This privacy notice provides you with details of how we collect and process your personal data through your use of our site https://getbueno.com. The Privacy Statement is effective from March 2021.
Our details are: Bueno Europe Ltd, Company number 12724177, Blackthorn House, Suite 2A, St Pauls Square, Birmingham B3 1RL, United Kingdom and Bueno Group AS, Company number 925 905 291, Vestre Skostredet 2, 5017 Bergen, Norway.
We comply with the EU General Data Protection Regulation (GDPR) and the Data Protection Act 2018, as well as the Privacy and Electronic Communications (EC Directive) Regulations 2003, the Data Protection and Privacy legislation.
By providing us with your data, you warrant to us that you are over 18 years of age. Bueno is the data controller and we are responsible for your personal data (referred to as “we”, “us” or “our” in this privacy notice).
If you do not agree with this Privacy Statement, you should not open and/or operate an account with Bueno.
In order to offer our service which is to operate, maintain and support the Bueno current account we need to collect various personal data:
When you open and use our account you enter into a contract with us to provide our services. We will collect personal information like your name, address, date of birth and details of your identification document (e.g. passport).
We are legally obliged to process your personal data for the prevention of fraud and to offer strong customer security. It is also required to meet Anti Money Laundering legislation.
To offer detailed insight into your financials and to offer smart account services we store details of any transactions (including any purchases of goods or services and other payments to and from your account) such as the amount, date and currency of a purchase and the supplier category (such as petrol station, supermarket or medical services). Upon approval from you we can also get financial details (balances and transactions) of your linked accounts from external providers.
When you visit our website(s) or use any of our Apps we collect your IP address and other information such as the domain and host from which you access the internet, the browser and browser version, the operating system, and type of device. We do so in order to administer our services and optimise our websites and Apps for you and to diagnose problems with our website(s) or Apps. We also use the information to assist in the fight against fraudulent or malevolent use of the Bueno account and to ensure a better user experience. We may also employ location services to determine your approximate location for validation purposes.
Protecting and managing your personal data
All information you provide to us is stored on secure cloud servers within the European Economic Area (EEA). Any transmission of information to our partners (including information to facilitate payments) are encrypted using TLS technology, the current standard in secure communications over the Internet.
We will take appropriate steps to protect data stored or transmitted against accidental or unlawful destruction, accidental loss or alteration, and unauthorised or unlawful storage, processing, access or disclosure.
Our employees are trained in applicable Data Protection and Privacy legislation and will act with due care and diligence when handling personal data.
Third parties and your data
Your personal data may be transferred to contracted third party financial partners, e.g. banks and other financial firms external to us for the purposes of providing our financial services to you.
If you are contracting with our non-financial partners, we will share the required personal details enabling you to become a customer with the partner.
Contracted third parties are obliged to ensure that your personal data is securely managed at all times and will only use this data in line with our specific instructions.
We and our contracted third parties may share your personal information with financial authorities to prevent money laundering, terrorism and fraud in order to meet legal obligations.
Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria. We will only transfer your personal data to countries that the European Commission have approved as providing an adequate level of protection for personal data.
Your personal data rights
Under the General Data Protection Regulation 2018 you have rights in relation to your personal data that include the right to request access, correction, erasure, restriction, transfer, to object to processing, to portability of data and (where the lawful ground of processing is consent) to withdraw consent.
In some countries, there are dedicated entities which monitor compliance with data protection regulations. If you believe your rights have been infringed and your country gives you the option, you may file a complaint with the appropriate entities.
To exercise any of your legal rights, you can email us at email@example.com
We must comply with a number of statutory and regulatory requirements in relation to the retention of data. We have the obligation to store your data and transactions for 10 year following the closure of your account with us, or 10 years from the date of the last transaction, whichever is the later. This to fulfil our legal responsibility relating to prevention, detection and investigation of money laundering and financing of terrorist organisations. Once the 10-year period is over, we will delete the information from our database.
Changes to this Privacy Statement