Privacy Notice

Welcome to the ABF Trade Connect (the “Company”) Privacy Notice.

  1. Definitions

    Phrases and words used in this Privacy Notice, that are defined in the Terms and Conditions, have the same meanings as adopted in Terms and Conditions.

    1. Data Protection Legislation shall mean the Protection of Personal Information Act, 2013 (Act No. 4 of 2013) of the Republic of South Africa (“POPIA”), as amended from time to time, together with any other applicable South African legislation relating to the protection of personal information.
    2. Personal Data shall mean any information relating to an identifiable, living natural person, and where applicable, an identifiable existing juristic person (as defined in POPIA), including identifiers such as a name, an identification number, location data, etc.
    3. Cookies shall mean IT data stored in the Users’ end Devices, through which the User uses the Platform. These files allow to recognize the User’s Device and properly display the Website, tailored to individual preferences.
    4. Device shall mean an electronic device with software through which the User gains access to the Platform (User’s end device, e.g. computer, laptop, smartphone, tablet).
  2. General provisions
    1. The Company respects its User’s privacy and is committed to protecting User’s Personal Information. This Privacy Notice will inform you as to how the Company, being a Responsible Party under POPIA, looks after your Personal Information when you visit our Platform or use our services and tell you about your privacy rights and how the normative regulations protect you. The Company gives the User information on how the Company collects and processes Personal Information through the use of the Company’s Platform or services, including any data User may provide through this Platform or in other manner, when signing up to our services. Specific details and information on the processing of Personal Information may also be described in agreements, on Platform and in other documents related to the services of the Company.
    2. The Company ensures, within the framework of Data Protection Legislation, the confidentiality of Personal Information and has implemented appropriate technical and organisational measures to safeguard Personal Information from unauthorized access, unlawful disclosure, accidental loss, modification, destruction or any other unlawful processing.
    3. The Company may use approved Operators (data processors) for processing Personal Information. In such cases, the Company takes necessary steps to ensure that Operators process Personal Information under documented instructions of the Company, in accordance with the required and adequate security measures and otherwise in compliance with Data Protection Legislation.
    4. Providing Personal Information such as name, surname, address, telephone number, e-mail address and presenting documents confirming your personal details is a required condition for gaining Full access to the Platform. If you wish to be a User of our Services you need to be registered as a user of the Platform and give the Company permission to collect and process your Personal Information and agree with the rules of this Privacy Notice. Refusal to provide the Personal Information necessary for performance of services prevents the conclusion of the agreement with the Company.
  3. Processing of personal data, collection of personal data and categories of data subjects
    1. Personal Information may be collected from the User directly, from the User’s use of the Services and from external sources such as public and private registers or other providers of databases (third parties). The Company may also record telephone calls, images and/or audio, save e-mail communication or otherwise document the User’s interaction and communication with the Company.
    2. The Company primarily collects from and processes Personal Information about natural persons who have entered into or wish to enter into an agreement with the Company. The Company also collects and processes Personal Information from User’s legal representatives, shareholders, stakeholders, contact persons, beneficial owners and others.
    3. Categories of personal data. Categories of personal data that the Company collects and processes are for example:
      1. identification data such as – User’s first name and surname, middle name, gender, date of birth, place of birth, personal identity number, place of tax residence, tax ID, information from proof of identity document, copy of an identity document, proof of residence, a photograph of the User’s profile and a video recording of the verification session;
      2. contact data such as – the User’s residence address or address for communication purposes, postal address, country of residence, email address and phone number, language of communication;
      3. financial data such as – monthly salary and other regular or irregular income, financial liabilities, source/origin of income (funds), data about transactions, property, bank account;
      4. occupation (employment) data such as – data about employer / previous employer, occupation, position grade, area of work, working experience, education;
      5. correspondence records such as – the User’s communication with the Company through the communication channels, via email and/or by phone, or other tools which could be introduced, as well as information from surveys and polls;
      6. location data such as – IP address, login place, transaction place;
      7. family data such as marital status, dependants and/or family members;
      8. special category data (only where permitted by law and strictly necessary), including data about criminal convictions or legal capacity (in special cases);
      9. Other data:
        1. risk profiling and classification (risk type, risk class) and other information gained from risk assessment-based activities, data about trustworthiness and due diligence such as payment behaviour, data that enables the Company to perform its due diligence measures regarding money laundering and terrorist financing prevention and to ensure the compliance with international sanctions, including the purpose of the business relationship and whether the User is a politically exposed person, as well as data on origin of assets or wealth such as data regarding the User’s transaction partners and business activities;
        2. voice and/or video recording data such as phone voice recordings;
        3. data concerning the applicability of any sanctions, including data regarding any relevant business dealings or activities, including any adverse media coverage that is available;
        4. data about the participation in companies and other types of legal entities, data about managers and other persons having decisive votes or representatives of the companies using or intending to use the Company’s services, as well as their ultimate beneficiary owners’ information and contact details of the representatives of the companies using or intending to use the Company’s services;
        5. information on the purpose and intended nature of the business relationship, investment objectives;
        6. information on the User’s knowledge and experience in fintech services;
        7. transaction data, including the Users’ transactions, incoming payments, claimed disbursements of money, information regarding the concluded assignment agreements, net annual return, selected currency, available funds, accountancy accounts.
      10. The Company does not process sensitive Personal Information related to User’s health, ethnicity, religious or political beliefs unless required by law or in specific circumstances where, for example, User reveals such data while using the Company’s services.
  4. Legal basis and purposes of processing personal data.

    The Company must have a legal basis for using the User’s Personal Information. The legal bases are one of the following (as applicable under POPIA):

    1. Performance of agreements. The Company must have certain Personal Information to provide the services and it cannot provide them without the User’s Personal Information. The main purpose of the processing of the User’s data by the Company is to document, execute and administer agreements with a User. Examples include, but are not limited to:
      1. to take steps at the request of the Users prior to entering into an agreement, as well as to conclude, execute and terminate an agreement with the User;
      2. to conduct national and international transactions via credit institutions, settlement and payment systems;
      3. for managing User relations, providing and administering access to the services;
      4. to authorize and control access to the services;
      5. to identify the User when accessing the Company’s services.
    2. Legal obligations. In order to fulfil legal obligations under applicable regulations of South Africa, the Company is required to process the User’s data in accordance with regulatory legislation and Data Protection Legislation. Examples include:
      1. before the User may use the services and during the cooperation with the User under the agreement, the Company performs the due diligence of the User, to check and verify the User’s identity and to keep the User’s data updated and correct by verifying and enriching data through external and internal registers (KYC/AML needs);
      2. to prevent, discover, investigate and report money laundering, terrorist financing, violation of sanctions;
      3. to comply with rules and regulations related to accounting, tax information exchange and risk management;
      4. to comply with regulations governing financial services.
    3. The Company sometimes collects and uses the User’s Personal Information, or shares it with other organisations, because the Company has a legitimate reason to use it and this is reasonable when balanced against the User’s right to privacy. Examples include:
      1. to provide to the User additional services;
      2. to develop, examine and improve the Company’s business, the services and the User experience by performing surveys, analyses, and/ or statistics;
      3. to organize campaigns for the User;
      4. to protect the interests of the User and/or the Company or its employees;
      5. to manage the relationships with the User;
      6. to prevent, limit and investigate any misuse or unlawful use or disturbance of the services;
      7. to ensure adequate provisions of the services, the safety of information within the services, as well as to improve, develop and maintain technical systems and IT infrastructure;
      8. to establish, exercise and defend legal claims and to handle complaints;
      9. to send verification reminders to Users, who have not completed the verification process.
    4. Consent. Personal Information may be processed for other purposes, indicated in the content of the consent granted. If the User signs up to the Company services, and where allowed by law, the Company may contact the User via post, email and SMS text message with information about Company products, services, offers and promotions. The Company may use the Personal Information the Company has collected about the User in order to tailor the Company’s offers to User. With regard to data processed on the basis of consent, the User has the right to withdraw consent given at any time. Withdrawal of consent does not affect the lawfulness of the processing that took place before withdrawal of consent. The User can adjust his/her preferences or inform the Company if the User doesn't want to receive any information regarding service, offer and promotions from the Company, at any time. Just use the privacy settings in User’s profile or click on the unsubscribe links on any marketing message the Company sends the User. The Company will not pass the User’s details on to any organisations outside the Company for their marketing purposes without the User’s permission.
  5. Ways of obtaining personas data (collection).

    The Company usually obtains Personal Information directly from User, for example, in the cases, when:

    1. User fills in applications and other forms to apply for services;
    2. User submits certain documents to the Company;
    3. User contacts the Company via telephone (the Company will inform you if the respective telephone call will be recorded);
    4. User uses the Company’s Platform or services;
    5. User participates in advertising campaigns or surveys organised by the Company.
    6. performing an obligation arising from regulations such as that the Company may be required to report to authorities, such as tax authorities, courts, law enforcement agencies including details of income, credit commitments, property holdings, remarks, and debt balances.
  6. Transfer of information to third parties.
    1. The Company may share the User’s data with recipients such as authorities, suppliers, payment service providers and business partners. The Company will not disclose more of the User’s Personal Information than is necessary for the purpose of disclosure and with respect to data protection regulation.
    2. Recipients may process the User Personal Information acting as Operators (data processors) and/or as Responsible Parties (data controllers). When a recipient is processing the User’s Personal Information on its own behalf as a Responsible Party, the recipient is responsible for providing information on such processing of the User’s Personal Information. The Company undertakes to guarantee appropriate technical and organizational security measures to ensure that the Operator upholds security standards that are not lower than the security standards set by the Company.
    3. The Company discloses personal data to recipients such as:
      1. authorities, such as law enforcement agencies, bailiffs, notaries, tax authorities, supervisory authorities
      2. credit and financial institutions, correspondent banks, custodian banks, insurance providers and intermediaries of services, third parties participating in the trade execution, settlement and reporting cycle;
      3. financial and legal consultants, auditors or any other data processors of the Company, insofar as such information is necessary for the performance of functions delegated to them;
      4. providers of databases and registers, according to the normative regulation.
  7. Profiling and automated decision making
    1. The Company may use Users’ Personal Information for automated processing in order to, inter alia, offer services that meet User needs, to prevent money laundering, to set prices for financial services, to detect fraud and the risk of fraud, to assess User’s ability to meet obligations, and for marketing purposes.
    2. The Company uses information technology to make automated decisions based on the data about User’s availability to the Company. The Company can use automated decision-making, for example, to prevent fraud. Automated decision-making helps the Company to ensure fast, objective and efficient decision making based on the information at its disposal. Where such automated decision-making produces legal effects concerning the User or similarly significantly affects the User, the Company will implement safeguards required by POPIA.
  8. Geographical area of Processing.

    The User’s Personal Information may be processed or transferred outside South Africa. The main points of processing Personal Information outside South Africa are:

    1. a legal basis and appropriate safeguards are in place in accordance with section 72 of POPIA. Appropriate safeguards may include binding agreements imposing adequate protection, or other mechanisms recognized by POPIA; or
    2. the User has consented to such transfer; or
    3. the recipient is subject to a law, binding corporate rules or agreements providing an adequate level of protection. Upon request, the User can receive further details on Personal Information transfers to other countries.
  9. Retention period
    1. Personal Information will not be retained longer than necessary for the purposes for which the Personal Information is processed or required by Data Protection Legislation and other applicable South African laws. For example, after the contractual relationship has expired, the Company will process Personal Information for the establishment, exercise or defence of legal claims. Personal Information is also retained for pursuing the Company’s legitimate interest. Data retention requirements in regulatory legislation may be subject to national law and therefore may differ depending on context. In the case of consent, Personal Information may be retained until implementation of the purpose of consent or its revocation, whichever occurs first.
  10. Rights as a data subject
    1. The User has rights as a data subject in regard to the Company’s processing of Personal Information under Data Protection Legislation. Such rights are, in general:
      1. to require the User’s Personal Information to be corrected if it is inadequate, incomplete or incorrect;
      2. to object to processing of the User’s Personal Information, such as for direct marketing purposes;
      3. to require the erasure or destruction of the User’s Personal Information (where applicable under POPIA);
      4. to restrict the processing of the User’s Personal Information, e.g. where the accuracy of the Personal Information is contested by the data subject;
      5. to receive information if the User’s Personal Information is being processed by the Company and if so then to access it;
      6. to receive the Personal Information that is provided by the User and, where feasible and lawful, transmit such data to another service provider (data portability, where applicable);
      7. to withdraw consent to process the User’s Personal Information;
      8. to request not to be subject to fully automated decision-making, including profiling, if such decision-making has legal effects or similarly significantly affects the User, unless permitted by POPIA or necessary for entering into/performing an agreement, or based on the User’s explicit consent.
  11. Complaint

    As a User you can lodge complaints pertaining to the Company’s processing of Personal Information if you consider that processing infringes on your rights and interests under Data Protection Legislation. A complaint regarding the processing of Personal Information can be submitted to the Information Regulator (South Africa).
    Website: https://www.justice.gov.za/inforeg/
    Email: complaints.IR@justice.gov.za

  12. Cookies
    1. Platform uses information saved using Cookies. Platform uses the following cookies:
      1. Necessary – necessary for the proper functioning of the Platform. Service cookies, which are necessary to use the Platform, are automatically installed on the User's device. Their use is necessary to provide the service (data transmission to display the content). The User is not able to opt out of these Cookies if he wants to use the Platform.
      2. Statistical/analytical – they allow to study traffic on the Website, learn about Users' preferences, analyse their behaviour on the Platform. Analytical cookies are not installed automatically. The User may grant permission for the installation of analytical Cookies by expressing consent when opening the Platform. After giving consent, analytical cookies are installed accordingly with the settings of the browser used by the User. These files are stored by the Company from 1 day to a maximum of 2 years.
    2. Platform automatically collects only information contained in Cookies; mechanisms for storing and reading cookies do not allow downloading any Personal Information or any confidential information from the User's Device. Cookies used by the Company are safe for Users' Devices.
    3. Purposes for which Cookies are used:
      • to ensure the proper functioning of the Platform's functionality;
      • to collect and process statistical data, such as visit statistics, User Device statistics or User behaviour statistics,
      • for the purpose of analysing and improving Platform, including the preparation of statistics to help learn about Users' preferences and behaviour; the analysis of these statistics is anonymous and allows you to adjust the content and appearance of Platform to the prevailing trends, the statistics are also used to assess Platform’s popularity;
      • Platform uses Google Analytics. Google Analytics cookies are files used by Google to create statistics and reports on the functioning of the Platform, in order to analyse how the User uses the Platform. Google does not use the collected data to identify the User nor does it combine this information to enable identification.
    4. By default, most web browsers available on the market accept saving Cookies on the Device. The User may at any time, independently, change the settings of his web browser regarding the saving, deletion and access to data stored in Cookies, in particular, he/she/it may block the use of Cookies or each time obtain information about their placement on his Device; other available options can be checked in the settings of your web browser. Information on web browser settings is available in its menu (help) or on its manufacturer's website.
    5. Limiting the storage and access to cookies on the User's Device may cause some functions of the Platform to malfunction or limit access to them. The Company bears no responsibility for improper functioning of the Platform's functions if the User restricts in any way the ability to save and read Cookies.
  13. Contact details
    1. User may contact the Company with enquiries, requests for register extracts, withdrawal of consent or to exercise other data subject rights, including complaints regarding the processing of your Personal Information.
    2. For personal offers and marketing-based profiling, which is done according to the Company’s legitimate interest, the Company enables choices and the usage of a convenient tool for you to manage privacy settings.
    3. User may change certain information, approvals and choices in the User cabinet. Contact details of the Company: email: support@abfswap.com
Download PDF
Log In Get Started
CryptoProcessingAffiliate programAbout usBlog
Help
Full Setup GuideFAQSupport teamContact Us