Privacy Policy

Monyx Wallet App

PRIVACY POLICY

[Recently updated – December 2022]

 

Welcome to Monyx! A vending machine app operated by NAYAX Group (as defined below), including Nayax Loyalty Scheme UAB, a company organized under the laws of the Republic of Lithuania with its principal office located at Antakalnio 17, Vilnius LT-10312, Lithuania (“MONYX”, “Company”, “we” or “us”). MONYX is committed to your right to privacy and is the controller of the data collected through the Monyx wallet app. This Privacy Policy (the “Privacy Policy”) is an integral part of the applicable Terms and Conditions and governs the processing and transfer of data collected and processed by us in connection with the Monyx website, app and/or the  associated services (“app” and collectively, “Services“) offered by MONYX to each person (the “User” or “you”) accessing or using the Application and Services.

MONYX is part of the Nayax group of affiliated companies (“NAYAX Group”). In addition to this Privacy Policy and the applicable Terms And Conditions, other terms may also apply to you, related to other Nayax Group services or products you subscribed to or purchased. For additional information on data processing at the Nayax Group, see Nayax’s General Privacy Policy.

This Privacy Policy explains what information we may collect, how such information may be used or shared with others, how we safeguard it and how Users may exercise their rights related to their Personal Data (as such term is defined below), according to the applicable privacy and data protection laws, including, the EU General Data Protection Regulation (“GDPR”), California applicable privacy laws, et.

If you choose to install, use, interact with, register or provide data to us or through the Application and/or Services you explicitly agree to the use of such data in accordance with this Privacy Policy. You may not use the app and/or Services or provide any data if you do not agree to any of the provisions hereunder.

 

THE HIGHLIGHTS:

  • You are not required by law to provide us with any Personal Data. Sharing Personal Data with us is entirely voluntary.
  • Our Services are intended for Users over the age of 16 or equivalent minimum age for providing consent to processing of Personal Data in the relevant jurisdiction. Children under such an age are not permitted to register for or use the Services. If you are under such an age you should cease to use the Services immediately.
  • You may be entitled to request to review, amend, erase or restrict the processing of your Personal Data, pursuant to applicable law. Please note that if you request to erase or restrict the processing of your Personal Data, your use of the Services may be restricted. You may be entitled to exercise additional rights under the CCPA, please refer to our User Rights Policy.
  • We do not sell, trade, or rent Users’ Personal Data to third parties. We only share Personal Data with third parties in connection with the provision of the Services to our Users, or other limited circumstances specified herein.
  • If you have any questions or requests regarding the processing of your Personal Data, or would otherwise like to contact us in connection with this Privacy Policy, please send us an email to: privacy@nayax.com.
  1. 1. What is Personal Data and what data is collected about me by MONYX?
    “Personal Data” or “Personal Information” (will be referred together as “Personal Data”), means any information which identifies or can be used to identify a natural person, including, but not limited to, first and last name, phone number, email address, online identifiers, IP address, billing information (such as credit card number), information concerning households, devices etc.
    “Non-Personal Data”, means non-identifiable aggregated data, such as technical data transmitted by the user’s device and aggregated use of the website of the Application. This data is not used to identify individuals.
    Personal Data is only used for limited purposes, as specified below.

    Types of Personal Data Purposes of Processing Legal Basis
    App Account

    In order to use the app – you will need to download the app and create an account. You will be asked to provide us with Personal Data, such as your phone number to create an account, as well as your name, email address, and your payment method details, such as the details of your credit card or debit card (the “Account”).

    This information is provided by you when registering the app and creating or updating an account to use the services therein. Note, this information is collected directly from you when you create an Account.

     

    Precise locations will be collected as well in order to locate machines and record transaction’s location for fraud purposes. Note that we do not keep this data associated with your account – however we keep it associated with a transaction you made. Please note, that we will collect your precise location only to the extent you provided your permission to access your phone’s GPS data

    –    To onboard a User to our services and sign-up registration.

    –    To provide the User with the requested services associated with the app (i.e., payments for goods purchased via the app);

    –    To resolve any disputes, communicate with you regarding customer service and support issues, and to respond to questions or comments and help resolve any problems.

    –    To provide updates with respect to material changes to this Privacy Policy or our Terms and Conditions.

    To improve the services, and to develop new features, products and services.

    ·         The Account data is required to perform a contract which the User is a party to (i.e., set an account enable app’s functionalities which are offered as part of our terms and conditions which constitute our contract with the User).

    ·          Consent  (i.e., for precise location)

    User’s use of the Services

    When a User purchases through the merchants’ machines/point of sale, while using the app , we collect certain data regarding your purchase: the merchant you purchased from, the products purchased, your (if merchant provided this information) shopping history, total payment amount, and the geographical location when using the services (if provided with permission). Note, this information is collected automatically from your device when using the app.

    Please note, that if you are an employee using our app and Services in connection with your workplace (e.g., if your employer provided you with a pre-paid card), we may also receive additional contact information regarding you and your workplace, through your employer, such details may include your balance on your pre-paid card and your employer name. Note, this information is collected from your employer (or pre-paid issuer).

    –    To provide the Services to our Users.

    –    To resolve any disputes, communicate with you regarding customer service and support issues, and to respond to questions or comments and help resolve any problems.

    –    To improve your experience with respect to the Services and customize our Services to your interests.

    –    To develop new features, products and services

     

     

    ·         Necessity of processing for the purposes of the legitimate interests of MONYX which are not overridden by User’s data protection interests or fundamental rights and freedoms (i.e., we use the data detailed herein to improve the Services, detect fraud, and internal analysis)

    ·         To perform the contract which the User is a party (i.e., to enable payment for goods you purchase using the app).

    ·          To fulfil our legal obligation (i.e., payment method token will be collected and retained with purchase history for legal purposes – such as to handle legal claims and to comply with credit card regulations).

     Technical Information and Online Identifiers

    We collect technical information transmitted by your device when using the app. Such information includes type of operating system, type of device used to access the services, date and time stamp, language preference, , advertising ID (android), IDFA (apple advertising ID) and user’s actions within the app. This information is collected automatically via your use of the Services.

    –    To identify authorized users of pre-paid cards.

    –    To access and use the Services via the app.

    –    To improve the app and Services, and to develop new features, products and services.

    Necessity of processing for the purposes of the legitimate interests of MONYX which are not overridden by User’s data protection interests or fundamental rights and freedoms (i.e., we use the data detailed herein to improve the Services, detect fraud, and internal analysis)
     Contact us

    When you submit a customer-service request or using the “contact us” feature through our website or app, as well as via email, you may be asked to provide personal information depending on the activity or request. For example, by placing a message in the “contact us” form we will collect your full name, email, mobile number, country, company, and the content of your message.

    –    To answer your queries and provide you with the services you requested from us.

    –    To improve the Services, and to develop new features, products and services.

    Necessity of processing for the purposes of the legitimate interests of MONYX which are not overridden by User’s data protection interests or fundamental rights and freedoms (i.e., we use the data detailed herein to improve the Services, as well as to answer your queries)

     

  2. We do not knowingly collect or process any Personal Data included in Special Categories of Personal Data (as defined in the GDPR). In the event you become aware that such data has been collected by us, please inform us immediately.

    In addition, we may use certain Personal Data to prevent potentially prohibited or illegal activities, fraud, misappropriation, infringements, identity thefts and any other misuse of the website or the Services and to enforce the Terms and Conditions, as well as to protect the security or integrity of our databases, website and the Services, and to take precautions against legal liability. Additionally, we may also use Personal Data to comply with any applicable law and assist law enforcement agencies and competent authorities, when we have a good faith belief that our cooperation with them meets the applicable legal standards. All the above processing is based on our legitimate interests or legal requirements.

    Non-Personal Data, aggregate and statistical or otherwise anonymized data may be shared without limitation with third parties at our discretion. This information does not contain Personal Data and is used to develop content and services for our Users.

    Cookies

    We use data files such as cookies, pixel tags, “Flash cookies,” or other local storage files provided by your browser or associated applications (“Cookies”) on our website. We use these technologies in order to recognize you as a specific visitor; customize our website, content, and advertising; measure promotional effectiveness; help ensure that your security is not compromised; mitigate risk and prevent fraud; and to promote trust and safety across our website. If you do not accept the use of these cookies, please disable them by changing your browser settings so that cookies from our website cannot be placed on your computer or mobile device, as detailed below and/or visit our cookie management platform widget, which is at the bottom of our website (i.e., cookie icon)however, it is important that you are made aware of the fact that if you choose to do so this may prevent us from providing some or all of the website content to you.

    The following pages have information on how to change your cookies settings for the different browsers:

  3. 2. Will MONYX Share my Personal Data?

    We share Personal Data only under the following limited circumstances:

    • With the merchants you purchase from – by using the Services in order to execute transactions. The privacy and security practices of the merchants are not covered by this Privacy Policy, and MONYX accepts no responsibility or liability for the privacy or security practices or the content of such applications. In case you are using a prepaid card associated with your employer – then we also collect your employer’s name.
    • With third parties who assist us in operating the Services – conducting our business, expanding our business or servicing you, and for personalizing your experience of the Services, such as payment providers who process your payment method, clearance services,. While we strive to keep this list current, updated and complete, it is possible that there are additional processors which we have not yet added to the list. If you have any inquiries related to our service providers please contact us.
    • Within the Nayax group – We may also share certain Personal Data within the Nayax group, where certain affiliated companies provide services to assist others entities in the group in the provision of our services. For example, Nayax Ltd. headquarters the group’s activities, and may have access to Personal Data collected by its subsidiaries.
    • E-Wallets, alternative payments providers and financial management apps – we may share certain data with third parties who provide data subjects with platforms for management of transactions and financial data (such as e-wallets, online banking, etc.), for the purpose of enabling the data subject to access his/her data and provide the data subject with the third party’s services.
    • In the event of a corporate transaction – (e.g., sale of a substantial part of our business, merger, consolidation or asset sale). In such case, our affiliated companies or acquiring company will assume the rights and obligations as described in this Privacy Policy
    • For legal purposes – To comply with a legal requirement, for the administration of justice, to protect your vital interests or the vital interests of others, to protect the security or integrity of our databases or the Services, to take precautions against legal liability, or in the event of a corporate sale, merger, reorganization, dissolution or similar event.
  4. 3. Will MONYX transfer my Personal Data internationally?

    MONYX is a global company with offices all over the world. Our databases are located currently in Germany, Israel and in the US. Some of our processing activities are made in Israel. International transfers of data are done with appropriate measures to ensure that your personal data receives an adequate level of protection as required under applicable law. Further, when Personal Data collected within the EU is transferred outside the EU (and not to a recipient in a country that the European Commission has decided provides adequate protection), it shall be transferred in accordance with the provisions of the GDPR, including, where applicable, under the relevant Standard Contractual Clauses approved by the European Union (if applicable). If you would like to understand more about these arrangements and your rights in connection therewith, please contact us at: privacy@nayax.com.

  5. 4. Users’ rights with respect to Personal Data

    Subject to applicable law requirements, we will provide our Users with the opportunity to exercise their rights regarding their Personal Data. Individuals’ principal rights under data protection and privacy laws may include (you may have some or all of these rights depending on your jurisdiction):

    • the right to receive a confirmation whether or not we process your Personal Data;
    • the right to access your Personal Dataand receive a copy of the Personal Data that we hold.
    • the right to rectificationof your Personal Data;
    • the right to erasure your Personal Data.
    • the right to restrictprocessing of your Personal Data.
    • the right to objectto processing of your Personal Data;
    • the right to data portability.
    • the right to complain to a supervisory authority(in the event that you are a European Economic Area (“EEA”) resident); and
    • the right to withdraw consent.

    Please review our Privacy Users Rights Policy regarding your rights under applicable law.

    You may exercise any or all of your above rights in relation to your Personal Data by filling out the  https://www.nayax.com/legal/data-subject-request-form/ or send a request to our privacy team at: privacy@nayax.com .

    Please note that –

    • We may request additional information from you when you contact us with a DSR in order to: (i) verify your identity; (ii) determine the applicable laws apply to you; (iii) and locate your data.
    • It may take time to process requests in a way that is consistent with applicable privacy law.
  6. 5. Is Personal Data regarding children collected by us?

    Our Service is a general audience Services which is not directed to persons under 16 years old or equivalent minimum age for providing consent to processing of Personal Data in the relevant jurisdiction (“Child”). If a parent or guardian becomes aware that his or her Child has provided us with Personal Data without their consent, he or she should contact us immediately. We do not knowingly collect or solicit Personal Data from a Child. If we become aware that a Child has provided us with Personal Data, we will delete such data from our databases.

  7. 6. How does MONYX protect your data?

    We implement measures to reduce the risks of damage, loss of information and unauthorized access or use of information in accordance with the applicable law. In particular, your payment information is secured in accordance with the PCI-DSS standard. However, these measures are unable to provide absolute information security. Therefore, although efforts are made to secure your personal information, it is not guaranteed and you cannot reasonably expect that the Service and its related databases will be immune from any wrongdoings, malfunctions, unauthorized interceptions or access, or other kinds of abuse and misuse.

  8. 7. Data Retention

    Unless you instruct us otherwise and subject to applicable laws, we retain the information we collect for as long as needed to provide our services and to comply with our legal obligations, resolve disputes and enforce our agreements as applicable.

  9. 8. Questions or concerns regarding privacy

    If you have any questions about this Privacy Policy, you may contact us as follows:

    By sending our privacy team email at: privacy@nayax.com.

    You may also contact us using the following contact information: HQ NAYAX Ltd.

    3 Arik Einstein St., Herzliya 4659071 Israel

    +97237694380

    EU residents may also contact us by using the following details of our EU entity:

    Nayax Europe UAB

    Antakalnio 17, LT-10312, Vilnius, Lithuania

    MONYX may, at any time and from time to time, modify this Privacy Policy. Modifications to this Privacy Policy will be posted on the Application, and shall be effective as of the date on which they are posted on the Application.

  10. 9. PRIVACY NOTICE FOR CALIFORNIA RESIDENTS UNDER THE CALIFORNIA CONSUMER PRIVACY ACT

    This section for California Residents under the California Consumer Privacy Act of 2018 (respectively,  “Privacy Notice” and “CCPA”) supplements the information contained in our general Privacy Notice and applies solely to all visitors, users, and others who reside in the State of California (“consumers” or “you”), as defined under the CCPA. Any terms defined in the CCPA have the same meaning when used in this Privacy Policy. Further, this Privacy Notice is an integral part of our Privacy Policy and thus, definitions used herein but not defined herein shall have the meaning ascribed to them in our Privacy Policy.

    As required under the CCPA, we will update this Privacy Notice every 12 months.

    Types of Personal Information we collect

    Under the CCPA, “Personal Information” is defined as any information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer, household or device. The categories of Personal Information that we collect (and have collected within the last 12 months), are detailed in the table below.

    Please note that, under the CCPA Personal Information does not include: publicly available information from government records and de-identified or aggregated consumer information, information excluded from the CCPA’s scope (e.g., health or medical information covered by applicable laws such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA)); and information covered by certain sector-specific privacy laws (e.g., the California Financial Information Privacy Act (FIPA)).

    Category

    Examples

    Collected

     

    A. Identifiers.

    A real name, unique personal identifier, online identifier, Internet Protocol address, email address, or other similar identifiers.

    Yes

     

    B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).

    A name, address, telephone number, employment, credit card number, debit card number, or any other financial information.

    Some personal information included in this category may overlap with other categories.

    Yes

     

    C. Protected classification characteristics under California or federal law.

     

    No

     

    D. Commercial information.

    Records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

    Yes

     

    E. Biometric information.

     

    No

     

    F. Internet or other similar network activity.

    Information on a consumer’s interaction with a website, and application.

    Yes

     

    G. Geolocation data.

    Physical location or movements.

    Yes

     

    H. Sensory data.

     

    No

     

    I. Professional or employment-related information.

    Current or past job information – for prepaid cards we process your employer’s information.

    Yes

     

    J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).

     

    No

     

    K. Inferences drawn from other personal information.

     

    No

     

HOW WE COLLECT INFORMATION

Depending on the nature of your interaction with us, we may collect the above detailed information from you, as follows: (i) directly from you, for example, when a User subscribes to our services , User will fill his/her Personal Information as part of the registration process; (ii) automatically when User’s enters our website or app use the services;

USE OF PERSONAL INFORMATION

We may use or disclose the Personal Information we collect for one or more of the business purposes set forth above in Section 1 and 2.  SHARING SELLING DATA

We may disclose your Personal Information to a third party for business purposes (as detailed above in Section 2). When we disclose Personal Information for a business purpose, we enter into a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except performing the contract.

DISCLOSURES OF PERSONAL INFORMATION FOR A BUSINESS PURPOSE OR FOR SELLING PURPOSES

In the preceding twelve (12) months, the Company has disclosed the following categories of Personal Information for a business purpose:

  • Category A: Identifiers.
  • Category B: Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
  • Category D: Commercial information:
  • Category F: Internet or other similar network activity.
  • Category G: Geolocation data.

SALES OF PERSONAL INFORMATION

In the preceding twelve (12) months Company has not sold Personal Information (“selling” under CCPA relates to any disclosure, transfer, and selling of Personal Information for monetary or other valuable consideration).

YOUR RIGHTS REGARDING YOUR PERSONAL INFORMATION

The CCPA provides consumers with specific rights regarding their Personal Information. Please review our User Rights Policy  regarding your rights under applicable law, as well as Section 4 above for more information about how to exercise your rights.

CONTACT US

By email: privacy@nayax.com

By Toll-Free Telephone: 

Direct Dial 

English-speaking USA and Canada: 833-204-4684

Spanish-speaking USA and Canada: 800-216-1288 

French-speaking Canada: 855-725-0002  

Spanish-speaking Mexico: 01-800-681-5340 

AT&T USA Direct 

All other countries: 800-603-2869 (must dial country access code first click here for access codes and dialing instructions) 

Previous version of Privacy Policy – May 2018

Previous version of Privacy Policy – July  2020