Privacy Policy

Monyx

PRIVACY POLICY

Recently updated: July 2020

Welcome to “Monyx vending machine app”, operated by Monyx Wallet Ltd. and any of its subsidiaries or parent company (“MONYX”, “Company”, or “us”). MONYX is committed to your right to privacy. This Privacy Policy (the “Privacy Policy”) is an integral part of our Terms and Conditions, which can be found at: http://www.monyx.com/index.php/privacy-policy and governs the processing and transfer of data collected in connection with the Monyx website, Application and/or the Services offered by MONYX through the Application, to each person (the “User” or “you”) accessing or using the Application and Services.

This Privacy Policy explains what information we may collect, how such information may be used or shared with others, how we safeguard it and how Users may exercise their rights related to their Personal Data (as such term is defined below), among others, according to the EU General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”), where applicable.

If you choose to install, use, interact with, register or provide data to us or through the Application and/or Services you explicitly agree to the use of such data in accordance with this Privacy Policy. You may not use the Application and/or Services or submit any data through the Application and/or Services if you do not agree to any of the provisions hereunder. This Privacy Policy shall not be construed in any manner to derogate from the Terms and Conditions or any other agreement made by and between MONYX and you. Any terms used herein and not defined shall have the meaning ascribed to them in the Terms and Conditions.

THE HIGHLIGHTS:

  • You are not required by law to provide us with any Personal Data. Sharing Personal Data with us is entirely voluntary.
  • Our Services are intended for Users over the age of 13 or equivalent minimum age for providing consent to processing of Personal Data in the relevant jurisdiction. Children under such age are not permitted to register to or use the Services. If you are under such age you should cease to use the Services immediately.
  • You may be entitled to request to review, amend, erase or restrict the processing of your Personal Data, pursuant to applicable law. Please note that in case you request to erase or restrict the processing of your Personal Data, your use of the Services may be restricted. You may be entitled to exercise additional rights under the CCPA, please refer to our User Rights Policy.
  • We do not sell, trade, or rent Users’ Personal Data to third parties. We only share Personal Data with third parties in connection with the provision of the Services to our Users, or other limited circumstances specified herein.
  • If you have any questions or requests regarding the processing of your Personal Data, or would otherwise like to contact us in connection with this Privacy Policy, please send us an email to: privacy@nayax.com.  
  1. 1. What is Personal Data, and what data is collected about me by MONYX?

    Personal Data” or “Personal Information” (will be referred together as “Personal Data”), means any information which identifies or can be used to identify a natural person, including, but not limited to, first and last name, phone number, email address, online identifiers, IP address, billing information (such as credit card number), information concerning households, devices etc.

    Non-Personal Data”, means non-identifiable aggregated data, such as technical data transmitted by the user’s device and aggregated use of the website of the Application. This data is not used to identify individuals.

    Personal Data is only used for limited purposes, as specified below.

    Type of user and type of Data Purposes of Processing For EU persons – Legal Basis under the GDPR
    User’s registration to the Services

    In order to use the Services, you will need to download the Application and you will be asked to create an account and provide us with Personal Data, such as your name, email address, phone number and your Payment Method details, such as the details of your credit card or debit card (the “Account”).

    This information is provided by you when registering the Services and creating an account to use the Services.

    –    To onboard a user to our Services and sign-up registration.

    –    To provide the Services to our Users;

    –    To resolve any disputes, communicate with you regarding customer service and support issues, and to respond to questions or comments and help resolve any problems.

    –    To provide updates with respect to material changes to this Privacy Policy or our Terms and Conditions.

    To improve the Services, and to develop new features, products and services.

    1.    Necessity of processing for the purposes of the legitimate interests of MONYX.

    2.    To perform the contract which the User is a party.

    3.     In order to take steps at the request of the User prior to entering into a contract.

    4.    To fulfil our legal obligation.

    User’s user of the Services

    When you purchase through the Merchant’s Machines via the Services, we collect certain data regarding your purchase, such as the Merchant you purchased from, the products purchased, your shopping history, total payment amount, and the geographical location when using the Services. Please note, that we will collect your precise location only to the extent you provided your permission to access your phone’s GPS data.

    Please note, that if you are an employee using the Services in connection with your workplace (e.g., if your employer provided you with a pre-paid card to buy at the Machines), we may also receive additional contact information regarding you and your workplace, through your employer, such details may include your balance on your pre-paid card and your employer name.

    We collect this information automatically from the Application and/or the Merchant you purchased from.

    –    To provide the Services to our Users.

    –    To resolve any disputes, communicate with you regarding customer service and support issues, and to respond to questions or comments and help resolve any problems.

    –    To improve your experience with respect to the Services and customize our Services to your interests.

    –    To develop new features, products and services

     

     

    1.    Necessity of processing for the purposes of the legitimate interests of MONYX.

    2.    To perform the contract which the User is a party.

    3.     In order to take steps at the request of the User prior to entering into a contract.

    4.    To fulfil our legal obligation.

    –          Technical Information and Online Identifiers

    We collect technical information transmitted by your device when using the Services. Such information includes type of operating system, type of the device used to access the Services, date and time stamp, language preference, device ID, IP address, advertising ID (android), IDFA (apple advertising ID) and user’s actions within the Services. This information is collected automatically via your use of the Services.

    –    To identify authorized users of Customer.

    –    To access and use the Services.

    –    To resolve any disputes, communicate with you regarding customer service and support issues, and to respond to questions or comments and help resolve any problems.

    –    To improve the Services, and to develop new features, products and services.

    1.       Necessity of processing for the purposes of the legitimate interests of MONYX.

    2.       To perform the contract which the Customer is a party.

    –          Contact us

    When you submit a customer-service request or using the “contact us” feature through our website, you may be asked to provide personal information depending on the activity or request. For example, by placing a message in the “contact us” form we will collect your full name, email, mobile number, country, company, and the content of your message.

    –    To answer your queries and provide you with the services you requested from us.

    –    To improve the Services, and to develop new features, products and services.

    1.       Necessity of processing for the purposes of the legitimate interests of MONYX.

    2.       To perform a contract we may have with you.

    3.       To fulfil our legal obligation.

  2. We do not knowingly collect or process any Personal Data included in Special Categories of Personal Data (as defined in the GDPR). In the event you become aware that such data has been collected by us, please inform us immediately.

    In addition, we may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts and any other misuse of the website or the Services and to enforce the Terms and Conditions, as well as to protect the security or integrity of our databases, website and the Services, and to take precautions against legal liability. Additionally, we may also use Personal Data to comply with any applicable law and assist law enforcement agencies and competent authorities, when we have a good faith belief that our cooperation with them meets the applicable legal standards. All the above processing is based on out legitimate interests or legal requirements.

    Non-Personal Data, aggregate and statistical or otherwise anonymized data may be shared without limitation with third parties at our discretion. This information does not contain Personal Data and is used to develop content and services for our Users.

    2. Will MONYX Share my Personal Data?

    2.1 Non-Personal Data, aggregate and statistical or otherwise anonymized data may be shared without limitation with third parties at our discretion.

    2.2 We share Personal Data only under the following limited circumstances:

    2.2.1 With the Merchants you purchase from by using the Services in order to execute transactions. The privacy and security practices of the Merchants are not covered by this Privacy Policy, and MONYX accepts no responsibility or liability for the privacy or security practices or the content of such applications.

    2.2.2 With third parties who assist us in operating the Services, conducting our business, expanding our business or servicing you, and for personalizing your experience of the Services, such as payment providers who process your Payment Method, clearance services, and, if applicable, your employer.

    2.2.3 With our affiliates and connected companies, such as subsidiaries.

    2.2.4 In the event of a corporate transaction (e.g., sale of a substantial part of our business, merger, consolidation or asset sale). In such case, our affiliated companies or acquiring company will assume the rights and obligations as described in this Privacy Policy

    2.2.5 To comply with a legal requirement, for the administration of justice, to protect your vital interests or the vital interests of others, to protect the security or integrity of our databases or the Services, to take precautions against legal liability, or in the event of a corporate sale, merger, reorganization, dissolution or similar event.

  3. 3. Will MONYX transfer my Personal Data internationally?

    MONYX is a global company with offices all over the world. Our databases are located currently in Germany, Israel and in the US. Some of our processing activities are made in Israel. The European Commission has decided that Israel ensures an adequate level of privacy and data protection, therefore, in accordance with the GDPR, the transfer of Personal Data to Israel is lawful and does not require any specific authorization. Any future transfer of Personal Data outside the EU to a third country (other than Israel) shall be made in accordance with applicable law, including by providing adequate protections, or otherwise implementing appropriate safeguards to ensure the protection of our Users’ rights.

  4. 4. Users rights with respect to Personal Data

    Subject to applicable law requirements, we will provide individuals (i.e., Users) with the opportunity to exercise their rights regarding their Personal Data. Individuals’ principal rights under data protection and privacy laws may include (you may have some or all of these rights depending on your jurisdiction):

    • the right to confirm whether or not we process your Personal Data;
    • the right to access your Personal Data and being provided with a copy of the Personal Data that we hold.
    • the right to rectification of your Personal Data;
    • the right to erasure of your Personal Data.
    • the right to restrict processing of your Personal Data.
    • the right to object to processing of your Personal Data;
    • the right to data portability.
    • the right to complain to a supervisory authority (in the event that you are a European Economic Area (“EEA”) resident); and
    • the right to withdraw consent.

    Please review our Privacy Users Rights Policy regarding your rights under applicable law.

    You may exercise any or all of your above rights in relation to your Personal Data by filling out the Data Subject Request Form (“DSR”) and send it to our privacy team at: privacy@nayax.com .

    Please note that

    • We may request additional information from you when you contact us with a DSR in order to: (i) verify your identity; (ii) determine the applicable laws apply to you; (iii) and locate your data.
    • It may take time to process requests in a way that is consistent with applicable privacy law.
  5. 5. Will I receive SPAM from MONYX?

  6. 6. We may send users of the Services, which have agreed to receive such communications, with information on new products, features, activities, services and periodic announcements or newsletters (“Marketing Materials”). We will not send Marketing Materials to you unless you have approved the receipt of such materials, by subscribing to our newsletter and Marketing Materials on the Application or otherwise. In case you have agreed to receive Marketing Materials and wish to rescind your consent, you may do so at any time by clicking “Unsubscribe” on the relevant communication or by contacting us at support@monyx.com.

  7. 7. Persons under 13

    Our Service is a general audience Service which is not directed to persons under 13 years old or equivalent minimum age for providing consent to processing of Personal Data in the relevant jurisdiction. If a parent or guardian becomes aware that his or her child has provided us with Personal Data without their consent, he or she should contact us immediately. We do not knowingly collect or solicit Personal Data from people under 13 years old. If we become aware that a person under 13 years old has provided us with Personal Data, we will delete such data from our databases.

  8. 8. How does MONYX protect your data?

    We implement measures to reduce the risks of damage, loss of information and unauthorized access or use of information in accordance with the applicable law. In particular, your payment information is secured in accordance with the PCI-DSS standard. However, these measures are unable to provide absolute information security. Therefore, although efforts are made to secure your personal information, it is not guaranteed and you cannot reasonably expect that the Service and its related databases will be immune from any wrongdoings, malfunctions, unauthorized interceptions or access, or other kinds of abuse and misuse.

  9. 9. Data Retention

    Unless you instruct us otherwise and subject to applicable laws, we retain the information we collect for as long as needed to provide our services and to comply with our legal obligations, resolve disputes and enforce our agreements if applicable.

  10. 10. Questions or concerns regarding privacy

    If you have any questions or concerns regarding privacy issues, please send us a detailed message to: privacy@nayax.com and we will make every effort to resolve your concerns without delay.

    MONYX may, at any time and from time to time, modify this Privacy Policy. Modifications to this Privacy Policy will be posted on the Application, and shall be effective as of the date in which they are posted on the Application.

  11. 11. PRIVACY NOTICE FOR CALIFORNIA RESIDENTS UNDER THE CALIFORNIA CONSUMER PRIVACY ACT

    This section for California Residents under the California Consumer Privacy Act of 2018 (respectively,  “Privacy Notice” and “CCPA”) supplements the information contained in our general Privacy Notice and applies solely to all visitors, users, and others who reside in the State of California (“consumers” or “you”), as defined under the CCPA. Any terms defined in the CCPA have the same meaning when used in this Privacy Policy. Further, this Privacy Notice is an integral part of our Privacy Policy and thus, definitions used herein but not defined herein shall have the meaning ascribed to them in our Privacy Policy.

    As required under the CCPA, we will update this Privacy Notice every 12 months. The last revision date will be reflected in the “Recently Updated” heading located at the top of the Privacy Policy.

    types of PERSONAL information we COLLECT

    Under the CCPA, “Personal Information” is defined as any information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household or device. The categories of Personal Information that we collect (and has collected within the last 12 months), are detailed in the table below.

    Please note that, under the CCPA Personal Information does not include: publicly available information from government records and de-identified or aggregated consumer information, information excluded from the CCPA’s scope (e.g., health or medical information covered by applicable laws such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA)); and information covered by certain sector-specific privacy laws (e.g., the California Financial Information Privacy Act (FIPA)).

    Category Examples Collected

     

    A. Identifiers. A real name, unique personal identifier, online identifier, Internet Protocol address, email address, or other similar identifiers. Yes

     

    B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). A name, address, telephone number, employment, credit card number, debit card number, or any other financial information.

    Some personal information included in this category may overlap with other categories.

    Yes

     

    C. Protected classification characteristics under California or federal law. No

     

    D. Commercial information. Records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. Yes

     

    E. Biometric information. No

     

    F. Internet or other similar network activity. Information on a consumer’s interaction with a website, and application. Yes

     

    G. Geolocation data. Physical location or movements. Yes

     

    H. Sensory data. No

     

    I. Professional or employment-related information. Current or past job history. Yes

     

    J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). No

     

    K. Inferences drawn from other personal information. No

     

HOW WE COLLECT INFORMATION

Depending on the nature of your interaction with us, we may collect the above detailed information from you, as follows: (i) directly from you, for example, when a User subscribe to our Services he will fill his/her Personal Information as part of the onboarding process; (ii) automatically when you use the Services; (iii) from third-party business partners such as analytics providers.

USE OF PERSONAL INFORMATION

We may use, or disclose the Personal Information we collect for one or more of the following business purposes:

  • To fulfill or meet the reason you provided the information. For example, if you contact us with an inquiry and share your name and contact information, we will use that Personal Information to respond to your inquiry.
  • To provide, support, personalize, and develop our website and Services, as well as improve our Services.
  • For security and fraud detection purposes, and to maintain the safety, security, and integrity of our website and Services.
  • For testing, research, analysis, and product development, including to develop and improve our website and Services.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • As described to you when collecting your Personal Information or as otherwise set forth in the CCPA.
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding.

We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

 

SHARING AND SELLING DATA

We may disclose your Personal Information to a third party for a business purpose. When we disclose Personal Information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except performing the contract.

We share your Personal Information with the following categories of third parties:

  1. We share your Personal Information with our service providers (such as: AWS our cloud storage services processor of Payment Methods)
  2. We share your Personal Information data aggregators (such as: Google Analytics)
  3. We share your Personal Information with Merchants (when you purchase through their vending machines and pay by the Services).

DISCLOSURES OF PERSONAL INFORMATION FOR A BUSINESS PURPOSE OR FOR SELLING PURPOSES

In the preceding twelve (12) months, the Company has disclosed the following categories of Personal Information for a business purpose:

Category A: Identifiers.

Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

category D: Commercial information:

Category F: Internet or other similar network activity.

Category G: Geolocation data.

SALES OF PERSONAL INFORMATION

In the preceding twelve (12) months Company has not sold Personal Information (“selling” under CCPA relates to any disclosure, transfer, and selling of Personal Information for monetary or other valuable consideration).

YOUR RIGHTS REGARDING YOUR PERSONAL INFORMATION

The CCPA provides consumers with specific rights regarding their Personal Information. Please review our User Rights Policy  regarding your rights under applicable law.

You may exercise any or all of your above rights in relation to your Personal Information by filling out the DSR Form and send it to our privacy team at: privacy@nayax.com.

CONTACT US

If you have any questions about this Privacy Policy, you may contact us as follows:

By sending our privacy team email at: privacy@nayax.com

By regular mail at:

Monyx vending machine app” Wallet Ltd.

Address: 3 Gressenham Court, Aran Dr, Stanmore, HA7 4LZ, United Kingdom.

Previous version of Privacy Policy – May 2018

Previous version of Privacy Policy – July  2020