We provide financial infrastructure for the Internet. People use our services to make their purchases, and businesses of all sizes use our technology and services to accept and send payments and manage their online businesses. Aurea Via wants to be clear about how we use the Personal Data entrusted to us.

 

This Privacy Policy (“Policy”) describes the “Personal Data” we collect about you, how it is processed and shared, your rights and choices, and how you can contact us about our practices in matter of privacy. This Notice also describes the rights of the data subject, including the right to object to certain treatments relating to your Personal Data by us. For more information about our privacy practices, you can visit the Aurea Via Privacy Center.

 

Aurea Via”, “we”, “our / a / i / e ” or “ us ” means the local Aurea Via company, responsible for the collection and processing of Personal Data under this Privacy Policy, which varies by country .

 

“Personal Information” means any information relating to an identified or identifiable individual and may include information that you provide to us and that we collect about you, such as when you interact with our Services (e.g., device information, IP address).

 

“Services ” means the products and services that Aurea Via determines are covered by this Policy, which may include devices and apps provided by Aurea Via. Our “ Business Services ” are Services provided by Aurea Via to legal entities (“ Business Users ”) who directly and indirectly provide us with Personal Data of “ End Customers ” related to the activities and functions of these Business Users. Our “ End User Services ” are those Services that Aurea Via provides directly to individuals (rather than legal entities), for their personal use. 

 

“ Sites ” means Aurea Via.com and other websites, apps and online services that Aurea Via indicates are covered by this Policy. Collectively, we refer to the Sites, Corporate Services and End User Services as the “ Services ”.

 

Depending on the context, the term “ user ” means the End Client, End User, Representative or Visitor:

  • when you directly use an End User Service for personal use (such as when you register on Link or make a payment to Aurea Via Climate in a personal capacity), we refer to you as “End User ” ;

  • when you do business with, or otherwise transact with, a Business User (such as when you purchase a pair of shoes from a merchant that uses Aurea Via Checkout to process payments) but do not do business directly with Aurea Via, we refer to the user as " Final Customer";

  • when you are acting on behalf of an existing or prospective Business User (e.g., you are the founder of a company, administer the account of a merchant who is a Business User, or receive an employee credit card from a Business User using Aurea Via Issuing), we refer to you as “ Representative ”;

  • When you visit a Site without logging into an Aurea Via account or otherwise communicate with Aurea Via, we refer to you as a “ Visitor ” (e.g., when you send Aurea Via a message asking for more information why you are considering becoming a user of our products).

1. Personal data collected and used and how we process and share it

The collection and use of Personal Data varies depending on whether you act as an End User, End Customer, Representative or Visitor and of our different Services. For example, if you are the sole owner of a business (i.e. a sole proprietorship), we may collect Personal Data to operate your business, but you could also be an End Customer who has purchased goods from another Business User who uses the Aurea Via Services for payment processing and may also be an End User who uses Link to make such purchases. 

 

" Transaction Data ", as used in this Privacy Policy, includes Personal Data and may include: name, email address, billing address, shipping address, payment method information (such as credit card number, credit or debit card, bank account information or payment card picture selected by the user), merchant and location, purchase amount, date of purchase and, in some cases, some information about purchases made, the phone number and previous purchases.

1.1 End Users

It is possible that Aurea Via provides its Services directly to End Users, when a supply or processing service to companies is not expected (e.g. Links). Learn more about our collection, use and sharing of Personal Data in our Privacy Center, including the legal bases we use to process your Personal Data.

a.Personal Data We Collect About End Users

  • Use of Link or connection to the user's bank account. Aurea Via provides you with the opportunity to store your payment methods through Aurea Via so that you can conveniently use them with Business Users of Aurea Via (“Link” was formerly known as “Remember Me”). By accepting the Link service, you consent to us storing your Personal Data, such as your payment method, so that you can more easily make your Link purchases with Aurea Via Business Users (e.g. name, contact information , details on payment methods (for example card number, cvc and expiration date). When the user chooses to pay with Link, data relating to his transactions will also be collected.

    • If you choose to share your bank account information with us (including for use with the Link service), Aurea Via will periodically collect and process your bank account information (e.g., bank account holder information, account balances, account number and details, account transactions and, in some cases, account credentials). With your separate permission, we will share this Personal Data with your chosen Business Users. You can ask us to stop collecting and sharing this information. 

  • Payment with Aurea Via. When you purchase goods or services directly from Aurea Via, we receive Transaction Data. For example, when you make a payment to Aurea Via Climate we will collect your contact information, payment method information, and transaction information.

  • We provide an identity verification service that automates the comparison between an identity document and a picture of the user (e.g. a selfie). You may choose to allow us to store this verification for future use with other merchants and/or separately consent to the use of your biometric data to improve our verification technology. You can also ask us to stop providing you with these services. 

  • Other. Below is information about the additional types of Personal Data we may collect about End Users, including those related to your online activity.

b. How we process and share End User Personal Data

  • Services. We use your Personal Data to provide you with the Services for End Users, including Services such as security, sanctions screening, delivery, support, personalization (for example, your language preferences and setting choices), and messages related to the Services for End Users (e.g., communicating updates to the Policy and information about our Services). For example, we will use your Personal Data to evaluate whether using Link to make a payment with a merchant is authorized by you (and not by an attacker) and is likely to be successfully authorized by the payment method that the user chooses to use when deciding to make purchases with Link.

  • Our Business Users. When you choose to connect your financial account to Aurea Via, you may also choose to share your account information with Business Users with whom you do business. These Business Users will have their own privacy policies which will describe how they use that information.

  • Transactions. For payment transactions with Link, the End User's Personal Data is shared with others to allow or "process" the transaction. For example, when you choose to use a payment method to make a transaction with Aurea Via or Link (e.g. credit card, debit card, buy now, pay later, or direct debit), the third-party provider of that method payment processor will receive Transaction Data, including your Personal Data. When you use Link, the merchant you choose to trade with will also receive Transaction Data, including your Personal Data and, with your separate consent, your bank account information. We invite the

  • Fraud detection and loss prevention. We use your Personal Data collected through our Services (eg, Aurea Via Radar) to detect fraud and prevent financial loss for you, us and our Business Users and financial partners, as well as to detect unauthorized purchases. We may provide your Personal Data (including attempted transactions) to Business Users and financial partners (including card issuers, payment processors and others involved in payment processing activities) who use our Corporate Fraud Services, so they can assess the risk of fraud or loss associated with a transaction.

  • Advertising. We may process your Personal Data to assess your suitability and offer you other End User Services or to promote existing End User Services. Where permitted by law (including with your consent, where required), we use and share your Personal Data with others so that we can market our Services to End Users to you, including through advertising based on interest. You can view our Cookie Policy here. 

    • We do not sell or share End User Personal Data with third parties for marketing or advertising purposes without your separate consent.

  • Other. See below for information on other ways we may process and share your Personal Data.

1.2 End customers

Aurea Via offers Business Services to Business Users (e.g., payment processing through in-person or online payment, or payment processing for Business Users). When we are acting as a service provider to Business Users (that is, when we are acting as a data processor), we process Personal Data in accordance with the Business User's agreement and legitimate instructions (for example, when we process a payment for a Business User when the user has purchased one of their products) or when we are instructed to send funds to the user. 

Business Users are responsible for ensuring that the End Customer's right to privacy is respected, including ensuring that disclosures about data collection and use that occur in connection with their products and services are accurate. If you are an End Customer, please refer to the privacy policy or notice of the Business User with whom you have chosen to do business for information regarding the Business User's privacy practices, choices, and controls. Learn more about the collection, use and sharing of Personal Data in our Privacy Center, including the legal bases we use to process your Personal Data.

  • Transaction data. If you are an End-Customer, when you make payments, obtain refunds, initiate a purchase, make a donation, or transact with Business Users who engage us to provide Business Payment Processing Services, we learn about your transactions. We may also receive your Business User's transaction history.  Additionally, we may obtain information you type into a payment form even if you choose not to complete the form or make the purchase from the Business User. 

  • Identity/Verification Information. Aurea Via provides a Verification and Anti-Fraud Service that allows Business Users to verify the user's Personal Data, such as age (when purchasing age-restricted goods) or authorization to use a given payment method. As part of these Services, you will be asked to share your Personal Data for these purposes (such as your government-issued ID number, your picture (selfie), and Personal Data that you enter or that is collected by physical payment method (e.g. credit card picture)). As a fraud protection, this information may be compared with information we collect from Business Users, financial partners, business partners, identity verification services, from publicly available sources and other third-party service providers and sources, so that we can assess whether the person is likely you or someone who claims to be you. 

  • Other. Please see below for information on the additional types of Personal Data we may collect, including your online activity. 

b. Methods of treatment and sharing of personal data of end customers

To provide our Business Services to our Business Users, we use Personal Data, and we share Personal Data of their End Customers with Business Users. Where permitted, we also use End Customer Personal Data for Aurea Via's own purposes to protect, improve, and deliver our Business Services, and to prevent fraud, loss, and other harm, as will be described below.

  • Payments and accounting. We process your Transaction Data to provide our Payment-related Business Services to Business Users, as well as to process online payment transactions, calculate applicable sales taxes, issue invoices and receipts, and help them calculate revenue, pay their receipts and perform accounting tasks. We may also process Personal Data to provide and improve our Business Services.

    • For payment transactions, your Personal Data is shared with different parties in connection with your transaction. As we act as a service provider or data processor, we share the Personal Data of the End Customer to enable the payment transaction. For example, when you choose to use a particular payment method to make a transaction (e.g. credit card, debit card, buy now, pay later or direct debit), your payment details will be shared with the provider of that payment method. payment transaction data, including your Personal Data. Please consult the privacy policy of your payment method provider.

    • The merchant with whom you choose to do business will also receive Transaction Data, including your Personal Data; the merchant may share such Personal Data with other subjects. For more information, consult the privacy policy of your merchant.

  • Financial services. Some of our Business Users use our Services to offer financial services to you, either through Aurea Via or its financial partners. For example, they may provide a payment method for the purchase of goods or services as a product. These cards may bear the Aurea Via branding, banking partner branding, and/or Business User brands. In addition to any Transaction Data that we may produce or receive when these cards are used to make purchases, we will also receive and use your Personal Data to supply and manage products. Please also see the privacy notices of the Business User and of our banking partner, if applicable, associated with the financial service (whose branding may appear on the card).

  • Identity/Verification Services. We process Personal Data relating to your identity, including information provided by you and our service providers, to perform verification services for Aurea Via or for Business Users with whom you do business and to combat fraud and improve security. If you share an image of yourself with Aurea Via through a “selfie” along with another image of your ID, we will use the technology to compare and calculate if the selfie and the image match so we can perform an appropriate user verification. 

  • Fraud detection and loss prevention. We process your Personal Data collected through our Services (such as Aurea Via Radar) to detect and prevent losses for you, us, our Business Users, and our financial partners. We may share your Personal Data (including attempted transactions) with Business Users (including issuers of credit/debit cards, payment processors and others involved in payment processing activities) who use our Corporate Fraud Services, so they can assess the risk of fraud or loss associated with a given transaction. 

  • Our Business Users (and their Authorized Third Parties). We share End Customers' Personal Data with their respective Business Users and with parties who are directly authorized by those Business Users to receive such Personal Data. This includes sharing End Customers' Personal Data with Business Users when they allow third-party application providers to access the End Customer's Aurea Via account using Aurea Via Connect. For example, when a Business User uses Identity Services to verify the End Customer's identity, Aurea Via shares the information, documents, or photos provided by the End Customer with the Business User. Business Users with whom the End Customer decides to carry out commercial activities, they may further share Personal Data with third parties authorized to receive them (for example, other third party service providers). To learn more, see the privacy policies of these third-party providers.

  • Advertising by Business Users. If you have initiated a purchase, we will share your Personal Data with the Business User in connection with providing the Services, and that Business User may process your Personal Data to market and advertise its products or services, subject to the terms of the own privacy policy. To find out more, please consult your merchant's privacy policy, including about your rights to stop us processing your Personal Data for marketing purposes. 

    • We do not process, sell or share End Customer Personal Data for our marketing or advertising purposes or for any third party other than the Business User with whom you have transacted or attempted to transact. 

  • Other. See below for information about other ways we may process and share your Personal Data.

1.3 Representatives

To provide the Business Services, we collect, process, and share Personal Information of Business User Representatives (e.g., business owners). Learn more about the collection, use and sharing of your Personal Data in our Privacy Center, including the legal bases we use to process your Personal Data.

a.Personal Data We Collect About Representatives

  • Registration and contact information. If you sign up for Aurea Via as a Business User (including setting up a Business), we collect your name and account login credentials. If you sign up for an event Aurea Via hosts or attends, or if you sign up to receive communications from Aurea Via, we collect your registration and profile information. If you are a Representative or a prospective Business User's Representative, we will receive your Personal Data from third parties (including data providers) in order to advertise, market and communicate with you as described below and in Section 2 We may also associate a location with you to evaluate which Services or information may be useful to you. 

  • Identifying information. If you own a Business User or believe you are a shareholder, officer or director of a Business User, we will ask you to provide us with your contact details, such as your name, postal address, telephone number and email address, to meet our financial and regulatory obligations. We will directly (and through others) collect Personal Data about you, such as your Business User membership fee, date of birth, and publicly issued identification documents associated with you and your Business User (such as Social Security, Social Security Number or Employer Identification Number). You may also choose to provide information about your checking account.

  • Other. See below for information about additional types of Personal Data we may collect, including those relating to your online activity. 

b. Methods of processing and sharing the Personal Data of Representatives

We generally process Representative Personal Data to provide the Company Services to associated Business Users, as well as for the purposes described below.

  • Corporate services. We process and share Representatives' Personal Data with Business Users to provide the Services that you (or the Business Users you are associated with) have requested. 

    • In some cases, our Corporate Service will require us to submit your Personal Data to a government agency (for example, to form a business or to pay applicable sales tax). For our Atlas business formation services, we may use your Personal Data to file taxes on behalf of the Associated Business User. If the Business User uses Atlas, we may process your Personal Data to submit forms to the IRS on your behalf and to file documents with other governmental authorities (e.g., statutes in your state of incorporation).

    • We share data with parties directly authorized by Business Users to receive it (such as, for example, service partners that offer financial products or third-party apps or services that the Business User uses in conjunction with our Business Services). For example, payment method providers (e.g., Visa, WeChat Pay) will request onboarding information for Business Users who accept their payment methods, and Aurea Via will provide the requested onboarding information (including Personal Data of Representatives ) to these financial partners. In some cases, these payment method providers will be located outside your country, for example WCP, AliPay, Block, Klarna Bank AB. 

      • Use of Personal Data by a third party authorized by a Business User is subject to that third party's privacy policy.

    • If you are a Business User and have chosen a name that includes Personal Data (for example, a sole proprietorship or family name in the business name), we will share and use that information like any business name in connection with providing our Services (for example, by including them in receipts and other descriptions that identify financial transactions).

  • Advertising. Where permitted by applicable law, we process and share Representatives' Personal Data with others so that we can advertise and market our Services to you. Subject to applicable laws (including consent requirements), we may advertise to you, through interest-based advertising and email, and attempt to measure the effectiveness of our ads. Please view our Cookie Policy. We do not sell or share Representatives' Personal Data to third parties for their advertising purposes.

  • Other . See below for more information about the other ways we may collect, process and share your Personal Data.

1.4 Visitors 

We collect, use and share Personal Data of Visitors (who are not End Users, End Customers or Representatives). Learn more about the collection, use and sharing of your Personal Data in our Privacy Center, including the legal bases we use to process your Personal Data.

a.Collected Visitor Personal Data

When you visit our Sites, we will receive your Personal Data from you or we collect it using cookies and similar technologies. See our Cookie Policy. 

  • Forms. When you choose to fill out a form on the Site or third-party websites that display our advertising (e.g. LinkedIn or Facebook), we will collect the information included in the form (e.g. your contact information and other information relating to your requests regarding our Services). We may also associate a location with your visit. To know more.

  • Other. See below for information on the additional types of Personal Data we may collect, including those related to your online activity.

b. Methods of processing and sharing the Personal Data of Visitors

  • Personalization. We use information about you that we collect through cookies and similar technologies to measure engagement with content on our Sites, improve performance and browsing experience, personalize your experience (such as language and location geographic location) and tailor content on Aurea Via and our Services for you. For example, because not all of our Services are available in all regions, we may tailor our responses to your region.

  • Advertising . Where permitted by law, we process and share your Personal Data with others so that we can advertise and market our products and services to you. Subject to applicable law (including any consent requirements), we may advertise our services through interest-based advertising and email, and we will attempt to measure the effectiveness of our ads. See also our Cookie Policy. We do not sell or share Visitor Personal Data to others for their advertising purposes.

  • Engagement . When visitors interact with our Aurea Via.com site, we will use the information we collect on and through your devices to provide opportunities to initiate conversations or chatbots to answer your questions.

  • Other. See below for more information about the other ways we may collect, process and share your Personal Data.

2. Other ways we collect, process and share Personal Data

In addition to the ways we collect, process and share Personal Data described above, we also process your Personal Data as follows:

a. Collection of Personal Data.

  • Online activity. Depending on the Service you use and the implementation of our Enterprise Services by Enterprise Users, we will collect information about:

    • devices and browsers used on all of our Sites and on third-party websites, apps and other online services (“ Third-Party Sites ”);

    • usage data associated with those devices and browsers and how you used our Services, including your IP address, plug-ins, language used, time spent on our Sites and Third Party Sites, pages visited, links clicked , payment methods used and pages that led or directed the user to the Sites and Third Party Sites. For example, activity indicators, such as mouse activity indicators, to help us detect fraud. For more information, see also our Cookie Policy.

  • About communications and engagement. We will collect any information you choose to provide to us, such as via support tickets, email or social media. When you respond to Aurea Via emails or surveys, we collect your email address, your name and any other information you choose to include in the body of the email or responses. If you contact us by phone, we collect the phone number you use to call Aurea Via, as well as any other information you may provide during the call. We also collect data about your activities, such as your registration for, attendance at, or viewing of Aurea Via events, and your other interactions with Aurea Via personnel.

  • Forums and discussion groups. Where our Sites allow you to post content, we will collect the Personal Data you provide in connection with your posting.

 

b. Processing of personal data. In addition to the methods of processing Personal Data described above, we process Personal Data for the following purposes:

  • Improvement and development of our Services. We use analytics tools on our Sites to help us examine usage and to diagnose technical problems. To find out more about the cookies that may be set through our Sites and how you can control our use of cookies and third-party analytics, please see our Cookie Policy. We also collect and process Personal Data across our various Services, whether you are an End User, End Customer, Representative or Visitor, to improve us and to develop new Services and to support our efforts to make them more relevant and more useful to the user. 

  • Communications.We will use the contact information we hold about you to perform our Services, including sending SMS codes for authentication purposes. If you are an End User, Representative or Visitor, we may communicate with you using the contact information we hold about you (e.g. by email, telephone, text message or video conference call) to provide information about our Services and our affiliates' services, invite you to participate in our events or surveys, or otherwise communicate with you for marketing purposes, provided you comply with applicable law, including any requirements related to obtaining consent or opt out. For example,

  • Social media and promotions. If you choose to submit Personal Data to us to participate in an offer, program or promotion, we will use the Personal Data you submit to administer the offer, program or promotion We will use that Personal Data and the Personal Data you make available on social media including to sell you products and services, unless we are given permission to do so.

  • Fraud prevention and security.We collect and process Personal Data to help us detect and manage the activity of fraudsters and other malicious individuals on our Services, to enable our Corporate Services to detect fraud, and to otherwise try to protect our Services and our transactions from unauthorized access and use, modification or misappropriation of Personal Data, information and funds. In connection with fraud and security monitoring, prevention, detection and compliance activities for Aurea Via and its Business Users, we receive information from service providers (including credit bureaus), third parties and the Services we provide. We may collect information from and about you, from Business Users, financial parties and, in some cases, third parties. For example, To protect our Services, we may receive information from third parties about IP addresses compromised by malicious parties. This Personal Data (e.g., name, address, phone number, country) helps us confirm identity, conduct credit checks subject to applicable law, and prevent fraud. We may also use the technology to assess the fraud risk associated with an End Customer's or End User's attempted transaction with a Business User or financial partner. country) help us confirm identity, carry out credit checks subject to applicable law and prevent fraud. We may also use the technology to assess the fraud risk associated with an End Customer's or End User's attempted transaction with a Business User or financial partner. country) help us confirm identity, carry out credit checks subject to applicable law and prevent fraud. We may also use the technology to assess the fraud risk associated with an End Customer's or End User's attempted transaction with a Business User or financial partner.

  • Compliance with legal obligations. We use Personal Data to meet our contractual and legal obligations relating to anti-money laundering, Know-Your-Customer (KYC) legislation, counter-terrorism, export controls, bans on doing business with restricted persons or in certain commercial areas and other legal obligations. We are committed to making our Services safe, secure and compliant, and the collection and use of Personal Information is essential to doing so. For example, we may monitor payment transaction patterns and other online signals and use this information to reduce the risk of fraud, money laundering and other harmful activity for Aurea Via, our End Users and their End Customers.

  • Minors. The Services are not intended for children, including children under the age of 13, and we ask them not to provide Personal Data through the Services. In some countries, we may impose higher age limits as required by applicable law. 

c. Sharing of Personal Data. In addition to the ways described above, we share Personal Data in the following ways:

  • Aurea Via Affiliates . We share Personal Data with other Aurea Via affiliated entities. When we share data with these entities, we do so for the purposes identified in this Policy.

  • Service Providers or Data Processors.In order to provide Services to our Business Users and End Users, and to communicate, market and advertise our Services to Visitors, Representatives and End Users, we will rely on the services provided to us by others. Service providers provide a variety of critical services, such as hosting (storage and delivery), analytics to evaluate the speed, accuracy and/or security of our Services, identity verification, customer service, email services and review. We authorize these service providers to use or disclose the Personal Data of our Users that we make available to them to perform services on our behalf and to comply with applicable legal requirements. We require these service providers to contractually commit to protect the security and confidentiality of the Personal Data they process on our behalf. Our service providers are mainly located in the European Union, the United States of America and India. 

  • Financial Partners. “Financial Partners ” are financial institutions we work with to offer the Services (including payment method acquirers, banks and payment service providers). We share Personal Data with certain Financial Partners to provide the Services to Associated Business Users and to offer certain Services in cooperation with our Financial Partners. For example, we share certain Representative Personal Data (such as loan repayment details and contact information) with institutional investors who purchase or provide credit backed by equity loans we make to Associated Business Users.

  • Others, with your Consent . In some cases, we may not provide a service, but instead direct you or allow you to interact with others to obtain services (e.g., the professional services firms we partner with to provide Atlas). In these cases, we will disclose the identity of the third party and the information that will be shared with them and we will ask for the user's consent to share the information.

  • Corporate operations. In the event that we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a reorganization, merger, sale, joint venture, assignment, transfer, change of control or other assignment our business, assets or actions, in whole or in part, we may share Personal Data with third parties in connection with such transaction. Any other entity that buys us or a part of our business will have the right to continue using your Personal Data, but will be subject to the terms of this Policy.

  • Compliance and damage prevention. We share Personal Data as we deem necessary: (i) to comply with applicable law, (ii) to comply with rules imposed by a payment method in relation to its use (e.g. Visa rules); (iii) to enforce our contractual rights; (iv) to protect the Services, rights, privacy, security and property of Aurea Via, you and others, including from other malicious or fraudulent activity and security incidents; and (v) to respond to valid requests for legal process by courts, law enforcement agencies, regulatory agencies and other public and governmental authorities, which may include authorities outside your country of residence.

3. Legal basis for the processing of Personal Data 

For the purposes of the General Data Protection Regulation, we use the following legal bases to process your Personal Data. For more information, see below.

a. Contractual and pre-contractual purposes. We process Personal Data for the purpose of establishing business relationships with prospective Business Users and End Users and in order to fulfill the respective contractual obligations we have with them. Among these activities are:

  • creating and managing Aurea Via accounts and their credentials, including evaluating applications to initiate or expand use of our Services;

  • creating and managing Aurea Via Checkout accounts;

  • accounting, auditing and billing activities; And

  • payment processing, including fraud detection, fraud prevention, optimization of valid transactions, communications relating to their payments and related customer service.

b. Legal obligations. We process Personal Data to verify the identity of our users natural and legal persons in order to comply with the obligations of monitoring, prevention and detection of fraud, the rules relating to the identification and reporting of illegal and illegal activities, such as AML obligations (anti-money laundering) and KYC (Know-Your-Customer) and financial reporting obligations. For example, we may be required to register and verify a User's identity to comply with legislation to prevent money laundering and financial crime. These obligations are imposed on us by law and may require us to report our compliance to third parties and to submit to third-party auditing activities.

c. Legitimate interest. Where permitted by applicable law, we rely on our legitimate interest to process your Personal Data. The following list sets out the purposes for which we have a legitimate interest in processing your data:

  • detect, monitor and prevent fraud and unauthorized payment transactions;

  • mitigate financial losses, claims, liabilities or other damages to End Customers, End Users, Business Users and Aurea Via;

  • establish eligibility to receive and offer new Aurea Via products and services;

  • respond to inquiries, send Service notices, and provide customer support;

  • promote, analyze, modify and improve our Services, systems and tools and develop new products and Services, including their reliability;

  • manage, operate and improve the performance of our Sites and Services by understanding their effectiveness and optimizing our digital assets;

  • analyze and advertise our Services and improvements to them;

  • conduct aggregate analysis and business intelligence activities that enable us to operate, protect, make informed decisions and report on the performance of our business;

  • share Personal Data with third party service providers who provide services on our behalf and with business partners who help us operate and improve our business ;

  • enable network and information security throughout Aurea Via and our Services; And

  • share Personal Data with our affiliates.

d. Consent. We may rely on consent to collect and process Personal Data in regards to how we communicate with you and for the provision of Services such as Links, Atlas and Identities. When we process data on the basis of your consent, you have the right to withdraw your consent at any time without affecting the legitimacy of the processing based on this consent until it is withdrawn.

4. Rights and options exercisable by the user

You may have choices about the collection, use, and disclosure of your Personal Information:

to. Opt out of receiving electronic communications from us

If you would like to stop receiving marketing emails from us, you can opt-out of receiving them via the unsubscribe link included in those emails or as described in this Policy. We will try to comply with your requests as soon as reasonably practicable. Please note that if you opt-out of receiving marketing emails from us, (i) we reserve the right to communicate with you about services we have received (for example, support and important legal notices ) and (ii) our Business Users may still send you messages and/or may instruct us to send you messages on their behalf.

b. Your Data Protection Rights

Depending on where you are located and in light of applicable law, you may have the following rights described here in relation to the Personal Data we process about you:

  • The right to request confirmation that Aurea Via processes Personal Data about you and, if so, to request a copy of that Personal Data;

  • The right to request that Aurea Via amend or update any of your Personal Data that is inaccurate, incomplete, or outdated;

  • the right to request that Aurea Via delete your Personal Data in certain circumstances provided by law;

  • The right to request Aurea Via to limit the use of your Personal Data in certain circumstances, such as while Aurea Via is considering another request submitted by you (including a request to update your Personal Data);

  • The right to request us to export your Personal Data we hold about you to another company, where technically feasible;

  • Where the processing of Personal Data is based on consent previously given by the user, the latter has the right to withdraw consent at any time; and/or

  • Where we process your information based on our legitimate interests, you may also have the right to object to the processing of your Personal Data. Unless we have compelling legitimate grounds to carry out the processing or the processing is not required by law, we will stop processing your information as soon as you object to it.

  • The right not to be discriminated against for exercising these rights; and/or

  • The right to appeal any of Aurea Via's decisions relating to these rights.

You may have additional rights with respect to your Personal Data under applicable law. For example, see the California Jurisdiction Specific Provisions section.

c. Procedure for exercising your data protection rights

To exercise your data protection rights, you can also consult the Aurea Via Privacy Center or contact us as described below.

5. Security and conservation

We make all reasonable efforts to ensure a level of security appropriate to the risk associated with the processing of your Personal Data. We implement organizational, technical and administrative measures designed to protect the Personal Data covered by this Policy from unauthorized access, destruction, loss, alteration or misuse. Unfortunately it is not possible to guarantee the total security of any data transmission or storage system. 

To help us protect your Personal Data, if you have an account with Aurea Via, we encourage you to use a strong password, protect it from unauthorized use, and do not use the same login credentials (for example, your password) for your Aurea Via accounts as well as other services or accounts. If you have reason to believe that your interactions with us are no longer secure (e.g., if you believe the security of your Aurea Via account has been compromised), please notify us immediately. 

We retain your Personal Data for as long as we provide the Services to you or our Business Users (as applicable) or for as long as we reasonably expect to provide the Services. We will retain your Personal Data in order to comply with our legal and regulatory obligations even after we cease to provide the Services directly to you or to a Business User with whom you are doing business, including if you close your Aurea Via account or complete a transaction with a Business User. 

We may also keep data for:

  • comply with our legal and regulatory obligations;

  • enable monitoring, detection and prevention of fraud and losses; 

  • comply with our tax, accounting and financial reporting obligations;

  • where we are required to retain data under contractual commitments we have made to our financial partners (and where retention is mandated by your payment methods). 

Where we retain Personal Data, we do so in accordance with the limitation periods and document retention obligations imposed by applicable law. 

6. International Data Transfers

We are a global company. We may transfer your Personal Data to countries other than yourself, including the United States. These countries may have different data protection rules than your country. When we transfer data across borders, we take steps to comply with applicable data protection laws relating to such transfer. In certain situations, we may be required to disclose Personal Data in response to lawful requests by officials (such as law enforcement or security authorities). 

If you are located in the European Economic Area (“EEA”), the United Kingdom or Switzerland, please consult the Aurea Via Privacy Center for more information. Where applicable law requires a data transfer mechanism, we use one or more of the following tools: 

  • Transfers to certain countries or recipients that are recognized as having an adequate level of protection for Personal Data under applicable law.

  • EU Standard Contractual Clauses approved by the European Commission and the UK's International Data Transfer Addendum issued by the Information Commissioner's Office. You can obtain a copy of the relevant standard contractual clauses. 

  • Or other legal methods available to us under applicable law.

While Aurea Via Inc. continues to be self-certified under the EU-US Privacy Shield and the Swiss-US Privacy Shield, it does not currently rely on the Privacy Shield for the transfer of Personal Data to the United States.

7. Updates and Notifications

We may change this Policy from time to time to reflect new services and changes to our privacy practices or applicable law. “Last Updated” at the top of this Policy indicates the date of the last revision. Any changes will be effective when we post the revised Policy on the Services or otherwise provide notice of the update as required by law.

We may provide you with notices and notices regarding the Notice or Personal Data we collect by posting such notices on our website and, for End Users and Representatives, by contacting them on their Aurea Via Dashboard, at email and/or at physical address listed in their Aurea Via account.

8. Jurisdiction-Specific Provisions

  • Australia. If you are an Australian resident and are dissatisfied with our handling of any complaints you raise under this Policy, you can contact the Office of the Australian Information Commissioner.

  • Brazil. To exercise your rights, you can contact our DPO. Residents of Brazil to whom the Lei Geral de Proteção de Dados Pessoais ("LGPD") applies enjoy the rights under Article 18 of the LGPD.

  • Canada. As used in this Policy, the term "governing law" includes the Federal Personal Information and Electronic Document Protection Act (PIPEDA) and the term "personal data" includes "personal information" as defined by PIPEDA.

  • EEA and UK. To exercise your rights, you can contact our Data Protection Officer (DPO). If you are located in the EEA or if we have designated Aurea Via Payments Europe Limited as a data controller and you believe that our processing of your information is not in line with the General Data Protection Regulation (GDPR), you can escalate questions and complaints to the Office of the Data Protection Commission. If you are a UK resident, please contact the UK Information Commissioner's Office if you have any questions or concerns. Where Personal Data is used for regulated financial activities in Europe, Aurea Via Payments Europe Limited and Aurea Via's local regulated entities (defined as those authorized, licensed or registered by a local Regulatory Authority) are considered joint controllers. 

  • India. If you have any questions or complaints regarding the processing of your Personal Data in India, please contact our Nodal Officer and Grievance Officer here. To know more.

  • Indonesian. As used in this Information, the term "applicable legislation" indicates the Law n. 11 of 2008, amended by Law no. 19 of 2016 on Electronic Information and Transactions, Government Regulation no. 71 of 2019 on the implementation of electronic systems and transactions and the Regulation of the Ministry of Communication and Information Technology n. 20 of 2016 on the protection of personal data in electronic systems; the wording "Personal Data" indicates "personal data" as defined in accordance with this legislation.

  • Japan. When we transfer your Personal Data in Japan to jurisdictions that are not recognized as "adequate" by the Personal Data Protection Commission, we enter into written agreements with any third parties located outside of Japan. These written agreements provide rights and obligations equivalent to those under Japanese data protection law. For more information on how we ensure that third parties protect your information and where your information is located, please review the above or contact us as described below. For a description of foreign regulatory systems and frameworks that may affect the implementation of equivalent measures by third parties, see here.

  • Malaysia. If you have any questions or complaints about this Policy, please contact our Data Protection Officer (DPO).

  • Switzerland. For the purposes of this Policy, "applicable law" means the Swiss Federal Data Protection Act (FADP), in its current version. To exercise your rights under the FADP, please contact our DPO.

  • Thailand. If we process your Personal Data due to a legal obligation or to perform a contract and you fail to provide us with your Personal Data, we may not be able to lawfully provide you with services.

  • USA - California. If you are a consumer located in California, we process your personal information in accordance with the California Consumer Privacy Act (CCPA).  Aurea Via uses cookies, including advertising cookies, as described in our Cookie Policy.

    • Rights and Choices. As a California consumer and subject to certain limitations under the CCPA, you have choices about our use and disclosure of your personal information (learn more about the data subject rights metric). In addition to the above rights (see here), please note additional California-specific rights:

      • exercise of the right to be informed: you can ask to be informed by us what personal information we have collected about you. You also have the right to request more information about the categories of your personal information that we collect, sell, disclose, or share; about the purposes for which this personal information was collected, sold or shared; about the categories of sources of your personal information and the categories of third parties to whom we have disclosed or shared that personal information;

      • Exercising Your Right Not to Be Involved in a Sale: We do not sell “Personal Information” as defined by the CCPA and have not done so in the past 12 months.

      • Exercise the right to restrict the use or sharing of Sensitive Personal Information: We do not sell or share Sensitive Personal Information as defined by the CCPA and have not done so in the past 12 months. 

      • Right to opt-out of cross-behavioral advertising sharing. 

      • To make a request to exercise any of the rights described above, please contact us using the methods described in the Contact Us section below. We will verify your request by asking you to send it from the email address associated with your account or by asking you to provide information necessary to verify your identity, including your name, address, transaction history, photo identification and other information associated with the account.

      • You may designate, in writing or by power of attorney, an authorized agent to file requests on your behalf to exercise your rights under the CCPA. The agent can make a claim on your behalf by contacting us using the methods described in the Contact Us section below. However, we may require you to verify your identity directly and to confirm that you have given the authorized agent permission to make the request.

      • Do Not Track and signals. Learn more about how we comply with "Do Not Track" signals and other signals.

9. Contacts

If you have any questions or complaints about this Policy, please contact us. If you are an End Customer (i.e. an individual engaging in business or transacting with a Business User), please refer to Aurea Via's Privacy Statement for Business Users for information regarding their privacy practices, choices, and controls latter, or you are encouraged to contact the Corporate User directly.

 

__________________________________________________________________________________

 

10. below you will find “Cookies Policy”

1. What are cookies?

Cookies are small text files stored in the browser directory of a computer. They allow site providers to analyze the use of the site by users, to memorize a User's access data and the preferences set on the sites.

2. Does Aurea Via use cookies?

Yes. Aurea Via uses cookies in accordance with the Privacy Policy to:

  • ensure that the Services function properly,

  • detect and prevent fraud,

  • understand how visitors use the site and how users interact with the site,

  • analyze and improve the Services.

3. Who sets cookies when I use the Aurea Via Site?

Two main types of cookies can be set:

  • First-party cookies, placed and read by Aurea Via directly when you use the Aurea Via Services.

  • Third-party cookies, not set by Aurea Via, but by other companies, for example Google, for site analysis purposes. Further details on managing these cookies are available below .

4. How Aurea Via uses cookies

Cookies play an important role because they allow Aurea Via to offer effective and safe Services. Below is a description of the most commonly used cookies and their purposes. Each section references Aurea Via's Cookie Settings Dashboard , which includes more information about each cookie and the options you can select from.

For Aurea Via-affiliated sites, you can find out more about cookies by visiting those sites directly.

Essential Cookies

Some cookies are essential for the functioning of the Site and the Services as they make them usable and secure by enabling basic functions, for example navigation on the Site and access to secure areas of the Site itself. Aurea Via uses these cookies in a variety of ways, including:

  • Authentication. To store user login information, so as to avoid having to log in while browsing the Site and Dashboard.

  • Fraud prevention and detection. The cookies and similar technologies used on the Site allow Aurea Via to acquire information on the computers and web browsers used to access the Services. This information allows you to monitor and detect potentially harmful or illegal uses of the Services. For example, to process payment transactions for Users, it is necessary for Aurea Via to collect transaction and Customer information. To secure transactions and minimize fraud, Aurea Via collects additional information through the use of cookies and other technologies that help identify potential criminals and prevent them from executing fraudulent transactions. Customers may consult the User sites for more information on Aurea Via's use of cookies for anti-fraud purposes.

  • Security. To protect user data from unauthorized access.

  • Functionality. To ensure the correct functionality of the Site and the Services, for example the display of information relevant to the selected location.

For more information, see the Authentication , Fraud Prevention , Security and Features sections on Aurea Via's Cookie Settings Dashboard . For Aurea Via-affiliated sites, you can find out more about cookies by visiting those sites directly.

Preference cookies

Preference cookies are used by Aurea Via to store user preferences and recognize them when they reuse the Services.

For more information, see the Preferences section on Aurea Via's Cookie Settings Dashboard . For Aurea Via-affiliated sites, you can find out more about cookies by visiting those sites directly.

Analysis cookies

Analytics cookies allow Aurea Via to understand how users interact with the Services. Aurea Via uses these cookies in a variety of ways, including:

  • Site services and features . To store your preferences for using the Services so you don't have to reconfigure your settings each time you log in to your account.

  • Analysis and improvement of services . To improve the functionality of the Site and the provision of Services for users. Cookies allow to analyze the way in which people reach the Site and the sites of the Users. They suggest any necessary improvements or advancements to be made to the Site and Services.

  • Pixel tags (also known as web beacons and clear GIFs) . They can be used in connection with some Services, for example to monitor Users' actions (such as email recipients), measure the success of Aurea Via's marketing campaigns and compile statistics on the use of the Services and response rates.

  • Third Party Analytics. Through Google Analytics, to collect and analyze information on the use of the Services and report activities and trends. The service may also collect information about the use of other sites, apps and online resources. Consult the Google website to learn about Google's practices. Further details on managing these cookies are available below.

For more information, see the Analytics section on Aurea Via's Cookie Settings Dashboard . For Aurea Via-affiliated sites, you can find out more about cookies by visiting those sites directly.

Advertising Cookies

Aurea Via and its service providers use cookies and similar technologies on Aurea Via.com to personalize Aurea Via ads with targeted advertising tools for the Aurea Via Services on other sites you visit and to measure interactions with those ads.

For more information, see the Advertisers section of the Aurea Via Cookie Settings Dashboard . For Aurea Via-affiliated sites, you can find out more about cookies by visiting those sites directly.

5. Can I disable cookies?

Yes. You can disable cookies through our Cookie Settings dashboard , except for those cookies that are necessary to provide you with our Services. For Aurea Via-affiliated sites, you can find out more about cookies by visiting those sites directly. Your web browser should allow you to manage your cookie preferences and delete or disable Aurea Via cookies. Consult your web browser's help or visit the links below to learn about the available options. If you choose to disable cookies, some features of the Site or the Services may not work as expected.