Articles in this section

Privacy Policy

  • Updated
Follow

This Privacy Policy is effective as of “16th of September 2022” ("Effective Date")

Please read this Privacy Policy before browsing this website or using our Services. Your continued use of this website indicates that you have both read and agree to the terms of this Privacy Policy. Unfortunately, you cannot use this website if you do not accept this Privacy Policy.

1. INTRODUCTION

1.1. This Privacy Policy is to be read as specifically incorporated into the Terms of Service, in terms of which VALR (Pty) Ltd ("VALR") provides services to you (“Services”) available at Terms of Service as amended from time to time.  

1.2. This Privacy Policy applies to your use of VALR.  For the purposes of this Privacy Policy, references to a “Website” shall be a reference to this URL / website and shall also include any and all associated mobile applications as offered or downloadable from the requisite application stores, together with any Application Programming Interface/s (“API”).

1.3. This Privacy Policy is to be read in conjunction with any data processing agreement or operator agreement entered into between you and VALR. In the event of any conflict between this Privacy Policy and a binding data processing agreement, the data processing agreement shall be preferred to the extent of such inconsistency.

1.4. This Privacy Policy does not apply to the information practices of third party companies that VALR may engage with in relation to its business operations (including, without limitation, their websites, platforms and/or applications) and which VALR does not own or control; or individuals that VALR does not manage or employ. These third party sites may have their own privacy policies and terms and conditions, and VALR encourages you to read them before making use of their services.

2. PRIVACY POLICY

2.1. For the purposes of this section, Personal Information will be understood under the definition provided in the applicable data protection laws.VALR also subscribes to the principles applicable to electronically collecting Personal Information outlined in applicable data protection laws. The applicable data protection legislation generally does not apply in situations where Personal Information has been De-Identified. The following list of definitions (though not exhaustive) will apply to this Privacy Policy. Capitalised terms not defined herein shall bear the meaning contained in VALR’s Terms of Service:

2.1.1.“Biometric Information” means a technique of personal identification that is based on physical, physiological or behavioural characterisation including fingerprinting, retinal scanning and/or voice recognition;

2.1.2. “Consent/ed” means any voluntary, specific and informed expression of will in terms of which permission is given for the Processing of Personal Information;

2.1.3. “Data Breach” means any incident in terms of which reasonable grounds exist to believe that your Personal Information has been accessed or acquired by an unauthorised person;

2.1.4.  “De-Identify” means to delete any information that identifies you, or which can be used by a reasonably foreseeable method to identify, or when linked to other information, that identifies you;

2.1.5. “Direct Marketing” means when you are approached, either in person or by mail or electronic communication, for the direct or indirect purpose of promoting or offering to supply, in the ordinary course of business, any goods or services to you;

2.1.6. “Processed/Processing” means the act of processing information which includes any activity or any set of operations, whether or not by automatic means, concerning personal information and includes:

2.1.6.1. the collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation, or use; and/or

2.1.6.2. dissemination by means of transmission, distribution or  making available in any other form; and/or

2.1.6.3. merging, linking, as well as any restriction, degradation, erasure, or destruction of information; and

2.1.7. “Record/s” means any recorded information, regardless of medium, including information produced, recorded or stored by means of computer equipment, whether hardware or software or both, or other device, and any material subsequently derived from information so produced, recorded or stored.

2.2. In adopting this Privacy Policy, we wish to balance our legitimate business interests and your reasonable expectation of privacy. Accordingly, we will take all reasonable steps to prevent unauthorised access to or disclosure of your Personal Information.   

2.3.  We may collect the following types of Personal Information from you:

2.3.1. Administrative and financial information such as bank account information, credit and/or debit card information, transaction history, tax identification and related documents;

2.3.2. Biometric Identification information such as the liveness test you perform with a selfie/video you provide when creating your VALR account, video/audio recording, or other evidence of yourself with your identification documentation;

2.3.3. Correspondence-related information such as email addresses, phone numbers and information provided to us that is implicitly or explicitly of a private or confidential nature, when engaging with our customer support team;

2.3.4. Device, data and location information such as cookies and other tracking technologies, log data, web browser information, IP address information, device identifiers and fingerprint data, and/or authentication data;

2.3.5. Identification information such as your full name, date of birth, nationality, cellphone number, email address, country of residence (and/or proof of residence), employment status and/or national identification number for the purpose of assigning a unique identifier to you;

2.3.6. Institutional information if you are a juristic person, such as proof of legal formation, registration with regulatory bodies, and personal information for all material beneficial owners of the institution;

2.3.7. Legally obtained information from third parties to supplement information provided by you,  by any third party service provider appointed to help us provide our Services; 

2.3.8. National identity information  such as a copy of your government-issued national identity document, drivers’ license or passport (including any relevant visa information); and/or

2.3.9. Transaction information such as transaction data on the transactions you make using our Services, information on the recipient of any of your transaction(s), and trading amount(s).

2.4. Users will be prompted to register an account with VALR. In so doing, users may be asked, or will otherwise be required to provide, inter alia, the following information:

 

A. NATURAL PERSONS

Identifiable Information

Biometric Information

Financial Information

Documentation

First name/Surname

Personal image

Bank Account details

Identity Documents;(which may be collected through our third-party processor)

Identity Number

Personal Audio/Voice recording

Bank Statements

Proof of address

Physical Address

Personal VIdeo recording 

Credit Card details

From time to time, what may be required under your local territory’s KYC (Know Your Customer) processes.

Email Address

IP Address

Credit Card Information (which may be collected through our third-party payment processor)

  

Cell Phone Number

Device fingerprint

data

 Credit history information for credit product purposes (which may be collected through a third-party)  

Date of Birth

Social login account login details, (i.e Facebook, LinkedIn, Twitter)

    

 

 B. JURISTIC ENTITIES

Identifiable Information

Financial Information

Documentation

First name/Surname of company-related parties

Company bank account details

Company registration documents (including associated Memoranda or Articles of Association)

Identity numbers of related parties

Company income tax information

Proof of address for Business

Email Address

Financial Information (Source of funds)

Proof of VAT registration (or equivalent)

Contact Number

Financial Information (Source of wealth)

Identity documents for director, UBO and Authorised trader

IP Address

  

Proof of address for related parties
   

Shareholder agreements
   

From time to time, what may be required under your local territory’s KYC (Know Your Customer) processes.

 

2.5. The above-mentioned Personal Information may be processed to manage and administer your account, including onboarding, Know Your Customer (“KYC”) and Anti-Money Laundering ("AML") processes, and fraud security process, or as otherwise set out in this Privacy Policy.

2.6. VALR will not intentionally or knowingly collect Personal Information directly from individuals under the age of 18 (eighteen) years, without the required consent of their legal guardian. We do not accept any users, or representatives of users, under the age of majority or who otherwise do not have the relevant capacity to be bound by this Privacy Policy, unless you are a user who is a minor or is otherwise incapable of being bound by this Privacy Policy, and you warrant that you have obtained the consent of your legal guardian / or you are the legal guardian providing such consent to this Privacy Policy.

2.7. Where indicated (for example in application forms or account opening forms), it is obligatory to provide your Personal Information to us to enable us to process your application for our products or Services. Should you decline to provide such Personal Information, we may not be able to process your application/request or provide you with our products or Services.

2.8. We take our users’ privacy seriously. We will attempt to limit the types of Personal Information we process to only that to which you Consent (for example, in the context of online registration, newsletters, message boards, surveys, polls, professional announcements, SMS, MMS, and other mobile services), but, to the extent necessary, your agreement to this Privacy Policy constitutes your Consent as contemplated in applicable data protection laws. Where necessary, we will seek to obtain your specific Consent in future instances should we deem the same required by law and where your support herein might not be lawfully sufficient. We will only share your Personal Information if:

2.8.1. you agreed that we may share your Personal Information; and/or

2.8.2. the law requires it; and/or

2.8.3. our or your legitimate interests require us to share the Personal Information; and/or

2.8.4. we have a public duty to share Personal Information; and/or

2.8.5. it is necessary to perform or conclude in terms of an agreement between you and us.

2.9. By accepting this Privacy Policy you Consent further that we may Process your Personal Information for one or more of the following purposes:

2.9.1. to comply with KYC and AML requirements by verifying your identity accordingly;

2.9.2. to create a user profile and manage and maintain your account with us;

2.9.3. to provide access to certain functionalities and features of our Services, depending on your verification level;

2.9.4. to respond to your enquiries and to resolve disputes/complaints;

2.9.5. to enforce our terms and policies and comply with applicable laws;

2.9.6. to detect and prevent fraudulent, malicious, deceptive or unauthorised use of our products and Services, and report those responsible for such activities to the relevant regulatory authority/ies;

2.9.7. to ensure internal quality control and assess the performance and functionality of our Services, and continue to provide you with accurate information, products and Services;

2.9.8. to measure interest and engagement in our Services and use this information to improve our products and Services, and to develop new products and services;

2.9.9. to notify you about benefits and changes to the features of our products and Services or our website,and provide you with personalised web content, marketing and interest-based advertising;

2.9.9.1. to obtain insight into market trends and practices, to improve our Services to you; and/or

2.9.9.2. for security, legal  and administrative purposes.

2.10 .The Personal Information Processed in 2.9 above, will be compiled and retained in aggregate form but shall not be used in any way that may compromise your identity.

2.11. You expressly consent to the collection, use and storage of Personal Information obtained about you in relation to the Processing of any Biometric Information, criminal history information and any other type of special Personal Information about you in connection with any of the purposes listed above. You may choose to withdraw your Consent in this instance, and if you choose to do so,  you are to notify VALR of such withdrawal in writing. Upon receipt of such withdrawal, VALR may no longer make the VALR products and Services available to you.

2.12. In order to effectively render our Services to you, we may share your Personal Information, where necessary, with KYC partners, exchange platforms and order book partners, payment gateways, bulk email marketing service providers, regulators, authorized exchange control dealers and/or other regulatory authorities as required by law, as well as other service providers required to render our Services to you. We may also share your Personal Information with:

2.12.1. financial, advertising and other third-party service providers who may assist us to provide our products and Services;

2.12.2. any entity that forms part of the VALR group of companies, including where relevant the VALR operating entity in the country or region in which you live;

2.12.3. any person who works for us or for one of our group companies;

2.12.4. any third party service providers of blockchain infrastructure, which third party service provider may also Process this information; and/or

2.12.5. subject to Applicable Law, any applicable regulatory or supervisory authority and/or law enforcement agency, upon receipt of a court order/subpoena or any other analogous official document requesting your Personal Information, and/or to assist with an investigation or prosecution of suspected or actual illegal activity.

2.13. By accepting this Privacy Policy, and then submitting your Personal Information, you expressly Consent to the transfer, storing or Processing of your Personal Information by any third party service provider as listed in 2.12 above.

2.14. Specific Consent to the Processing of Personal Information by certain third party service providers.

2.14.1. Certain companies have been appointed / will be appointed by VALR to provide blockchain infrastructure in the provision of the Services and may process Personal Information on behalf of VALR. By signing up as Account Holder with VALR, you agree that you have read, understood and accepted in particular Circle Internet Financial LLC’s Privacy Policy, Acceptable Use Policy and USDC Terms.

2.15. All payment/transaction information will be conducted by electronic funds transfer (EFT), alternatively, specific credit and debit cards permitted by VALR from time to time. VALR shall retain a user’s designated bank account details for utilization regarding the user’s withdrawals as and when required. We do not store your full credit and debit card data. This data is securely transferred and stored off-site by an authorised payment vendor in compliance with Payment Card Industry Data Security Standards (PCI DSS). This information is not accessible to VALR or VALR’s employees or any agent acting for or on behalf of VALR.

2.16. We will not collect, use or disclose sensitive/special Personal Information (such as information about racial or ethnic origins or political or religious beliefs, where relevant) except with your specific Consent or in the circumstances permitted by law. 

2.17. All Personal Information will be processed in accordance with applicable data protection laws. 

3. CROSS-BORDER TRANSFERS

3.1. In order for VALR to properly perform its Services, it may be required for VALR to transfer Personal Information to a third party which is situated outside of the jurisdiction in which you reside, and the laws of those countries may differ from the laws applicable in your own country. By accepting this Privacy Policy, and then submitting your Personal Information, you expressly Consent to the transfer, storing or Processing of such Personal Information outside of your jurisdiction. 

3.2. VALR undertakes to use reasonable endeavours to:

3.2.1. ensure the third party’s compliance with this Privacy Policy insofar as the Processing of Personal Information is concerned;

3.2.2. prevent such third party from further transferring the Personal Information to another unauthorised third party;

3.2.3. ensure that the third party has implemented reasonable and appropriate technical and organisational security measures to safeguard the Personal Information in such jurisdiction; and

3.2.4. ensure that the third party maintains compliance with the relevant applicable data privacy laws.

4. LOG FILES

4.1. As with all websites, when you visit our Website, even if you do not create an account, we may collect information, such as your IP address, the name of your ISP (Internet Service Provider), your browser, the website from which you visit us, the pages on our website that you visit and in what sequence, the date and length of your visit, and other information concerning your computer's operating system, language settings, and broad demographic information. This information is aggregated and anonymous data and does not identify you specifically. However, you acknowledge that this data may be able to identify you if it is aggregated with other Personal Information that you supply to us. In this regard, however, and as recorded, only with a user’s Consent and subject strictly to the terms of this Privacy Policy will a user’s Personal Information be transferred and/or shared, and currently the same is only being used within VALR on a need-to-know basis. Furthermore, any individually identifiable information related to this data will never be used in any way different to that stated within this Policy without your explicit Consent. 

5. COOKIES

5.1. VALR and our website analytics partners use cookies. A cookie is a small piece of information stored on your computer or smartphone by the web browser. When you return to the Website, or visit other websites that use the same cookies, the Website or other websites recognises these cookies and your browsing device. The types of cookies used on the Website are described below:

5.1.1. "Session cookies": These are used to maintain a so-called 'session state' and only lasts for the duration of your use of the Website. A session cookie expires when you close your browser or if you have not visited the server for a certain period. Session cookies are required for the platform to function optimally but are not used in any way to identify you personally.

5.1.2. "Permanent cookies": These cookies permanently store a unique code on your computer or smart device hard drive in order to identify you as an individual user. No Personal Information is stored in permanent cookies. You can view permanent cookies by looking in the cookies directory of your browser installation. These permanent cookies are not required for the Website to work, but may enhance your browsing experience.

5.1.3.“Advertising/Targeting Cookies”: VALR may display advertising on its Website or other relevant third-party sites. These advertising/targeted cookies help VALR to measure the efficacy of advertisements and tailor advertisements to you both on the Website and on other websites. No Personal Information can be identified through these cookies.

5.1.4.“Strictly Necessary Cookies”: These cookies are, as the name suggests, strictly necessary for the Website to function and unfortunately cannot be switched off.

5.1.5.Functionality Cookies”: These cookies remember your username or your preferences and allow VALR to tailor its services to you by remembering choices you make on the Website.

5.1.6.“Analytics/Performance Cookies”: These cookies allow VALR to monitor and improve the performance of the Website.  They enable monitoring of customer behaviour on the Website (such as least and most visited Website pages). The information collected via these cookies is anonymous and aggregated.

5.2. Cookies set by the Website operator are called "first-party cookies". Cookies set by parties other than the Website operator are called "third-party cookies". We may use authorised third-party providers to help us with various aspects of our business, such as website operations, services, applications, advertising, support tools and to serve you relevant content.

5.3. The authorised third-party providers we use may place cookies on your device (third-party cookies) or make use of similar tracking technologies such as web beacons. No personally identifiable information is stored in third-party cookies. The information reported to us is aggregated and anonymous. We use this information to understand, for example, the effectiveness of our advertising and marketing. Web beacons are small graphic images (also known as “pixel tags” or “clear GIFs”) which may be used to collect and store information about visits to our website (such as which pages you viewed and how long you spent on the website) and communication efficiency (such as the email delivery and open rates). Where necessary, the information gathered by web beacons may be tied to your Personal Information strictly for the purposes set out in this Cookie Policy.

5.4. We may also use cookies from our authorised third-party providers who may use information about your visits to other websites to target advertisements for products and services available from VALR. We do not control the types of information collected and stored by these third-party cookies. You should check the third-party's website for more information on how they use cookies.

5.5. You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of our website. If you accept cookies or fail to deny the use of cookies, you agree that we may use your Personal Information collected  using cookies (subject to the provisions of this Privacy Policy). Where you either reject or decline cookies, you are informed that you may not be able to fully experience the interactive features of the Website.

6. LINKS FROM THE WEBSITE

6.1. The Website, and the Services available through the Website, may contain links to other third-party websites ("Third Party Websites").  If you select a link to any Third Party Website, you may be subject to such Third Party Website's terms and conditions and/or other policies, which are not under the control, nor responsibility, of VALR.

6.2. Hyperlinks to Third Party Websites are provided "as is", and VALR does not necessarily agree with, edit or sponsor the content on Third Party Websites.

6.3. VALR does not monitor or review the content of any Third Party Website. Opinions expressed or material appearing on such websites are not necessarily shared or endorsed by us and we should not be regarded as the publisher of such opinions or material. Please be aware that we are not responsible for the privacy practices, or content, of Third Party Websites, either. 

6.4. Users should evaluate the security and trustworthiness of any Third Party Website before disclosing any Personal Information to them. VALR does not accept any responsibility for any loss or damage in whatever manner, howsoever caused, resulting from your disclosure to third parties of Personal Information.

7. YOUR RIGHTS

Subject to data protection laws applicable to you, you may have the following rights concerning the Processing of your Personal Information:

7.1. Right to access

7.1.1. The right to request from VALR confirmation as to whether or not we hold Personal Information about you, and request the record itself.

7.1.2. The right to ask VALR to provide you with a description of the Personal Information held by us or by a third party for a prescribed fee that shall not be excessive. 

7.2. Right to withdraw Consent / Object

7.2.1. The right to withdraw your Consent at any time, provided that such withdrawal does not affect Processing necessary for the conclusion or performance of our Service.

7.3. Right to reasonable data protection measures

7.3.1. The right to require VALR to implement reasonable data security measures to protect Personal Information.

7.4. Right to challenge the accuracy of the Personal Information

7.4.1. The right to request VALR to correct/rectify Personal Information about you under our control if the Personal Information is inaccurate, out of date, incomplete or misleading.

7.5. Right to object to direct marketing

7.5.1. The right to object to the Processing of Personal Information for direct marketing purposes. 

7.5.2. Where you have opted-in to receive marketing communications and news, we may share information about our products, Services, news and promotions with you. If you have opted-in to receive marketing communications, you may always opt-out at a later stage by clicking on the ‘Unsubscribe’ option included in every marketing communication sent to you. Please note that unsubscribing from marketing content will not stop you from receiving important communications in relation to the security or operation of your VALR Account or any VALR product.

7.6. Right to be forgotten and request data erasure

7.6.1. The right to request that VALR deletes the Personal Information about you in our possession or under our control which is inaccurate, irrelevant, excessive, out of date, incomplete, misleading or obtained unlawfully. 

7.6.2. The right to request VALR to destroy or delete a record of Personal Information about you which VALR is no longer authorised to retain. For the avoidance of doubt, there may be obligations under applicable data protection laws which require VALR to retain certain information for certain periods of time.

7.7. Right to lodge a complaint

7.7.1. Depending on your jurisdiction, the right, if we breach any of the terms of this Privacy Policy, to lodge a complaint with the requisite data protection authority in your territory.

8. APPLICATION OF THE ELECTRONIC COMMUNICATIONS AND TRANSACTIONS ACT 25 OF 2002 ("ECT ACT")

8.1. Data Messages (as defined in the ECT Act) will be deemed to have been received by VALR if and when VALR responds to the Data Messages.

8.2. Data Messages sent by VALR to a user will be deemed to have been received by such user in terms of the provisions specified in section 23(b) of the ECT Act.

8.3. You acknowledge that electronic signatures, encryption and/or authentication are not required for valid electronic communications between yourself and VALR.

8.4. You warrant that Data Messages sent to VALR from any electronic device, used by you, from time to time or owned by you, were sent and or authorised by you, personally.

8.5. Address for service of legal documents: 

9th Floor, Atrium on 5th

5th Street

Sandton

Gauteng

South Africa

2196 

VALR - located at https://valr.com

Email address: help@valr.com

The Website is operated and owned by VALR (Pty) Ltd, registration number 2018/211274/07

9. RETENTION OF RECORDS

9.1. VALR may keep Records of the Personal Information it has collected, correspondence, or comments in an electronic or hardcopy format.

9.2. In terms of applicable data protection legislation, VALR may not retain Personal Information for a period longer than is necessary to achieve the purpose for which it was collected or Processed and is required to delete, destroy (in such a way that it cannot be reconstructed) or De-Identify the information as soon as reasonably practicable once the purpose has been achieved. This prohibition will not apply in the following circumstances:

9.2.1. Where the retention of the Record is required or authorised by law;

9.2.2. Where VALR requires the Record to fulfill its lawful functions or activities;

9.2.3. Retention of the Record is required by a contract between the Parties;

9.2.4. You have Consented to such longer retention; or

9.2.5. The Record is retained for historical, research or statistical purposes provided that safeguards are put in place to prevent use for any other purpose.

9.3.Your Biometric Information may be held by our third party service providers for a period from the time when you cease to be a customer of VALR.

10. SECURITY AND DATA BREACHES

10.1. Your privacy is very important to us and we are committed to protecting your personal information from unauthorised access or use. We will use reasonable organisational, physical, technical and administrative measures that comply with applicable data protection laws to protect personal information within VALR. VALR will address any Data Breach in accordance with applicable data protection laws. 

11. REVISIONS TO THIS PRIVACY POLICY

11.1. We may amend this Privacy Policy from time to time. You should visit the Website regularly to check when this Privacy Policy was last updated and to review the current Privacy Policy. We will do our best to notify you of any substantive amendments to the Privacy Policy and any such notice will be posted on our application or our Website, or sent by email to the address associated with your VALR Account. Accessing and/or use of the Website after the Effective Date will signify that you have read, understood, accepted, and agreed to be bound, and is bound, by this Privacy Policy in your individual capacity and/or for and on behalf of any entity for whom you utilise the Platform (if permitted).