SIBS API MARKET
PRIVACY AND DATA PROTECTION POLICY
Who are we?
With more than three decades of existence, SIBS provides to more than 300 million users the most modern, reliable and safe financial services, namely in the payment area. A reference in Business Process Outsourcing and in card production and customization, SIBS is one of the largest payment processor in Europe and Africa, with more than three billion financial operations reaching more than 4,5 billion euros per year. Some of the most known brands among the consumers are MULTIBANCO, MB WAY and MB NET. With these services, the user can pay, withdrawal money without card, purchase in physical stores or online, with card or cell phone, execute bank transfers and instant payments, pay utility bills, check balance, recharge the cell phone or the public transportation pass.
With a history of success, marked by innovation and efficiency, SIBS remains focused on its growth and on providing services that ease the daily routine of people and companies.
SIBS considers that Data Protection, and the associated Privacy of personal information, is a matter of great importance. As part of its social responsibility and law enforcement, SIBS is committed to the respect for the principles and rules concerning the protection of its clients and users data, final recipients of the services provided.
The General Data Protection Regulation (hereinafter “GDPR”) intends to contribute to the strengthening of a space of liberty, security, justice and people well-being, wherefore guaranteeing the personal data protection is the basis of the economic activity and of SIBS reputation as a credible and reliable company.
The current privacy and data protection policy (hereinafter “Privacy and Data Protection Policy”) applies to all personal data the user provides to SIBS in its websites and was elaborated according to the GDPR.
As there is the need to standardize the data protection policy in the European Space countries, the GDPR presents a set of rights for the personal data holders and data processing obligations imposed to the people in charge for Processing and their subcontractors.
Who is in charge of data processing?
For the purpose of the Data Protection Policy, “User” is any individual who interacts with SIBS through its websites. Before the presentation and processing of the users’ personal data, SIBS requests the User to give express, informed and unambiguous consent about this Policy. The goal of this SIBS Privacy Policy is to be transparent when giving information about the personal data processing and to protect the data any User inserts in websites operated by SIBS.
What use will SIBS give to your data?
PROVIDE THE SERVICE
SIBS processes all personal data provided by the User through online forms made available in its websites, with the following purposes:
- Provide customer attendance and support to the User;
- Any other question related with Service provision and its improvements.
CHECK YOUR OPINION ABOUT SIBS
Your opinion is very important to SIBS. Your opinion about SIBS or about its products and services, your interest and concern, are an important evaluation tool of our performance. That is why SIBS provides contact forms, to have your feedback about our products and services.
However, your opinion and the personal data provided will always be given freely and willingly.
What is the justification for the processing of your data?
The processing of personal data is only allowed when at least one of the following situations occurs:
- The data holder consented the processing of his personal data for one or more specific purposes;
- The data processing is necessary for entering into a contract, in which the data holder is one of the parties or for pre-contractual proceedings, at the request of the data holder;
- The data processing is necessary to comply with a legal obligation, to which the person in charge for the processing is subject to;
- The data processing is necessary for the defense of the essential interests of the data holder or another individual;
- The data processing is necessary for the exercise of public interest functions or to the exercise of official authority by the person in charge of the processing;
- The data processing is necessary for the legitimate interests pursued by the person in charge for the processing, or by third parties, except if the interests, rights and fundamental freedoms of the holder prevail and demand the protection of the personal data, especially if the holder is a child.
At the moment of the online registration in the website or in applications/digital platforms, SIBS can gather and process personal data indispensable for the registration and access to the User personal area.
If a User decides to benefit from one of SIBS products or services, the latter will gather and process the necessary data to manage the purchase process (among which, name, last name, VAT number, address, etc.). The User acknowledges and accepts that not filling in some personal data will prevent SIBS from providing all services linked to that data.
At no time can SIBS give away, exploit or use your personal data for a purpose different from the one expressly defined.
For how long do we keep your personal data?
SIBS processes its Users personal data for as long as the relationship endures and for a period after it ends; the data will not be kept longer than necessary, for the defined purposes, without prejudice of the time SIBS considers necessary for the elaboration, exercise or defense of possible legal interests of SIBS, or due to statutory requirement.
Who has access to your personal data?
In order to provide attendance and support to the User of our websites, we may need to share your personal data with other entities of the SIBS group, which must treat personal data in accordance with this Privacy Policy and in strict compliance with the applicable law in terms of data protection.
What are your rights?
SIBS informs the User about all his legal rights, such as access, correction, objection, transferability and processing restriction. The User is also informed about the possibility of refusing the automatic processing of the data gathered by SIBS.
Those rights can be freely exercised by the User or by his legitimate representative, through written request, signed and addressed to:
SIBS
A/C DPO (Data Protection Officer)
Rua Soeiro Pereira Gomes, lote 1, 1649 – 031 Lisbon
Besides all the previously mentioned rights, the User has the right to revoke the consent given at any time; however, that revocation of consent does not affect the lawfulness of the data processing that occurred before the consent revocation.
SIBS reminds the User that he has the right to file an appeal before the Comissão Nacional de Proteção de Dados (National Data Protection Authority).
How to revoke the consent to marketing communications?
The User has the right to revoke, at any time, the consent given to our websites through a simple notification to SIBS.
Which are the security measures implemented?
SIBS is committed to its duty of data confidentiality and storage and of adopting the necessary measures to avoid change, loss, non-authorized processing or access, according to what was established in the GDPR.
SIBS implemented the technical and organizational security measures that are necessary to guarantee the security of your personal data and avoid its modification, loss and non-authorized processing and/or access, given the technology status, the nature of the stored data and the risks it is subject to, whether caused by human action or by the physical or natural environment, according to what was established in the GDPR.
SIBS is an entity committed to privacy and information confidentiality and integrity in its organization, always guaranteeing process supervision, control and evaluation to assure the respect for privacy and the information security.
SIBS reserves the right to block, restrict access or change access conditions for justified security reasons, related to the User, that put at risk the reputation and reliability of SIBS web pages.
Cookies Usage
SIBS websites, may use cookies and other technologies, like pixel tags and web beacons. These technologies help us know how the user behaves so that we can provide him a good experience when navigating in our web pages; it also allows improving our web pages, as well as measuring and contributing for the effectiveness of the advertising campaigns and internet searches. The information gathered through cookies and other technologies is processed as non-personal. However, whenever the Internet Protocol addresses or similar identifiers are considered as personal information by the legislation in force, SIBS will process those identifiers as personal information.
Data Protection Policy Alteration
SIBS may alter its Data Protection Policy, according to applicable legislation at any given moment. In any case, every alteration to the Data Protection Policy will be duly notified to the User so that he is informed about the alterations and, if the applicable legislation thus demands it, so that he can freely grant his consent.
Lisboa, 25/2/2019