Privacy Policy

 

At OnApproval, we are committed not only to your data privacy, rights and security but also to company transparency. As guardians of some of your personal and financial data, we take this very seriously. With this in mind, we want you to know how we collect and use your personal data.

1

Protecting Your Personal Information

Unless disclosure is required by rare circumstances, we work hard to keep your personal information private.

2

Safekeeping Your Personal Information

There is no way to eliminate all risk, but we are dedicated to keeping your personal information safe.

3

Real-time Transparency and Personal Privacy are Compatible

Our real-time public transparency and proof of solvency do not reveal your personal information.

OnApproval PRIVACY & DATA POLICY

OnApproval Privacy Statement

Last updated on August 17, 2018

Our Privacy Statement

This Privacy Statement describes how OnApproval collects, uses, and shares your Personal Information that we receive from you when you visit our website or app or which we otherwise receive or collect from you in the course of, or in connection with, with the provision of our products and services and our business operations. It answers the following questions:

  • How do we collect information about you?

  • What Personal Information do we collect?

  • How do we use your Personal Information?

  • How do we keep your Personal Information safe?

  • How do we share your Personal Information?

  • Do we transfer data outside of the European Union?

  • What are your legal data privacy rights?

  • How long do we retain your Personal Information?

  • How do we protect children’s privacy?

  • How do we use your data to communicate and market to you?

  • How do we make changes to this privacy statement?

  • Where does this privacy statement apply?

  • Who can you contact if you have further questions or requests about your privacy?

But first… a general legal note

OnApproval, Inc. is made up of different legal entities, including OnApproval, Inc., OnApproval Holdings LLC, and other affiliates. This privacy statement is issued on behalf of the OnApproval Group so when we mention “OnApproval,” "we," "us" or "our" in this privacy statement, we are referring to the relevant company in the OnApproval Group responsible for processing your Personal Information.

It is important that you read this Privacy Statement together with any other privacy statement or fair processing notice we may provide on specific occasions when we are collecting or processing Personal Information about you so that you are fully aware of how and why we are using your data. This Privacy Statement supplements the other notices and is not intended to override them.

How do we collect Personal Information about you?

We collect information from and about you when you register with us or use our products, services or apps (our “Service”) or use our website or software applications, or access or use third-party services that use our Application Programming Interface (“API”).

  • When registering with us as a customer, we ask you for detailed information, which we will use to verify your identity and protect against fraud, among other reasons discussed below.

  • We gather Personal Information at other times when managing your OnApproval account, such as from surveys, during support or customer care or during investigations.

  • We automatically collect information sent to us by your computer, mobile phone or other device to improve your experience.

  • When you use a location-enabled device with our Service, we may collect geographical location data or use various means to determine your location, such as sensor data from your device that may, for instance, provide data on nearby cell towers and Wi-Fi access spots.

As you interact with our website or software applications, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this information by using cookies, server logs and other similar technologies. Cookies are small data files stored on your hard drive by a website. Cookies help us make our website and Service and your use of them better by allowing us to recognize your browser and capture and remember certain information. Please see our Cookie Policy for additional information. You can also adjust your browser settings to disable cookies, but it may affect your ability to use the Service and our website.

We may receive data from third parties about you. This may include technical data from analytics and advertising partners like Google, from identity verification providers, as well as from other financial institutions.

What Personal Information do we collect?

OnApproval only collects Personal Information we need in order to offer and support our Service and meet our legal and regulatory obligations, which may vary depending on our relationship with you.

Here is an overview the Personal Information we collect from or about you:

  • Identity verification data: To verify your identity, we collect your name, address, phone, email, and other similar information. We may require you to provide additional Personal Information to verify your identity, including your date of birth, taxpayer or government identification number, or a copy of your government-issued identification. We may obtain information from affiliated and non-affiliated third parties, such as credit bureaus, identity verification services and other screening services to verify that you are eligible to use our Services, and will associate that information with the information we collected from you.

  • Account activity data: We collect information about your transactions, payments from or to you, and your other activities on our site or Service and other details of products and services you have purchased from us.

  • Application use data: We may collect data on your interaction and use our Service. This includes visits to our website, sign-up activity, your bank account, credit card and other payment details to enable you to enter into transactions on the Service, and additional information you may disclose to our member support team in order to resolve problems you report.

  • Your device data: We collect and process internet your protocol (IP) addresses, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website or any of our software applications.

  • Marketing data: We collect and process your preferences in receiving marketing from us, your email address and where you may have seen OnApproval advertisements.

  • Your social media information: You may choose to provide us with access to certain Personal Information stored by third parties such as social media sites (like Facebook, Google, Twitter, etc). The information we have access to varies by site and is controlled by you.

How do we use your Personal Information?

We have set out below some of the ways in which we may use and process your personal information, and which of the legal premises bases we rely on to do so.

Note that we may process your personal information for more than one lawful ground depending on the specific purpose for which we are using that data.

  • Providing our Service to you: It may sound obvious, but we need your data to make OnApproval work in the first place. Without your name, banking information and other details, we simply could not offer you our great products.

Legal basis in the EEA: to perform customer services, including [pls specify], structure, governance and compliance services, to fulfill our contractual obligations toward you, and on the basis of our legitimate interests, or your legitimate interests, to provide the best customer service we can.

  • Identity verification: As a financial institution, it is essential that we can confirm the true identity of our members. There are rules and regulations across the globe that require we identify our customers, including anti-corruption, anti‐bribery, anti‐terrorism, anti‐money laundering and other laws.

Legal basis in the EEA: to perform customer services, including compliance services, to fulfill our contractual obligations toward you, and to comply with legal and regulatory requirements applicable to us (including the need to prevent and combat money laundering.

  • Keeping you informed: It is important for security and financial transparency that we keep you aware of your transactions and related activity at OnApproval. We will send you emails with confirmations, invoices, technical notices, updates, security alerts, legal and support and administrative messages.

Legal basis in the EEA: to perform customer services, including to fulfill our contractual obligations toward you, and on the basis of our legitimate interests, or your legitimate interests, to provide the best customer service we can.

  • Investigations: Occasionally, we are obliged to look at your account activity in order to check and protect against fraudulent, unauthorized or illegal behavior.

Legal basis in the EEA: to perform customer services, including on the basis of our legitimate interests, or your legitimate interests, to provide the best customer service we can and protect you and us from unlawful and unauthorized activity and to comply with legal and regulatory requirements applicable to us (including the need to prevent and combat money laundering.

  • Customer care: We strive to make sure you can easily use our products with no headaches, but sometimes you need help. Our customer care team will occasionally need access to you account data in order to fix any issues or answer your questions.

Legal basis in the EEA: to support our business processes including our information technology, electronic communications and electronic documents storage, management and transmissions, to fulfill our contractual obligations toward you, or, if not applicable, on the basis of our legitimate interests to provide the best client service we can, to support our business operations, administration, IT services, and network security, and to prevent fraud.

  • Managing and improving our Service: We like to understand how our members engage and use OnApproval in order to make sure OnApproval is the best it can be. This process includes combining different account, transactional, marketing and other data to analyze the effectiveness and performance of our Service.

Legal basis in the EEA: to support our business processes including our information technology, electronic communications and electronic documents storage, management and transmissions, to fulfill our contractual obligations toward you, or, if not applicable, on the basis of our legitimate interests to provide the best client service we can, to support our business operations, administration, IT services, and network security, and to prevent fraud.

  • Communicating with you: We want you to be aware of product updates, news, events, and promotions and, if you consent, we will send you information, including regular personalized emails, to keep you up to date with all things OnApproval.

Legal basis in the EEA: on the basis of your consent or our legitimate interests to use your personal data for marketing purposes.

  • Business operations: We may need to use your personal information for our business operations, including internal training and administration, legal compliance, enforce our legal rights, protect third party rights, and in connection with a business transition such as a merger, acquisition by another company, or sale of all or a portion of our assets.

Legal basis in the EEA: where we use your personal information in connection with a business reorganization, sale or merger, to enforce our legal rights, or to protect the rights of third parties it is in our or a third party’s legitimate interest to do so. For all other purposes, to comply with our legal and regulatory obligations.

  • Website and software applications: We use data analytics to improve our website and software applications, activities and operations, products/services, events, etc.

Legal basis in the EEA: to present our website and software applications and their content in the best possible way for you and on your computer, on the basis of our legitimate interests to keep our website and software applications updated and relevant, to develop our business outreach and business operations, and to develop marketing strategy.

  • Third party data: If you authorize applications or third party integrations on or using our Service, these parties may receive detailed information about your account, your use of the Service, transaction history or even the ability to take actions on your behalf. Information collected by these applications or third-party integrations are subject to their terms and policies.

How do we keep your Personal Information safe?

We have implemented security measures to prevent your Personal Information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed.

We protect your Personal Information by maintaining physical, electronic, and procedural safeguards, incorporating tested security technologies, in compliance with applicable laws. We may use network safeguards such as firewalls and data encryption, enforce physical access controls, and authorize access to Personal Information only for those people who require access to fulfill their job responsibilities.

In addition, we limit access to your Personal Information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Information on our instructions and they are subject to a duty of confidentiality. Those with access to your Personal Information are carefully screened, periodically reevaluated, and are required to keep all your Personal Information confidential.

It is important to note that security risks exist and no organization can genuinely promise you otherwise. Bad actors may defeat even the most carefully considered and implemented safeguards.

How do we share your Personal Information?

We sometimes share your information internally between employees and contractors of the OnApproval Group (including those based outside the European Economic Area (“EEA”)), in particular in connection with activities undertaken jointly or in common with such group members and/or provide IT and system administration services and undertake management reporting.

We do not sell, trade or otherwise transfer to third parties your Personal Information, other than third parties who assist us in operating our Service, conducting our business or supporting our members. We require that those third parties agree to keep this information confidential and secure on the same conditions and protection levels we provide to you as a member.

We may also release your information to certified and authorized law enforcement officials when we believe release is appropriate to comply with the law, enforce our terms or policies, or protect the rights, property, or safety of OnApproval, our members, or others. We have a set of guidelines for how we engage with law enforcement officials that are available to the public here.

Finally, in the event of the sale or transfer of ownership, your data would be shared with the new owners.

Do we transfer your Personal Information outside of the EU?

OnApproval is headquartered in the United States. Many of our affiliates and third party service providers are based outside the EEA, so processing of your Personal Information will involve a transfer of your Personal Information outside the EEA and may be maintained or accessed in servers or files located in countries outside the EEA, including the United States.

By voluntarily providing your Personal Information on or via this website, you consent to its transfer, processing and storage in the United States other countries outside the EEA, some which have not been deemed by the EEA to have “adequate” privacy safeguards.

Under the General Data Protection Regulation, OnApproval, Inc. is the controller and responsible for this website or any of our software applications and any EEA Personal Information that is provided to us via this website or our software applications. On occasions, for certain processing activities, one of the entities forming part of the OnApproval Group may act as a data processor for another entity forming part of the OnApproval Group.

Whenever we transfer your EEA Personal Information out of the EEA, we ensure a similar degree of protection is afforded to it. We may share data with organizations and countries that:

  • The European Commission say have adequate data protection.

  • We’ve agreed standard data protection clauses with.

Please contact us at the details set out above if you are located in the EU and want further information on the specific mechanism used by us when transferring EEA Personal Information out of the EEA.

What are your legal rights?

You have the right to:

  • Access the Personal Information we store about you or to request a copy of it.

  • Request that we correct inaccurate data about you.

  • Ask us to delete or block your data, although for legal reasons we cannot always do this.

  • Withdraw your consent to receive marketing emails.

To do any of the above simply email a request to: support@On-Approval.com.

Also, under the relevant privacy laws of the EEA (including European Union’s General Data Protection Regulation) in respect of your EEA Personal Information you may have a number of important rights. For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individual’s rights under the European Union’s General Data Protection Regulation.

How long do we retain your Personal Information?

OnApproval maintains reasonable procedures to help ensure that your Personal Information is reliable for its intended use, accurate, complete, and current.

  • We will only retain your Personal Information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements, as well as other factors required by General Data Protection Regulation or other laws to which we are subject.

  • When it is no longer necessary to retain your Personal Information, we will securely delete it, subject to applicable law and regulations.

  • In some circumstances, we may anonymize your Personal Information (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

  • If you request that we stop sending you marketing materials, we will continue to keep a record of your contact details and appropriate information to enable us to comply with your request not to be contacted by us.

Please be aware that we may keep your Personal Information for five years or more from the date you cease to be our customer, depending on applicable law or regulations in the jurisdictions we operate.

How do we inform you and market to you?

In compliance with applicable laws, we will send you personalized marketing information, including by emails, and such information may include product and service updates, industry news, our events, activities and offers, about our business and personnel and tips. We may combine your Personal Information such as age, transaction history, account usage to improve the value and specificity of these communications.

You can ask us to stop sending you marketing messages or information at any time by following the opt-out links on any marketing message sent to you or by contacting us (see below our contact details) at any time.

Where you opt out of receiving these marketing messages or publications, this will not apply to Personal Information collected by or provided to us in connection with a specific purpose, request, order, event or activity or any dealings with you.

If you would like to unsubscribe from any email publication you can also click on the ‘unsubscribe’ button at the bottom of the relevant email publication. It may take up to [10] days for this to take place.

Changes to our Privacy Statement

This version was last updated on the date indicated above and historic versions are archived and can be obtained by contacting us.

It is important that the Personal Information we hold about you is accurate and current. Please keep us informed if your Personal Information changes during your relationship with us.

Where does this Privacy Statement apply?

This Privacy Statement applies to all of the services offered by the OnApproval Group and services offered on third-party sites, such as advertising services. This Privacy Statement doesn’t apply to services that have separate privacy notices that do not incorporate this Privacy Statement.

This Privacy Statement doesn’t apply to the information practices of other companies and organizations that advertise our services or to services offered by other companies or individuals, including products or sites that may include our Services or be linked from our Services.

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy statement of every website you visit.

Who can you contact?

You can direct any questions or complaints about the use or disclosure of your Personal Information to us by contacting us as set out below. We will investigate and attempt to resolve any complaints or disputes regarding the use or disclosure of your Personal Information as soon as possible.

If you have any questions about this Privacy Statement or need to contact us, please email us at support@On-Approval.com, or contact us by mail at 525 W 28 St, Suite 1461, New York, NY 10001.

If you are resident in the European Union and are dissatisfied with the resolution of your complaint in respect of your EEA Personal Information, you may contact the EU data protection authority in your jurisdiction using the contact details provided at http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htmfor further information and assistance.