Privacy Policy

ABOUT THIS DOCUMENT


This privacy policy will help you understand how we collect, use, and protect your personal data when you use our websites (viabuy.com, crosscard.com, fleetmoney.com and cardstatus.com - collectively “our websites”), or our applications for mobile devices (“apps”), or when we receive your personal data for recruitment purposes. 

 

WHO WE ARE AND OUR CONTACT DETAILS


Dock Financial GmbH is a limited liability company with its business address at Arnulfstr. 124, D-80636 Munich, Germany, registered in the commercial register at Munich Local Court under the number HRB 248225.

 

Dock Financial S.A. is a public limited company (société anonyme) incorporated and existing under the laws of the Grand Duchy of Luxembourg, registered in the Trade and Companies Register under number B215831, with its registered address at 26 Boulevard Royal, L-2449 Luxembourg, Grand Duchy of Luxembourg. Dock Financial is authorised as an electronic money institution by the Ministry of Finance of the Grand Duchy of Luxembourg with authorisation number 17/19 and is regulated and supervised by the Commission de Surveillance du Secteur Financier ("CSSF") in the Grand Duchy of Luxembourg under national ID number W00000011.


Dock Financial and Dock Financial GmbH belong to the Dock Financial Group (“Dock Financial”).


Dock Financial has overall responsibility for the processing of your personal data. This means we are deemed a “data controller” under the General Data Protection Regulation (GDPR). We fully comply with the GDPR as well as the Luxembourg law on professional secrecy. We have appointed a Data Protection Officer (DPO) who shall be responsible for answering any questions in relation to this privacy policy. If you have any questions regarding this privacy policy or the processing of your personal data, please contact us by email at data@dock.financial or by post at Dock Financial, Arnulfstr. 124, D-80636 Munich, Germany. 


WHAT INFORMATION WE COLLECT ABOUT YOU

The personal information we collect about you includes:

  • Name, date of birth and gender;
  • Identification document details;
  • Contact details, including address, telephone number, and email address;
  • Financial information, including credit/debit card details and other payment methods (even if we do not hold full payment card details), details about the source of funds;
  • Identifiers assigned to your computer or other devices, including your IP address.
  • By using our websites and our apps, cookies may also be stored on your devices. Further information about cookies can be found below under the heading “Cookies and web beacons”.

Special types of personal data
Dock Financial does not intentionally collect any special categories of personal data (sensitive personal data) through our websites or apps unless we are required to do so by law in a particular country, e.g., for recruitment purposes. Sensitive personal information includes information indicating ethnic origin; political opinions; religious or philosophical beliefs; trade union membership; the processing of genetic or biometric data for the purpose of uniquely identifying a natural person; information concerning health; information concerning a natural person's sex life or sexual orientation; and in some cases national insurance numbers or financial information.


Security
Dock Financial places great importance on safeguarding the confidentiality and security of information we receive during the course of our business operations. Access to such information is restricted, and policies, measures, and procedures are in place to protect the information from loss, misuse, and inappropriate disclosure.

 

WHY WE COLLECT AND STORE YOUR PERSONAL DATA


We retain personal data as long as is necessary for business purposes, to provide you with our services and to fulfil legal or regulatory obligations. We guarantee that we will always have secure control measures in place to protect all your personal data from any unauthorised access.

We may retain your personal information for longer than the minimum period required by law where it is in our legitimate business interests to do so and where it is not prohibited by law.


We use cookies, web beacons and other web technologies to enhance your user experience. These shall only remain active for a limited period of time.


HOW WE COLLECT INFORMATION ABOUT YOU


We collect most of the personal information we store about you directly from you. This happens, for example, when you:

  • Register to receive information from us or subscribe to our newsletter;
  • Download PDFs or other documents/information from our websites;
  • Contact us directly, either via our call centre, by email or via social media;
  • Sign up to receive job vacancies and offers;
  • Apply for a vacancy via our websites;
  • Respond to messages or surveys;
  • Visit our websites and apply for a prepaid product;
  • Start an application for a prepaid product, but do not complete it;
  • Enquire or raise concerns with our customer service team;
  • Use our apps;
  • Accept the use of cookies;
  • We also collect information about you if you contact us via one of our external partners, e.g. if you apply to us via a third-party provider, such as a recruitment agency or our HR tool.


To learn more about you and verify your identity, we may supplement and combine the personal data we collect from you with other categories of data from other sources.

We may amend or supplement this from time to time and any changes will be reflected in our privacy policy.

Information we collect on social media platforms

 

You may wish to participate in the social media platforms that we make available to you. The main purpose of these social media platforms is to inform, support, and interact with you. We monitor and document comments and posts published on these channels in order to improve our products and services. We use a third-party provider to manage our social media interactions. If you send us a private or direct message via social media, the message shall be stored for three years. Dock Financial may also provide links to other social media platforms maintained by individuals or organisations on separate servers over which Dock Financial has no control. Dock Financial makes no representations or warranties regarding the accuracy or other aspects of the information on such servers. A link to a third-party website should not be construed as an endorsement by Dock Financial of that third party or their products and services. In addition, Dock Financial is not responsible for information posted on these websites, except for the information we have posted ourselves. We do not endorse the social media sites themselves or any information posted by third parties or other users.


We encourage you to read the privacy policy of any third party website linked to from our websites to determine how they use your personal data.

Information we collect when you use our call centre

We use a third-party provider to manage our VIABUY customer service phone interactions. When you call the VIABUY call centre, we collect calling line identification (CLI) information and some information about yourself for security, identification, and verification purposes. We use this data to help you with your queries and to improve the efficiency and effectiveness of our service.


We may also monitor or record telephone calls with you if we need to check that we have carried out your instructions correctly, resolve queries or problems, enhance service quality, and detect or prevent fraud or other crime. Calls may also be monitored and/or recorded for staff training purposes.

 

WHAT WE USE YOUR INFORMATION FOR AND THE REASONS FOR PROCESSING

We shall only store and use your personal data to the extent necessary for the performance of a contract between you and us, to fulfil our legal and regulatory obligations, as required for our legitimate interests, or for certain additional purposes, and only with your explicit consent. For example, we may use your personal data for the following purposes:

  • Managing your account (to the extent necessary for the performance of a contract between you and us and/or for our legitimate interests);
  • Conducting fraud and money laundering checks and verifying your identity (as necessary to comply with our legal and regulatory obligations and/or for our legitimate interests);
  • Using your data to process payments (to the extent necessary for the performance of a contract between you and us and/or for our legitimate interests);
  • Sending you information about our products and services (to the extent necessary for the performance of a contract between you and us and/or for our legitimate interests);
  • Monitoring your use and the effectiveness of our websites and apps (to the extent necessary for our legitimate interests);
  • Conducting market research and statistical analysis, including analysing your use of our websites and developing new products and services (in accordance with the cookie consent settings you have selected);
  • Fulfilling our obligations to a competent supervisory authority, tax authority or tax office (to the extent necessary for compliance with our legal and regulatory obligations and/or for our legitimate interests); and
  • Retaining the CV of unsuccessful job applicants in accordance with our data retention policy for consideration for future vacancies (to the extent required for our legitimate interests).
  • Our legitimate interests, which we address above and in the following, include our legitimate business purposes and our commercial interests in operating our business in a customer-centric, efficient, and sustainable manner in accordance with all applicable legal and regulatory requirements.


Use of your data for fraud prevention
In specific situations, before providing you with our prepaid products and services, we use your personal data to conduct checks to prevent fraud and money laundering, as well as to verify your identity. We use third-party providers to assist in verifying your identification documents and to check your name and country of residence against sanctions and lists of politically exposed persons, in accordance with legal requirements. We may also share your data with other financial institutions and law enforcement agencies to prevent fraud, money laundering, terrorism financing, and other financial crimes in accordance with data protection regulations.

If we or an anti-fraud authority determine that you pose a risk of fraud or money laundering, we may refuse to provide you with the products or services you have requested. We may also stop providing existing services to you. A record of the risk of fraud or money laundering will be kept by us and the fraud prevention agencies. This may also result in others refusing to offer you products, services, finance, or employment. If you have any questions about how we process your data for fraud prevention purposes, please contact us using the details above.

When Dock Financial and fraud prevention agencies process your personal data, we do so on the basis that we have a legitimate interest in processing your data in such a way to protect our business and comply with various laws that apply to us. Such processing may also be a contractual requirement in relation to the services you have requested.

Use of your personal data for marketing purposes
Alongside the above purposes, we may also process your personal data for marketing purposes to send you information about similar products and services by post, email, text message and other channels, such as social media platforms, provided you have expressly consented to this.

You may opt out of receiving marketing material from us at any time. Please follow the unsubscribe link in our marketing emails or text messages; or send us your name, address, and date of birth by email to data@dock.financial or by post to: Dock Financial, Arnulfstr. 124, D-80636 Munich, Germany.

WHO WE SHARE YOUR DATA WITH

Depending on the nature of our relationship or the products and services provided to you, we may also share your information with the following categories of third parties:

  • Payment service providers (to the extent necessary for the performance of a contract between you and us);
  • Third-party providers with whom you also have a contractual relationship (to the extent necessary for our legitimate interests and for the legitimate interests of the third-party provider with whom you also have a contractual relationship);
  • Third-party service providers that we engage for the purpose of processing service information (to the extent necessary for the performance of a contract between you and us and/or necessary for our legitimate interests and/or authorised by your explicit consent);
  • Third-party data providers as explained under “How we collect information about you” (to the extent necessary for our legitimate interests);
  • Third-party service providers who support the operation of our business, such as IT and marketing suppliers, financial service providers and other administrative support services, and to operate our websites (to the extent necessary for the performance of a contract between you and us and/or as necessary for our legitimate interests);
  • Authorities and fraud prevention organisations (to the extent necessary to comply with our legal obligations and/or for our legitimate interests);
  • As required by a court order or other legal or regulatory authority, such as law enforcement agencies, including the police, regulators, tax authorities or other relevant authority that may have jurisdiction (to the extent necessary to comply with our legal and regulatory obligations).

WHERE YOUR INFORMATION IS PROCESSED

The personal data that we collect from you and that is shared with the third parties mentioned above may be transferred to, and processed at, a destination outside the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for us or for one of our providers.

  • The country to which we send the data is recognised by the European Commission as providing an adequate level of protection for personal data; or
  • The recipient has agreed standard contractual clauses with us that have been approved by the European Commission and require the recipient to protect their personal data; or
  • There is a further situation in which the transfer is permitted under the applicable data protection laws.
  • To find out more about how your personal information is protected when it is transferred outside the EEA (and if you would like a copy of the standard contractual clauses we have in place with recipients of your personal information outside the EEA), please contact us using the details set out above.

Dock Financial shall only disclose your personal data to third parties that comply with the GDPR and the Luxembourg law on professional secrecy.

HOW LONG WILL YOUR INFORMATION BE STORED?

Dock Financial shall only retain personal information for as long as necessary and we have strict review and retention policies in place to fulfil these obligations. Unless otherwise stated, we shall retain your personal information for as long as permitted or required by law and for as long as it is still in our business interests to do so.


COOKIES UND WEB BEACONS

Our websites and apps use cookies, web beacons and, where appropriate, other web technologies to improve their performance and optimise your browsing experience. These technologies help us to track and monitor your usage behaviour and your use of our websites and apps in order to learn more about you so that we can offer you a personalised browsing experience. 

COOKIES
We may place small files on your access device. These files may be cookies or other local storage provided by your browser or associated applications (“cookies”). We use cookies to recognise you as a customer, customise our services, content, and advertising, measure the effectiveness of advertising, ensure the security of your account, minimise risks, prevent fraud, and promote trust and security on our websites and services.



Which cookies do we use?
The cookies used by our websites or apps may include the following:

Temporary (or per session) cookies – these only exist for your website visit and are deleted once you leave. These recognise you when you move between pages and remember, for example, items that have been added to an online shopping basket. These cookies also help to maintain security.

 

Persistent (or permanent) cookies – these remain on your computer until they expire or are deleted. Many are set with automatic erasure dates to ensure your hard drive is not overloaded. These cookies often save and re-enter your login details, so you don't have to remember membership details.


We use both types of cookies.

In addition, cookies may be first-party or third-party cookies. First-party cookies are created and owned by Dock Financial. Third-party cookies belong to an independent company and are created by that company. This is usually a company that provides a service to the website owners. These cookies collect information about the origin of your visit, where you were exposed to Dock Financial advertising, which advertising content you viewed, whether you landed on our websites directly or indirectly, the device you used to visit our websites or use our apps, and which downloads you performed.


You can check, activate, or deactivate cookies before you enter our website for the first time or at any time by clicking on the cookie symbol.

For a full list of third party providers, please contact our Data Protection Officer using the email address below.


How do I disable cookies?
You can block our cookies by setting your preferences in the pop-up window when you first visit our website. Cookies that are technically necessary cannot be disabled as they are required for the correct functioning of the website, to prevent fraud, or to ensure the security of our websites and apps. If you don't want these cookies to be used, you will not be able to visit or use our websites. Disabling cookies may affect the use of Our website/apps and services. To enable or disable cookies, click on the cookie icon in the top corner of our website and follow the instructions.

Web beacons

We use small graphics (also known as tracking pixels or clear GIFs – “web beacons”) on our websites, apps or emails that remain invisible to you, but provide us with information about your experience and interactions with our websites, apps, and emails, such as which browser was used, whether an email was opened and so on. As part of our efforts to track the success of our advertising campaigns, we sometimes use visitor identification technologies such as these "web beacons" that count visitors who have visited our websites after being exposed to a Dock Financial banner ad with a third party. Web beacons often work in conjunction with cookies. No personally identifiable or sensitive personal information is collected through web beacons.


YOUR RIGHTS

Under the Data Protection Regulation, you have the right to:

  • Access and obtain copies of the personal information we hold about you;
  • Request that we stop processing your personal data if the processing is causing you harm or concern;
  • Unsubscribe from our marketing communications;
  • Ask us to delete your personal data;
  • Receive the personal information we hold about you, which you have provided to us, in a structured, commonly used, and machine-readable format, including for the purpose of transmitting that personal information to another data controller; and
  • Request that we correct the personal data we hold about you if it is incorrect.

Please note that these rights may be restricted by data protection laws, and we may be authorised to refuse requests where exemptions apply.


COMPLAINTS

If you have any concerns about a possible breach of data protection law by Dock Financial, you can contact us by email at data@dock.financial or by post at Dock Financial, Arnulfstr. 124, D-80636 Munich, Germany.

If you are dissatisfied with Dock Financial's handling of your complaint, you have the right to contact the National Commission for Data Protection (Commission nationale pour la protection des données - CNPD) or the data protection authority in your country. You can find more information about your rights under the General Data Protection Regulation on the CNPD website.

 

CHANGES TO THIS PRIVACY POLICY


We may update this policy from time to time by publishing a new version on our websites. You should check this page from time to time to ensure that you are happy with any changes. If the changes are significant, we may notify you of changes to this privacy policy by email.\

 

If you have any questions or concerns about this privacy policy, please contact our Data Protection Officer at data@dock.financial or by post at Dock Financial, Arnulfstr. 124, D-80636 Munich, Germany.

The original text of this privacy policy is written in English. Any translation into another language is provided for convenience only. In the event of any discrepancies or inconsistencies between the original English texts and their translation into another language, the original English versions shall prevail.