Data Privacy Notice
Data Privacy Notice – v. January 2021
In this Data Privacy Notice (“Privacy Notice”) we explain how we collect and use your personal information that we obtain when you use our website or otherwise interact with us, how we share your information and the steps we take to protect your information.
1. Who we are and the application of this Privacy Notice
This Privacy Notice applies to Euronet Worldwide, Inc. (hereinafter referred to as, “Euronet”, “we”, “our” or “us”). Further details on Euronet and the companies within the Euronet group global network (the “Euronet Group”) are available at: https://www.euronetworldwide.com.
We are committed to the privacy and security of your Personal Data (as defined in section 2 below). This Privacy Notice describes how we collect and use Personal Data, in accordance with applicable law and our standards of ethical conduct.
Euronet Worldwide, Inc. 11400 Tomahawk Creek Parkway, Leawood, Kansas 66211, USA, will be the “data controller” in relation to any Personal Data provided to us via the following website: https://www.euronetworldwide.com (the “Website”).
This means that Euronet is responsible for deciding how it will hold and use Personal Data about you.
By using or navigating the Website, you acknowledge that you have read, understand, and agree to be bound by this Privacy Notice. You should not provide us with any of your information if you do not agree with the terms of this Privacy Notice.
We encourage you to review and check the Website regularly for any updates to this Privacy Notice. We will publish the updated version on the Website and by continuing to deal with us, you accept this Privacy Notice as it applies from time to time.
2. Data Protection Principles
“Personal Data” means any information provided by you in this Website that enables us to identify you, directly or indirectly, such as name, email, address, or telephone number.
We are committed to complying with applicable data protection laws and will ensure that Personal Data is:
- Used lawfully, fairly and in a transparent way;
- Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;
- Relevant to the purposes we have told you about and limited only to those purposes;
- Accurate and kept up to date;
- Kept only as long as necessary for the purposes we have told you about; and
- Kept securely.
3. What Personal Data do we collect and how do we collect it?
Personal Data You Give Us. We may collect Personal Data when you give it to us, including when you indicate that you would like to contact us, when you complete forms online, when you speak with us over the telephone, when you speak with us in person, when you write to us, and when you visit the Website.
We may collect and process the following Personal Data:
- Personal details, such as data which may identify you. This may include name, title, residential and/or business address, email, telephone and/or fax numbers and other contact data;
Information from the use of our services. When using our Website, we may collect information via cookies and similar technologies.
Due to their core role of enhancing or enabling usability or site processes, disabling cookies may prevent you from using certain parts of our Website. It will also mean that some features on our Website will not function if you do not allow cookies.
4. How we use your Personal Data?
We use Personal Data and other data you provide to us only for the purpose of replying to your information’s request included in the contact form submitted by you.
In some circumstances we may anonymise your Personal Data so that it can no longer be associated with you, in which case we may use such data without further notice to you.
5. Is data collected shared with third parties?
We will keep Personal Data that you provide to us private and will disclose such Personal Information only in accordance with this Policy.
Euronet does not sell, rent, or lease to third parties any Personal Data we collect from you. We may disclose or share Personal Data with our authorized employees, agents, legal representatives and service providers, for the purposes described in this Policy.
Euronet may share your Personal Data with Euronet and affiliates in the Euronet Group (some of which are based outside the EEA) for the purposes, or to enable or facilitate the purposes, set out in Section 4 of this Privacy Notice. This may also include sharing your Personal Data within the Euronet Group for purposes of complying with legal or regulatory obligations.
We may transfer your Personal Data to a third party as a result of a sale, acquisition, merger, or reorganization involving Euronet, a company within the Euronet Group, or any of their respective assets. In these circumstances, we will take reasonably appropriate steps to ensure that your information is properly protected.
Legal and regulatory
We may also disclose your Personal Data in special cases if required to do so by law enforcement agencies, law, court order, or other governmental authority, or when we believe in good faith that disclosing this data is otherwise necessary or advisable, such as to identify, contact, or bring legal action against someone who may be causing injury to – or interfering with – the rights or property of Euronet, the Services, another user, or anyone else that could be harmed by such activities (for example, identify theft or fraud).
To support our global operations, we may store or process your Personal Data in any country where we maintain presence, where we engage third-party service providers or where we do business, but we will do so only for the purposes described herein. When we transmit your information to other countries, we will protect that information as described in this document. There may be circumstances in which the law enforcement agencies or government authorities in such other countries may be entitled to access your Personal Data.
6. How long is Personal Data retained?
We will keep and retain your Personal Data in accordance with our data retention policy. Your personal data will only be kept for as long as it necessary for the purposes for which it was collected, and as permitted or required by law.
We will delete, erase, securely destroy or anonymize your data once we no longer have a necessary business purpose for keeping it, except in situations where:
- We need to retain your personal information in order to comply with applicable legal, regulatory or compliance obligations;
- we need it to demonstrate evidence our compliance with applicable law;
- If there is there is an active issue, claim or dispute requiring us to keep the relevant information until it is resolved; or
- the information must be kept for our legitimate business interests, such as fraud prevention and enhancing users' safety and security.
Please note that once the retention period has expired, we may delete your personal data permanently, and as a result your right to access, delete and correct your personal data cannot be exercised by you.
You may obtain a copy of our Retention Policy by contacting our Euronet Group Data Protection Officer.
7. Data Security
We are committed to maintaining the security of your Personal Data and have measures in place to protect against the loss, misuse, and alteration of the data under our control. We keep the Personal Data we collect about you confidential and have adopted reasonable physical, technical, and organizational procedures appropriate to the sensitivity of the data to safeguard the Personal Data you provide to us. Notwithstanding these measures, no collection, storage, or transmission of information over the Internet on websites or otherwise can be guaranteed to be absolutely secure, and therefore we cannot ensure, warrant or guarantee the security of any such information.
Our datacentres employ physical security measures to help prevent unauthorized access to the facility. In addition, all Personal Data is stored in a secure location behind firewalls and other security systems with limited (need-to-know) administrative access.
All Euronet employees who have access to, or are associated with, the processing of Personal Data are contractually obligated to respect the confidentiality of your data and abide by the privacy standards we have established.
8. Does this Privacy Notice apply to other websites?
No. Our Website may contain links to other Internet websites. By clicking on a third-party advertising banner or certain other links, you will be redirected to such third-party websites.
We are not responsible for the privacy policies of other websites or services. You should make sure that you read and understand any applicable third-party privacy policies, and you should direct any questions or concerns to the relevant third-party administrators or webmasters prior to providing any Personal Data.
9. What are my data protection rights?
Subject to verification of your identity, you may request access to and have the opportunity to update and amend your Personal Data. You may also exercise any other rights you enjoy under applicable data protection laws. Please use the contact details in Section 10 of this Privacy Notice.
“Data Subjects” have the right to:
- Request access to any Personal Data we hold about them as well as related data, including the purposes for processing the Personal Data, the recipients or categories of recipients with whom the Personal Data has been shared, where possible, the period for which the Personal Data will be stored, the source of the Personal Data, and the existence of any automated decision making;
- Obtain without undue delay the rectification of any inaccurate Personal Data we hold about them;
- Request that Personal Data held about them is deleted provided the Personal Data is not required by us, a Euronet Company or the Euronet Group for compliance with a legal obligation under applicable law or for the establishment, exercise or defence of a legal claim;
- Under certain circumstances, prevent or restrict processing of your Personal Data, except to the extent processing is required for the establishment, exercise or defence of legal claims; and
- Under certain circumstances, request transfer of Personal Data directly to a third party where this is technically feasible.
Also, where you believe that Euronet has not complied with its obligations under this Privacy Notice or the applicable law, you have the right to make a complaint to a relevant Data Protection Authority or through the courts. Although not required, we would encourage you to let us know about any complaint you might have, and we will respond in line with our Complaints Procedure (see Section 12 of this Privacy Notice).
California Consumer Privacy Act Rights
As of January 1, 2020 verified California residents will have the right to:
- request and receive disclosure of our personal information collection practices during the prior 12 months, including the categories of personal information we collect, the categories of sources of such information, our business purpose for collecting or sharing such information, and the categories of third parties with whom we share such information.
- request and receive a copy of the personal information we have collected about them during the prior 12 months.
- request and receive disclosure of our information sharing practices during the prior 12 months, including a list of the categories of personal information sold with the category of third party recipients and a list of the categories of personal information that we disclosed for a business purpose.
- request that we not sell personal information about them; and
- request that we delete (and direct our service providers to delete) their personal information subject to certain exceptions.
For purposes of the CCPA personal information means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household.
In order to make a request for disclosure, California residents may contact us by calling Euronet at 1-844-204-1412, emailing Euronet (email@example.com or by clicking here. We will ask you for information that allows us to reasonably verify your identity (that you are the person about whom we collected personal information) and will use that information only for that purpose. We may request that you submit a signed statement under penalty of perjury that you are the individual you claim to be. We will acknowledge receipt of your request within 10 days and will endeavor to respond within forty-five days of receipt of your request, but if we require more time (up to an additional forty-five days) we will notify you of our need for additional time. For requests that we not sell your information we will comply with your request within 15 days. We cannot respond to your request or provide you with personal information if we cannot verify your identity and confirm that the personal information relates to you.
You may make a request for disclosure of our information collection practices, the information we collected about you, or our sharing practices up to twice within a 12-month period. You may make a request that we not sell information or for deletion of your information at any time.
For requests for a copy of the personal information we have collected during the 12 months prior to your request we will endeavor to provide the information in a format that is readily useable, including by mailing you a paper copy or providing an electronic copy to your registered account, if you have registered an account with us.
For requests for deletion of your information please understand that California law permits us to retain certain information and not to delete it under certain circumstances. By way of example, we are not required to comply with a request to delete information if the information is necessary for us to complete a transaction for you or otherwise perform a contract; to detect, protect against, or prosecute security incidents, fraud or illegal activity; to use the information only internally in ways reasonably aligned with your expectations as our customer (such as maintaining sales records), and to comply with legal obligations. If we receive such a request from you we will notify any service providers we have engaged to delete your information as well.
We will not discriminate against you as a result of your exercise of any of these rights.
Using an Authorized Agent. You may submit a request through someone holding a formal Power of Attorney. Otherwise, you may submit a request using an authorized agent only if (1) you provide the authorized agent with written permission to make a request and (2) you verify your own identity directly with us. We will require the agent to submit proof to us that they have been authorized to make requests on your behalf.
During the past 12 months, we have collected the following categories of information from the listed sources, used it for the listed business purposes and shared it with the listed categories of third parties. The categories of information include information we collect from our website visitors, registered users, employees, vendors, suppliers and any other person that interacts with us either online or offline. Not all information is collected about all individuals. For instance, we may collect different information from applicants for employment or from vendors or from customers.
|CATEGORY OF INFORMATION COLLECTED||SOURCE||BUSINESS PURPOSES FOR USE||CATEGORIES OF THIRD PARTIES RECEIVING INFORMATION|
|Identifiers (name, alias, postal address, email address, and phone number.||Individuals submitting information to us.||To respond to queries or requests and to provide information regarding our products and services.||Affiliated companies.|
10. Privacy-Related Complaints Procedure
Where you believe that we have not complied with our obligations under this Privacy Notice, or the applicable law, you have the right to make a complaint to a Data Protection Authority or through the courts.
Although not required, we would encourage you to let us know about any privacy-related complaint you might have, and we will respond in line with our complaints procedure – our contact details are set out below.
Privacy-related complaints or concerns can be lodged with our privacy team:
| By email at:||firstname.lastname@example.org|
| By post to:||
Euronet Worldwide, Inc.
11400 Tomahawk Creek Parkway
Leawood, Kansas 66211
If you are established in the EEA (under “GDPR”):
Calle Cantabria, nº2 – 2ª planta
28108, Alcobendas (Madrid)
Euronet employees are required to direct any privacy-related complaints or concerns to our privacy team.
Euronet will aim to send an acknowledgement within 10 days of receipt of the complaint/concern.
Euronet will conduct an investigation in accordance with relevant laws and will aim to respond substantively within 28 days of receipt of the complaint/concern.
If further time is required to investigate your complaint/concern, Euronet will write to you within 28 days of receiving the complaint/concern, informing you of the investigation timeline which will be no longer than an additional two months for the complaint procedure to be concluded.
In the case of a rejection of the complaint, Euronet will provide you with a written explanation for the rejection.
If the complaint/concern is considered justified, Euronet will take reasonable steps to try to address the complaint/concern to your reasonable satisfaction.
If you are not satisfied with the reply/outcome, or otherwise with the handling of the complaint, you have the right to lodge a claim before the relevant Data Protection Authority or the courts.
11. Contact Us
If you have any questions or concerns about this Privacy Notice or Euronet data practices, please contact our privacy team:
| By email at:||email@example.com|
| By post to:||
Euronet Worldwide, Inc.
11400 Tomahawk Creek Parkway
Leawood, Kansas 66211
Any complaints will be handled in line with our complaints procedure as set out in Section 10 of this Privacy Notice.