Recently updated – April 2022
- You are not required by law to provide us with any Personal Data. Sharing Personal Data with us is entirely voluntary.
- Our Services are intended for Users over the age of 16 or equivalent minimum age for providing consent to processing of Personal Data in the relevant jurisdiction. Children under such age are not permitted to register to or use the Services. If you are under such age you should cease to use the Services immediately.
- You may be entitled to request to review, amend, erase or restrict the processing of your Personal Data, pursuant to applicable law. Please note that in case you request to erase or restrict the processing of your Personal Data, your use of the Services may be restricted. You may be entitled to exercise additional rights under the CCPA, please refer to our User Rights Policy.
- We do not sell, trade, or rent Users’ Personal Data to third parties. We only share Personal Data with third parties in connection with the provision of the Services to our Users, or other limited circumstances specified herein.
- What is Personal Data and what data is collected about me by MONYX?
“Personal Data” or “Personal Information” (will be referred together as “Personal Data”), means any information which identifies or can be used to identify a natural person, including, but not limited to, first and last name, phone number, email address, online identifiers, IP address, billing information (such as credit card number), information concerning households, devices etc.
“Non-Personal Data”, means non-identifiable aggregated data, such as technical data transmitted by the user’s device and aggregated use of the website of the Application. This data is not used to identify individuals.
Personal Data is only used for limited purposes, as specified below.
|Type of user and type of Data||Purposes of Processing||For EU persons – Legal Basis under the GDPR|
|User’s registration to the Services
In order to use the Services, you will need to download the Application and you will be asked to create an account and provide us with Personal Data, such as your name, email address, phone number and your Payment Method details, such as the details of your credit card or debit card (the “Account”).
This information is provided by you when registering the Services and creating or updating an account to use the Services.
To improve the Services, and to develop new features, products and services.
|Additionally, In order to fulfill our legal obligations to prevent fraud and money laundering, we may obtain information for the purpose of “Know Your Client” (KYC) check. Such information includes such as: identification number (SSN, passport, I.D. number or driving license number), financial information (credit card number and banking information, date of birth, residence country, citizenship country, nationality, position, phone and mobile number, face snapshot, image and video, and copy of the identification document.||To comply with legal requirements and obligations related to anti-money laundering and terror financing.||To fulfil our legal obligations.|
|User’s use of the Services
When you purchase through the Merchant’s Machines via the Services, we collect certain data regarding your purchase, such as the Merchant you purchased from, the products purchased, your shopping history, total payment amount, and the geographical location when using the Services. Please note, that we will collect your precise location only to the extent you provided your permission to access your phone’s GPS data.
Please note, that if you are an employee using the Services in connection with your workplace (e.g., if your employer provided you with a pre-paid card to buy at the Machines), we may also receive additional contact information regarding you and your workplace, through your employer, such details may include your balance on your pre-paid card and your employer name.
We collect this information automatically from the Application and/or the Merchant you purchased from.
| Technical Information and Online Identifiers
We collect technical information transmitted by your device when using the Services. Such information includes type of operating system, type of the device used to access the Services, date and time stamp, language preference, device ID, IP address, advertising ID (android), IDFA (apple advertising ID) and user’s actions within the Services. This information is collected automatically via your use of the Services.
| Contact us
When you submit a customer-service request or using the “contact us” feature through our website, you may be asked to provide personal information depending on the activity or request. For example, by placing a message in the “contact us” form we will collect your full name, email, mobile number, country, company, and the content of your message.
We do not knowingly collect or process any Personal Data included in Special Categories of Personal Data (as defined in the GDPR). In the event you become aware that such data has been collected by us, please inform us immediately.
In addition, we may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts and any other misuse of the website or the Services and to enforce the Terms and Conditions, as well as to protect the security or integrity of our databases, website and the Services, and to take precautions against legal liability. Additionally, we may also use Personal Data to comply with any applicable law and assist law enforcement agencies and competent authorities, when we have a good faith belief that our cooperation with them meets the applicable legal standards. All the above processing is based on out legitimate interests or legal requirements.
Non-Personal Data, aggregate and statistical or otherwise anonymized data may be shared without limitation with third parties at our discretion. This information does not contain Personal Data and is used to develop content and services for our Users.
- Will MONYX Share my Personal Data?
We share Personal Data only under the following limited circumstances:
- With third parties who assist us in operating the Services – conducting our business, expanding our business or servicing you, and for personalizing your experience of the Services, such as payment providers who process your Payment Method, clearance services, and, if applicable, your employer. You can see a list of such third parties here. While we strive to keep this list current, updated and complete, it is possible that there are additional processors which we have not yet added to the list. If you have any inquiries related to our service providers please contact us.
- Within the Nayax group – We may also share certain Personal Data within the Nayax group, where certain affiliated companies provide services to assist others entities in the group in the provision of our services. For example, Nayax Ltd. headquarters the group’s activities, and may have access to Personal Data collected by its subsidiaries.
- E-Wallets, alternative payments providers and financial management apps – we may share certain data with third parties who provide data subjects with platforms for management of transactions and financial data (such as e-wallets, online banking, etc.), for the purpose of enabling the data subject to access his/her data and provide the data subject with the third party’s services.
- For legal purposes – To comply with a legal requirement, for the administration of justice, to protect your vital interests or the vital interests of others, to protect the security or integrity of our databases or the Services, to take precautions against legal liability, or in the event of a corporate sale, merger, reorganization, dissolution or similar event.
- Will MONYX transfer my Personal Data internationally?
MONYX is a global company with offices all over the world. Our databases are located currently in Germany, Israel and in the US. Some of our processing activities are made in Israel. International transfers of data are done with appropriate measures to ensure that your personal data receives an adequate level of protection as required under applicable law. Further, when Personal Data collected within the EU is transferred outside the EU (and not to a recipient in a country that the European Commission has decided provides adequate protection), it shall be transferred in accordance with the provisions of the GDPR, including, where applicable, under the relevant Standard Contractual Clauses approved by the European Union (if applicable). If you would like to understand more about these arrangements and your rights in connection therewith, please contact us at: email@example.com.
- Users rights with respect to Personal Data
Subject to applicable law requirements, we will provide our Users with the opportunity to exercise their rights regarding their Personal Data. Individuals’ principal rights under data protection and privacy laws may include (you may have some or all of these rights depending on your jurisdiction):
- the right to receive a confirmation whether or not we process your Personal Data;
- the right to access your Personal Dataand receive a copy of the Personal Data that we hold.
- the right to rectificationof your Personal Data;
- the right to erasureof your Personal Data.
- the right to restrictprocessing of your Personal Data.
- the right to objectto processing of your Personal Data;
- the right to data portability.
- the right to complain to a supervisory authority(in the event that you are a European Economic Area (“EEA”) resident); and
- the right to withdraw consent.
Please review our Privacy Users Rights Policy regarding your rights under applicable law.
Please note that –
- We may request additional information from you when you contact us with a DSR in order to: (i) verify your identity; (ii) determine the applicable laws apply to you; (iii) and locate your data.
- It may take time to process requests in a way that is consistent with applicable privacy law.
- Will I receive SPAM from MONYX?
We may send users of the Services, which have agreed to receive such communications, with information on new products, features, activities, services and periodic announcements or newsletters (“Marketing Materials”). We will not send Marketing Materials to you unless you have approved the receipt of such materials, by subscribing to our newsletter and Marketing Materials on the Application or otherwise. In case you have agreed to receive Marketing Materials and wish to rescind your consent, you may do so at any time by clicking “Unsubscribe” on the relevant communication or by contacting us at: firstname.lastname@example.org.
- Is Personal Data regarding children collected by us?
Our Service is a general audience Services which is not directed to persons under 16 years old or equivalent minimum age for providing consent to processing of Personal Data in the relevant jurisdiction (“Child”). If a parent or guardian becomes aware that his or her Child has provided us with Personal Data without their consent, he or she should contact us immediately. We do not knowingly collect or solicit Personal Data from a Child. If we become aware that a Child has provided us with Personal Data, we will delete such data from our databases.
- How does MONYX protect your data?
We implement measures to reduce the risks of damage, loss of information and unauthorized access or use of information in accordance with the applicable law. In particular, your payment information is secured in accordance with the PCI-DSS standard. However, these measures are unable to provide absolute information security. Therefore, although efforts are made to secure your personal information, it is not guaranteed and you cannot reasonably expect that the Service and its related databases will be immune from any wrongdoings, malfunctions, unauthorized interceptions or access, or other kinds of abuse and misuse.
- Data Retention
Unless you instruct us otherwise and subject to applicable laws, we retain the information we collect for as long as needed to provide our services and to comply with our legal obligations, resolve disputes and enforce our agreements if applicable.
- Questions or concerns regarding privacy
By sending our privacy team email at: email@example.com.
By regular mail at:
Nayax Europe UAB
Antakalnio 17, LT-10312, Vilnius, Lithuania.
- PRIVACY NOTICE FOR CALIFORNIA RESIDENTS UNDER THE CALIFORNIA CONSUMER PRIVACY ACT
As required under the CCPA, we will update this Privacy Notice every 12 months.
Types of Personal Information we collect
Under the CCPA, “Personal Information” is defined as any information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household or device. The categories of Personal Information that we collect (and has collected within the last 12 months), are detailed in the table below.
Please note that, under the CCPA Personal Information does not include: publicly available information from government records and de-identified or aggregated consumer information, information excluded from the CCPA’s scope (e.g., health or medical information covered by applicable laws such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA)); and information covered by certain sector-specific privacy laws (e.g., the California Financial Information Privacy Act (FIPA)).
|A. Identifiers.||A real name, unique personal identifier, online identifier, Internet Protocol address, email address, or other similar identifiers.||Yes
|B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).||A name, address, telephone number, employment, credit card number, debit card number, or any other financial information.
Some personal information included in this category may overlap with other categories.
|C. Protected classification characteristics under California or federal law.||No
|D. Commercial information.||Records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.||Yes
|E. Biometric information.||No
|F. Internet or other similar network activity.||Information on a consumer’s interaction with a website, and application.||Yes
|G. Geolocation data.||Physical location or movements.||Yes
|H. Sensory data.||No
|I. Professional or employment-related information.||Current or past job history.||Yes
|J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).||No
|K. Inferences drawn from other personal information.||No
HOW WE COLLECT INFORMATION
Depending on the nature of your interaction with us, we may collect the above detailed information from you, as follows: (i) directly from you, for example, when a User subscribe to our Services he will fill his/her Personal Information as part of the onboarding process; (ii) automatically when you use the Services; (iii) from third-party business partners such as analytics providers.
USE OF PERSONAL INFORMATION
We may use, or disclose the Personal Information we collect for one or more of the following business purposes:
- To fulfill or meet the reason you provided the information. For example, if you contact us with an inquiry and share your name and contact information, we will use that Personal Information to respond to your inquiry.
- To provide, support, personalize, and develop our website and Services, as well as improve our Services.
- For security and fraud detection purposes, and to maintain the safety, security, and integrity of our website and Services.
- For testing, research, analysis, and product development, including to develop and improve our website and Services.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- As described to you when collecting your Personal Information or as otherwise set forth in the CCPA.
- To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding.
We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.
SHARING SELLING DATA
We may disclose your Personal Information to a third party for a business purpose. When we disclose Personal Information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except performing the contract.
We share your Personal Information with the following categories of third parties:
- We share your Personal Information with our service providers (such as: AWS our cloud storage services processor of Payment Methods).
- We share your Personal Information data aggregators (such as: Google Analytics)
- We share your Personal Information with Merchants (when you purchase through their vending machines and pay by the Services).
DISCLOSURES OF PERSONAL INFORMATION FOR A BUSINESS PURPOSE OR FOR SELLING PURPOSES
In the preceding twelve (12) months, the Company has disclosed the following categories of Personal Information for a business purpose:
- Category A: Identifiers.
- Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
- Category D: Commercial information:
- Category F: Internet or other similar network activity.
Category G: Geolocation data.
SALES OF PERSONAL INFORMATION
In the preceding twelve (12) months Company has not sold Personal Information (“selling” under CCPA relates to any disclosure, transfer, and selling of Personal Information for monetary or other valuable consideration).
YOUR RIGHTS REGARDING YOUR PERSONAL INFORMATION
The CCPA provides consumers with specific rights regarding their Personal Information. Please review our User Rights Policy regarding your rights under applicable law.
By sending our privacy team email at: firstname.lastname@example.org.
By regular mail at:
Nayax Europe UAB
Antakalnio 17, LT-10312, Vilnius, Lithuania.