This Privacy Policy is effective as of: 1 July 2021 (“Effective Date”)
Please read this Privacy Policy before browsing this website or using our Services. Your continued use of this website indicates that you have both read and agree to the terms of this Privacy Policy. Unfortunately, you cannot use this website if you do not accept this Privacy Policy.
1. INTRODUCTION
1.1. This Privacy Policy is to be read as specifically incorporated into the Terms of Service, in terms of which VALR (Pty) Ltd ("VALR") provides services to you (“Services”) available at https://support.valr.com/hc/en-us/articles/360019021931-Terms-of-Service.
1.2. This Privacy Policy applies to your use of https://valr.com. For the purposes of this Privacy Policy, references to a “Website” shall be a reference this website.
1.3. This Privacy Policy is to be read in conjunction with any data processing agreement entered into between you and VALR. In the event of any conflict between this Privacy Policy and a binding data processing agreement, the data processing agreement shall be preferred to the extent of such inconsistency.
1.4. Any changes to this Privacy Policy will be notified to you via email, and will require your consent thereto in order that can continue to provide our services to you.
2. PRIVACY POLICY
2.1. For this section, Personal Information will be understood under the definition provided in the Protection of Personal Information Act 4 of 2013 ("POPIA") and the description of Personal Data in Article 4(1) of the General Data Protection Regulation GDPR (EU) 2016/679. VALR also subscribes to the principles for electronically collecting Personal Information outlined in POPIA, and the further legislation referred to therein. We endeavour to ensure the quality, accuracy and confidentiality of Personal Information in our possession.
2.2. In adopting this Privacy Policy, we wish to balance our legitimate business interests and your reasonable expectation of privacy. Accordingly, we will take all reasonable steps to prevent unauthorised access to or disclosure of your Personal Information.
2.3. Users will be prompted to register an account with VALR. In so doing, users may be asked, or will otherwise be required to provide, the following information ("Personal Information"):
2.3.1 First name;
2.3.2. Surname;
2.3.3. Physical Address;
2.3.4. Email Address;
2.3.5. Cell Phone Number;
2.3.6. Date of Birth;
2.3.7. IP Address;
2.3.8. Identity Number;
2.3.9. Credit Card Information (which may be collected through our third-party payment processor);
2.3.10. Bank Account or credit card details;
2.3.11. Social login account login details, which may include Facebook, LinkedIn, Twitter;
2.3.12. Company name and registration number; and
2.3.13. From time to time, what may be required under your local territory’s KYC (Know Your Customer) or Financial Intelligence Centre Act (FICA) processes.
2.4. The abovementioned Personal Information shall be processed to manage and administer your account, including on-boarding, Know Your Customer and Anti-Money Laundering processes, and fraud security process, or as otherwise set out in this Privacy Policy.
2.5. We take our users’ privacy seriously. We will attempt to limit the types of Personal Information we process to only that to which you consent (for example, in the context of online registration, newsletters, message boards, surveys, polls, professional announcements, SMS, MMS, and other mobile services), but, to the extent necessary, your agreement to this Privacy Policy constitutes your consent as contemplated in section 11 & 69 of POPIA and/or Article 7 of the GDPR (whichever is applicable). Where necessary, we will seek to obtain your specific consent in future instances should we deem the same required by law and where your support herein might not be lawfully sufficient.
2.6. In order to effectively render our Services to you, we may share your Personal Information, where necessary, with website analytics services, identity verification and KYC/FICA partners, exchange platform and order book partners, payment gateways, bulk email marketing service providers, regulators, authorised exchange control dealers and/or other regulatory authorities as required by law, as well as other service providers required to render our Services to you.
2.7. All payment/transaction information will be conducted by electronic funds transfer (EFT), alternatively, specific credit and debit cards permitted by VALR from time to time. Further, VALR shall retain a user’s designated bank account details for utilisation regarding the user’s withdrawals as and when required.
2.8. We will not collect, use or disclose sensitive / special personal information (such as information about racial or ethnic origins or political or religious beliefs, where relevant) except with your specific consent or in the circumstances permitted by law.
2.9. As per POPIA, all Personal Information will be collected and processed lawfully.
2.10 By agreeing to the terms contained in our Privacy Policy, you consent to the use of your Personal Information concerning:
2.10.1 The provision and performance of the Services;
2.10.2 Informing you of changes made to VALR website;
2.10.3 Responding to any queries or requests you may have;
2.10.4 Developing a more direct and substantial relationship with Account Holders for the purposes described in this clause;
2.10.5 Marketing of VALR Services and other related offerings to you;
2.10.6 Developing an online user profile;
2.10.7 Understanding general user trends and patterns so that VALR can develop and support existing and ongoing marketing strategies;
2.10.8 For security, administrative and legal purposes; and
2.10.9 The creation and development of market data profiles may provide insight into market norms, practices and trends to help VALR improve our offering to you. Such information will be compiled and retained in aggregated form but shall not be used in any way that may compromise your identity.
3. CROSS-BORDER TRANSFERS
3.1. In order for VALR to properly perform its services, it may be required for VALR to transfer Personal Information to a third party which is situated outside of South Africa.
3.2. In this regard, we undertake to:
3.2.1. ensure the third party’s compliance with this Privacy Policy insofar as the processing of Personal Information is concerned;
3.2.2 prevent such third party from further transferring the Personal Information to another third party;
3.2.3. use reasonable endeavours to ensure that the third party has implemented reasonable and appropriate technical and organisational security measures to safeguard the Personal Information in such jurisdiction.
4. LOG FILES
As with all websites, when you visit our Website, even if you do not create an account, we may collect information, such as your IP address, the name of your ISP (Internet Service Provider), your browser, the website from which you visit us, the pages on our website that you visit and in what sequence, the date and length of your visit, and other information concerning your computer's operating system, language settings, and broad demographic information. This information is aggregated and anonymous data and does not identify you specifically. However, you acknowledge that this data may be able to identify you if it is aggregated with other Personal Information that you supply to us. In this regard, however, and as recorded, only with a user’s consent and subject strictly to the terms of this Privacy Policy will a user’s Personal Information be transferred and/or shared, and currently same is only being used within VALR on a need-to-know basis. Furthermore, any individually identifiable information related to this data will never be used in any way different to that stated above without your explicit consent.
5. COOKIES
5.1. VALR and our website analytics partners use cookies. A cookie is a small piece of information stored on your computer or smartphone by the web browser. The types of cookies used on the Website are described below:
5.1.1. "Session cookies": These are used to maintain a so-called 'session state' and only lasts for the duration of your use of the Website. A session cookie expires when you close your browser or if you have not visited the server for a certain period. Session cookies are required for the Platform to function optimally but are not used in any way to identify you personally.
5.1.2. "Permanent cookies": These cookies permanently store a unique code on your computer or smart device hard drive in order to identify you as an individual user. No Personal Information is stored in permanent cookies. You can view permanent cookies by looking in the cookies directory of your browser installation. These permanent cookies are not required for the Website to work, but may enhance your browsing experience.
6. LINKS FROM THE WEBSITE
6.1. The Website, and the Services available through the Website, may contain links to other third-party websites ("Third Party Websites"). If you select a link to any Third Party Website, you may be subject to such Third Party Website's terms and conditions and/or other policies, which are not under the control, nor responsibility, of VALR.
6.2. Hyperlinks to Third Party Websites are provided "as is", and VALR does not necessarily agree with, edit or sponsor the content on Third Party Websites.
6.3. VALR does not monitor or review the content of any Third Party Website. Opinions expressed or material appearing on such websites are not necessarily shared or endorsed by us and we should not be regarded as the publisher of such opinions or material. Please be aware that we are not responsible for the privacy practices, or content, of Third Party Websites, either.
6.4. Users should evaluate the security and trustworthiness of any Third Party Website before disclosing any Personal Information to them. VALR does not accept any responsibility for any loss or damage in whatever manner, howsoever caused, resulting from your disclosure to third parties of Personal Information.
7. YOUR RIGHTS
You have the following rights concerning the processing of your Personal Information:
7.1. Enquire as to whether your Personal Information is being processed:
You have the right to request from VALR to confirm whether we hold Personal Information about you and request the record itself.
7.2. Request description of your Personal Information:
You have the right to request VALR to confirm, free of charge, whether we hold Personal Information about you. You may ask VALR to provide you with a description of the Personal Information held by us or by a third party for a prescribed fee that shall not be excessive.
7.3. Right to withdraw consent:
You may withdraw your consent at any time, provided that such withdrawal does not affect the processing necessary for the conclusion or performance of our services.
7.4. Right to challenge the accuracy of the Personal Information:
You have the right to request VALR to correct or rectify Personal Information about you in our possession or under our control if the Personal Information is inaccurate, out of date, incomplete or misleading.
7.5. Right to object to direct marketing:
You have the right to object to the processing of Personal Information for direct marketing purposes.
7.6. Right to request deletion:
You have the right to request that VALR deletes the Personal Information about you in our possession or under our control that is inaccurate, irrelevant, excessive, out of date, incomplete, misleading or obtained unlawfully. At the same time, you have the right to request VALR to destroy or delete a record of Personal Information about you that VALR is no longer authorised to retain.
7.7. Right to lodge a complaint:
You have the right, if we breach any of the terms of this Privacy Policy, to lodge a complaint with the requisite data protection authority in your territory. In South Africa, this is the Information Regulator whose contact details are set out below:
Telephone: +27 (0) 10 023 5207; or
Email: inforeg@justice.gov.za.
7.8. Restriction of processing:
You have the right to require us to restrict/suspend the processing of Personal Information to only that which is strictly necessary for VALR to perform our services.
8. APPLICATION OF THE ELECTRONIC COMMUNICATIONS AND TRANSACTIONS ACT 25 OF 2002 ("ECT ACT")
8.1. Data Messages (as defined in the ECT Act) will be deemed to have been received by VALR if and when VALR responds to the Data Messages.
8.2. Data Messages sent by VALR to a user will be deemed to have been received by such user in terms of the provisions specified in section 23(b) of the ECT Act.
8.3. Users acknowledge that electronic signatures, encryption and/or authentication are not required for valid electronic communications between users and VALR.
8.4. Users warrant that Data Messages sent to VALR from any electronic device, used by such user, from time to time or owned by such user, were sent and or authorised by such user, personally.
8.5. Information to be provided in terms of section 43(1) of the ECT Act:
8.5.1. Address for service of legal documents: 29 Wessel Road, Edenburg, Johannesburg, Gauteng, 2000, South Africa.
8.5.2. VALR - located at https://valr.com.
8.5.3. Email address: help@valr.com.
8.5.4. This Website is operated and owned by VALR (Pty) Ltd, registration number 2018/211274/07.