“XMLGold“, “we“, “us“, and “our“ refer to ‘XML Corp.’ together with its employees, directors, successors, affiliates and assignees.
“You”, “customer”, “user”, “your” refer to users of the services of XMLGold, whether in their capacity as senders, recipients, or visitors to our website.
We communicate with our customers about new products or services, special offers and other marketing announcements in newsletters sent by e-mail to our customers. Therefore, we process your first name, surname and e-mail address for direct marketing purposes.
The basis for the processing of your personal data for direct marketing purposes is your consent. Therefore, you have the right at any time to disagree with or reject such processing of your personal data for the purpose of sending newsletters.
XMLGold may also send direct marketing communications to the customer providing relevant information about related XMLGold services. The customer may at any time (in advance or at any time later) unsubscribe from such messages.
You can disagree with or reject processing of your personal data for the purpose of sending newsletters by clicking on the unsubscribe reference presented at the bottom of the newsletter sent to you or by notifying us in writing (for example, by e-mail).
Your personal data, which we process for the purposes of direct marketing, shall be stored for a term of 3 years from the date of your consent unless you revoke your consent before the expiry of the said term. After the expiry of the said term or in the event you revoke your consent, we will cease the processing of these personal data for the purpose of direct marketing.
When you browse our web page without logging in, we do not hold any personal data about you, but we use various tools to help us maintain the website and provide the best possible experience for you.
Each time you access or visit the website, the following technical personal data may be automatically collected: IP address, access date and time, web page name and URL, device operating system data, information about the Internet provider, geo-location data, language settings and other relevant data.
|Name of Cookie||Why we use it||Expiration||Essential? (yes/no)|
|cookie_policy||Cookie notification flag||10 years||Yes|
|lang||Website and personal account language||1 month||Yes|
|is_client||Logged in user flag||1 month||Yes|
|last_referer||URL of the original page from which the transition to the current page was made||3 month||Yes|
|PHPSESSID||PHP session cookie associated with embedded content from this domain||1 year||Yes|
|referral||The identifier of the user's click, which is assigned after the transition through the affiliate link. Statistics are collected according to this parameter.||1 year||Yes|
|subscr||Subscription to email newsletter identifier. Is used to understand if you are subscribed or not.||1 month||No|
|YII_CSFR_TOKEN||CSRF Protection code||1 year||Yes|
|Name of cookie||Why it is used||Company||Third party privacy policies||User controls||Essential? (yes/no)|
|*fb*||Advertising / Marketing / social media functionality||Find out more||Through browser settings||No|
|*_g*||Advertising / Marketing||Find out more||Through browser settings||No|
|*tawk*||Cookies used by Tawk services / Live chat||Tawk.to||Find out more||Through browser settings||No|
To opt out of Google Analytics cookies, download and install the Google Analytics Opt-out Browser Add-on. The Google Analytics opt-out browser extension – https://tools.google.com/dlpage/gaoptout?hl=en.
If you want to know more specific information about cookies and their usage, please go to www.aboutcookies.org.
For regular business operations, conclusion and fulfillment of our agreements with you on use of respective XMLGold services as well as implementation of the requirements established in the legal acts regulating the operations of a payment institution we collect and process your personal data.
Such personal data may be provided to us by you directly when creating an account on XMLGold website or collected from other financial institutions or the other third parties (such as Facebook, Gmail, Vkontakte, Paysera, etc.) if you choose to create an account on our website using already existing your social networking or other accounts mentioned here above.
We may process the following personal data of the customers:
The basis for the processing of your personal data is agreement which shall be or is entered into by XMLGold and the customer. In any case we process the personal data of our customers only to such an extent which is necessary for ensuring the proper provision of e-currency top-up and withdrawal services and implementation of the legal obligations binding XMLGold.
Customers also have the possibility of logging into their individual accounts on the website of XMLGold, where any information that is relevant to the respective customer in connection with the particular service is provided. Customers log into their accounts using the unique login data provided to them. With a view to properly administer this system, XMLGold also processes additional personal data of customers, inter alia: customer user IDs, login passwords, time of the customer’s login to his / her individual account, data provided in the customer’s applications or agreements, data on transactions carried out by the customer as well as other data. XMLGold processes such personal data under the agreements concluded with customers.
Personal data collected for the purpose of conclusion and fulfillment of agreements will be stored for up to 10 years from the completion of the transaction, the submission of the respective application or execution of the operation except for the cases when the legal acts provide for a longer term of storage of such data.
As a financial institution, we are required to reliably identify the customer, the representative or the beneficiary before providing any financial service and do everything in our power to prevent any money laundering and fraudulent activities. For this we may need additional information and / or documentation from the customer, depending on specific cases.
Personal and financial data required to comply with know your customer, anti-money laundering and combating the financing of terrorism requirements and perform financial and business operations include:
The personal data which are required under the law, are usually provided to us directly by you. We shall also have the right to establish the identity of the customer, the representative or the beneficiary without their direct involvement by receiving the required information in accordance with the procedure laid down in the law from other financial institutions and authorized entities. By properly implementing the requirements for the prevention of money laundering and terrorist financing, XMLGold can obtain additional personal data on customers, their representatives and beneficiaries from other third parties(for example, customer’s data can be verified in the databases on wanted persons and in international databases which accumulate and store information about the persons involved in politics, etc.).
We store your personal data in compliance with the requirements of the law, i.e. for a term of 8 years from the date of completion of transactions or expiry of business relations with the customer (unless other legal acts provide for a longer time limit for the storage of data). Certain personal data shall be stored for a shorter period of time, when it is laid down by the law.
To ensure timely and appropriate processing of your requests, contact you regarding any information you provide, protect customers’ and / or our interests and fulfill various legal requirements, we process your personal data when you contact us (by e-mail, through our website, social media accounts or by any other method). We keep all communications with our customers to ensure that in case of disputes we have all available communication logs.
The basis for the processing of your personal data upon your request is consent which is expressed through your active actions – submitting a request.
We store your personal data for the above mentioned purposes for up to 3 years, depending on the nature of received personal data and other circumstances. We apply longer periods of personal data storage when there is a reasonable suspicion of an unlawful act which is subject to investigation; your data is necessary for the proper resolution of the dispute, complaint or claim; we have received complaints related to you, or if we have noticed any violations committed by you; it is necessary for back-up copies or related purposes of functioning of our information systems; it is mandatory required by applicable laws.
We kindly recommend to protect your personal data when submitting the requests and therefore do not disclose certain personal data if such disclosure is not necessary for development of your request.
We use services provided by third parties (such as third-party data centers, servers, website design, administration services, online traffic and website analysis, statistics, direct marketing services, etc.) that may require access to your personal data to the appropriate extent. We take data protection seriously and always partner only with companies which provide Data Processing Agreement (DPA) or other data protection agreements with these companies.
In the event that we sell any business or assets, personal information may be disclosed or transferred to buyers or prospective buyers of our business or any of our assets as part of any such sale.
Particular technical data pertaining to your visits to the website (such as IP address, data collected or placed on devices by cookies, technical information of the browser, other information related to your browsing activities, etc.) may be transferred or made available to entities in the European Economic Area (EEA) as well as outside the EEA for purposes related to statistics, analysis and other related purposes. Please note that personal data in non-EU countries maybe subject to less protection than in the EU. We will carefully assess the conditions under which such data will be processed and stored after transfer to the above entities.
Finally, your personal data may be submitted to law enforcement, judicial or pre-trial institutions without any specific consent for the purpose of investigation or when it is provided by law.
We take protecting of your data very seriously – we encrypt the information you provide during the transmission of the information, our internal systems are logging access to your data when / if accessed by our employees, our offices have perimeter control from unauthorized entry, we have internal IT security procedures and use best security practices to minimize risks from outside attacks, all critical systems require 2 factor authentication and / or are accessible only through internal network / VPN.
While we implement security measures on our website and through our services, you should be aware that 100% security is not always possible. Whenever you give out personal information online there is a risk that a third party may intercept and use that information. While we strive to protect your personal information and privacy, we cannot guarantee the security of any information you disclose online. By using XMLGold services, you expressly acknowledge and agree that we cannot guarantee the security of any data provided to or received by us through the services and that any personal information, general information, or other data or information received from you through the website or our services is provided at your own risk.
General Data Protection Regulation (EU) 2016/679 gives you more rights to control which data about you can be accessed by companies like us. Here is a list of rights specified in regulation:
XMLGold is not intended for users under the age of 18. Such users are expressly prohibited from submitting their personally identifiable information to us and from using portions of the website of XMLGold for which registration is required; any information submitted by such users will not knowingly be used, posted, or retained.