New 2024 Report: Payments and E-Commerce in Africa
Privacy policy

Privacy Policy 

Last updated: August 2024

1. Why should I read this Privacy Policy?

 

This Privacy Policy (‘Policy’) describes how Nikulipe UAB (‘Nikulipe, ‘we’, ‘us’, ‘our’) collects, uses, discloses, and stores your personal data (‘Data’) and what statutory rights you have under applicable Data protection laws. We may amend this Policy unilaterally from time to time. Any such amendments will be effective immediately upon publication. Please visit our website at www.nikulipe.com (‘Website’) regularly for the latest version of this Policy.

 

Please note that we process Data in accordance with applicable Data protection laws, including the General Data Protection Regulation (2016/679) (‘GDPR’).

 

2. Who is responsible for protecting my Data?

 

We are: Nikulipe UAB

Our company number is: 305189166

Our address: Konstitucijos av. 21C, LT-08105 Vilnius

Our e-mail address: contact@nikulipe.com

 

3. How and why do you use my Data?

 

3.1. To provide our merchant acquiring, execution of payment transactions and related services

 

If you represent a company or business that is either our current or prospective client, we will process your Data as outlined in the table below. This processing is necessary to provide you with Local Payment Methods. For a comprehensive list of our products, please visit https://nikulipe.com/payment-methods/.

 

Legal basis for the processing The categories of Data concerned Is the provision of Data a requirement?

 

Contract

(Art. 6(1)(b) of the GDPR)

 

Legal obligation

(Art. 6(1)(c) of the GDPR)

Name and surname, email address, telephone number, date of birth, country of citizenship and/or country of residence, details of the company that you represent, government-issued identification number, address, your affiliation with the company Yes. If you do not provide your Data, we will not be able to provide you with our services.

 

3.2. Fraud prevention, Anti-Money Laundering and Counter-Terrorist Financing

 

Fraud prevention, Anti-Money Laundering (‘AML’) and Counter-Terrorist Financing (‘CTF’) legislation, requires due diligence, transaction monitoring, regular reviews, and adherence to various statutory obligations. To fulfil these requirements, we must process the Data of our clients (occasionally including their customers), ultimate beneficial owners (‘UBOs’), and directors of legal entities who are our clients, as specified in the table below.

 

Legal basis for the processing The categories of Data concerned

 

Is the provision of Data a requirement?

 

Legal obligation

(Art. 6(1)(c) of the GDPR)

Name and surname, bank account number, citizenship, the country which has issued identity, tax identification number, country, postal code, residential address, telephone number, e-mail address, information about your occupation  information on your company’s business activities or information on your individual activities,  transactions, information on the UBO and the representative of a legal entity that is our client: name, surname, personal ID number, date of birth, percentage of shares, voting rights, the country that has issued an identity document, ID information citizenship Yes. If you do not provide your Data, we will not be able to provide you with our services.

 

3.3. Processing your payments

 

When you initiate a payment through one of our clients (for example, merchants that sell you goods or services), we process your Data, as outlined in the table below, to facilitate your payment transaction and handle related matters, such as chargebacks. This means that we do not engage directly with you, but rather obtain your Data through our clients.

 

Legal basis for the processing The categories of Data concerned

 

Is the provision of Data a requirement?

 

Contract

(Art. 6(1)(b) of the GDPR)

 

Legitimate interest (sanction screening & AML)

(Art. 6(1)(f) of the GDPR)

Name, surname, chargeback information (in chargeback cases), the amount of the transaction and the currency in which the transaction is done, the date, time and location of the transaction, internal identification number, sanctions information (where applicable) Yes. If you do not provide your Data, we will not be able to process your payment

 

3.4. Security and improvement of our Website

 

To ensure our Website remains secure and operates smoothly, it’s important for you to know that when you visit our site, we automatically collect certain technical information about your device and how you use our Website. This is a common practice designed to maintain the best possible functionality and safety while you’re browsing.

 

Legal basis for the processing The categories of Data concerned

 

Is the provision of Data a requirement?

 

Legitimate interest

(security and improvement of our Website)

(Art. 6(1)(f) of the GDPR)

IP address, log-in information, browser type and version operating system and platform, type of device, a unique device ID, mobile network information, mobile operating system and the type of mobile browser you use, screen resolution, general information about your use of and actions on our Website No

 

3.5. Client service

 

We’re dedicated to offering assistance and addressing any queries or concerns you may have. In order to respond to your inquiries effectively, we need to process your Data as outlined below.

 

Legal basis for the processing The categories of Data concerned

 

Is the provision of Data a requirement?

 

Consent

(Art. 6(1)(a) of the GDPR)

Email address, subject of your inquiry, date of your inquiry, content of your inquiry, attachments to your inquiry, your name and (or) surname provided in your inquiry, reply to your inquiry, other information provided by you No

 

3.6. Keeping you informed and gathering your feedback about our services

 

When you or the company you represent used our services, consent to receive marketing communications from us, or in situations where we have a legitimate interest in informing you about our services, we will process your Data as outlined below.

 

Legal basis for the processing The categories of Data concerned

 

Is the provision of Data a requirement?

 

Consent (Article 6(1)(a) of the GDPR)

 

Customer relationship

(Article 81(2) of the Law on Electronic Communications of Lithuania)

 

Legitimate interest

(direct marketing)

(Article 6(1)(f) of the GDPR)

Name, surname, email address, telephone number, preferences for receiving marketing communications and details about how you engage with our marketing communications

 

No

 

3.7. Recruitment

 

When you apply for a position at our company or when we reach out to you regarding a job opportunity, we process your Data as part of the recruitment process as describe below.

 

Legal basis for the processing The categories of Data concerned

 

Is the provision of Data a requirement?

 

Consent

(Art. 6(1)(a) of the GDPR)

 

Legitimate interest (selection of employees)

(Art. 6(1)(f) of the GDPR)

Full name, e-mail, phone number, CV, work experience, other information you provide us with No

 

3.8. Administration of our social media profiles

 

By engaging with us through messaging, following our pages, or interacting with our posts on social media, your Data will be processed as outlined in the table below.

 

Legal basis for the processing The categories of Data concerned

 

Is the provision of Data a requirement?

 

Consent

(Art. 6(1)(a) of the GDPR)

 

 

Name and surname provided in your social media profile, email address, messages, message information, attachments, comments, shares, reactions, other interactions and additional Data provided No

 

3.9. Fulfilment of statutory duties and the establishment, exercise, or defense of legal claims

 

If you enter into a contract with us, we’ll keep your Data for as long as the law requires. This helps us protect our legal rights, just in case. We also need to hold onto some of your information for legal stuff like accounting and record-keeping. And, on the off chance you’re involved in a legal case where we’re also a party, we’ll use your Data specifically for that case.

 

Legal basis for the processing The categories of Data concerned

 

Is the provision of Data a requirement?

 

Legal obligation

(Article 6(1)(c) of the GDPR)

 

Our legitimate interest to defend our rights and interests

(Article 6(1)(f) of the GDPR)

All of the above information, legal documents, procedural documents, annexes, court documents, investigation information, criminal convictions and offenses, other Data provided.

 

When the processing of your Data is required under applicable laws, providing this Data becomes a legal necessity. If you are unable to provide this Data, unfortunately, we will not be in a position to offer our services to you.

 

4. How long do you store my Data?

 

We will not retain your Data for longer than is necessary for processing purposes outlined above, except when required by law, which may necessitate an extended retention period:

 

  • We store copies of documents confirming the identity of the client, g. copies of client’s identity documents, beneficiary identity data, documentation of accounts and/or agreements, and other Data related to the client application and due diligence process for 8 years from the date of the end of business relations with the client.
  • We store correspondence of business relations with the client for 5 years from the date of the end of the business relations with the client.
  • We store records of monetary transactions, e.g. documents, data, and other legally valid information relating to the execution of monetary transactions or confirming a monetary transaction for 8 years from the date of the execution of the monetary transaction.
  • We will use your Data for marketing purposes as long as you or the company you represent is our client or have given us consent, and 3 years thereafter, unless you inform us that you no longer wish to receive such information from us.
  • We will retain Data in our social media profiles for no longer than 10 years.
  • For managing our recruiting and processing employment applications we will retain the Data that we have obtained via our recruitment processes for as long as necessary to evaluate the application and in accordance with all relevant laws and regulations. Furthermore, we may ask for your consent to retain your Data for some time after we have evaluated your application.
  • We will retain Data necessary for the protection of our legal interests for 10 years.

 

5. Where do you collect my information from?

 

We collect most of the information from you. In addition, for certain purposes, we may receive information from other sources, as explained below.

 

Information source

 

Purpose of collecting information
Our clients (merchants, financial institutions and other businesses)

 

To provide our services
Partners providing local payment methods To provide our services

 

Registers of legal entities

 

To comply with applicable legislation

 

Social media service providers

 

To manage our social media profiles
HR service providers To carry out the selection of potential employees

 

Publicly accessible government lists of restricted or sanctioned persons (such as the Specially Designated Nationals And Blocked Persons List), or politically exposed persons lists

 

To ensure compliance with AML, CTF and fraud prevention requirements
Public records databases (such as company registries and regulatory filings) and other publicly accessible data

 

To ensure compliance with AML, CTF and fraud prevention requirements
We and or our third-party verification providers may also collect information from private or commercially available sources, such as by requesting reports or information from credit bureaus and/or fraud prevention agencies, to the extent permitted under applicable law

 

To ensure compliance with AML, CTF and fraud prevention requirements

 

6. Who do you share my Data with?

 

Where necessary for the purposes set out above and subject to applicable laws, we share Data with the following Data recipients:

 

Data recipients or categories of Data recipients If the Data are to be transferred to a third country or international organisation:

 

Third Country

 

Appropriate safeguard or derogation

 

Hawk AI GmbH (transactions monitoring service provider)

 

iDenfy, UAB (identity check service provider)

 

Credit reference, fraud protection, risk management, and identity and verification agencies

 

Participants in the transaction processing chain (merchants, acquirers, banks or other card issuers, card associations)

 

EU / Worldwide Standard Contractual Clauses (link)

 

Professional advisors (lawyers, bankers, auditors, and insurers)

 

State institutions, supervisory authorities, law enforcement authorities, and courts.

 

Other third parties, subject to your consent or as required to fulfil contractual obligations.

 

Meta Platforms, Inc. (Social media service provider)

 

EU/ US Standard Contractual Clauses (link)

 

Microsoft Corporation (LinkedIn) (Social media service provider)

 

EU / US Standard Contractual Clauses (link)

 

7. What are my rights?

 

Subject to conditions, limitations, and exceptions established by statutory data protection provisions, you have the rights listed below:

 

My right

 

When this right is applicable to me?
Right of access when you seek to obtain confirmation as to whether we collect or otherwise process personal data concerning you, and, where that is the case, access to the personal data and the information about the data processing.
Right to rectification when you seek to obtain from us the rectification of inaccurate personal data concerning you.
Right to erasure (‘right to be forgotten’) – when personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;

– when you withdraw consent on which the processing is based and there is no other legal ground for the processing;

– when you object to the processing and there are no overriding legitimate grounds for the processing, or you object to the processing for direct marketing purposes;

– where the personal data have been unlawfully processed;

– where the personal data have to be erased for compliance with a legal obligation;

– where the personal data have been collected in relation to the offer of information society services directly to a child and subject to a consent.

Right to restriction of processing – where the accuracy of the personal data is contested by you;

– where the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;

– where we no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims;

– where you have objected to processing.

Right to data portability where you seek to receive the data you have provided in a structured, commonly used and machine-readable form or to transmit those data to another controller, the processing is based on consent or on a contract and is carried out by automated means.
Right to object where the collection and use is based on a task carried out in the public interest or in the exercise of official authority vested or legitimate interest, including profiling, as explained in Section 3 of this Privacy Policy, or where you object to the collection of your personal data for direct marketing purposes.
Right to withdraw consent where the processing is based on consent, as explained in Section 3 of this Privacy Policy, and you seek to withdraw it at any time.
Right to lodge a complaint where you want to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or of an alleged infringement of the data protection laws.

 

 

8. Do you engage in automated individual decision-making, including profiling?

 

No, we do not make decisions based solely on automated processing, including profiling, which would produce legal effects concerning you.

 

9. Cookies and similar technologies

 

The cookies and similar technologies listed below are used to save information or to access information that is already stored on your devices.

 

A cookie is a small piece of data saved by the Website on your computer or mobile device. Cookies facilitate the Website’s ability to remember details about your visit, thereby simplifying future visits and enhancing the site’s utility for you. Additionally, other technologies, such as unique identifiers for identifying your browser, app, or device, pixels, and local storage, may be employed for similar purposes.

 

www.nikulipe.com

 

Purpose of processing Cookie Category Whether third parties will have access to the information Duration of operation
This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site’s analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors

 

_ga Analytics Yes 2 years
This cookie is installed by Google Analytics. The cookie is used to store information on how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected includes the number of visitors, the source where they have come from, and the pages visited in an anonymous form. _gid Analytics Yes 1 day
This cookie is installed by Google Analytics. The cookie is used to persist session state. _ga_<container-id> Analytics

 

Yes

 

2 years

 

This cookie is set by Google and is used to distinguish users. _gat_gtag_UA_162751101_1  Analytics Yes 1       minute

 

10. How can I manage cookies and similar technologies?

 

Most browsers give you the ability to manage cookie settings, including the use of cookies, and to delete cookies and browsing history. This applies to browsers such as Chrome, Safari, Firefox, Internet Explorer, and Opera.

 

11. How do I submit a request / contact your DPOs?

 

If you have any questions concerning Nikulipe’s processing of Data, you can reach us by email at contact@nikulipe.com

 

Nikulipe has appointed Data Protection Officer who can be reached at dpo@nikulipe.com.

 

12. Can this Policy be amended?

 

We update this Policy from time to time. The latest version of this Policy can be found on our websites at www.nikulipe.com.

 

Last update date: August 2024

Download the full document

DUOMENŲ APSAUGOS PRANEŠIMAS

Šis duomenų apsaugos pranešimas taikomas visiems asmens duomenims, kuriuos mums pateikiate arba kuriuos surenkame ir tvarkome Jums naudojantis “Nikulipe“, UAB (juridinio asmens kodas 305189166, registruotos buveinės adresas: Konstitucijos pr. 21C, 08105 Vilnius, Lietuvos Respublika) interneto svetaine www.nikulipe.com.

Tikslas

“Nikulipe”, UAB tvarko Jūsų duomenis pateiktus interneto svetainės kontaktų formoje (vardas, pavardė, el. paštas, tema, žinutės laikas ir kita pateikta informacija), tam, kad galėtume susisiekti su Jumis ir pateikti informaciją.

Pagrindas

UAB „Nikulipe“ tvarko duomenis remdamasi Jūsų sutikimu, kurį išreiškiate pateikdami savo asmens duomenis interneto svetainės kontaktų formoje.

Saugojimo terminas

Visus Jūsų asmens duomenis mes tvarkome ir saugome ne ilgiau, nei reikalinga šioje politikoje nurodytais tikslais. Kontaktų formoje pateiktus Jūsų duomenis “Nikulipe”, UAB tvarkys 2 metus. Slapukų saugojimo periodai yra pateikti lentelėje žemiau.

Duomenų perdavimas

Jūsų asmens duomenis galime perduoti tvarkyti tretiesiems asmenims, kurie padeda mums administruoti mūsų interneto svetainę, saugoti jos duomenis bei teikti paslaugas. Tokiais asmenimis gali būti duomenų bazių programinės įrangos tiekėjai, duomenų bazių administravimo paslaugų teikėjai, debesijos paslaugų teikėjai ir pan.

Slapukai

Mes naudojame slapukus, kad mūsų svetainė veiktų. Šie slapukai yra būtini mūsų svetainės veikimui. Šiuos slapukus galite išjungti pakeisdami savo naršyklės nustatymus. Tačiau atminkite, kad išjungę būtinus slapukus, jūs negalėsite visapusiškai naudotis mūsų svetaine.

Griežtai reikalingi slapukai

Šie slapukai yra būtini, kad galėtumėte judėti ir naršyti svetainėje bei naudotis jos funkcijomis.

Funkciniai slapukai

Funkciniai slapukai įrašo informaciją apie jūsų pasirinkimus ir leidžia jums pritaikyti svetainę. “Nikulipe”, UAB naudoja funkcinius slapukus, kad atsimintų jūsų pasirinkimus, pvz., kalbos pasirinkimą ar kitus internetinius nustatymus, ir suteiktų pasirinktų individualizuotų ar patobulintų funkcijų, kad kitą kartą apsilankę jums nereikėtų vėl įvesti visos šios informacijos.

Analitikos slapukai

“Nikulipe”, UAB naudoja šiuos slapukus rinkdama informaciją apie tai, kaip lankytojai naudojasi mūsų svetaine. Ši statistika suteikia mums informacijos apie tai, kaip dažnai lankomas mūsų tinklalapis, kur mūsų svetainėje lankytojai praleidžia daugiausiai laiko, kaip dažnai jie sąveikauja su puslapiu ar puslapio dalimi, tai leidžia mums sukurti struktūrą, naršymą ir turinį, kad mūsų svetainė būtų kuo patogesnė vartotojui.

Reklaminiai slapukai

Šie slapukai naudojami siekiant įvertinti reklamos kampanijų pristatymą ir našumą bei apriboti, kiek kartų matote reklamas. Trečiųjų šalių reklamos slapukus gali nukreipti jūsų įrenginys trečiųjų šalių reklamuotojai, reklamų tinklai, duomenų mainų, rinkodaros analizės ir kiti paslaugų teikėjai.

Mes naudojame šiuos slapukus:

Slapuko pavadinimas Kategorija Tikslas Saugojimo terminas
_ga Analitiniai Šį slapuką įdiegė Google Analytics. Slapukas naudojamas lankytojo, seanso, kampanijos duomenims apskaičiuoti ir svetainės analitikos ataskaitai sekti svetainės naudojimą. Slapukai saugo informaciją anonimiškai ir priskiria atsitiktinai sugeneruotą skaičių unikaliems lankytojams identifikuoti. 2 metai
_gid Analitiniai Šį slapuką įdiegė Google Analytics. Slapukas naudojamas informacijai apie tai, kaip lankytojai naudojasi svetaine, saugoti ir padeda sukurti svetainės veiklos analitinę ataskaitą. Surenkami duomenys apima lankytojų skaičių, šaltinį, iš kur jie atvyko, ir anonimiškai aplankytus puslapius. 1 diena
_gat_gtag_UA_
162751101_1
Analytiniai Šį slapuką nustato „Google“ ir jis naudojamas vartotojams atskirti. 1 minutė

 

Jūsų teisės

Jūs turite šias teises, susijusias su Jūsų asmens duomenimis:

  • prašyti, kad “Nikulipe”, UAB leistų susipažinti su duomenimis ir juos ištaisytų arba ištrintų, arba apribotų duomenų tvarkymą
  • teisę nesutikti, kad duomenys būtų tvarkomi;
  • teisę gauti savo asmens duomenis susistemintu, įprastai naudojamu ir kompiuterio skaitomu formatu (teisė į duomenų perkeliamumą);
  • teisę atšaukti sutikimą;
  • teisę pateikti skundą priežiūros institucijai.

 

Kontaktai

Savo teisėmis galite pasinaudoti susisiekdami su UAB „Nikulipe“ el. paštu dpo@nikulipe.com.

Galiojimas ir pakeitimai

Šis privatumo pranešimas įsigalioja nuo 2020 m. balandžio 1 d. Atsiradus pakeitimams, svetainėje paskelbsime atnaujintą versiją, kurios pakeitimai ir (arba) papildymai įsigalioja po jų paskelbimo svetainėje.