POLICIES

Privacy

Terms Last Modified: 30th September, 2022

1. Purpose and Scope

All personal data collected by us is processed in accordance with the EU General Data Protection Regulation No. 2016/679 (GDPR), Law on the Legal Protection of Personal Data of the Republic of Lithuania, and other applicable legal acts.

In this Privacy Policy, we provide you with an explanation of what kind of personal data we collect when you use our services (“Services”).

When writing ‘you,’ we mean you as:

  • A potential, existing, or former client,
  • Our client’s employee, or
  • Other parties, such as beneficial owners, authorized representatives, business partners, other associated parties, or a person contacting us by e-mail or using other communication means.

2. Principles Relating to Processing of Personal Data

We are responsible for ensuring the security of your personal data made available to us, in particular to prevent unauthorized access to your data. We are also responsible for ensuring all users have the opportunity to benefit from their rights regarding their personal data.

When processing personal data, we follow the principles of:

  • Legality, fairness, and transparency
  • Purpose limitation
  • Data reduction
  • Accuracy
  • Limitation of the length of the storage
  • Integrity and confidentiality

3. What Information We Collect, For What Purposes, and On What Legal Basis

3.1 Categories of Personal Data Being Processed

The personal data we collect can be grouped into the following categories:

  • Basic Personal Data: First, last, middle, maiden names, job title, etc.
  • Identification Information and Other Background Verification Data: Name, surname, personal identity code, date of birth, nationality, citizenship, passport details, address, tax information, and other background verification data (e.g., MRZ code, beneficial ownership evidence, etc.).
  • Monetary Operations Details: Currency, amount, location, date, time, IP address, payer/payee name, messages, and payment-related documents.
  • Details of Activities in Your Website Account: Login information, IP address, browser type/version, operating system, time-zone setting, unique device identifiers, etc.
  • Details of Activities in Our Website: History of actions performed, technical details, browser type/version, and time zone.
  • Bank Account Details: IBAN number, payment card number, financial institution details.
  • Legal Compliance Data: Data for anti-money laundering (AML), sanctions, and other legal obligations.
  • Contact Details: Phone number, e-mail address, residential address.
  • Communication Data: Content of e-mail correspondence or other communication methods.
  • Behavioral Information: Social media details, preferences, and website activity.
  • Special Category Data: Biometric data.

3.2 Purposes and Legal Basis for Personal Data Processing

The purposes and legal bases for processing personal data include the following:

  • To conclude a contract with you or take steps prior to entering a contract:
    • Legal basis: Necessary steps before contract conclusion; legal obligations.
    • Categories of personal data: Basic personal data, identification and background verification data, contact details.
  • To perform the contract concluded with you, including provision of services:
    • Legal basis: Performance of the contract; legal obligations.
    • Categories of personal data: Basic personal data, identification and background verification data, monetary operation details, contact details, and communication details.
  • To comply with anti-money laundering and anti-terrorist financing requirements:
    • Legal basis: Legal obligations.
    • Categories of personal data: Basic personal data, identification and background verification data, monetary operation details, legal compliance data, and contact details.
  • To identify you remotely:
    • Legal basis: Your consent.
    • Categories of personal data: Special category data.
  • To prevent, limit, and investigate misuse or unlawful activities:
    • Legal basis: Performance of the contract; legitimate interest; legal obligations.
    • Categories of personal data: Basic personal data, identification and background verification data, monetary operation details, website activity details, and contact details.

4. How We Collect Your Personal Data

We collect information you provide directly or from third-party sources such as public registers, financial institutions, and other business partners.

5. Our Identification Tools

We use the “Sumsub” service for identity verification, capturing facial and document data for AML compliance. For more details, read Sumsub's Privacy Policy.

6. Direct Marketing

We may use your email for direct marketing purposes only with your prior consent or as allowed by law.

7. Automated Decision-Making

Automated decisions may be used for some services. You can request a manual review if needed.

8. How We Share Your Personal Data

We may share your data with:

  • Public authorities when required by law.
  • Third-party service providers under strict confidentiality agreements.
  • Affiliate companies for legitimate purposes.

9. International Transfer of Personal Data

We ensure appropriate safeguards when transferring personal data outside the EEA, including compliance with GDPR requirements.

10. How We Protect Your Personal Data

We use robust security measures, such as encryption, access restrictions, and penetration testing, to protect your data.

11. How Long We Keep Your Personal Data

Retention periods depend on legal requirements and the purpose of processing, as detailed in Section 11.

12. Your Rights

You have the right to access, correct, delete, or restrict the processing of your data, among other rights. Contact us at privacy@dtr.org for assistance.

13. Cookies Policy

Refer to the Cookie Policy on our website for details about cookie usage.

14. Links to Other Websites

We are not responsible for the privacy practices of third-party websites linked on our site.

15. Changes to This Privacy Policy

This policy may be updated periodically. Please review it regularly to stay informed.

16. Contact Us

For questions, email us at privacy@dtr.org

17. Data Protection Officer

Our DPO ensures compliance with this Privacy Policy. Contact the DPO at privacy@dtr.org

Next-generation payments infrastructure, built for the modern world

Quick Links
SolutionsContact
RESOURCES
API docs
POLICIES
PrivacyCookies
All content on this website, including but not limited to text, images, graphics, logos, audio, video, and other materials (collectively, the "Content"), is protected by copyright, trademark, and other intellectual property laws. All rights to the Content are expressly reserved.