Sisow Privacy Statement
This Privacy Statement is intended to inform you of the policy Sisow maintains as a financial institution with regard to how we handle the personal data we collect, process, save and store, as well as the use and disclosure of the personal data we process. As a Collecting Payment Service Provider (CPSP), Sisow offers services to and processes payments from Merchants/online stores and consumers. We consider it our responsibility to protect your privacy. By making use of the services offered by Sisow, you indicate that you accept this Privacy Statement.
General Data Protection Regulation
We process personal data received in accordance with the General Data Protection Regulation (GDPR) and, in so doing, we act as the controller as defined in the General Data Protection Regulation, (EU) 2016/679. Sisow B.V. is registered with the Dutch Data Protection Authority under number M1467297. All (personal) data which are collected through telephone and/or email contact, our Merchants’ sales channels, the Sisow portal, and other methods are provided voluntarily.
When you register for one of our services or would like to pay via Sisow (Stichting Derdengelden Sisow) for the purchase of products or services from a Merchant/online store, we ask you to provide personal data. These data are used to be able to perform the transactions requested. The obtained data are stored on secure servers belonging to Sisow or a third party. We will not combine these data with other personal data which are available to us. The following personal data are processed by Sisow if you make use of our services as a Merchant: name, address, postal code, place of residence, telephone number, email address, IP address, date of birth, and ID document number. When you, as a consumer, make a payment via Sisow (Stichting Derdengelden Sisow) for the purchase of a product or service from a Merchant, the following personal data are processed: payment information (IBAN and BIC), name of account holder, IP address; in some cases also name, address, postal code, place of residence, telephone number, email address, date of birth, etc.
Emails or other messages sent to us may be saved. Sometimes we ask you for personal data which are relevant for the current situation. These data enable us to process your requests and answer your questions. The data are stored on secure servers belonging to Sisow or a third party. We will not combine these data with other personal data which are available to us.
Personal data are used for the following purposes: – Sisow only processes personal data insofar as they are necessary for the provision of its services; in other words: in order to implement the contractual relationship with the Merchant and to complete the transaction between the consumer and the Merchant via the payment method selected by the consumer; – In order to satisfy Dutch laws and regulations, including the Financial Supervision Act (Wft) and the Money Laundering and Terrorist Financing Prevention Act (Wwft), as well as laws and regulations of other EU jurisdictions; – In order to send you information we think will be of interest to you, through company updates and newsletters. If you no longer wish to receive general information via the newsletter, you may unsubscribe for it at the bottom of the email. You will then only continue to receive important company updates, such as the notification of a disruption. Unless we have previously obtained your specific consent, Sisow collects or uses no information for purposes other than those described in this Privacy Statement.
The personal data are saved no longer than the required statutory period or, if such a period does not apply, no longer than is strictly necessary for the provision of Sisow’s services.
Sisow may share your personal data with third parties if it is necessary to do so for the implementation of the agreement or on the basis of statutory obligations. Sisow concludes a processing agreement with third parties that process your personal data on the instructions of Sisow. We select third parties with due care and guarantee they have taken sufficient measures to protect your personal data in accordance with the law or contractual obligations. Examples of third parties are the suppliers of payment methods (for instance, a bank in the case of iDEAL, a Credit Card supplier, or a “post-order payment” option such as AfterPay and Klarna). Personal data of consumers are shared with these suppliers in order to successfully complete the transaction and payment. These parties are often financial institutions that are supervised by the Dutch Central Bank (DNB, De Nederlandsche Bank) or another European Central Bank. Such parties only use those transaction data which are required to perform the payment. In addition, in certain cases and for operational or technical purposes (such as server hosting), we make use of IT or other services provided by third parties which are located in the EU.
In order to protect your privacy, Sisow takes all appropriate technical and organisational measures to combat abuse, loss, unauthorized access, accidental disclosure, and unauthorized modification.
We reserve the right to update or modify this Privacy Statement as needed. We will inform you of any modifications to the Privacy Statement via the email address which you have provided us or via a newsletter.
You have the right to view, change or delete all personal information which has been provided to Sisow, unless Sisow cannot comply with these rights by virtue of a statutory obligation. You may always ask us to provide you an overview of your data and request to have these data corrected or deleted if the data are incorrect or irrelevant for the stated purposes. To do this, send us an email at firstname.lastname@example.org.
If you have comments and/or questions about this Privacy Statement, please contact us by sending an email at email@example.com.
Version 2.0 (April 2018)