Insignia Mobile Application

Privacy Policy

Insignia Cards Limited (“We”, “Us”, “Our”) takes Your (“You”, “Your”, “Yours”) privacy, its safety and security very seriously and strives every day to maintain the standards set out in the relevant data protective legislation, particularly the General Data Protection Regulation (Regulation EU 2016/679) (GDPR), and previously in accordance with the provisions of the Data Protection Act, as contained in Chapter 440 of the Laws of Malta. 

We are registered and established in Malta, bearing company registration number C54426, with registered address at Level 4, Palazzo Spinola, St.Christopher Street, Valletta, VLT 1464. The Insignia Mobile Application (the ‘Mobile Application’ or the ‘App’) is operated by Us, yet We are part of a family of companies known as the Insignia Group of Companies (the “Group”). You can find more information on Us and the Group through the Group’s Website, which can be accessed at https://www.insignia.com/. 

This Privacy Policy (the ‘Policy’) will set out what personal data We collect about You through the App, how We process that personal data, what it is processed for and why We need it. You will also be informed about Your rights in relation to Your own personal data, how to exercise those rights and who to contact if You ever have any issues with how We handle Your personal data. 

If You do not agree with Us processing Your personal data in the App or You would not like Us to process Your personal data, kindly refrain from using Our App. On the other hand, if You would like further information about how We process Your personal data, kindly continue reading below. 

Definitions

"Mobile Application" or "App" means the Insignia Mobile Application which can be downloaded to any mobile device or tablet which runs an operating system capable of meeting its requirements, through which You can access some of Our online services.

"Biometric Authentication" is a security process that relies on Your unique biological characteristics so as to verify Your identity. The current supported biometric authentication methods are Touch ID and Face ID methods which are developed by Apple Inc, and Fingerprint which is developed by Android.

"You", "Your" and "Yours" means the person who has downloaded the Insignia Mobile Application and is making use of the App. 

"We", "Us" and "Our" mean Insignia Cards Limited, and any affiliated third parties or Company representatives appointed to provide all or part of the App.

What personal data do We collect from You? 

In order to be able to render Our services to You efficiently and effectively through the App, We must collect certain pieces of information from You i.e. personal data. Personal data is information We collect from You, which can lead to Your direct or indirect identification. 

In fact, once You agree to make use of Our services, We may collect the following information from You:

1. Identity data which includes names, usernames or similar identifiers, titles, dates of birth and gender amongst others; 
2. Biometric data which includes Your fingerprints and Your face; 
3. Contact data which includes contact details such as telephone numbers, email addresses and residential addresses; 
4. Financial data which includes Your bank account and financial details; 
5. Transaction data which includes details about payments made and received by Yourself through the use of Our products and/or services You have purchased from Us; 

To view the full list of information We may collect about You, kindly refer to Our Group Privacy Policy available here: https://www.insignia.com/privacy-policy/, particularly Section 2 ‘The data We collect about You’. 

How do We collect Your personal data? 

There are numerous ways through which We collect Your personal data, including; 

1. information supplied by You, when filling out Our application forms, when communicating with Us through letters and emails, over the phone or through the device You use;
2. from Our analysis of how You operate and make use of Our products and services, including the frequency, nature, location, origin and recipients of any payments You make while using Our services;
3. from, or through, other organisations (for example other entities within the Insignia Group of Companies, card associations, insurance companies, retailers, social media, credit reference agencies, fraud prevention agencies and public information sources); 
4. in certain circumstances, We may also collect special categories of Your data (e.g. biometric data, criminal convictions), but We will only do this where We are allowed to do so by law or if You have given Your consent.

In relation to point 3 above, if We collect personal data about You from other individuals or organisations i.e. third parties, We will inform You regarding the identity of such third parties, their Data Protection Officer (DPO) and their contact details, as well as all the other information stipulated in Article 14(1) GDPR. If You require this information, kindly contact Our DPO, using the following email address dpo@insignia-cards.com. 

How do We use Your personal data? 

The personal data We collect from You has multiple uses, including the following: 

1. in order to be able to render Our services to You and therefore fulfil Our legitimate interests;  
2. to carry out Our contractual obligations to You in relation to any of Our services which You make use of; 
3. in order to manage Your relationship with Us, as well as managing Our relationship with and complying with Our regulators and therefore fulfilling Our legal obligations;
4. to ensure that content from Our App is presented in the most effective and efficient way on Your device; 
5. to inform You about Our products, services and upgrades, which We feel may interest You, only in cases where You have consented to be contacted for such purposes; 
6. to allow You to make use of the interactive features of Our App, only when You choose to do so; 
7. to notify You and keep You up to date about changes to Our service.

For a full, detailed list of the different manners in which We make use of Your personal data, kindly refer to Our Group Privacy Policy available here: https://www.insignia.com/privacy-policy/, particularly Section 4 ‘How We use Your personal data’.

With whom do We share Your personal data? 

In order to be able to render Our most effective and efficient service to You through the App, We may share Your personal information with third parties, including sister companies in Our Group, as well as external organisations and institutions which render their services to Us, and consequently You. 

Such sharing and transfers of Your personal data might occur to areas outside the EU i.e. third countries. We will only transfer Your personal data to such third countries if We have a data processing agreement in place with such third country, which has a standard of data protection which equals those laid out in the GDPR as well as Our own data protection policies. 

If such data processing agreement is not present, We will not transfer Your personal data unless We have acquired Your explicit consent beforehand. 

For further information regarding transfers of Your personal data, kindly refer to Our Group Privacy Policy available here: https://www.insignia.com/privacy-policy/, particularly the sections entitled ‘Disclosure of Your personal data’ and ‘International transfers’. 

Why do We need Your personal data?

In order for Us to be able to render Our services to You, for You to be able to use Our App and for Us to fulfil the contractual obligation which We have entered into with You, We must collect Your personal data. 

There is some personal information which We collect from You in order to uphold Our legal obligations as a financial institution. When We first onboard You as Our client, We collect certain data from You as well as input You into Our system and then maintain an accurate record of You, and Your personal information with Us. We require Your personal data in this manner in order to comply with national and EU legislation, particularly anti-money laundering legislation, and countering of financing of terrorism (AML & CFT), as well as to comply with Our regulators. 

There is some personal information which We collect from You in pursuit of Our own legitimate interests, such as providing You with Our services, all the while providing the most efficient and effective service possible. 

It is important to note that if You refuse to provide Your personal data to Us, or object to the processing of Your personal data (which You can do at any time – read further down below), We may not be able to provide Our services to You at all, including the App, as that would mean that We may be in breach of Our legal obligations. 

For a full explanation of why We require Your personal data, kindly refer to Our Group Privacy Policy available here: https://www.insignia.com/privacy-policy/, particularly Section 4 ‘How We use Your personal data’.

What rights do You have regarding Your personal data? 

In this situation, We are the data controller and You are the data subject. Being data subject, You have a set of rights given to You by the GDPR, which include the following: 

1. To request access to Your personal data
2. To request correction of Your personal data
3. To request erasure of Your personal data
4. To object to processing of Your personal data
5. To request restriction of processing Your personal data
6. To request transfer of Your personal data
7. To withdraw consent

For more information about Your rights, kindly refer to Our Group Privacy Policy available here: https://www.insignia.com/privacy-policy/, particularly Section 9 ‘Your legal rights’.

For how long do We store Your personal data? 

In line with the GDPR, We will store Your personal data for as long as You are a client of Insignia. Other personal information will be stored for a longer period, even after termination of Your relationship with Us, or after uninstalling the App, in order be in compliance with the relevant money laundering legislation as well as those pertaining to financial institutions, such as Insignia. 

For more information about Your rights, kindly refer to Our Group Privacy Policy available here: https://www.insignia.com/privacy-policy/, particularly Section 8 ‘Data retention’.

Do You require any clarification? 

If You have an issue regarding how We process Your personal data, or a query, kindly contact Our DPO on the following email address: dpo@insignia-cards.com. If You would like to make a complaint in regard to how We handle Your personal data, kindly contact the Information and Data Protection Commissioner’s Office using the below contact details:

Address: Floor 2, Airways House, Triq Il-Kbira, Tas-Sliema SLM 1549

Telephone: +356 2328 7100

Email:  idpc.info@idpc.org.mt