Who we are
WHITECENTRE sp. z o.o.
Registered Address: ul. Mlynska 16, 8th floor, 61-730 Poznan, Poland
Registration No.: KRS 0001098170
NIP: 7831901548
Phone: +48 45 956 77 02
Email: [email protected]
Personal Data Processing Overview
This notice provides you with important information regarding how we handle your personal data. It outlines the types of data we collect, how we use it, and your rights to control the use of your personal information. Understanding this is crucial to ensure you are fully informed about our Terms & Conditions.
About WhiteCentre
This notice provides you with important information regarding how we handle your personal data. It outlines the types of data we collect, how we use it, and your rights to control the use of your personal information. Understanding this is crucial to ensure you are fully informed about our Terms & Conditions.
Types of Information We Collect
Data You Provide
We collect the personal information you share when you:
- sign up for WhiteCentre’s services
- communicate with us through email, phone, or chat
- submit forms on our website
- open an account or utilize our services
- interact with customer service or our social media channels
- reach out to us for other purposes
This may include:
- your name, address, and date of birth
- your contact details, such as email address and phone number, as well as information about the device you’re using (e.g., smartphone, laptop, tablet)
- employment or professional details, and registration information
- bank account information, such as account number (IBAN)
- copies of identification documents (e.g., passport or ID card) and information to confirm your eligibility to use our services
- your country of residence, tax information, and tax identification number
- records of communications with our team, including phone conversations
- photos or videos used for identity verification (as part of KYC procedures)
Data From Your Use of Our Services
When you visit our website, we collect information such as:
- technical data, including your IP address, browser details, time zone, operating system, and device type
- information about your interactions with our site, like pages visited, links clicked, and time spent on the website
Data from Third-Party Sources
We may also collect data from trusted third parties such as financial institutions, credit agencies, public records, and business partners. This could include:
- your credit history and records of missed payments
- identity verification data
- details about your financial transactions and activities
Data from Publicly Available Sources
We may collect information from public platforms like social media, directories, and registries to comply with KYC regulations, conduct background checks, and monitor for fraudulent or sanctioned activities.
Cookies
We use cookies to distinguish you from other users, enhance your experience, and improve our services.
Legal grounds and purpose for processing your data:
- Contractual Obligations
To provide our services, we need certain personal information. Without it, we can’t fulfill our contractual commitments to you.
- Compliance with Legal Requirements
We are sometimes legally mandated to collect and keep personal data, such as when adhering to anti-money laundering regulations or other laws that require us to maintain specific client records. - Legitimate Business Interests
We may use your data to pursue legitimate business objectives, provided these do not outweigh your rights and freedoms. Our business interests include:
-
- ensuring the security of our services
- continuously improving our offerings
- evaluating the effectiveness of our advertising and providing targeted promotions
- informing you about related products or services
- partnering with select third parties to offer you goods or services that may be of interest
- combating fraud, money laundering, and terrorism financing
- keeping your data up-to-date and accurate
- Consent
When you’ve given us explicit consent, we will only use your data for the specific purposes you agreed to.
How We Protect Your Data
WhiteCentre is committed to data security. To safeguard your personal information, we implement the following measures:
- Internal Policies
We have strict policies to prevent accidental loss, unauthorized access, or misuse of your data.
- Restricted Access
Only authorized employees who need the data to perform their duties can access it.
- Third-Party Processors
Any third parties processing your data on our behalf must follow our instructions, maintain confidentiality, and apply proper security controls.
- Employee Training
Our staff regularly receives training on data protection and confidentiality.
- Security Measures
We use physical, electronic, and procedural safeguards, compliant with relevant laws, to protect against unauthorized access.
Sharing Your Data
We may share your personal data with third parties in specific situations, such as:
- Legal Compliance
When necessary to fulfill legal obligations.
- Protection of Rights and Safety
To protect the rights, property, or safety of WhiteCentre, our clients, or others. This includes sharing data to prevent fraud or reduce credit risks.
- Fraud Investigation
To assist in inquiries into fraud or other illegal activities.
- Business Improvements
To enhance customer relationships, services, and systems.
We may also share your data with the following entities:
- Suppliers
- Financial service providers, including banks and payment networks, to facilitate services
- Analytics firms to help improve website or app performance
- Communication services to send marketing materials and manage authentication
- Professional advisors and certified European partners to comply with AML/KYC regulations
- IT and outsourcing partners to help us provide our services efficiently
International Data Transfers
While your personal data is generally processed within the EU or EEA, there may be times when it is transferred outside these areas. This can happen:
- When necessary to execute a contract, such as facilitating payments with third parties
- When you make transactions through an online platform that requires sharing data with payment providers
- When you provide consent for international transfers
In these cases, WhiteCentre ensures that appropriate technical and organizational measures are in place to protect your data, in line with data protection regulations. Whenever data is transferred outside the EU or EEA, we follow all relevant legal standards to maintain the appropriate level of protection.
Automated Decision-Making and Profiling
At WhiteCentre, we use automated profiling to help meet legal requirements related to risk management and fraud prevention. This involves processing personal data automatically to monitor transactions for potential fraudulent activities. We do not use sensitive data in automated decision-making unless we have a legal basis for doing so.
Data Retention
Your personal data will be stored only for as long as necessary to fulfill the purposes for which it was collected. Generally, we retain data for five years following the end of our business relationship or for the duration required by relevant Polish and EU regulations. Once the data is no longer required by law, it will be securely deleted.
Your Rights
You have rights regarding the personal data we hold about you:
- Access
You can request access to your personal data at any time. We will provide the information we have, though certain data (such as information related to others, or data tied to criminal investigations or legal matters) may not be shared.
- Correction
If any of your personal data is inaccurate, you have the right to ask us to correct it.
- Deletion
You can request the deletion of your personal data, except in cases where legal exceptions apply.
- Restriction
You may request that we limit the processing of your personal data under specific circumstances.
- Objection
You have the right to object to the processing of your data based on your individual situation.
- Portability
You can ask to receive your personal data in a structured, machine-readable format or request that it be transferred to another controller where technically possible. We will review these requests and may refuse them if there are technical or legal reasons.
- Complaint
If you feel your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority. In Poland, you can contact the Office for Personal Data Protection (UODO).
You can submit requests through your personal account, by contacting your account manager, or by emailing [email protected].
For more information, you can reach the Polish data protection authority at:
Office for Personal Data Protection
Stawki 2, 00-193 Warsaw
Helpline: +48 606 950 000
Website: https://uodo.gov.pl