Privacy Policy

The Electronic Money Issuer ApS "More 2 Save" (hereinafter referred to as the "EMI"), in the processing of personal data, undertakes to protect the privacy of personal data. The processing of personal data by the EMI is subject to the European Union General Data Protection Regulation (GDPR) and relevant national laws and regulations. This Privacy Policy describes a general way in which we collect, share and protect personal information. Additional information about the processing of personal data is included in the contracts and other documents related to the provision of the Services, including our Data Retention Policy.

Terms and Abbreviations

Controller The Personal Data Controller is a structural unit of ApS "More 2 Save", to which the Client submits his/her personal data on the basis of contractual or pre-contractual relations, or Services of which are intended to be used by the Client (or the legal entity or establishment of which you are the beneficial owner).

Client A natural person who has used or has expressed an intention to use the Service.

GDPR Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (General Data Protection Regulation)

Electronic Money Institution Electronic Money Institution – ApS "More 2 Save", CVR No. 34471649

Personal data Any information that directly or indirectly relates to an identified or identifiable Client or other natural person whose data is processed in accordance with this Privacy Policy and the applicable laws and regulations (for example, the beneficial owner of the client that is a legal entity).

Processing Any activity performed with Personal Data (including collecting, recording, storing, making changes, providing access, requesting, transferring, etc.)

Service Any service provided by ApS "More 2 Save".

1. General Information

1.1          This Privacy Policy applies in cases when the Client is using, has used or has expressed intention or interest in using the services of the EMI. It also applies in cases where the Client is indirectly connected with a Service. It also applies to cases where relations have been established before the entry into force of this Privacy Policy, as well as if the Client has provided and/or the EMI obtains Client’s Personal Data.

2. Data Processing

2.1          The exact amount of Personal Data to be processed depends on the type of Service and the relationship with the EMI.

2.2          The main activity of the EMI is related to the provision of financial products and Services.

2.3          It includes accounts and payment services and electronic banking services.

2.4          The EMI processes the Client’s Personal Data to provide and improve these Services.

2.5          Furthermore, the EMI also processes personal data of its corporate, private clients and representatives of the suppliers.

2.6          Personal data collected and processed by the EMI include the following information:

• Identity data such as name, surname, second name, personal identification number (national identification number, customer identification number, employee code, internet bank identifier), date of birth, tax identification number, country of birth, sex, citizenship, passport details, photograph;
• Contact information, such as residential address or address for communication, correspondence address, telephone number (e.g. fixed and mobile number), email address, communication language;
• Digital identification data, such as internet bank identifier, mobile bank identifier, social media or Skype person identifier;
• Financial data, such as monthly salary and other regular or occasional income, financial liabilities, source of income (funds), information on transactions, properties, debts, bank accounts, card details, credit history data;
• Professional (employment) data, such as employer / former employer data, occupation, work experience, education, professional certificates;
• Family information such as marital status, dependents and / or family members;
• Location information (transaction location, IP address, login location), login to the Internet;
• Specific category data, such as criminal record, legal capacity (in special cases);
• other data:
  • Data on participation in companies and other forms of legal establishments, data on managers and other persons having a decisive influence, or representatives of companies using or planning to use the Services as well as their actual beneficiaries, information and contact information on business representatives who use or intend to use the Services;
  • Court proceedings (type);
  • Details of correspondence (type, date, identifier);
  • risk profile and classification (type of risk, risk category);
  • voice recordings such as telephone or Skype voice calls or other internet-based voice calls.

2.7          The EMI does not process sensitive data relating to the health, ethnic origin, religion beliefs or political opinions of the Client except in the cases specified by law or in special cases where, for example, you disclose these data through the Services (for example, by specifying in the payment information).

2.8          The EMI collects data about your children only if they use the EMI 's Services or the Client provides the EMI with such information about his/her children in relation to the Service used.

3. Data Collection Process

3.1          Basically, the EMI obtains Personal Data directly from the person to whom the data relates. For example, if the Client:

• applies for receiving the Services (for example, opening an account);
• uses the Services of the EMI;
• contacts the EMI (for example, by visiting the EMI’s website or internet bank), fills out forms on the EMI’s websites or for some other reason provides the EMI with his/her contact details;
• visits the EMI’s websites through online banking or phone app.

3.2          In some cases, the EMI obtains Personal Data from persons other than the data subject. For example, when a parent applies for a service related to a child or legal entities apply for services relating to their employees. In such cases, the EMI requires the data subjects to be informed of the disclosure of their Personal Data to the EMI, and also for the purposes of processing such Personal Data. In addition, in cases where the Client provides information on other data subjects, the EMI requests that such data subjects be familiarized with the EMI’s Privacy Policy.

3.3          Personal data may also be provided to the EMI by third parties at the request of a potential client. For example, real estate brokers or car dealers can send personal data of the subject to the EMI at the Client’s request.

3.4          The EMI may also receive Personal Data by signing different contracts in which the Client may not be the other Contracting Party or a representative of a Contracting Party.

3.5          Within the EMI, all structural units of the EMI have access to Personal Data disclosed to the EMI, in so far as such access is necessary for administrative purposes or in the legitimate interest of the EMI.

3.6          The EMI obtains Client’s Personal Data from other external sources, such as credit history research (credit information) offices, public and private registers, other enterprises and public authorities if this is in the legitimate interest of the EMI or in the cases specified in the applicable law (for example, to investigate suspicious transactions).

4. Use of Cookies

4.1          The EMI uses cookies, which are small text files stored on a computer, smartphone, or other device to improve site functionality and user experience. The EMI 's Cookie Policy is available here:

5. Need for Collection and Processing of Data

5.1         Personal data will be required by the EMI regardless of the Service chosen by the Client, for example the identification data or contact information of the Client, choice of communication language, etc. However, due to their nature, some Services will require additional information.

5.2         Most of the data will be requested and received from the Client by the EMI, but certain information will be received by the EMI from other sources. Information about the Client’s obligations will be received by the EMI from credit registers and other similar public sources.

5.3         Financial services involve various risks and the EMI is responsible for managing these risks in order to ensure entrepreneurial sustainability as well as protection of depositors and the public interest. The EMI shall analyze data already held by the EMI. In addition, the EMI may obtain updated information from credit registers and other similar public sources.

6. Fulfilment of Legal Requirements

6.1          In order for the EMI to provide the Services to the Client, the EMI has to comply with many terms. The EMI needs to collect specific identification information and, in certain cases, the EMI needs to collect additional personal information. For example, in order to comply with the requirements for the prevention of money laundering, the EMI should know, for example, the source of the Client’s income, or whether the Client is a politically exposed person or whether the Client is related to such person, as well as the Client's tax residence country. Most of this information is collected by the EMI on the so-called Know Your Customer forms. The EMI is obliged to obtain the Client’s Personal Data even if the subject is not a Client of the EMI but is the actual beneficiary or owner of a legal entity (for example, an enterprise) which is the Client of the EMI.

6.2          The EMI is responsible for monitoring the transactions of the Client and analysing whether they differ from the information provided previously and, if necessary, requesting additional information (for example, a contract or other document proving an unexpected source of income).

6.3          The EMI is required to report to public authorities, such as the State Revenue Service, social security institutions, central bank or other financial sector supervisory bodies. The data contained in the EMI's report will depend on the requirements of the regulatory enactments to be fulfilled.

7. Ensuring of security

7.1          In order to minimize the risk of use of financial services for criminal activities, the EMI processes data, monitors transactions and ensures the security of the EMI’s IT systems.

8. Advertising and Direct Marketing

8.1          The EMI’s advertising and direct marketing communications are sent to Clients who have agreed to receive direct marketing and promotional offers from the EMI. Such Clients receive offers and direct marketing communications of the EMI through selected communication channels. The EMI may offer its Services to existing Clients on the basis of legitimate interests.

8.2          The Clients may give their consent to receive advertising and direct marketing communications by signing a direct marketing consent form or requesting direct marketing communications under a signed contract. Clients who are already receiving direct marketing communications from the EMI will continue to receive such communications also after the entry into force of the GDPR.

8.3          The Clients shall have the right to oppose the processing of their Personal Data for direct marketing purposes free of charge at any time. In order to exercise this right, you need to contact the structural unit of the EMI, from which you do not want to receive direct marketing materials. The Clients may opt out of the EMI’s offer as well as any other promotional or direct marketing communications by using the link provided in the e-mail message or by following other instructions provided in the direct marketing communication.

9. Personal Data Sharing and Protection

9.1          The Clients’ Personal Data within the EMI can be accessed only by those persons who are authorized to do so, as well as the Clients’ Personal Data can be accessed by third parties engaged by the Paying Authority as well as other persons to whom such access is permitted or authorized by regulatory enactments. If the Processing of Personal Data is performed by a third party on behalf of the EMI, the EMI shall only attract third parties who provide sufficient guarantees for the implementation of the technical and organizational measures, so that the Processing complies with the requirements of the GDPR and the applicable law, and ensure the protection of the Clients’ rights.

9.2          Processing operations performed by processors (third parties) are always governed by the Privacy and Data Processing Agreement or other special conditions agreed upon between the EMI and such processor.

9.3          The nature of the Services offered by the EMI determines the need to share the Clients’ Personal Data in order to ensure the day-to-day operations of the EMI - to process transactions, maintain client accounts and provide reports to public authorities.

9.4          The EMI may disclose the Clients’ Personal Data:

• Structural units of the EMI (for administrative and marketing purposes);
• Co-operation partners of the EMI, with whom the EMI offers the co-branded products and Services together (to provide such Services and products, as well as for marketing and advertising of such products);
• Public authorities and other entities fulfilling their statutory functions;
• Certified auditors, legal and financial advisers;
• Personal Data processors hired by the EMI tion, who provide support to the EMI for the provision of the Services;
• Credit institutions and financial institutions;
• Managers of public registers;
• Debt collection companies to which the EMI can assign its rights and obligations.

9.5          In certain cases, data may be transmitted outside the EU/EEA, for example, where the Personal Data processor contracted by the EMI is located outside the EU/EEA and the transfer of such data is necessary for the provision of the Service or at the request of the Client. Data may be transmitted outside the EU/EEA only if the EMI provides the appropriate protective measures as requested by the GDPR and there is a legal basis for such transmission.

9.6          In order to protect the Clients’ Personal Data from unauthorized access, illegal Processing or disclosure, accidental loss, modification or destruction, the EMI shall take appropriate steps to comply with the applicable law. Such measures include technical measures such as the selection and configuration of appropriate computer systems, the security of the relevant connections, the protection of data and files, and organizational measures such as limiting access to such systems, files and objects.

10. Rights of the Clients Regarding Processing of Personal Data

7.1         The EMI shall ensure that Personal Data Processing is fair and transparent and all rights of the person deriving from the applicable law are always enforceable. Each Client of the EMI shall have:

• the right to access his/her Personal Data processed by the EMI. At the request of the Client, the EMI:
  • confirms whether the Personal Data relating to the Client is being processed and provides information on the Processing purposes, the Personal Data categories and the Personal Data recipients or categories of recipients to whom the Personal Data has been disclosed;
  • informs the Client on the Personal Data being processed and available information on the sources thereof;
  • provides information on the logic of automated processing of Personal Data in the case of automated decisions.
• the right to request corrections in inaccurate Personal Data;
• if the Processing of Personal Data is based on consent, the Client has the right at any time to withdraw such consent, without prejudice the lawfulness of the processing done on the basis of consent prior to the withdrawal of consent;
• the right to receive Processed Personal Data in a structured, widely used and machine-readable format, as well as in certain circumstances, the right to transmit Personal Data to another Controller;
• in certain circumstances, the Client shall have the right to request the deletion of his Personal Data or the limitation of Processing thereof;
• the right to object to the Processing of Personal Data for certain purposes and in certain circumstances;
• The Client shall also have the right to file a complaint with the supervisory authority – Danish Data Protection Agency(Datatilsynet).

11. Period of Retention of Personal Data

11.1          Personal data shall be retained in accordance with the applicable law and no longer than necessary. The personal data retention period is determined by the EMI, and it depends on the relevant Contract and the basis of the Personal Data Processing. To obtain more information on the retention period and the principles under which the Paying Authority determines the retention time of the Personal Data stored, it is necessary to contact the responsible department of the EMI.

12. Profiling and Automated Decision Making

12.1          Profiling is segmentation of Clients, evaluating personal aspects of a natural person in order to apply an appropriate service model, tailor made marketing offers or risk assessment for the purpose of preventing money laundering.

12.2          The EMI uses profiling to prepare an analysis for advising the Client, direct marketing purposes, automated decision making, risk management, and transaction tracking for fraud prevention purposes. The EMI carries out profiling based on the following legal grounds:

• fulfilment of legal obligations. The EMI may process Personal Data and evaluate personal aspects if the EMI is required to carry out a risk assessment for the purpose of preventing money laundering;
• Client’s consent or, in limited cases, also legitimate interests. The EMI may perform profiling for the assessment of the Client’s needs, for the establishment of its Services, more appropriate and timely provision of Service offers.

12.3          The EMI may make decision regarding a Client solely on the basis of automated processing of Personal Data.

12.4          In this case, the Client shall have the right to choose that no decisions are made in respect of him/her based solely on the automated processing of Personal Data, including profiling. The Client may exercise such right if, on the basis of an automated decision, the EMI has refused to conclude an agreement or to provide the Services. At your request, the EMI will review an automated decision.

13. Final Provisions

13.1          This Privacy Policy is not a legally binding agreement between the EMI and the Client; this document is the Personal Data Protection Guidelines of the EMI. The EMI shall have the right to change this Privacy Policy. As a result of such changes, the EMI will not diminish the rights of the Clients. In the event of a substantial change and if the EMI will consider it binding, the Clients will be notified of the changes no later than 1 (one) month before the changes come into force, using the EMI’s website, postal services, e-mail, Internet Banking reports or otherwise. The Privacy Policy is also available upon request at the customer service centres.