Date Last Revised: January 14, 2021
The Company takes the privacy of individuals very seriously. We are committed to maintaining the security, confidentiality, availability and integrity of the personal data in our custody or control, and protecting such data in accordance with the applicable legislation. The technological developments in the information society are continually evolving, along with the threats that such innovations pose to the privacy of individuals and the security of their personal data. The Company continually assesses the employed security measures, both technical and organizational, in order to determine the appropriate level of protection. We regularly review our privacy and security practices and adapt them as necessary to deal with new regulatory requirements, changes in legislation and/or security standards.
Section 2 – APPLICATION
Section 3 – ACKNOWLEDGEMENT
Section 4 – COLLECTION OF PERSONAL DATA
Section 5 – USE OF INFORMATION
Section 6 – CHILDREN'S PRIVACY
Section 7 – DISCLOSURES AND TRANSFERS
Section 8 – LEGAL BASES FOR PROCESSING
Section 9 – PARTNER’S ROLE UNDER DATA PROTECTION LAWS
Section 10 – SPECIAL CATEGORIES OF PERSONAL DATA
Section 11 – ANTI-SPAM LEGISLATION
Section 12 – THIRD PARTY WEBSITES
Section 13 – YOUR RIGHTS UNDER GDPR
Section 14 – DATA RETENTION AND DELETION
Section 15 – PERSONAL DATA SECURITY
Section 16 – NOTIFICATION OF PERSONAL DATA BREACH
Section 18 – CONTACT INFORMATION
1.1. "Account Information Services" means an online service to provide consolidated information on one or more Payment Accounts held by you with either another payment service provider or with more than one payment service provider.
1.2. "Analytical Report" means a report generated by the Company based on the processing of your Payment Account Data, comprising analyses of your Payment Account Data for specified Payment Accounts, periods and analytical items, such as balance, income, expenses and savings.
1.3. "Account Provider" means the payment service provider that provides and maintains a Payment Account for you (e.g., bank, building society, electronic money institution).
1.4. "Consent" means any freely given, specific, informed and unambiguous indication of your wishes by which you, by a statement or by a clear affirmative action, signify agreement to the processing of your Personal Data.
1.5. "Contracting Party" means the party identified in the table below:
|Payment Account held by:||Contracting Party||Contracting Party details||Supervisory Authority|
|an Account Provider in the United Kingdom||Salt Edge Limited||
Registered address: 71-75 Shelton Street, Covent Garden, London WC2H 9JQ, England, United KingdomRegistration number: 11178811
Information Commissioner’s Office
Head office address:
0303 123 1113https://ico.org.uk/
|an Account Provider in a member country of the European Union/European Economic Area||BudgetBakers s.r.o.||
Registered address: Radlická 180/50, Smíchov 150 00 Praha 5, Czech RepublicCompany identification number: 02882957
The Office for Personal Data Protection
Pplk. Sochora 27
170 00 Praha 7
+420 234 665 111https://www.uoou.cz/en/
|an Account Provider in a member country of the European Union/European Economic Area||Spendee a.s.||
Registered address: Namesti I.P. Pavlova 1789/5, 120 00 Prague, Czech RepublicCompany identification number: 05912890
The Office for Personal Data Protection
Pplk. Sochora 27
170 00 Praha 7
+420 234 665 111https://www.uoou.cz/en/
1.7. "Dashboard" means the online platform located at https://www.saltedge.com/dashboard accessed by you with your User Account credentials in order to use the Services, including without limitation any content, images, text and icons within such platform.
1.8. "Digest" means an online widget providing you with a summary overview of your Payment Account Data at a given date, as a result of your use of the Services.
1.9. "Data Protection Laws" means the GDPR and its implementation in the national law of, as applicable, the United Kingdom (Data Protection Act 2018) or the Czech Republic (Act No. 110/2019 Coll., on personal data processing), as well as the laws implementing or supplementing the GDPR in each EU Member State, and which are applicable to the Company as regards the privacy, protection, processing, collection, use or disclosure of your Personal Data, as amended, replaced or superseded from time to time.
1.10. "GDPR" means the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
1.11. "GDPR Consent to Share Data" means a freely given, specific, informed and unambiguous indication of your wishes by which you, by a clear affirmative action, give explicit consent to the Company to share your Payment Account Data and/or Analytical Reports with the designated Partner.
1.12. "Partner" means the third party that redirects you to the Services with whom you instruct and authorize the Company to share your Payment Account Data, based on your GDPR Consent to Share Data.
1.13. "Payment Account" means an account accessible online held in your name by the respective Account Provider, including but not limited to current account, e-money account, flexible savings account and credit card account.
1.14. "Payment Account Data" means the information made available from your Account Provider relating to your Payment Account, including without limitation account details (account name, number, balance, currency, etc.), transactions details (transaction amount, currency, date, description, etc.), account holder details (name, address, email, phone number), and features and benefits of your Payment Account, that is accessed and automatically retrieved by the Company through the Services and presented to you in the Digest or Dashboard after processing.
1.15. "Payment Regulations" means PSD2 and all applicable laws or regulations in force from time to time in the Company’s jurisdiction giving effect to PSD2, together with all regulatory technical standards, codes of practice, guidelines and/or formal interpretations issued by the relevant national competent authority with respect to PSD2 implementation.
1.16. "Personal Data" has the meaning given to it in GDPR and includes without limitation Registration Information, Payment Account Data, Analytical Reports and Personalized Security Credentials.
1.17. "Personalized Security Credentials" means the personalized features, including without limitation Account Provider’s API access tokens, username, password, access number, security questions and answers, token/SMS codes, and multifactor information, provided to you by your Account Provider for the purposes of authentication, including but not limited to strong customer authentication.
1.18. "PSD2" means the Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC.
1.19. "PSD2 Consent" means the explicit consent given by you to the Company to access your Payment Account for the purpose of providing Account Information Services to you.
1.20. "Registration Information" means the information that you provide to the Company (or, in relation to your email address, that the respective Partner provides to the Company on your behalf) for the purpose of setting up a User Account, including without limitation email address, password, phone number and any other information that the Company may be required by law or regulation to collect for identity verification during or subsequent to User Account registration (as provided directly by you or, under certain circumstances, by the relevant Partner on your behalf during registration), as the same may be updated by you from time to time.
1.21. "Services" means the Account Information Services, whether provided via Digest or Dashboard, and, as applicable, the functionalities (including consent management functionalities), content, features, tools or services as made available by the Company from time to time in the Dashboard.
1.22. "Special Categories of Personal Data" means Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation.
1.23. "User Account" means the unique user account in the Dashboard set up with the Company.
4. COLLECTION OF PERSONAL DATA
When you use the Services, the Company will collect information, including Personal Data, for the purpose of providing, maintaining and improving the Services and/or generating Analytical Reports, as well as complying with applicable laws or regulations. The Company collects Personal Data primarily in four (4) ways:
Information you provide to the Company voluntarily:
- In order to be able to use the Services in the Dashboard you must create a User Account. During the registration process you will have to supply your Registration Information.
- In accordance with regulatory requirements applicable to the Company with respect to anti-money laundering, terrorist financing and related customer identity, status and operations checks, you may be required from time to time to provide additional Personal Data in order to establish matters such as identity, affiliation, public exposure, ownership of Payment Accounts, purpose of transactions and origin of funds on your Payment Accounts.
- In order for the Company to be able to provide the Account Information Services and, as applicable, generate Analytical Reports, you will have to authenticate yourself towards your respective Account Provider with your Personalized Security Credentials. The Personalized Security Credentials are always stored encrypted. The Company will use the Personalized Security Credentials provided by you in order to establish a secure connection to your Payment Account in the respective Account Provider and retrieve the associated Payment Account Data in accordance with the Payment Regulations and as further described in the Dashboard Terms of Service.
- Information the Company collects from Account Providers: For the purposes of providing the Account Information Services to you and, as applicable, for the purposes of generating Analytical Reports, the Company will access your Payment Account held by the respective Account Provider in read-only mode based on your PSD2 Consent in order to retrieve, use, store and process your Payment Account Data.
- Information the Company receives from Partner: If you have been redirected to the Dashboard from a Partner, the Company will receive your email address from such Partner in order to automatically set up your User Account when you start using the Services. We may also receive your email address from the Partner, who has redirected you to the Digest. Under certain circumstances, some of the additional information (such as your full name, date of birth, residence address, type of Payment Account – own, shared or legal, etc.) that we require for compliance with applicable anti-money laundering, terrorist financing and performing related customer identity, status and operations checks as prescribed by law, may be provided to the Company by the relevant Partner during the registration of your User Account.
Information the Company collects through your use of the Services:
Information collected by cookies.
- First-party cookies: The Company uses session cookies and persistent cookies when you use the Services. These types of cookies are essential to the operation of Digest and Dashboard and the provision of Services. The session cookie is stored in temporary memory and is not retained after the browser is closed. Session cookies do not collect information from your computer. They store information in the form of a session identification that does not personally identify you. The persistent cookies are set with expiration date and are stored on your hard drive until they expire or you delete them. The Company does not collect any Personal Data in the session and persistent cookies. The Company uses session and persistent cookies for technical purposes, including but not limited to verifying the origin of requests, distributing requests among multiple servers, authenticating you and determining what functionality of the Services you are allowed to access.
- Information collected by web beacons. Web beacons are images (single-pixel gifs) embedded in a web page or email for the purpose of measuring and analyzing website usage and activity. Web beacons or similar technologies help the Company better manage the Services, count users of the Services, monitor how users navigate the Services, count how many emails that we send are actually opened and, generally, measure performance. The Company does not link the information gathered by web beacons to your Personal Data. Web beacons do not collect Personal Data.
5. USE OF INFORMATION
Use of Personal Data:
The Company may use the collected Personal Data for the following purposes:
- to provide, maintain, administer, support, protect and improve the Services;
- to meet the regulatory compliance requirements set forth in the applicable laws;
- to generate Analytical Reports;
- to share Payment Account Data and/or Analytical Reports with your Partner;
- to provide customer support;
- to handle and process enquiries submitted by you;
- when you use the Services via Dashboard, to send system alert messages relating to the Services and your User Account;
- to enforce compliance with the Dashboard Terms of Service;
- to investigate any illegal activity or wrongdoing in connection with the Services;
- to protect the rights, property and safety of users, the Company and third parties;
- to troubleshoot, investigate and fix service-related errors. In such cases, your Personal Data may be visible to and/or accessed by technicians, IT staff and/or system administrators authorized by the Company;
- to comply with legal obligations to which the Company is subject;
- to generate Anonymized Data and/or Anonymized Aggregated Data (as defined below); and
- to respond to your requests for exercising your rights under the applicable Data Protection Laws.
Use of Non-Personal Data:
The Company may generate anonymous data derived from or based on Personal Data collected from you or acquired from your use of the Services, which anonymous data can no longer be used to identify, directly or indirectly, a natural person
and may combine or incorporate such Anonymized Data with or into other similar data or information collected from other users or derived from other users’ use of the Services
("Anonymized Aggregated Data").
The Company may use such Anonymized Data and Anonymized Aggregated Data for various business purposes, including, but not limited to:
- providing, maintaining, supporting and improving the Services;
- conducting analytical research, compiling statistical reports and performance tracking;
- developing and/or improving other the Company’s services and products; and
- sharing such Anonymized Data and Anonymized Aggregated Data with the Company’s affiliates, agents and/or Subcontractors (as defined below in Section 7.a).
6. CHILDREN’S PRIVACY
Protecting the privacy of children is especially important to the Company. The Services are not directed to children under the age of eighteen (18) years and the Company does not knowingly solicit, collect or process Personal Data from persons under eighteen (18) years of age. If we become aware of the fact that Personal Data of persons less than eighteen (18) years of age has been collected via the Services, we will take the appropriate steps to delete such information without undue delay.
7. DISCLOSURES AND TRANSFERS
Disclosure and/or Transfer to Subcontractors:
The Company has put in place adequate contractual (including data protection, confidentiality and security provisions) and other technical and organizational measures with subcontractors that we may engage from time to time in connection with the provision, operation, security and/or maintenance of the Services or part thereof and/or with the generation of Analytical Reports
- Salt Edge Inc., 251 Laurier Ave. West, Suite 900, Ottawa, Ontario K1P 5J6, Canada
Disclosure and/or Transfer to Processors:
- Salt Edge Inc., 251 Laurier Ave. West, Suite 900, Ottawa, Ontario K1P 5J6, Canada
- Disclosure to Account Providers: In order to provide the Account Information Services and, as applicable, to generate Analytical Reports, we will disclose to your respective Account Provider certain Personal Data (particularly, Personalized Security Credentials and in certain cases, depending on the Account Provider, your Payment Account number).
- Disclosure by Sharing with Partner: We will share your Payment Account Data (after processing, including without limitation data enrichment, carried out by the Company on such data) and/or Analytical Reports with the designated Partner based on your GDPR Consent to Share Data.
Disclosure for Legal Reasons:
We may disclose Personal Data without your Consent when we believe in good faith that the disclosure of such information is reasonably necessary or appropriate:
- to comply with the Data Protection Laws, any subpoena, enforceable request from the competent authorities, or other legal process;
- to enforce our rights against you or in connection with a breach by you of the Dashboard Terms of Service, including investigation of potential violations;
- to help detect, curb or investigate fraud or other prohibited or illegal activities that affect or hurt the interests of the Company or third parties;
- to identify, contact or bring legal action against someone who may be causing injury to, or interference with (either intentionally or unintentionally), the Company’s rights or property, other users of the Services, or anyone else (including the rights or property of anyone else) that could be harmed by such activities; and
- to help us comply with a legal obligation to which the Company is subject, or accounting or security requirements, in which case we may disclose such information to our auditors, professional consultants, accountants and/or legal advisors.
In all the foregoing cases, the Company will disclose Personal Data only as required or permitted by the applicable Data Protection Laws.
8. LEGAL BASES FOR PROCESSING
The Company acts as Controller of your Personal Data processed in connection with the provision of Services and, as applicable, the generation of Analytical Reports. The Company will adhere to the following general principles with respect to Personal Data processing:
- not collect more Personal Data than reasonably necessary for the purpose of providing the Services and, as applicable, generating Analytical Reports;
- not knowingly solicit, access, collect and/or process any Special Categories of Personal Data, except when required for compliance with applicable anti-money laundering, terrorist financing and performing related customer identity, status and operations checks as prescribed by law.
- processing is necessary for the performance of a contract to which you are a party, particularly for the provision of the Services and the generation of Analytical Reports under the Dashboard Terms of Service;
- processing is based on your GDPR Consent to Share Data, pursuant to which the Company discloses by sharing with the designated Partner the Personal Data and/or Analytical Reports, as indicated in, and authorized by you through, such GDPR Consent to Share Data;
- processing is necessary for compliance with a legal obligation to which the Company is subject; and/or
- processing is necessary for the purposes of the legitimate interests pursued by the Company as the Controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the Data Subject which require the protection of Personal Data.
If there is another legal basis for us to collect and process Personal Data, we will provide the required notification to you at or before the time the Personal Data is collected.
If you voluntarily submit or provide Personal Data to the Company when contacting us with an enquiry or request relating to the Services, Digest, Dashboard, your User Account or otherwise, you will be deemed to have given your Consent to the collection, use and processing of Personal Data by the Company as reasonably necessary to carry out the specific purpose(s) for which you have provided the Personal Data. The Company will rely on such implied Consent as if it were given to the Company under normal circumstances.
9. PARTNER’S ROLE UNDER THE DATA PROTECTION LAWS
By sharing your Payment Account Data and/or Analytical Reports with the Partner designated in the GDPR Consent to Share Data, such Partner, as the receiving party, will act as an independent Controller with respect to the Personal Data so shared. Therefore, the Partner is solely responsible for complying with its obligations as Controller as set forth in the applicable Data Protection Laws, including without limitation with respect to the processing, confidentiality and security of your Personal Data by Partner after the Company shares such data with the Partner. The Company will not be responsible for any subsequent processing carried out by any Partner with whom the Company shares your Personal Data based on your GDPR Consent to Share Data. The Company will only be responsible for the sharing of your Personal Data and ensuring that it is shared securely and with the intended recipient.
10. SPECIAL CATEGORIES OF PERSONAL DATA
You acknowledge that we do not, manually or automatically, analyze, filter, map or perform any other similar type of processing operations for the purpose of identifying Special Categories of Personal Data that may be included in your Payment Account Data. Therefore, the Company will not be deemed to process Special Categories of Personal Data by virtue of such data possibly being included in your Payment Account Data. However, under certain circumstances prescribed by law and in accordance with regulatory requirements applicable to the Company with respect to anti-money laundering, terrorist financing and related customer identity, status and operations checks, we may require you to provide additional Personal Data that may include Special Categories of Personal Data (e.g., passport information). We will process any collected Special Categories of Personal Data in order to comply with the legal obligations to which the Company is subject. You are requested at all times to refrain from voluntarily providing any Special Categories of Personal Data by any means of communication to the Company unless we expressly request you to provide such data.
11. ANTI-SPAM LEGISLATION
12. THIRD-PARTY WEBSITES
The Services may include links to, or otherwise direct your attention towards, websites operated and controlled by third parties (including without limitation Partners and Account Providers) and not by the Company. Access to any third-party website is at your own risk, and you must be aware of the fact that linked websites have terms and privacy policies different from those of the Company. If you decide to provide any Personal Data when accessing such links or using the services provided by such third parties, the respective third parties, and not the Company, will be responsible for complying with the obligations set forth in the applicable Data Protection Laws in respect of any Personal Data you submit to them and any processing activities carried out by such third parties on such Personal Data.
13. YOUR RIGHTS UNDER GDPR
Taking into account the nature of the processing and the type of Personal Data processed, you have the right to exercise the following rights as set forth in the GDPR:
- the right to be informed: you have the right to receive fair processing information about your Personal Data processed by us, including without limitation the recipients or categories of recipients to whom the Personal Data has been or will be disclosed, in particular transfers to recipients in third countries or international organizations, and the appropriate safeguards relating to such transfers;
- the right of access: you have the right to obtain: (i) confirmation that your Personal Data is being processed, and (ii) access to such Personal Data;
- the right to rectification: you are entitled to have Personal Data rectified if it is inaccurate or incomplete;
- the right to erasure (right to be forgotten): you have the right to request the deletion of your Personal Data when there is no compelling reason for its continued processing or, where the Consent is the legal basis for processing, you withdraw Consent to such processing;
- the right to restrict processing: you have the right to block processing of your Personal Data on the grounds specified in the GDPR;
- the right to data portability: you may request to receive free of charge a copy of Personal Data stored in our systems in a structured, commonly used and machine-readable format, or have us transmit the data directly to another organization, if this is technically feasible;
- the right to object: you have the right to object to (i) processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling), (ii) direct marketing (including profiling), and (iii) processing for purposes of scientific/historical research and statistics;
- rights in relation to automated decision-making and profiling: you have the right to object to processing of Personal Data for the purposes of automated individual decision-making (making a decision solely by automated means without any human involvement) and profiling (automated processing of Personal Data to evaluate certain things about an individual);
- the right to lodge a complaint with a Supervisory Authority: you have the right to lodge a complaint about the Company’s data protection or privacy practices, or the exercise of any of your rights with respect to your Personal Data, with your local Supervisory Authority;
- the right to withdraw Consent: provided that the Consent is the legal basis for processing, you may withdraw Consent to our processing of your Personal Data at any time. You may also withdraw your GDPR Consent to Share Data at any time by contacting us or by using the consent management tools available in the Dashboard.
You may exercise any of the foregoing rights at any time by contacting the Company (see further Section 18 for contact details). The Company will endeavor to respond to any requests submitted by you in the manner and as set forth in the GDPR. Where your requests for exercising your rights under GDPR are manifestly unfounded or excessive, in particular because of their repetitive character, or further copies of the Personal Data undergoing processing are requested, we may charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested.
14. DATA RETENTION AND DELETION
The Company will retain Personal Data for no longer than strictly necessary for the purposes for which such Personal Data is collected and processed. The retention period depends on the requirements of the applicable laws or regulations we must comply with, the purposes of the collection and processing of Personal Data, and the legitimate interests of the Company to establish, exercise or defend our legal rights.
We will delete your Personal Data from our production systems when:
- the provision of Services is terminated under the Dashboard Terms of Service. For clarity, Services provided to you via Digest are terminated at the end of the day following the day on which you have given the PSD2 Consent associated to that instance of Services provision;
- you delete your User Account or such account is terminated by the Company as described in the Dashboard Terms of Service;
- the Company deletes your User Account due to inactivity; or
- you exercise the right to be forgotten or, if applicable, withdraw Consent.
As a result of the deletion, your Personal Data associated with your User Account will be deleted and excised permanently from the Company’s production systems, subject to our right to generate Anonymized Data and Anonymized Aggregated Data prior to such deletion. Further use of the Services by you will be impossible. Notwithstanding anything to the contrary in this Section 14, the Company will retain your Personal Data or portions thereof:
- in backup files on our backup servers for a period of up to one (1) month from the date of deletion from the production systems, in accordance with general internal retention procedures;
- in log files in order to: (i) comply with the requirements of the applicable laws or regulations, (ii) exercise or defend (ongoing) legal claims, and (iii) meet audit or statutory requirements. The retention period for Personal Data retained in log files will be a minimum of five (5) years from the date of deletion from the production servers, or such longer period as required by the applicable laws, unless subject to statutory or regulatory change; and
- in our internal systems, to the extent such Personal Data is part of the Company’s records generated by applying know-your-customer and anti-money laundering checks, including, without limitation, copies of identity documents, conducted monitoring and analyses, information obtained by electronic identification means, as required for the Company to comply with applicable anti-money laundering, counter-terrorist financing and similar regulatory requirements. The period of such retention shall be a minimum of five (5) years from the date of deletion of your User Account or last use of the Services in Digest mode, as applicable, unless otherwise provided by applicable laws or unless competent authorities extend such period in accordance with applicable laws.
Backup files are stored using strong asymmetric encryption and the Company’s authorized personnel don’t access such files in the ordinary course of business operations, nor will we actively process any Personal Data retained in backup files anymore.
15. PERSONAL DATA SECURITY
- Although we will take appropriate measures to ensure that your Personal Data is treated and stored securely, unfortunately, the sending of information via the Internet is not totally secure and on occasion such information may be intercepted. Therefore, we cannot guarantee the security of Personal Data that you choose to voluntarily send to us via electronic means. The Company expressly disclaims all liability for any interception or interruption of any Internet transmissions sent by you or any losses of or changes to data, including Personal Data, resulting from such interception or interruption.
- Personal Data Safeguards: The Company is committed to maintaining the confidentiality, integrity and security of the Personal Data of users. We employ advanced security techniques to safeguard Personal Data against unauthorized access, use and/or disclosure. The Company strictly restricts access to Personal Data in accordance with specific internal procedures governing access to such information. We carefully select the individuals privileged with access to Personal Data in accordance with our internal security policies and practices, and each such individual is bound by confidentiality obligations. The Services ensure secure communications with TLS encryption. To maintain the security of online sessions and protect our systems from unauthorized access, we use a combination of firewall barriers, encryption techniques and authentication procedures, among others. Access to our systems requires multiple levels of authentication, including biometric recognition procedures. Security personnel monitor the systems 24/7. The Company databases are both physically and logically protected from general employee access. We also enforce physical controls on our premises. We are routinely verified for our use of encryption technologies and audited for our privacy practices. The Company tests its systems, Dashboard, Digest and Services for any failure points that might allow hacking.
16. NOTIFICATION OF PERSONAL DATA BREACH
If a security breach causes an unauthorized intrusion into the Company’s systems, software or networks that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise processed by the Company ("Personal Data Breach"), we will notify the relevant Supervisory Authority(ies) unless the Personal Data Breach is unlikely to result in a risk to the rights and freedoms of affected users. The Company will report the Personal Data Breach to the relevant Supervisory Authority without undue delay after having become aware of it and in any case within the timeframes as provided for in the applicable Data Protection Laws. When the Personal Data Breach is likely to result in a high risk to the rights and freedoms of affected users, or if required by the relevant Supervisory Authority, we will also communicate the Personal Data Breach to the affected users without undue delay.
18. CONTACT INFORMATION
|Contracting Party||Contact details||Data Protection Officer|
|Salt Edge Limited||
Level 39, One Canada Square,
London E14 5AB
United KingdomEmail: firstname.lastname@example.org
Level 39, One Canada Square,
London E14 5AB
United KingdomEmail: email@example.com
Radlická 180/50, Smíchov
150 00 Praha 5
Czech RepublicEmail: firstname.lastname@example.org
Radlická 180/50, Smíchov
150 00 Praha 5
Czech RepublicEmail: email@example.com
Namesti I.P. Pavlova 1789/5
120 00 Prague
Czech RepublicEmail: firstname.lastname@example.org
Radlická 180/50, Smíchov
120 00 Prague
Czech RepublicEmail: email@example.com