PRIVACY POLICY

Simple Europe UAB, a legal entity, duly incorporated in Lithuania under the company number 305959834, having its registered office at Gyneju str. 14-65, Vilnius, Republic of Lithuania, 01109, together with its affiliated companies (hereinafter collectively referred to as “Simple”“we” and/or “us”) complies with the European Parliament’s 2016 ‘Regulation EU 2016/679’ act on the use of Personal data and data protection (General Data Protection Regulation [“GDPR”]).

In this document, Simple explains how we collect, process and store Personal Data from EU users (hereinafter referred to as “you”) at the Simple Website (hereinafter referred to as the “Website”) and/or its mobile app. This document also forms an integral part of the Terms & Conditions (hereinafter referred to as “T&C”) for using the Website. In this document, Simple explains how we collect, process and store Personal Data from EU users (hereinafter referred to as “you”) at the Simple Website (hereinafter referred to as the “Website”) and/or its mobile app. This document also forms an integral part of the Terms & Conditions (hereinafter referred to as “T&C”) for using the Website.

1. DEFINITIONS

For the purposes of this document, the terms below have the following meanings:

“Consent” means freely given, specific and unambiguous indication of your agreement to the processing of your Personal Data by Simple.

“Controller” means a natural or legal person, which alone or jointly determines the purposes and means of the processing of Personal data. Simple Europe UAB is a Controller in the meaning of the GDPR and this Privacy Policy.

“Data subject” means an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to their Personal data. You are a Data subject in the meaning of the GDPR.

“Personal data” means any information relating to you that helps us directly or indirectly identify you as a Data subject.

2. TYPES OF PERSONAL DATA IN OUR POSSESSION

Personal data that we may collect, store and process includes:

  • Contact info that you provide to us by filling in forms on the Website and/or mobile app or any other information you might submit to us via the Website and/or mobile app email, telephone, and/or Live Chat, including the following: name (first name, surname), e-mail, phone number, address (registered address and/or address of actual operation), other necessary data (CV, links to the social media (LinkedIn, Facebook), cover letter);
  • Financial information (form of payment, payment card number or bank account number, details of transactions, payment server, salary, income and assets);
  • Record of correspondence whether via the Website and/or mobile app (Customer support), email, telephone or by any other means;
  • Details, necessary to provide KYC by us: ID (national passport or governmental ID, foreign passport and/or driving license), date of birth, proof of address (Utility bill, bank statement, rent agreement), source of funds/source of wealth, legal form, registration number, an extract of registration and its issue date, Power of Attorney for an authorized person;
  • Details of your visits to the Website and/or mobile app, including traffic data, precise location data, activity logs(launches, taps, clicks, scrolling information) and other communication data;
  • Information we get from your devices (IP address, portfolio website, cookies, computer model, operating system and its version, serial numbers, mobile device ID, your contact lists, crash data);
  • Responses to marketing campaigns from us.
  • Pictures, photos, visual images, scan copies and personal appearance (such as pictures, images, photos or copies of your passports/ID/driving license/resident permit – front and back; pictures, images, photos or copies of your bank statements/proof of address, or  real-time biometric facial scans);

3. LAWFUL USAGE OF PERSONAL DATA

Simple will only use and share your information where it is necessary for us to carry out our lawful business activities. We want to ensure that you fully understand how your information may be used. We have described the purposes for which your information may be used in detail below:

3.1.  Contractual Necessity:

 

 

We may process your information where it is necessary to enter into a contract with you for the provision of our products or services or to perform our obligations under that contract. Please note that if you do not agree to provide us with the requested information, it may not be possible for us to continue to operate your account and/or provide products and services to you. This may include processing to:

  • assess and process applications for products or services;
  • provide and administer those products and services throughout your relationship with Simple, including opening, setting up or closing your accounts or products; collecting and issuing all necessary documentation; executing your instructions; processing transactions;  resolving any queries or discrepancies and administering any changes.
  • manage and maintain our relationships with you and for ongoing customer service.
  • communicate with you about your account(s) or the products and services you receive from us.

 

 

3.2 Legal obligation:

 

 

When you apply for a product or service (and throughout your relationship with us), we are required by law to collect and process certain personal information about you. Please note that if you do not agree to provide us with the requested information, it may not be possible for us to continue to operate your account and/or provide products and services to you. This may include processing to:   

  • confirm your identity, including using biometric information and facial recognition technology and other identification procedures.
  • perform checks and monitor transactions and location data for the purpose of preventing and detecting crime and to comply with laws relating to money laundering, fraud, terrorist financing, bribery and corruption, and international sanctions. This may require us to process information about criminal convictions and offences, to investigate and gather intelligence on suspected financial crimes, fraud and threats and to share data with law enforcement and regulatory bodies;
  • share data with other financial institutions and third parties to help recover funds that have entered your account as a result of a misdirected payment by such a third party;
  • share data with police, law enforcement, tax authorities or other government and fraud prevention agencies where we have a legal obligation, including reporting suspicious activity and complying with production and court orders;
  • deliver mandatory communications to customers or communicating updates to product and service terms and conditions;
  • investigate and resolve complaints;
  • conduct investigations into breaches of conduct and corporate policies by our employees;
  • manage contentious regulatory matters, investigations and litigation;
  • perform assessments and analyse customer data for the purposes of managing, improving and fixing data quality;
  • provide assurance that Simple has effective processes to identify, manage, monitor and report the risks it is or might be exposed to;
  • investigate and report on incidents or emergencies on Simple’s properties and premises;
  • coordinate responses to business-disrupting incidents and to ensure facilities, systems and people are available to continue providing services; and
  • monitor dealings to prevent market abuse.

 

 

3.3 Legitimate Interests of Simple:

 

 

We may process your information in the day-to-day running of our business, to manage our business and financial affairs and to protect our customers, employees and property. It is in our interests to ensure that our processes and systems operate effectively and that we can continue operating as a business.

This may include processing your information to:

  • monitor, maintain and improve internal business processes, information and data, technology and communications solutions and services;
  • ensure business continuity and disaster recovery and respond to information technology and business incidents and emergencies;
  • ensure network and information security, including monitoring authorised users’ access to our information technology for the purpose of preventing cyber-attacks, unauthorised use of our communications systems and websites, prevention or detection of crime and protection of your personal data;
  • perform general, financial and regulatory accounting and reporting;
  • protect our legal rights and interests; and
  • enable a sale, reorganisation, transfer or other transaction relating to our business.
 

 

 

 4. PURPOSES OF PERSONAL DATA PROCESSING

  • Processing your transactions, including card and online payments;
  • Setting up and managing your account, verification of your identity (both face-to-face and not face-to-face), verification of your proof of address, verification of your source of wealth/source of funds;
  • Complying with our legal and regulatory duties;
  • Complying with risk management procedures and monitoring transactions for the purpose of preventing fraud, money laundering and scamming;
  • Identification of system problems and administration of the Website and/or mobile app;
  • Involving you in surveys and polls relating to the services we provide;
  • Providing you with information about promotional offers and the products and services available.

5. SHARE OF PERSONAL DATA

We share your Personal data with:

  • The Affiliates of Simple Europe UAB.“Affiliates” for the purpose of this Privacy Policy include all direct or indirect parent and subsidiary enterprises of Simple Europe UAB, its joint venture partners, their related companies and companies under the same control. We may share your Personal Data with our Affiliates for set-up, verification and management of your account, for marketing research and data analysis, to conduct relevant risk management and comply with legal and regulatory obligations.
  • Third Parties(electronic money institutions, payment service providers, customer services, software providers, KYC providers, CRM system providers, marketing agencies, digital optimization systems and other trusted partners). For the deposit and withdrawal of your funds, we use various payment services and transmit your Personal data to them. Simple is always keen to give users the best service possible. One of the ways of doing this is to use customer service software providers. Simple also uses data analysis, research and surveys to identify and satisfy users needs via different digital optimizations systems. To assist Simple in dealing with this issue, we may also transfer some part of your Personal Data to relevant marketing agencies. Simple also uses third-party solutions to provide verification procedure of its users. In addition, we also use CRM system providers in order to proceed with your applications to our job openings. All of the above-mentioned entities will receive only the data they require for the provision of services and compliance with their legal and regulatory obligations. For the protection of your Personal data, relevant measures will be taken by Simple prior to the transfer of data to the above-mentioned parties.
  • International data transfers.Simple runs its business activity worldwide (except for “Restricted areas” as stipulated in the T&C). However, some countries outside the European Economic Area (“EEA”), do not have effective laws regarding data protection. To ensure the appropriate level of protection, we add relevant contractual clauses, designed to offer the same level of protection of Personal data as within the EEA. We would like to emphasize that Simple makes every effort to ensure the protection of Personal data while cooperating with any third parties. In addition, we try to secure your rights and information, by verifying whether the data is processed in accordance with the GDPR standards and other legal requirements.

We will not share your information with anyone outside of the Simple except:

  • where we have your permission;
  • where required to provide your product(s) or service(s). This may include sharing your name with other Simple customers if you are already in the contact book stored on their device or when we are required to do so by the applicable law;
  • where we are required by law and by law enforcement agencies, judicial bodies, government entities, tax authorities or regulatory bodies around the world;
  • with other financial institutions and third parties where required by law to help recover funds that have entered your account as a result of a misdirected payment by such a third party;
  • with third parties providing services to us, such as market analysis and benchmarking, correspondent banking, and agents and sub-contractors acting on our behalf, such as the companies which print our packing labels and provide your currency accounts;
  • with other financial institutions to help trace funds where you are a victim of suspected financial crime and you have agreed for us to do so, or where we suspect funds have entered your account as a result of a financial crime;
  • where permitted by law, it is necessary for our legitimate interests or those of a third party, and it is not inconsistent with the purposes listed above.

6. STORAGE AND RETENTION OF PERSONAL DATA

Simple store your personal data in the data centres within the European Economic Area. While your information is being transferred to the data centres we limit its processing to a strictly necessary extent, in keeping with the procedures aimed at ensuring the network and information security. In addition, the security of any transfer of data is helped by using computer security incident response teams (CSIRTs), computer emergency response teams (CERTs) and other means to ensure a high level of protection.

Moreover, data centres use Operational Metrics (traffic data, cryptographically hashed file samples, click stream information, logged snippets of transmitted content, IP trust scores and other server activity data and all analytic products derived therefrom).

Simple will legally store your Personal data for the relevant retention period. Thus, such information will be processed until you delete your account on the Website and mobile app and further within the reasonable period, in accordance with the terms of AML/KYC procedures, regulatory requirements and any other applicable legislative grounds.

Simple will collect, store and use your Personal Data for the purposes set in this Privacy Policy.

Simple has identified the types of Personal Data we may use about you and how and why we will use them.

During the provision of services, Simple may also use software and other means, tools of third parties, which also collect Personal Data of our Users.

The procedure for collecting, processing, storing and using Personal Data is determined by the Privacy Policy of the relevant Service Provider.

The privacy policies of the software products of the KYC Service Providers are available for review at the following links:

This list of Service Providers is non-exhaustive and may change and be supplemented. In any case, the User can review the privacy policies of those KYC Service Providers, with which Simple cooperates, on their official websites. 

Simple retain your Personal Data only for those periods necessary to fulfil the various purposes outlined in this Privacy Policy unless a longer retention period is required or allowed by law.

For the purposes of complying with our legal or regulatory obligations and the world industry standards for data storage, you give us consent and permission to keep records of such information throughout the term of your Account, as well as for 8 (eight) years after the closure of your Account.

We store your Personal Data in a depersonalized or aggregated form but not in a way that would identify you personally.

7. RIGHTS OF DATA SUBJECT

GDPR entitles you to a range of specific rights with regard to your Personal data. Please make sure you examine the following list with due care. In addition, we would like to stress that some rights relate to specific circumstances only.

  1. Right to be informedregarding your Personal data. By this Privacy Policy, Simple tries to highlight the most crucial issues concerning the security of your Personal Data to keep you informed. If the Privacy Policy is in any way changed, then this page will be updated accordingly.
  2. Right to access.It is your right to receive information from us regarding whether we are using your Personal data. You are also entitled to ask us to clarify which of your Personal data we have. In addition, you may request a copy of the Personal data which is being processed.
  3. Right to alter incorrect data.You have a right to change inaccurate Personal data in our possession.
  4. Right to have the data removed.You are entitled to erase your Personal data in our possession due to specific circumstances. Those would be if the data is no longer necessary for the stated purposes, you withdraw your Consent to data processing, your Personal data has been unlawfully used, there are no overriding legitimate grounds to process your information and/or your Personal data is to be erased for legal reasons. However, please, note that Simple is not bound to comply with such a request if processing of your Personal data is necessary to exercise the right of freedom of expression and information, comply with a legal obligation in the public interest, exercise official authority and/or establish, exercise or defend legal claims.
  5. Right to restriction of processing.You have the right to request the suspension of your Personal data being processed, for example, if the accuracy of the data is being questioned.
  6. Right to data transfers.You are entitled to transfer your Personal data in our possession to any other Data Controller. You also have a right to receive a report on your Personal data from Simple in a structured, commonly used and machine-readable format. While transferring the above-mentioned data to you, Simple will take all security measures necessary to ensure your Personal data is securely transmitted by using end-to-end encryption or any other strong authentication measures.
  7. Right to object.You have the right to object to the processing of your Personal data. However, where legitimate grounds to use your information outweigh your interests and rights, Simple reserves the right to continue such processing.
  8. Right not to be subject to automated decision-making.You are entitled not to be subjected to automated decision procedures. Simple ensures that all important matters relating to your Personal Data are either resolved by our team or by any engaged third party.

8. EXECUTION OF DATA SUBJECT RIGHTS

To exercise any of the above-mentioned rights, you must provide us with a special request. Should you wish to make such a request, please, contact us via the following e-mail address: [email protected].

Your application should include adequate identification details and appropriate documents to support your request. Simple will deal with your concerns within 30 (thirty) calendar days and reply to you regarding each issue.

If you do not receive a response to your request within the stipulated time period or are not satisfied with our processing of your Personal data, you are entitled to apply to your local data protection authority:

State Data Protection Inspectorate of Lithuania
L. Sapiegos str. 17 (Left-hand entrance)
LT-10312 Vilnius
Phones: +370 5 271 2804 / 279 1445
Fax +370 261 9494
E-mail [email protected]

9. CONSENT

By registering on the Website and/or mobile app as a user of Simple and/or using our services, you Consent to the processing of your Personal Data by Simple and to the terms and conditions of this Privacy Policy. Please, make sure you understand all your rights and obligations stated here and in the T&C.

 

You Consent that Simple may process information about you on your behaviour and your activity for marketing and advertising purposes, including but not limited to: 

  • Marketing: based on your communication preferences, you consent that Simple may use your email in order to send you marketing communications, including our newsletter, in order to inform you about our events; to deliver targeted marketing and to provide you with promotional offers based on your communication preferences. We use Personal data about your usage of our Platform and your contact information to provide marketing communications, including but not limited to promotions, special offers and other information, personalize promotional offers, in particular, based upon their activity and their transaction history in order to use push notifications. You can opt out of our marketing communications at any time. We send administrative or account-related information to you to keep you updated about our news or inform you of relevant security issues or updates to the Platform, changes of the Terms & Conditions or to this Privacy Policy or provide other transaction-related information. Without such communications, you may not be aware of important developments relating to your Account that may affect how you can use our Platform.

10. FURTHER INFORMATION

Simple always aims to make its users aware of their rights and obligations. Please, make sure you read carefully this Privacy Policy, T&C and other legal documents on the Website and/or mobile app.

If you have any doubts regarding our services or need any additional assistance, do not hesitate to contact us via the following e-mail: [email protected].

 

11. UPDATE

Our Website policies and its content may be revised, modified, updated, and/or supplemented at any time. If we change this Privacy Policy, we will take steps to notify all users of the amendments, as well as to post the updated policy thereupon.

If we consider that your rights may be affected by any such changes, we will request you to confirm your consideration and acceptance prior to continuing our relationship with you.

 

Last update of this Privacy Policy: November 1, 2024