Privacy and Policy
How we collect personal data
When we open and operate an account for you, provide you with our products and services, or communicate with you, we may collect your personal data. We do this in various ways, including:
- when you provide it to us such as when you sign up for a UDC account, use our products and services, or take part in customer surveys, competitions and promotions;
- when you communicate with us by email, chat, telephone or any other means, we collect the communication and any data provided in it;
- when you use the UDC platform we collect information on your transactions and other use of your UDC account;
- when we obtain information from third parties such as identity verification services, credit reference agencies, and regulatory and enforcement agencies.
Cookies are small data files that we or companies we work with may place on your computer or other devices when you visit our website. They allow us to remember your actions or preferences over time.
- track site usage and browsing behaviour;
- allow you to sign in to your account and navigate through the website;
- tailor our website’s functionality to you personally by letting us remember your preferences;
- improve how our website performs;
- allow third parties to provide services to our website;
- monitor the effectiveness of our promotions and advertising; and
- mitigate risk, enhance security and help prevent fraud.
We use both session and persistent cookies. Session cookies are deleted when you close down your browser, while persistent cookies remain on your device until they expire or you delete them. Persistent cookies allow us to remember things about you when you visit our website again.
We may use authorised third-party providers to help us with various aspects of our business, such as website operations, services, applications, advertising, support tools and to serve you relevant content.
These service providers may place cookies on your device (third-party cookies) or make use of similar tracking technologies such as web beacons. No personally identifiable information is stored in third-party cookies. The information reported to us is aggregated and anonymous. We use this information to understand, for example, the effectiveness of our advertising and marketing. Web beacons are small graphic images (also known as “pixel tags” or “clear GIFs”) which may be used to collect and store information about visits to our website (such as which pages you viewed and how long you spent on the website) and communication efficiency (such as the email delivery and open rates). Where necessary, the information gathered by web beacons may be tied to your personal data strictly for the purposes set out herein.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
How we use your personal data
We use personal data for one or more of the following purposes:
- to verify your identity in accordance with Know Your Customer (KYC), Anti-Money Laundering (AML) and sanctions screening requirements;
- to manage and maintain your account with us;
- to prevent fraudulent or unauthorised use of our products and services;
- to better manage our business and your relationship with us;
- to improve our products and services, and to develop new products and services;
- to notify you about benefits and changes to the features of our products and services;
- to provide you with personalised advertising and marketing;
- to respond to your enquiries and to resolve disputes.
Where necessary to protect our legal rights and interest, or the interests of others, we also use personal data in relation to legal claims, compliance, audit, risk management and regulatory functions. We may also use personal data in connection with the acquisition, merger or sale of a business.
How we share personal data
We share personal data with:
- any person that works for us or for one of our group companies;
- any entity that forms part of the UDC group of companies, including where relevant the UDC operating entity in the country or region in which you live;
- financial and other institutions we partner with to provide our products and services;
- companies and organisations that provide services to us, including in relation to technical infrastructure, marketing and analytics, and web and app development;
- companies and organisations that assist us with identity verification, background screening, due diligence and processing or otherwise fulfilling transactions that you have requested;
- our professional advisers, consultants and other similar services.
We will otherwise treat your personal data as private and confidential and will not share it with other parties except:
- where you have given permission;
- where we may transfer rights and obligations pursuant to our agreement with you.
Security of your personal data
UDC places great importance on ensuring the security of your personal data. We regularly review and implement up-to-date technical and organisational security measures when processing your personal data. Employees of UDC are trained to handle personal data securely and with the utmost respect, failing which they may be subject to disciplinary action.
The personal data we collect may be transferred to, stored and processed outside of the jurisdiction in which you reside, and the laws of those countries may differ from the laws applicable in your own country. For example, data collected in the European Economic Area (EEA) may be transferred to, stored and processed at a destination(s) outside of the EEA. Any processing of such data will be undertaken by our staff, or the staff of our third-party service providers, whose roles will include verifying your identity, processing payment details, and providing customer support.
Additional matters relating to personal data
Retention of personal data
Incomplete personal data
Where indicated (for example in application forms or account opening forms), it is obligatory to provide your personal data to us to enable us to process your application for our products or services. Should you decline to provide such personal data, we may not be able to process your application/request or provide you with our products or services.
Your right to access, update, or remove your personal data
Most of the data UDC collects, and the ways in which we use it, are necessary for us to provide and improve the services we provide to you, or to comply with our obligations. In certain situations, we give you the ability to choose how we use your data.
Depending on the country in which you live, you may have certain rights under data protection law, including the right to object to the processing of your personal data or to request that we:
- provide you with a copy of your personal data (including in a format that can be shared with a new provider); or
- correct, delete, or restrict the processing of your personal data.
Please submit a support ticket if you would like to exercise any of the above rights. These rights are limited in some situations, such as where we are legally required to process your data, and may limit your ability to use our products and services.
We will notify you and the relevant supervisory authority as soon as we become aware of any data breach that is likely to result in a risk to your rights and freedoms.
Credit and debit card data
We do not store your full credit and debit card data. This data is securely transferred and stored off-site by an authorised payment vendor in compliance with Payment Card Industry Data Security Standards (PCI DSS). This information is not accessible to UDC or UDC’s employees or any agent acting for or on behalf of UDC.