You must be curious how we handle your personal data. In this Privacy Statement we explain how we handle your personal data and why we do so. We believe it’s important that you check this and understand our statement. Any questions left? Reach out out to us via [email protected]
Our principles are:
This is the Privacy Statement of Flow Money Automation B.V. and we do our best to help you get a grip on your financial affairs. In this Privacy Statement we describe which personal data we process and why we need it. We want to be clear and transparent in this. We have set up our company in such a way that your privacy is always guaranteed first according to the principles of privacy by design and privacy by default. Flow has been assessed by an independent auditor and is ISO27001 certified. This is the standard in information security. In this way we can demonstrate that information security is an important element at Flow. Every year we are assessed on this by independent auditors who keep us sharp. You can find our certificate here. We shall, among others:
Flow is responsible for processing your personal data. We take this job very seriously. And of course you want to know who we are. Here you have our data:
Flow Money Automation B.V. Riperwei 54 8406 AK Tijnje Chamber of Commerce: 72829796 E-mail: [email protected]
Flow has a so-called "PSD2 license". This is a license from the Dutch Central Bank with which we can offer our payment services. PSD2 stands for "Payment Services Directive 2" and is a guideline that ensures that European consumers can ask their bank to share data with companies such as Flow, in a safe and responsible manner. From July 13, 2020, Flow has a license to view your account information (Service 8) and to perform payment initiations (Service 7). You can find us in the DNB Register of Payment Institutions under number: R166735
We collect and process data about you. There are several reasons why we process this information. Below is an explanation of what for, why and how long we keep the information:
|What data?||Purpose?||Which basis??||When?|
|Anti Money Laundering (AML)||
The data we collect (ID data, communication data, identification data, bank information, transaction information, technical information, anti money laundering) is sent to and stored at a location in the European Economic Area (“EEA”): Amazon Web Services in Frankfurt, Germany. We only work with partners who meet the security requirements and comply with our Privacy Statement.
Some of the information (communication data) is stored with our suppliers (including Whatsapp, Google, Facebook, Twitter) because we use their services. To the extent possible, we will require this to be stored within the European Economic Area (“EEA”).
As you can see, we will do our utmost to keep your personal information secure. We have internal procedures and policies regarding the security of our product to prevent unwanted access.
|Type of information||How long do we keep it?||Why?|
|ID data||5 years||Legal obligation|
|Communication data||1 year||GDPR|
|Identification information||1 year||GDPR|
|Bank information||5 years||Legal obligation|
|Transaction information||5 years||Legal obligation|
|Technical information||1 year||GDPR|
|Anti Money Laundering (AML)||5 years||Legal obligation|
We have taken strict measures to protect your personal information. In addition, the Data Leaks Protocol of the AP is active at Flow. Based on this protocol it is determined whether there is a data breach and under what conditions this must be reported to the Dutch Data Protection Authority (AP). We communicate transparently and honestly about this with you.
We exchange personal information with the following authorities in order to provide Flow services:Authorities
We are required by law to report unusual transactions to the authorities. We may restrict or exclude you from using Flow based on unusual transactions.Banks and financial service providers
We can work with these parties to provide services. Our role is to protect your personal data and we will never exchange data without a legitimate reason. Your data will only be sent to these service providers when you have asked us to use their service.Advertising and analysis service providerss
We use a third party to analyze the use of the Site (Google Analytics). We do not exchange personal data, but draw up a profile of your use so that we can define different types of user groups.
We believe it is important to explain how we use your data to communicate with you and to state that you have the right to unsubscribe. You can unsubscribe from our mailings at any time by clicking unsubscribe at the bottom of the email or by contacting [email protected].
You have rights regarding the personal data we collect. You can contact Flow at [email protected] to make your request.The right to access
You have the right to request access to the personal data that we process. We will provide a copy of the personal data being processed.The right to rectification
If your details are incorrect, you can request us to adjust the details. We will then correct this.The right to erasure (oblivion)
By using the services of Flow we process your data. You have the right to ask us to delete this data from our systems. We will comply with this requirement without unreasonable delay, and when it is reasonably within our control.
If you no longer use your account, you can contact [email protected] to request that your data be removed from our system.The right to portability (data portability)
You can request us to transfer your personal data in a structured, commonly used and machine-readable format. That way you can transfer your data to a new service provider without any obstacles.
We will try to fulfill legitimate requests within one month. Exceptionally, it can take us longer than a month, we ask for your understanding.