Data Privacy

Privacy notice

September 2024

This privacy notice (“Privacy Notice”) explains how we process your personal data (“Personal Data”) while you use our services, including when you browse our website (“Website”), perform a transaction with us, or visit our stores (collectively, “Services”) , whether as a customer, a visitor and/or a user of our Website, or however you might otherwise interact with us (collectively, “you”, “your” or “users”). In this Privacy Notice, we also describe whether your Personal Data is shared with other parties and the mechanisms we have in place to protect your data.

We encourage you to regularly review this Privacy Notice and check the Website for any updates. Updates to this Privacy Notice will be published on our Website, and by continuing to deal with us, you agree to this Privacy Notice and any future modifications.

Where local law requires additional details to be included in this Privacy Notice, such information has been included in the Regional Privacy Notices section below.

Content

Regional Notices

Frequently Asked Questions (FAQs)

How can I contact the company regarding my Data? To make any request or consultation, you may contact us by email to dpo@euroentworldwide.com

Who are we? We are epay, a subsidiary of Euronet Worldwide Inc.

What type of Personal Data is collected? We collect only the Personal Data necessary to provide you with the Service and to comply with applicable law.

Why do We collect Personal Data? We collect Personal Data for specific contractual and legal purposes. With your consent, we also collect data for additional purposes.

How long do we keep Personal Data? We keep Personal Data only for as long as necessary or as required by applicable law.

With whom we share Personal Data? We share Personal Data with other Euronet Group companies, legal authorities, and partners where necessary to meet regulatory requirements or contractual commitments.

Where do we store Personal Data? We store Personal Data in secure locations with strict security measures in place. If we need to transfer Personal Data to other locations, we take all necessary measures to comply with legal obligations and ensure a proper level of security.

What are your Personal Data rights? Depending on where you live, you may have rights in relation to your Personal Data under applicable law. A description of common Personal Data rights is set out in section 15 below.

1. What Personal Data is collected and why?

The categories, sources, and reason for collecting Personal Data are listed below. Where the collection of Personal Data is based on your consent, you may withdraw your consent at any time. We do not and will not “sell” or “share” Personal Data, as those terms are defined under applicable laws. We retain Personal Data for as long as reasonably necessary to provide the Services and meet our legal obligations.

If you have questions or concerns regarding the processing of your Personal Data, you may contact us any time at dpo@euronetworldwide.com

We collect Personal Data from the following sources:

  • Directly from you through direct interactions and forms.
1.1. Types of Personal Data

a)  Behavioral and Technical Information

IP address, internet, or other similar network, browsing, or search activity, behavioral information (to understand the way you behave while using our products and services), browser type and version, time zone setting, screen resolution settings, browser plug-in types and versions, operating system, and platform.

Our Cookie Policy is available here

Purpose for Processing

Legal Basis

To perform analytics to measure the use of our website and Services, including number of visits, average time spent on the Website, pages viewed, page interaction data (such as scrolling, clicks, and mouse-hovers), etc., and to improve the content we offer to you.
Consent
To undertake activities to verify or maintain the quality of the Service, and to improve, upgrade, or enhance the Service, including to administer the Website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
Consent
Legitimate Interest
To help ensure the safety and security of our Website.
Consent
Legitimate Interest
To provide advertising and marketing, including measuring the impact of our emails.
Consent
To provide the Services, including to process the transaction.
Contractual obligation

b) Non-Identifiable Data

Whenever possible, we use data where you cannot be directly identified (such as anonymous demographic and usage data) rather than Personal Data (“non-identifiable data”). This nonidentifiable data may be used to improve our internal processes or delivery of services, without further notice to you.

We may use aggregate data for a variety of purposes, including to analyze, evaluate and improve our Services.

1.2 Accuracy of Personal Data

We are committed to keeping your Personal Data accurate and up to date. We take reasonable steps to ensure the accuracy of your Personal Data by ensuring that the latest Personal Data we have received is accurately recorded and when considered necessary, we run periodic checks and request that you update your Personal Data. From time to time, we may send you an email asking you to confirm and/or update your Personal Data. This communication is based on our legitimate interest and legal obligation to maintain accurate and up to date information.

If you notice that your Personal Data is not accurate, you may request a correction or update your information by sending an email to dpo@euronetworldwide.com

2. Legitimate Interest

When we use your Personal Data to pursue our legitimate interests, we will make every effort to match our interests with yours so that your Personal Data will only be used as permitted by relevant law, or when it will not adversely affect your rights. Upon request, customers may request information on any processing based on legitimate interest.

3. How long do we keep Personal Data?

Personal Data is kept for as long as it is necessary to provide the Services requested and to comply with applicable legal, accounting, or reporting obligations. The retention period is determined based on the applicable requirements and obligations, which may include:

  • Legal and Regulatory Requirements: Your Personal Data is kept as long as necessary to comply with all our legal obligations including without limitation, commercial, tax and anti-money laundering laws and regulations. While we store your Personal Data only for the purposes of complying with legal obligations, your Personal Data will be restricted such that it cannot be used for any other purposes. While restricted, only when necessary, will your Personal Data be accessed. Whenever we receive a request for deletion, we will also maintain your Personal Data further to our legal obligations.
  • Customer Service and Contractual relationship (administration of customer relationship, complaint handling, etc.): We will keep your Personal Data if you remain our customer. Once we consider our contractual relationship to be over, we will proceed to restrict your data to make it available only to comply with legal obligations as expressed above.
4. Do We disclose Personal Data?

epay´s disclosure of Personal Data for business purposes or to meet legal obligations are outlined below:

4.1. Euronet Group

Types of Personal Data

Purpose

Legal Basis

Behavioral and Technical Data
We disclose your Personal Data with Euronet and Euronet Group affiliates for our affiliates’ everyday business purposes and compliance with group obligations. As a result of a sale, acquisition, merger, or reorganization involving Euronet, a company within the Euronet Group, or any of their respective assets, we may transfer customer Personal Data to a third party. In doing so, we will take reasonable steps to ensure that their information is adequately protected. Your Personal Data is also disclosed to be able to provide you with customer service, regardless of when you require our help. To provide access to our 24/7 customer service, we must share your Personal Data with the Group affiliates.
Legal Obligation
Contractual Obligation
4.2. Third-Party Service Providers

Types of Personal Data

Purpose

Legal Basis

Behavioral and Technical Data
To advertisers or advertising networks and social media companies to place personalize placed advertisements in digital services and to adapt to consumer preferences.
Consent

*The legal meaning and list of “third-party service providers” may vary depending on the country you are based. For additional information regarding which providers have access and why they have access to your Personal Data you may reach us at dpo@euronetworldwide.com

4.3. Legal and Regulatory Authorities

Types of Personal Data

Purpose

Legal Basis

Financial Details
Transactional Data
Video surveillance
Identification Data
We may need to disclose your Personal Data (including Sensitive Personal Data, as described above) if requested by a legal authority. We may share your Personal Data with legal authorities to enforce or apply our Terms and Conditions or any other agreement or understanding we may have with you.
Legal Obligation
Contractual Obligation
5. Data Security

We are committed to protecting your Personal Data and have put in place commercially reasonable and appropriate safeguards to prevent any loss, abuse, and alteration of the information you have entrusted us. At Epay, we will always strive to ensure your Personal Data is well protected, in accordance with international best practices. We maintain this commitment to data security by implementing appropriate physical, electronic, and managerial measures to safeguard and secure your personal information.

To safeguard our systems from illegal access we use secure, cutting-edge physical and organizational security measures which are continuously enhanced to ensure the highest level of security in accordance with international best practices and cost efficiency. All Personal Data is kept in a secure location protected by firewalls and other sophisticated security mechanisms with limited administrative access.

Personnel who have access to your Personal Data as well as the processing activities surrounding your Personal Data are contractually bound to keep your data private and adhere to the Privacy Policy we have implemented in our organization.

We aim to achieve the highest standard of data protection by adopting industry-standard measures to protect your privacy.

6. Description of Personal Data Rights

Depending on where you live, your Personal Data Rights under applicable law may include:

  1. Right to Access: the right to request access to a copy of your Personal Data.
  2. Right to Correct Inaccuracies: the right to request correction of inaccuracies in your Personal Data.
  3. Right to Deletion: the right to request deletion of your Personal Data where certain conditions apply.
  4. Opt-Out Rights: the right to opt-out of the processing of Personal Data for the purposes of targeted advertising.
  5. Right to Restrict Processing: the right to restrict processing where certain conditions apply.

We will respond to your request as soon as possible and within the timeframe stated in the applicable law.

For applicable rights please refer to the Regional Privacy Notice section below.

To exercise any of your rights, you must send an email to dpo@euronetworldwide.com. To help protect your privacy and maintain security we will take necessary steps to verify your identity and may ask you to provide other details before granting you access to your Personal Data or initiating a modification of any Personal Data. When required, if we don’t have a copy of your ID or any legal valid document that proves your identity, we will not be able to answer your request.

Be aware that some rights may not be enforceable due to business necessities or legal obligations while providing you with the Service. Your rights may be limited to comply with other legal obligations such as anti-money laundering, contractual and compliance obligations. Notwithstanding that you will always be responded to when exercising any of the rights stated above and/or any additional right you may have depending on your jurisdiction. If your rights can’t be enforced, you will always receive a proper explanation.

7. Privacy Complaints

If you have a complaint regarding our processing of your Personal Data, you may contact us at dpo@euronetworldwide.com.

Depending on the applicable privacy law, you may have the right to make a complaint to a Data Protection Authority or other regulatory body if you believe we have failed to comply with our obligations under this Privacy Notice or the applicable law.

12. Regional Privacy Notices
8.1. Notice to United States Consumers

This Notice is provided to United States consumers and customers (including former customers) to meet the requirements of the federal Gramm-Leach-Bliley Act (“GLBA”), where applicable, related to the collection, disclosure, and protection of “nonpublic personal information” (“NPI”) as defined by the GLBA. For the purposes of this Notice, NPI means personally identifiable information about an individual that is collected by Us as a financial institution under the GLBA in connection with providing a financial product or service, unless the information is lawfully made publicly available. NPI collected by Us may include any:

  • information an individual give Us to get a financial product or service.
  • information We get about an individual from a transaction involving financial products or services (i.e., the fact that the individual is a customer/consumer of Epay, account numbers, payment history, etc.); or
  • information We get about an individual in connection with providing a financial product or service (i.e., information from a consumer report or court record).

The categories of NPI that may be collected by Us are listed in section 1 of this Privacy Notice.

The categories of NPI that may be disclosed by Us are listed in section 9 of this Privacy Notice.

The categories of affiliates and nonaffiliated third parties to whom NPI is disclosed or may be disclosed in the future are listed in section 9 of this Privacy Notice. Where We disclose NPI to nonaffiliated third parties pursuant to the exceptions under the GLBA, all such disclosures are made as permitted by law. A “nonaffiliated third party” is any person except a financial institution’s affiliate or a person employed jointly by a financial institution and a company that is not the institution’s affiliate.

The categories of information disclosed and to whom under joint marketing/service provider exception of the Privacy Rule are listed in section 9 of this Privacy Notice.

If NPI may be disclosed to nonaffiliated third parties, and that disclosure does not fall within any of the exceptions of the Privacy Rule under the GLBA, consumers’ and customers’ have the right to opt out of these disclosures and an opt-out mechanism will be provided to the consumer or customer.

Notice of epay´s information sharing among Euronet Group and its affiliates is provided in section 9 of this Privacy Notice in accordance with the Fair Credit Reporting Act.

epay´s policies and practices with respect to protecting the confidentiality and security of NPI are set out in section 11 of this Privacy Notice.

Internal Appeals Process: If you receive notice from us that your Personal Data rights request has been refused, you may appeal the refusal within a reasonable period after receiving the notice by sending an email to dpo@euronetworldwide.com.

California Consumers

In accordance with the California Consumer Privacy Act, residents of California may exercise the following rights:

  • Right to Access
  • Right to Correct Inaccuracies
  • Right to Deletion
  • Right to opt Out of Sale or Sharing of Personal Data for cross-contextual behavioral advertising purposes
  • Right of No Retaliation Following opt Out or Exercise of Other Rights

Data Privacy

Privacy notice

In this Data Privacy Notice (“Privacy Notice”) we explain how we collect and use your personal information that we obtain when you use our services, visit, or use our websites or mobile applications or otherwise interact with us; how we share your information and the steps we take to protect your information.

1. Who we are and the application of this Privacy Notice

The controller of the website you are visiting is Euronet Worldwide, Inc.
11400 Tomahawk Creek Parkway
Leawood
Kansas 66211
USA

To contact the Group Privacy Office,

Europe (EEA) and UK- Data Protection Officer dpo@euroentworldwide.com Calle Cantabria 2, 2nd floor, Alcobendas Madrid, Spain

Asia Privacy Office (APAC)  APAC_DPO@euronetworldwide.com

Rest of the world –  Privacy@euronetworldwide.com

In both cases (“epay”, “we”, “our” or “us”), a subsidiary of Euronet Worldwide, Inc. (“Euronet”). Further details on Euronet and the companies within the Euronet group global network (the “Euronet Group”) are available.

We are committed to the privacy and security of your Personal Data (as defined in section 2 below). This Privacy Notice describes how we collect and use Personal Data, in accordance with applicable law and our standards of ethical conduct.

By using or navigating the Website or any product or service offered by us (collectively, the “Services”), you acknowledge that you have read, understand, and agree to be bound by this Privacy Notice. You should not provide us with any of your information if you do not agree with the terms of this Privacy Notice.

We encourage you to review and check the Website regularly for any updates to this Privacy Notice. We will publish the updated version on the Website and by continuing to deal with us, you accept this Privacy Notice as it applies from time to time.

2. Data Protection Principles

“Personal Data” means any information that enables us to identify you or the beneficiary of your transaction with us, directly or indirectly, such as name, email, address, telephone number, any form of identification number or one or more factors specific to you or your beneficiary’s physical, physiological, mental, economic, cultural, or social identity.

We are committed to complying with applicable data protection laws and will ensure that Personal Data is:

  • Used lawfully, fairly and in a transparent way;
  • Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;
  • Relevant to the purposes we have told you about and limited only to those purposes;
  • Accurate and kept up to date;
  • Kept only as long as necessary for the purposes we have told you about; and
  • Kept securely.
3. What Personal Data do we collect and how do we collect it?

Personal Data You Give Us.

We may collect Personal Data when you give it to us, including when you indicate that you would like to receive any of our Services, when you register with us, when you complete forms online, when you speak with us over the telephone, when you speak with us in person, when you write to us, and when you visit the Website and, in certain circumstances as set out in this Privacy Notice, when you have provided your information to a related company operating under the epay brand or epaygreenlight.com  (each a “epay company” and together the “epay Companies”). We will also collect details of transactions you carry out through the Website and of the fulfilment of such transactions.

The types of Personal Data we collect will depend on the products or services you have requested from us. Any Personal Data collected is necessary for us to perform a contract and without such data we may not provide the desired Services.

We may collect and process the following Personal Data:

  • Personal details, such as data which may identify you and/or the beneficiary of your transaction with us. This may include name, title, residential and/or business address, email, telephone and/or fax numbers and other contact data, date of birth, gender, images, signature, passport/visa details;
  • Financial details, such as data relating to you and your beneficiary’s payment data and bank account obtained for the purposes of money transfers; and/or
  • Additional details requested by law enforcement or requested pursuant to our compliance procedures in connection with efforts to prevent money laundering, terrorist financing and criminal activity, such as relationship to the beneficiary of the transaction, the purpose of the transaction and proof of funds.

Cookies and similar technologies.

When you use our Website or mobile apps we collect information via cookies and similar technologies, including the IP address of visitors, behavioral information, browser type and version, time zone setting, screen resolution settings, browser plug-in types and versions, operating system and platform. We may use this data for the following purposes:

  • To measure the use of our Website and Services, including number of visits, average time spent on a Website, pages viewed, page interaction data (such as scrolling, clicks, and mouse-overs), etc., and to improve the content we offer;
  • To administer the Website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes; and
  • As part of our efforts to keep the Website safe and secure;

Due to their core role of enhancing or enabling usability or site processes, disabling cookies may prevent you from using certain parts of our Website. It will also mean that some features on our Website will not function if you do not allow cookies.
[matomo_opt_out]

4. How we use your Personal Data

We use Personal Data and other data you provide to us only for the following purposes permitted by applicable laws:

  • When necessary for the performance of a contract with you: We may use your data on the basis of our need to perform our obligations under a contract with you, to complete your transactions or other requests made by you, to respond to and process your queries or requests, or to contact you as necessary in connection with our performance of a contract with you. For example, if you enter into a contract for our remittance services, your data will necessarily be shared with the payment service provider that will pay out funds to your designated beneficiary in the remittance destination country, it may be shared with our agents and/or contractors to facilitate the refund of a qualifying payment order to you, it may be shared with a Euronet Group company to provide assistance in connection with the Services outside of normal business hours, and it may be used if we find it necessary to contact you in connection with our contract.
  • When necessary to comply with a legal or regulatory obligation: We may use your data to comply with legal requirements and/or regulations specific to our business. For example, when you contract with us for remittance services, we are required to perform a certain level of due diligence prescribed by law and/or commensurate with any assessed risk which may result in the reporting of your data to legal and/or regulatory authorities and/or a request from us for additional information from you to assist in our risk assessment and/or to satisfy our compliance obligations.
  • When you have provided your consent for the processing: If you have consented and you have not withdrawn your consent, we may contact you with marketing communications in relation to our Services or the services and products of epay Companies (see Section 10 Direct Marketing, below).
  • When necessary in the pursuit of a legitimate interest of epay: we may use your personal information when you use our websites or mobile apps to analyze and improve our products, locations, services, operations and your customer experience, and for measuring marketing return on investment and brand satisfaction in order to enhance your experience. We may use aggregate data for a variety of purposes, including analyzing user behavior and characteristics in order to measure interest in (and use of) the various portions and areas of our Services. We may also use your personal information to provide customer services and to help protect the security and integrity of our technology, systems, and services.

If in the future we use your Personal Data in the pursuit of our legitimate interest, we will strive to align our interests with yours such that under no circumstances will your data be used except as consented to by you or as otherwise permitted by applicable laws.

In some circumstances we may anonymize your Personal Data so that it can no longer be associated with you, in which case we may use such data without further notice to you.

5. Is data collected shared with third parties?

epay Companies

We may share your personal data with other epay Companies in order to enable or facilitate us to provide you with any of the Services you have requested, where you have asked us to do so, to provide the Services to you outside of normal business hours and, where you have consented and not withdrawn your consent, for the epay Companies’ direct marketing purposes.
Euronet Group

epay may share your Personal Data with Euronet and affiliates in the Euronet Group (some of which are based outside the EEA – further details are set out at the end of this section 5) for the purposes, or to enable or facilitate the purposes, set out in Section 4 of this Privacy Notice. This may also include sharing your Personal Data within the Euronet Group for purposes of complying with legal or regulatory obligations.
Third party service providers

We may share your Personal Data with the following third-party service providers to manage, enable or facilitate certain aspects of the Services (including the maintenance of our servers and processing or fulfilling orders for transactions):

  • Compliance verification service providers
  • Financial services providers, such as banks
  • Credit control or debt collection agencies

We have safeguards in place with such third party service providers requiring them to protect your personal data. To obtain a copy of the relevant safeguard measures please contact the Euronet Group Data Protection Officer as indicated in Section 1 above.
Corporate process

We may transfer your Personal Data to a third party as a result of a sale, acquisition, merger, or reorganization involving Euronet, a company within the Euronet Group, or any of their respective assets. In these circumstances, we will take reasonably appropriate steps to ensure that your information is properly protected.
Legal and regulatory

We may also disclose your Personal Data in special cases if required to do so by law enforcement agencies, law, court order, or other governmental authority, or when we believe in good faith that disclosing this data is otherwise necessary or advisable, such as to identify, contact, or bring legal action against someone who may be causing injury to – or interfering with – the rights or property of epay, the Services, another user, or anyone else that could be harmed by such activities (for example, identify theft or fraud).

6. How long is Personal Data retained?

Personal Data is used for different purposes and is subject to different standards and regulations. In general, Personal Data is retained for as long as necessary to provide you with the Services you request, to comply with applicable legal, accounting or reporting requirements, and to ensure that you have a reasonable opportunity to access the Personal Data.

To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements. For example:

  • Legal and Regulatory Requirements. epay shall retain Personal Data and transactional data for those periods required to comply with all retention and reporting obligations under applicable laws, including without limitation commercial, tax and anti-money laundering laws and regulations. Generally, this retention period will be a minimum of five years from the date of your transaction or the date our business relationship with you is terminated.
  • Customer Service (administration of customer relationship, complaint handling, etc.). epay may process and retain your Personal Data for as long as we have an on-going relationship with you. Once our relationship has ended (for example because the Services have been delivered and paid for in full, or you have exercised your right to withdraw from the contract), we will, subject to any retention requirements under applicable laws, erase or anonymise your Personal Data.
  • Marketing. Personal Data provided to us for marketing purposes may be retained until you opt out or until epay becomes aware that any such data is inaccurate.

You may obtain a copy of our Retention Policy by contacting our Euronet Group Data Protection Officer.

7. Is correspondence that you send to us saved?

Yes. If you send us correspondence, including e-mails and faxes, we may retain such data along with any records of your account. We may also retain customer service correspondence and other correspondence involving you, us and any Euronet Group company, our partners, and our suppliers. We will retain these records in line with our Retention Policy.

8. Data Security

We are committed to maintaining the security of your Personal Data and have measures in place to protect against the loss, misuse, and alteration of the data under our control.

We employ modern and secure techniques to protect our systems from intrusion by unauthorized individuals, and we regularly upgrade our security as better methods become available.

Our data centres and those of our partners utilize state-of-the-art physical security measures to prevent unauthorized access to the facility. In addition, all Personal Data is stored in a secure location behind firewalls and other sophisticated security systems with limited (need-to-know) administrative access.

All epay employees who have access to, or are associated with, the processing of Personal Data are contractually obligated to respect the confidentiality of your data and abide by the privacy standards we have established.

Please be aware that no security measures are perfect or impenetrable. Therefore, although we use industry standard practices to protect your privacy, we cannot (and do not) guarantee the absolute security of Personal Data.

9. Does this Privacy Notice apply to other websites?

No. Our Website may contain links to other Internet websites. By clicking on a third-party advertising banner or certain other links, you will be redirected to such third-party websites.

We are not responsible for the privacy policies of other websites or services. You should make sure that you read and understand any applicable third-party privacy policies, and you should direct any questions or concerns to the relevant third-party administrators or webmasters prior to providing any Personal Data.

10. Direct marketing

With your consent, epay or a epay Company may sometimes contact you (by email, SMS text, letter or phone) in order to provide targeted marketing about our Services or the services of another epay company or Euronet Group company. Such marketing communications will only be sent to you if you gave your consent (when you registered for our Services or at another point) and you have not withdrawn such consent or if there is another legitimate basis to send such communications to you.

All marketing e-mails you receive from us will include specific instructions on how to unsubscribe and you may unsubscribe at any time.

Additionally, you can unsubscribe from marketing by contacting us by a method described in Section 13 of this Privacy Notice.

You should note that we are opposed to third-party spam mail activities and do not participate in such mailings, nor do we release or authorize the use of customer data to third parties for such purposes.

11. What are my data protection rights?

Subject to verification of your identity, you may request access to and have the opportunity to update and amend your Personal Data. You may also exercise any other rights you enjoy under applicable data protection laws. Please use the contact details in Section 13 of this Privacy Notice.

“Data Subjects” have the right to:

  • Request access to any Personal Data we hold about them as well as related data, including the purposes for processing the Personal Data, the recipients, or categories of recipients with whom the Personal Data has been shared, where possible, the period for which the Personal Data will be stored, the source of the Personal Data, and the existence of any automated decision making.
  • Obtain without undue delay the rectification of any inaccurate Personal Data we hold about them;
  • Request that Personal Data held about them is deleted provided the Personal Data is not required by us, a epay Company or the Euronet Group for compliance with a legal obligation under applicable law or for the establishment, exercise or defence of a legal claim;
  • Under certain circumstances, prevent or restrict processing of your Personal Data, except to the extent processing is required for the establishment, exercise or defence of legal claims; and
  • Under certain circumstances, request transfer of Personal Data directly to a third party where this is technically feasible.

Also, where you believe that epay has not complied with its obligations under this Privacy Notice or the applicable law, you have the right to make a complaint to a relevant Data Protection Authority or through the courts. Although not required, we would encourage you to let us know about any complaint you might have, and we will respond in line with our Complaints Procedure (see Section 12 of this Privacy Notice).

12. Privacy-Related Complaints Procedure

Where you believe that we have not complied with our obligations under this Privacy Notice, or the applicable law, you have the right to make a complaint to a Data Protection Authority or through the courts.

Although not required, we would encourage you to let us know about any privacy related complaint you might have, and we will respond in line with our complaints procedure – our contact details are set out below.

Privacy-related complaints or concerns can be lodged with our privacy team in the contact details section at the end of this notice.

Euronet employees are required to direct any privacy-related complaints or concerns to our privacy team.

epay will aim to send an acknowledgement within 10 days of receipt of the complaint/concern.

epay will investigate in accordance with relevant laws and will aim to respond substantively within 28 days of receipt of the complaint/concern.

If further time is required to investigate your complaint/concern, epay will write to you within 28 days of receiving the complaint/concern, informing you of the investigation timeline which will be no longer than an additional two months for the complaint procedure to be concluded.

In the case of a rejection of the complaint, epay will provide you with a written explanation for the rejection.

If the complaint/concern is considered justified, epay will take reasonable steps to try to address the complaint/concern to your reasonable satisfaction.

If you are not satisfied with the reply/outcome, or otherwise with the handling of the complaint, you have the right to lodge a claim before a relevant Data Protection Authority or the competent courts.

For all other complaints or concerns about our Services that are unrelated to privacy, please contact our Customer Service department.

13. Contact Us

If you have any questions or concerns about this Privacy Notice or epay’s data practices, please contact our privacy team:

Europe (EEA) and UK- Data Protection Officer dpo@euroentworldwide.com

Calle Cantabria 2,
2nd floor,
Alcobendas Madrid,
Spain

Asia Privacy Office (APAC)  APAC_DPO@euronetworldwide.com

Rest of the world –  Privacy@euronetworldwide.com