Version 1.0 - 13/10/2021
Under data protection law, Standin may be a data “processor” or “controller” of your personal data processed in relation to our services you receive through the Standin website www.standin.com and the Standin web or mobile application (herein referred to as “platform”).
The validity, interpretation and/or implementation of the Policy are subject to the laws of the Netherlands, to the extent permitted by the provisions of applicable private international law.
In the event of a dispute relating to the validity, interpretation or implementation of the Policy, the courts and tribunals of Amsterdam have exclusive jurisdiction, to the extent permitted by the provisions of applicable private international law.
Before taking any step towards the judicial resolution of a dispute, the User and Standin undertake to attempt to resolve it amicably. To this end, they shall first contact each other before resorting, where appropriate, to mediation, arbitration, or any other alternative method of dispute resolution.
Personal data refers to any information that relates to an identified or identifiable person. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data.
We are fully committed to protecting and respecting your privacy.
If you give us personal data about other people (such as your spouse or family), or you ask us to share their personal data with third parties, you confirm that you have brought this policy to their attention beforehand.
Whenever you use our website or the Standin app, we collect the following information:
If you have location services in the Standin app turned on, we may track your location using GPS technology.
We collect personal data from third parties such as KYC providers or other partners who help us providing our services.
Standin’s activities are not aimed at processing special categories of data such as data showing political views, religious beliefs, ethnic origin, trade union membership or a person’s health. We will never intentionally ask you to provide information that belongs to a “special” category. However, it cannot be ruled out that such data may be among the data received by Standin via the bank connection feature.
Transaction data may contain special personal data or personal data relating to criminal convictions and offences, if this can be deduced from the counterparty or the description at the payment. For instance, a payment for membership of a political party or workers' union or a gift to a church authority. In addition, any administrative sanctions such as fines could also be visible in the transaction data.
We must have a legal basis (a valid legal reason) for using your personal data. Our legal basis will be at least one of the following:
- Performing our contractual relationship and agreements with you
We need certain personal data to provide our services and cannot provide them without this personal data.
- Legal obligations
In some cases, we have a legal responsibility to collect and store your personal data (for example, under anti-money laundering laws we must hold certain information about our customers).
- Legitimate interests
We sometimes collect and use your personal data, or share it with other organisations, because we have a legitimate reason to use it, and this is reasonable when balanced against your right to privacy.
Where you’ve agreed to us collecting your personal data, for example when you have ticked a box to indicate you are happy for us to use your personal data in a certain way.
We use your personal data so we can provide the best service possible, tell you about products and services you may be interested in, and meet our legal obligations.
If you initiate a salary advance withdrawal using our application, we will use your personal data to conduct risk scoring, assess your ability to fulfil your repayment obligations, perform transactions, recover debt or exercise other rights we have under any agreement we have with you.
We use your personal data to give you details about our products and services and to help us develop new products and services. We use your personal data to contact you and provide you with information about our products or services as well as customer support services. We may monitor or record any communications between you and us (including phone calls) to maintain appropriate records, check your instructions, analyse, assess, and improve our services as well as for training and quality purposes.
We use your personal data to check your identity and protect against fraud, comply with financial-crime laws and to confirm that you are eligible to use our services. We also use it to help us better understand your financial circumstances and manage fraud risks related to your Standin account.
We use your personal data to do the following:
Remember, you can always ask us to stop sending you marketing information by adjusting your marketing preferences.
We use your personal data to manage our website and the Standin app, (including troubleshooting, data analysis, testing, research, statistical and survey purposes), and to make sure that content from our website is presented in the most effective way for you and your device. For more information, please see our Cookies Policy.
We also use your personal data to allow you to take part in interactive features of our services, to tell you about changes to our services, and to help keep our website and the Standin app safe and secure.
We use your personal data to help social interactions through our services or to add extra functions in order to provide a better experience.
We use your personal data to provide relevant advertising to you (for example, information on nearby merchants) and to protect you against fraud.
We prepare anonymised statistical datasets about our customers’ behavioural patterns for forecasting and research purposes. These datasets may be shared internally or externally with others, including non-Standin companies. We produce these reports using information about you and other customers. The information used and shared in this way is never personal data and you will never be identifiable from it. Anonymised statistical data cannot be linked back to you as an individual.
We may need to share personal data about you:
Depending on the Standin products or services you use, we may make automated decisions about you.
This means that we may use technology that can evaluate your personal circumstances and other factors to predict risks or outcomes. We do this for the efficient running of our services and to ensure decisions are fair, consistent and based on the right information.
Where we make an automated decision about you, you have the right to ask that it is manually reviewed by a person. You can find out more about this in the What are my rights? section below.
For example, we may make automated decisions about you that relate to:
If you sign up to our services, and where allowed by law, we will assume you want us to contact you by post, email and SMS text message with information about Standin products, services, offers and promotions. We may use the personal data we have collected about you in order to tailor our offers to you.
You can adjust your preferences, or tell us you don't want to hear from us, at any time. Just use the privacy settings in the Standin app or click on the unsubscribe links on any marketing message we send you.
We won't pass your details on to any organisations outside the Standin group of companies for their marketing purposes without your permission. You can find out more in the Do you share my personal data with anyone else? section.
We respect your rights as a User to determine how your personal information is used.
These rights include:
To exercise any of your rights set out in the previous section, you can contact us by e-mail at email@example.com.
For security reasons, we cannot deal with your request if we are not sure of your identity, so we may ask you for proof of your ID.
Standin will usually not charge you a fee when you exercise your rights. However, we are allowed by law to charge a reasonable fee or refuse to act on your request if it is manifestly unfounded or excessive. In such case, we will always provide you with a detailed explanation.
If you are unhappy with how we have handled your personal data you can complain to your local data protection authority.
We share your personal data within the Standin group of companies in order to provide you with the best service and experience.
The list below explains which suppliers we normally share your personal data with.
From time to time we may work with other partners to offer you co-branded services or promotional offers, and we will share some of your personal data with those partners. We will always make sure you understand how we and our partners process your personal data for these purposes.
Our partners will have their own privacy policies explaining how they use your personal data. It's important that you read those privacy policies as well.
We also share your personal data with fraud-prevention agencies to check your identity, protect against fraud and confirm that you are eligible to use our products and services.
We may also need to share your personal data with other third party organisations:
We may share your personal data (your name, email address and app events) with our advertising partners in the ways described below, but the personal data is hashed before we send it, and the social-media platform we share it with is only allowed to use that hashed personal data in the ways described below.
When we use social media for marketing purposes, your personal data may be shared with the social-media platforms so that they can check if you also hold an account with them. If you do, we may ask the advertising partner or social-media provider to:
An example of how we may use social media for marketing purposes is through Facebook’s ‘Custom Audience’ tool, the terms of which are available here.
You can contact us at any time by emailing firstname.lastname@example.org, if you do not want us to share your personal data for advertising purposes. You can also use the privacy settings in the Standin app to opt out from having your personal data shared in this way.
Remember you can also manage your marketing preferences directly with any social media provider that you have an account with.
Where you direct us to share your personal data with a third party, we may do so. For example, you may authorise third parties to act on your behalf (such as a lawyer, accountant or family member or guardian under a power of attorney).
If we ever need to transfer your personal data outside of Europe in the context of providing our services or because we have a legitimate interest, we will only do so where:
We recognise the importance of protecting and managing your personal data. Any personal data we process will be treated with the utmost care and security. As part of our governance policy, we have appointed a Data Protection Officer which handles all matters related to privacy and data and can be contacted at email@example.com.
To help protect the privacy of personal data you provide through the use of our website or mobile app, we maintain physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. We restrict access to your personal data to those employees who need to know that information to provide services to you. Every employee, associate or partner having access to personal data is subject to strict confidentiality agreement. Moreover, we train our employees about the importance of confidentiality and maintaining the privacy and security of your data. We also commit to taking appropriate disciplinary measures to enforce our employees' data protection responsibilities.
The GDPR requires data controllers to notify any personal data breach to the applicable regulator and, in certain instances, the data subject.
We have put in place procedures to deal with any suspected personal data breach and will notify data subjects or any applicable regulator where we are legally required to do so.
If you know or suspect that a personal data breach has occurred, do not attempt to investigate the matter yourself. Immediately contact our Data Protection Officer at firstname.lastname@example.org. You should preserve all evidence relating to the potential personal data breach.
We will only retain your personal data for as long as we reasonably need to use it for the purposes set out above in “How do you use my personal data?”, unless a longer retention period is required by law (for example for regulatory purposes).
Generally, we will store your information for as long as you are using Standin, and for five years after that to comply with applicable law. In some circumstances, like cases of anti-money laundering or fraud, we may keep personal data for longer if we need to and/or the law says we need to.
Information related to website visits and marketing activities are typically stored for three years.
If we change the way we use your personal data, we will update this policy and publish every update on our website www.standin.com and, if appropriate, let you know by e-mail, through the Standin app or through our website.