Data Privacy Notice

Euronet Worldwide, Inc.

Data Privacy Notice – v. October 2018

In this Data Privacy Notice (“Privacy Notice”) we explain how we collect and use your personal information that we obtain when you use our websites or otherwise interact with us, how we share your information and the steps we take to protect your information.

1. Who we are and the application of this Privacy Notice

This Privacy Notice applies to Euronet Worldwide, Inc. (hereinafter referred to as, “Euronet”, “we”, “our” or “us”). Further details on Euronet and the companies within the Euronet group global network (the “Euronet Group”) are available at: .

We are committed to the privacy and security of your Personal Data (as defined in section 2 below). This Privacy Notice describes how we collect and use Personal Data, in accordance with applicable law and our standards of ethical conduct.

Euronet Worldwide, Inc. 3500 College Boulevard, Leawood, Kansas 66211, USA, will be the “data controller” in relation to any Personal Data provided to us via the following website: (the “Website”).

This means that Euronet is responsible for deciding how it will hold and use Personal Data about you.

By using or navigating the Website, you acknowledge that you have read, understand, and agree to be bound by this Privacy Notice. You should not provide us with any of your information if you do not agree with the terms of this Privacy Notice.

We encourage you to review and check the Website regularly for any updates to this Privacy Notice. We will publish the updated version on the Website and by continuing to deal with us, you accept this Privacy Notice as it applies from time to time.

2. Data Protection Principles

“Personal Data” means any information provided by you in this Website that enables us to identify you, directly or indirectly, such as name, email, address, telephone number, any form of identification number or one or more factors specific to your economic, cultural or social identity.
We are committed to complying with applicable data protection laws and will ensure that Personal Data is:
• Used lawfully, fairly and in a transparent way;
• Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;
• Relevant to the purposes we have told you about and limited only to those purposes;
• Accurate and kept up to date;
• Kept only as long as necessary for the purposes we have told you about; and
• Kept securely.

3. What Personal Data do we collect and how do we collect it?

Personal Data You Give Us. We may collect Personal Data when you give it to us, including when you indicate that you would like to contact us, when you complete forms online, when you speak with us over the telephone, when you speak with us in person, when you write to us, and when you visit the Website.
We may collect and process the following Personal Data:
• Personal details, such as data which may identify you. This may include name, title, residential and/or business address, email, telephone and/or fax numbers and other contact data;

4. How we use your Personal Data?

We use Personal Data and other data you provide to us only for the purpose of replying to your information’s request included in the contact form submitted by you.
In some circumstances we may anonymise your Personal Data so that it can no longer be associated with you, in which case we may use such data without further notice to you.

5. Is data collected shared with third parties?

Euronet Group
Euronet may share your Personal Data with affiliates in the Euronet Group (some of which are based outside the European Economic Area (“EEA”)) for the purposes, or to enable or facilitate the purposes, set out in Section 4 of this Privacy Notice. This may also include sharing your Personal Data within the Euronet Group for purposes of complying with legal or regulatory obligations.
Corporate process
We may transfer your Personal Data to a third party as a result of a sale, acquisition, merger, or reorganization involving Euronet, a company within the Euronet Group, or any of their respective assets. In these circumstances, we will take reasonably appropriate steps to ensure that your information is properly protected.

Legal and regulatory
We may also disclose your Personal Data in special cases if required to do so by law enforcement agencies, law, court order, or other governmental authority, or when we believe in good faith that disclosing this data is otherwise necessary or advisable, such as to identify, contact, or bring legal action against someone who may be causing injury to – or interfering with – the rights or property of Euronet, the services, another user, or anyone else that could be harmed by such activities (for example, identify theft or fraud).

6. How long is Personal Data retained?

Euronet may process and retain your Personal Data for as long as we have an on-going relationship with you. Once our relationship has ended we will, subject to any retention requirements under applicable laws, erase or anonymise your Personal Data.
You may obtain a copy of our Retention Policy by contacting our Euronet Group Data Protection Officer.

7. Is correspondence that you send to us saved?

Yes. If you send us correspondence, including e-mails and faxes, we may retain such data along with any records of your account. We may also retain customer service correspondence and other correspondence involving you, us and any Euronet Group company, our partners, and our suppliers. We will retain these records in line with our Retention Policy.

8. Data Security

We are committed to maintaining the security of your Personal Data and have measures in place to protect against the loss, misuse, and alteration of the data under our control.
We employ modern and secure techniques to protect our systems from intrusion by unauthorized individuals, and we regularly upgrade our security as better methods become available.
Our datacentres and those of our partners utilise state-of-the-art physical security measures to prevent unauthorized access to the facility. In addition, all Personal Data is stored in a secure location behind firewalls and other sophisticated security systems with limited (need-to-know) administrative access.
All Euronet employees who have access to, or are associated with, the processing of Personal Data are contractually obligated to respect the confidentiality of your data and abide by the privacy standards we have established.
Please be aware that no security measures are perfect or impenetrable. Therefore, although we use industry standard practices to protect your privacy, we cannot (and do not) guarantee the absolute security of Personal Data.

9. Does this Privacy Notice apply to other websites?

No. Our Website may contain links to other Internet websites. By clicking on a third-party advertising banner or certain other links, you will be redirected to such third-party websites.
We are not responsible for the privacy policies of other websites or services. You should make sure that you read and understand any applicable third-party privacy policies, and you should direct any questions or concerns to the relevant third-party administrators or webmasters prior to providing any Personal Data.

10. What are my data protection rights?

Subject to verification of your identity, you may request access to and have the opportunity to update and amend your Personal Data in accordance with applicable data protection laws. You may also exercise any other rights you enjoy under applicable data protection laws. Please use the contact details in Section 11 of this Privacy Notice.
“Data Subjects” in the EEA have the right to:
• Request access to any Personal Data we hold about them as well as related data, including the purposes for processing the Personal Data, the recipients or categories of recipients with whom the Personal Data has been shared, where possible, the period for which the Personal Data will be stored, the source of the Personal Data, and the existence of any automated decision making;
• Obtain without undue delay the rectification of any inaccurate Personal Data we hold about them;
• Request that Personal Data held about them is deleted provided the Personal Data is not required by us, a Euronet Company or the Euronet Group for compliance with a legal obligation under applicable law or for the establishment, exercise or defence of a legal claim;
• Under certain circumstances, prevent or restrict processing of your Personal Data, except to the extent processing is required for the establishment, exercise or defence of legal claims; and
• Under certain circumstances, request transfer of Personal Data directly to a third party where this is technically feasible.
Also, where you believe that Euronet has not complied with its obligations under this Privacy Notice or the applicable law, you have the right to make a complaint to a relevant Data Protection Authority or through the courts. Although not required, we would encourage you to let us know about any complaint you might have, and we will respond in line with our Complaints Procedure (see Section 12 of this Privacy Notice).

11. Privacy-Related Complaints Procedure

Where you believe that we have not complied with our obligations under this Privacy Notice, or the applicable law, you have the right to make a complaint to a Data Protection Authority or through the courts.
Although not required, we would encourage you to let us know about any privacy-related complaint you might have, and we will respond in line with our complaints procedure – our contact details are set out below.
Privacy-related complaints or concerns can be lodged with our privacy team:
• By email at: dpo@euronetworldwide.com
• By post to:

Euronet Worldwide, Inc.
3500 College Boulevard
Leawood, Kansas 66211
USA

If you are located in the EEA:

Euronet Data Protection Officer
Calle Cantabria, nº2 – 2ª planta
28108, Alcobendas (Madrid)
Spain

Euronet employees are required to direct any privacy-related complaints or concerns to our privacy team.
Euronet will aim to send an acknowledgement within 10 days of receipt of the complaint/concern.
Euronet will conduct an investigation in accordance with relevant laws and will aim to respond substantively within 28 days of receipt of the complaint/concern.
If further time is required to investigate your complaint/concern, Euronet will write to you within 28 days of receiving the complaint/concern, informing you of the investigation timeline which will be no longer than an additional two months for the complaint procedure to be concluded.
In the case of a rejection of the complaint, Euronet will provide you with a written explanation for the rejection.
If the complaint/concern is considered justified, Euronet will take reasonable steps to try to address the complaint/concern to your reasonable satisfaction.
If you are not satisfied with the reply/outcome, or otherwise with the handling of the complaint, you have the right to lodge a claim before the relevant Data Protection Authority or the courts.

12. Contact Us

If you have any questions or concerns about this Privacy Notice or Euronet data practices, please contact our privacy team:

• By email at: dpo@euronetworldwide.com
• By post to:
Euronet Worldwide, Inc.
3500 College Boulevard
Leawood, Kansas 66211
USA

If you are located in the EEA:

Euronet Data Protection Officer
Calle Cantabria, nº2 – 2ª planta
28108, Alcobendas (Madrid)
Spain

Any complaints will be handled in line with our complaints procedure as set out in Section 11 of this Privacy Notice.