fbpx

Privacy Policy

Who are we?
In this privacy policy, terms such as “Soni Transfer”, “us” and “we” refer to Soni Transfer, a limited liability company registered in England and Wales (registration number 10832378), with its registered office at 9 Waterloo Road, Birmingham, B66 4JX
United Kingdom
Soni Transfer is registered with the UK Information Commissioner’s Officer (reference number ZA499115). Soni Transfer is authorised as a small payment Institution by the Financial Conduct Authority (reference # 798474).

In accordance with Data Protection Regulations, Soni Transfer is a data controller and you – our customer – will be a data subject. As a data controller, we determine the purposes for and means of the processing of your personal data while at the same time ensuring your rights as a data subject are respected.

Unless otherwise defined in this privacy policy, terms defined in the Terms and Conditions, which are available here, have the same meanings in this privacy policy.

What data we might collect?
We collect personal information about you when you access the Site (such as behavioural information, including links you click and pages you enter, your IP address and device information), when you contact us (such as your name and email address) and if you opt out of marketing communications. We will collect your email address for marketing purposes. We may also collect an email address which has not been registered with us for ticket tracking purposes, but we will ask for your consent in such cases.

We will collect personal information from you either directly, such as when you contact us, or indirectly, such as your browsing activity while on the Site.

As a company providing money remittance, mobile phone top-up, and electricity top-up, we may also have to collect various types of personal data in the course of providing our Services to you:

1. Personal data such as your name, address, phone number, email address, date of birth and/or nationality. We might also need to collect copies of your identity document, utility bills, bank statements or any other documentary evidence. We might need this data in order to satisfy our know your customer (“KYC”) obligations.

2. Financial data such as your card or bank account information.

3. Personal data about your recipient such as their name, address and/or phone number. When you provide details about your recipient, you guarantee that you have obtained the necessary consent for the processing activities outlined in this privacy policy.3. about your recipient such as their name, address and/or phone number. When you provide details about your recipient, you guarantee that you have obtained the necessary consent for the processing activities outlined in this privacy policy.

4. Technical data such as (1) the internet protocol you use to login to your Account or submit a Transaction, (2) information about your device such as the device manufacturer, device model, device operating system, device operating system version, application version, carrier, connection type and/or time zone; and (3) event-based attributes such as button clicks and other in-app events.

When you install the Soni Transfer application, we will also ask you to allow us to access your mobile device’s address book. We might also ask you to allow us to access your media files (to enable you to share images with your Soni Transfer contacts), location (to share your location with your Soni Transfer contacts). You can choose not to allow us to have such access, however this would mean that some of the Services might not work. You can change your access preferences through your device settings.

We shall use automated processing to track your behaviour when using the Site, for example how you leave the Site, and to track if, and when, the Site crashes. This shall allow us to develop, maintain and improve the Site and our Services and tailor our communications with you accordingly.

Do you have to provide information and, if so, why?
We require you to provide us with, as a minimum, your email address and phone number in order to provide you with the mobile top-up service. We require you to provide us with, as a minimum, your full legal name, date of birth, address and nationality in order to provide you with the Remittance Services.

We may also require you to provide us with further information about yourself and/or your Receiver in relation to providing you with the Services such as an address, phone number, nationality, identity documentation, proof of address (such as utility bills), source of funds, bank statements or any other documentation as required by applicable laws and regulations.

We will inform you at the point of collecting information from you whether you are required to provide the information to us.

Why might we process your data?
We strive to provide you with a safe, personalised and delightful experience when you use our Services. To this end, we might process your data for the following reasons, which are necessary for the purposes of our legitimate interests in accordance with the lawful processing requirements indicated in the Data

Protection Regulations:

1. To provide you the Services, we need to collect your financial details and details about your recipient to complete money transfers, top-up of mobile phone credits, and top-up electric meters.

2. To comply with the law, as a financially regulated institution, we are obliged to know who our customers are and to perform our anti-money laundering and combating terrorism financing checks.

3. To provide relevant marketing, we might process your contact details such as email address and telephone number to provide you, as our customer, with a relevant and personalised marketing communication. Our goal is to market you only information which might benefit you and to do so in such a way which does not undermine your rights as a data subject. You will always have an absolute right to object at any time to any marketing communication sent to you.

4. To improve our Services, we might process technical data about your usage of our application to improve our Services. We will use anonymous identifiers and aggregated data, not your personal data. We will not sell your data to third party companies.

Legitimate interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.

How do we protect your data?
Protecting your personal data is very important to us. Soni Transfer maintains physical, electronic and procedural safeguards that comply with the applicable laws to protect your personal information from unauthorised access:

1. Using network and application firewalls when you transmit your personal data from your device to our servers, your information is protected by both a “firewall” and industry standard SSL (secure socket layer) encryption.

2. Secure storage – Once your data reaches our servers, data is securely stored.

3. Access control – Soni Transfer maintains a strict policy to control who can have access to your personal data. Any personal data will be accessible by Soni Transfer employees on the need-to-know basis only. Soni Transfer regularly trains staff on data protection practices to ensure all employees are aware of the Data Protection Regulations, data protection principles and customers’ rights as data subjects.

4. Payment Card Industry Data Security Standard (“PCI-DSS”) – Any financial information you transmit when you enter your card details is processed in accordance to PCI-DSS standards.

5. System testing – Soni Transfer regularly tests and reviews its systems and security practices.

6. Controlled data sharing – Before we decide to share your data with any third party, we make a careful assessment of that third party’s level of data protection. Any agreement to share data is made only with third parties which have an adequate level of data protection which complies with the Data Protection Regulations.

Even though Soni Transfer will make every effort to protect your data, you accept that we cannot guarantee security when you transmit it over the internet, and any transmission is at your own risk. To minimise your risk, we highly recommend that you do not share your login credentials, passwords, pin numbers or any other Account details with anyone else. We also highly recommend that you use appropriate anti-virus software to protect yourself from your data being compromised.

We have procedures in place to deal with any suspected data security breach.

If at any point you suspect or become aware of a security incident, please contact us at info@sonitransfer.com.

How long do we retain your data?
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including holding your personal data until we are lawfully required to do so. To comply with relevant KYC, anti-money laundering and counter-terrorism financing regulations, we are obliged to retain your data for at least five years after your last transaction with us in respect of the Remittance Services. We might retain your data for a longer period if instructed so by the relevant authorities or if required to protect rights of Soni Transfer.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

Who might we share your data with?
We might share your data with third party service providers which enable us to provide you with the Services:

1. Payment service providers (“PSPs”) – we will use PSPs to enable card processing, bank payment services and accounting.

2. Money service businesses (“MSBs”) – we will partner with MSBs in different countries to provide you and your receiver with different pay-out services ranging from cash to bank transfers.

3. KYC service providers – we might rely on trusted KYC providers to verify your identity. This might involve verifying your information against credit institutions.

4. Regulatory authorities and law enforcement agencies – in order to comply with relevant laws and regulations, we might be obliged to share your personal data as well as your account/transaction data with relevant authorities.

5. Analytics and marketing companies – to provide you with a high-quality service, we might share anonymised data with analytics companies. In order to provide you with relevant and personalised marketing communications we might also share anonymous aggregated data with our partners.

We select our partners carefully. Before starting any relationship, we make sure they are fully compliant with the Data Protection Regulations and employ adequate data protection practices.

What are your rights?
When you share your personal data with us, you have all the below rights:

1. Right to Withdraw Consent – at any point in time you can easily withdraw your consent to allow us to process your personal data. This can be done easily in your Account settings or by sending us an email to support@sonitransfer.com. Please note that (i) this will not affect the lawfulness of any processing based on consent given before its withdrawal, and (ii) withdrawing consent might mean that we will not be able to provide all or part of the Services to you.

2. Right to Be Informed – you have a right to be informed about what data we collect, how we use it and who we share it with.

3. Right to Access – you can ask us to provide you with all the data we have collected about you, how it is used and who it has been shared with. If you wish to do so, please send us an email to support@sonitransfer.com. We will have one month from the day of receipt of the request to send you back the results (this may be extended by two further months where necessary, in which case we will inform of you of the extension and the reasons for it within one month of receipt of the request).

4. Right to Rectify – you have a right to rectify incomplete or inaccurate personal information concerning you.

5. Right to Erasure – you have the right to require the erasure of personal data concerning you in certain circumstances.

6. Right to Data Portability – you have the right to receive the personal information concerning you which you have provided to us in a structured, commonly used and machine-readable format and have the right to transmit that data to a third party in certain situations.

7. Right to Restriction of Processing – you have a right to request that we stop processing any personal data.

8. Right to Object to Direct Marketing Processing – you have the right to object to the processing of your personal information for the purposes of direct marketing at any time by sending us an email to support@sonitransfer.com.

9. Right to Object – you have the right to object to the processing of personal information concerning you in certain other circumstances.

10. Notification Obligation – you have a right to be informed without undue delay about a personal data breach where this is likely to result in a high risk of adversely affecting your rights and freedoms.

11. Right to Complain – you have a right to complain to a supervisory authority, in particular in the European Union (or EEA) state where you work, normally live or where any alleged infringement of data protection laws occurred (in the UK, this is the Information Commissioner’s Office who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113) if you believe we didn’t process your data correctly.

You can exercise your data protection rights by sending us an email to support@sonitransfer.com.

Cookies policy
A cookie is a small piece of data sent from a website and stored on your device while you are browsing that website. Cookies were designed to be a reliable mechanism for websites to remember important information about the usage of the website.

We use cookies on the Site to gather important information about you as our user. It allows us to provide you with a smooth experience when using our Services as well as to better understand and improve our Services.

The types of cookies we use are as follows:

1. Essential cookies – these are the cookies required for good functioning of the Site. For example, to store your session ID.

2. Analytical cookies – these are the cookies that allow us to see and count how many users visit our Site, which pages they go through and how they behave on our Site.

Other websites
The Site may contain links to other independent third-party websites which are outside of the control of Soni Transfer and are not covered by this privacy policy. These other third-party websites may also gather information about you in accordance with their own separate privacy policies. For privacy information relating to these other third-party websites, please consult their privacy policies as appropriate.

Changes in privacy policy
This privacy policy was published on 11-11-2021.

We may change any of the provisions in this privacy policy from time to time and, in case of such change, we will notify you via email. A new privacy policy will be effective immediately.

Contact details
If you wish to contact us, please send us an email to support@sonitransfer.com