The VeraCash service cares about protecting your personal data and is committed to providing you with the best level of protection, in accordance with the European Data Protection Regulation.
Charter for the Protection of Users’ Personal Data
1. Definition and Nature of Personal Data
When you use the websites www.veracash.fr, www.veracash.com and www.veracarte.com (hereinafter referred to as the “Websites”), we may need to ask you for personal information about yourself and/or a minor under your care, so that we can tailor our management methods to you. Depending on the forms you complete and the data we collect from you, you will need to give us your consent.
The term, “personal data,” refers to any identifying data, such as your name, public ID, mailing and email addresses, phone number(s), date of birth, data related to your transactions on the Websites, details of your purchases, and any other information about yourself that you may choose to communicate to us. In the case of a dependent minor, “personal data” will also include any data that you may communicate to us about him/her, namely including his/her name, public ID, email address and date of birth.
2. Object of This Charter
The purpose of this charter is to inform you of the means we use to collect your personal data, in strict accordance with your rights. On this subject, we would like to note that, in our collection and management of your personal data, we comply with the European General Data Protection Regulation, which came into effect on May 25, 2018.
3. Identity of the Data Controller
The party responsible for collecting and processing your personal data is VeraCash, a simplified corporation registered with the Bordeaux Trade & Companies Register (RCS) under number 808 689 657 and headquartered at 42 rue Tauzia, 33800 Bordeaux, France (referred to herein as “we,” “us,” etc.).
4. Personal Data Collection
Your personal data are collected for one or more of the following purposes:
(i) To manage your access to and use of certain services made available to you via the Websites;
(ii) To verify your identity;
(iii) To carry out account management operations related to contracts, orders, invoices, customer loyalty programs and customer relations;
(iv) To provide you with a prepaid card via our e-banking partner, Prepaid Financial Services Ltd., of which we are an agent;
(v) To provide you with an IBAN account via our e-banking partner, Prepaid Financial Services Ltd., of which we are an agent;
(vi) To create a record of registered members, users, and existing and prospective customers;
(vii) To send out newsletters, special offers and promotional messages. If you do not wish to receive these, you have the option of opting out at the time of data collection;
(viii) To produce business statistics and statistics on the use of our services;
(ix) To organize contests, lotteries and any other promotional operations, with the exception of the online gambling and games of chance that are subject to the approval of the French online gaming authority (ARJEL);
(x) To manage people’s reviews of our products, services and content;
(xi) To manage late payments and any disputes related to the use of our products and services; and
(xii) To comply with our legal and regulatory obligations, in the interest of preventing fraud, money-laundering, terrorist financing and abuse of our services.
When we collect your personal data, you are informed of which information is required and which is optional. We also indicate any consequences of failing to provide an answer to certain questions.
5. Data Recipients
Only the personnel at our company, our auditing services (namely, our statutory auditors) and our subcontractors will have access to your personal data. Other potential recipients of your personal data are public authorities (exclusively in order to meet our legal obligations), representatives of the law, ministerial officials and collections agencies.
6. Personal Data Transfers
Your personal data will not be sold, leased, exchanged or otherwise transferred to any third party.
7. Personal Data Retention Period
(i) Concerning data related to the management of existing and prospective customers:
Your personal data will not be retained beyond the time that is strictly necessary for the management of our business relationship with you. However, data that constitute proof of a right or a contract, which must be retained as per a legal obligation, will be kept for the period of time stipulated by current French law.
With regard to any customer prospecting operations, those customers’ data may be retained for up to three years from the end of the business relationship. The personal data of a prospect who does not become a customer may be kept for up to three years from the time of their collection or of the last contact initiated by the prospect. At the end of that three-year period, we may reach out to you again to ask if you want to continue to receive special offers from us.
(ii) Concerning data related to prepaid cards and their activation, IBAN accounts and the associated financial transactions:
The provision of a prepaid card and an IBAN account via the Websites is managed by our e-banking partner, Prepaid Financial Services Ltd (of which we are an agent), which is responsible for their management and security. For the needs of the services, this partner will receive your personal data – your name, mailing address, date of birth, identification documents, proof of address, telephone number(s), telephone recordings from the voice server, and transactional information – which it will gather and store in your name and on our behalf.
(iii) Concerning documents transmitted to us:
Within the framework of the exercise of data subjects’ right to access and/or rectify their data, the data related to identification documents may be retained for the period of time stipulated in Article 9 of the French Code of Criminal Procedure, i.e. for one year. If the data subject chooses to exercise his/her right to object, those data may be archived for the duration of the statute of limitations stipulated in Article 8 of the aforementioned code, i.e. for three years.
(iv) Concerning data related to bank cards:
The financial transactions related to payments for purchases and fees, made via the Websites, are entrusted to a payment service provider, which is responsible for their execution and their security. For the needs of the services, this payment service provider may receive personal data related to your bank card number(s), which it will gather and store in our name and on our behalf. We do not have access to those data.
So that you can make purchases and pay the associated fees on the Websites, your bank card data will be retained for the duration of your registration on the Websites and, at the very least, until the time of your final transaction. By checking the box provided expressly for this purpose on the Websites, you are giving your express consent to that data storage. If you refuse to have the personal data related to your bank card number(s) stored under the conditions stated above, we will not retain them for longer than the time needed to perform the transaction.
In any case, transactional data may be retained in intermediate archives, for the purpose of proof in the event of any dispute of the transaction and for the period of time stipulated in Article L 133-24 of the French Monetary and Financial Code, in this case 13 months from the date of the debit. This period may be extended to 15 months, in order to account for the possibility of using deferred debit cards.
(v) Concerning the management of unsolicited advertising mail opt-out lists:
The information needed to handle your right to object is retained for at least three years from the date of exercise of said right.
(vi) Concerning audience metrics:
The information stored on users’ computers and devices, and any other elements used to identify and trace users and their visits to the Websites, are not retained for more than six months.
We take every necessary precaution, as well as appropriate organizational and technical measures, to protect the security, integrity and confidentiality of your personal data and, in particular, to prevent them from being altered, damaged or accessed by an unauthorized third party.
9. Cookies and IP Addresses
For technical considerations, namely to facilitate browsing on the Websites and to offer a better user experience there, cookies may be installed on users’ hard drives. Cookies are text files – often encrypted – that are stored in your browser. They are created when a user’s browser loads a given website: the site sends information to the browser, which then generates a text file. Every time the user returns to that website, the browser retrieves the file and sends it to the site’s server.
There are two different types of cookies (each with different purposes), technical cookies and advertising cookies:
We use technical cookies. They are stored in your browser for a period of six months.
We do not use advertising cookies. However, if we should decide to use them in the future, we will inform you in advance, and you will then have the option to disable those cookies.
We use a statistical audience analysis tool, which generates a cookie that records the number of visitors to the Websites, the number of pages viewed and the activity of those visitors. Those cookies’ storage period is limited to six months. We also collect your IP address, to identify the city from which you are connecting to the Websites. As a reminder, you can block the installation of cookies in your browser’s settings. This could, however, prevent the Websites from functioning normally.
You have the right to block cookies, which you can do by following the procedure indicated by your browser (typically accessible from “Tools” or “Settings” tabs/menus). Nevertheless, as a result, your use of the Websites could be altered, or even become impossible.
For the purpose of protecting access to the Websites, the Company reserves the right to record your IP address when you use the Websites and the associated services.
When you choose to communicate your personal data, or those of a dependent minor (as a reminder, children need special protection when it comes to their personal data, because they may be less well-informed about the risks, consequences and security mechanisms involved, and of their rights regarding the processing of their data in conjunction with our services), you are expressly consenting to the collection and use of those data, as set out in this chart and in accordance with current French legislation.
11. Your Rights regarding Your Personal Data
Pursuant to the Data Protection Regulation that came into effect on May 25, 2018, you have the right to demand access and, if applicable, the rectification, deletion and portability of your data, on the sole condition that your request is compliant with our legal obligations. To do so, you can write to us at:
As a reminder, anyone may, for legitimate reasons, object to the processing of his/her personal data.
We reserve the right to modify this charter at any time, in whole or in part, and at our sole discretion. Those changes will come into effect upon publication of the new charter. After those changes come into effect, your use of the Websites will constitute your acknowledgment and acceptance of the new charter. Otherwise, if you do not agree to the new charter, you must no longer access the Websites..
This charter came into effect on August 10, 2018.