
Suppliers and subcontractors. Kashing may transfer your personal data to suppliers and subcontractors for the performance of their contractual obligations with you and for the services they provide to Kashing such as Know Your Customer (KYC) service providers that help Kashing with identity verification or fraud checks, software companies that Kashing use for emailing you or for processing and storing email communications with you like Intercom.
Merchants. Kashing may share with the merchant at which you made your purchase the personal data necessary for the merchant’s performance and administration of your order, including disputes. The personal data shared with the merchant will be subject to the merchant's privacy policies and practices.
Information About You From Third Parties: In order to protect all our customers against potential fraud, we verify the information you provide with Payment Processors like Credorax, card brand networks like Mastercard or VISA , Credit Reference and Fraud Agencies. In the course of such verification, we receive personally identifiable information about you from such services. Kashing’s designated banks and relevant card networks may also come to process your personal data for their own fraud prevention and risk management. Selected service providers, such as certain credit bureaux, may also come to process your personal data to enhance and develop their own services.
Authorities. Kashing may disclose necessary information to authorities such as the police, tax agencies or other authorities if required by law or you agreed to it. An example of legally required sharing is for purposes of anti-money laundry and counter-terrorist financing.
5. Where does Kashing store your personal data?
Kashing processes your data within the EU/EEA.
All information you provide to Kashing is stored on Kashing’s secure servers. Any payment transactions will be encrypted using SSL technology. Where Kashing has given you (or where you have chosen) a password which enables you to access certain parts of the site, you are responsible for keeping this password confidential. Kashing asks you not to share a password with anyone.
Kashing endeavours to take all reasonable steps to protect your personal information. Unfortunately, the transmission of information via the internet is not completely secure. Although Kashing will do their best to protect your personal data, they cannot guarantee the security of your data disclosed online; any transmission is at your own risk. Kashing will not be responsible for any breach of security unless this is due to their negligence or wilful default. Once Kashing has received your information, Kashing will use strict procedures and security features to try to prevent unauthorised access.
6. How long does Kashing keep your personal data?
Kashing keeps your data only as long as necessary to fulfil the contractual obligations towards you and as required by statutory retention periods. Where Kashing keeps your data for purposes beyond those of their contractual obligations, such as for anti-money laundering, bookkeeping and regulatory capital adequacy requirements, Kashing keeps the data only as long as necessary and/or mandated by law for the respective purpose.
This includes the Personal Data of the Cardholder. Kashing has a variety of obligations to retain the data that you provide, both to ensure that transactions can be appropriately processed, settled, refunded or charged back, to identify fraud, and also to comply with laws applicable to them, to their banking providers and credit card processors.
Even if you close your Kashing account, Kashing will retain certain information as necessary to meet their obligations. However, the Merchant’s account in Kashing’s database will be identified as “inactive” or “closed”.
Your rights to access, rectification and erasure:
- Right to access your data. You may request a transcript of records if you would like to know and verify the information Kashing holds of you. The transcript of records may be requested free of charge.
- Right to rectification. You have the right to correct inaccurate or incomplete information about yourself.
- Right to erasure (“right to be forgotten”). You have the right to request the deletion of your personal data insofar as this personal data is no longer necessary for the purpose it was collected. However, as a payment processor, certain legal obligations prevents Kashing from immediately deleting parts of your data. These obligations derive from accounting and tax laws, payment and anti-money laundering laws, but also consumer rights laws. What Kashing will do is block the data that they must keep from being used for any other purposes than meeting such legal requirements.
To do any of these things, please contact Kashing through the Kashing webchat or by emailing [email protected] If your application for a Kashing account was rejected and you want Kashing to review that decision, please email [email protected] EU data protection laws, like the GDPR, give Kashing one month to respond.
8. How to make a complaint
If you have a complaint about how Kashing uses your personal information, please contact Kashing through their webchat or send an email to [email protected] and Kashing will do their best to fix the problem. You can also reach their Data Protection Officer in these ways.
If you’re still not happy, you can refer your complaint with a data protection supervisory authority in the EU country you live or work, or where you think a breach has happened. The UK’s supervisory authority is the Information Commissioner’s Office (ICO). For more details, you can visit their website at ico.org.uk.
9. What about cookies and similar tracking technologies?