- What data do we collect?
- When and how do we collect your data?
- How will we use your data?
- How do we store your data?
- How long do we store your data?
- What are your data protection rights?
- Privacy policies of other websites
- How to contact us
- How to contact the appropriate authorities
1. What data do we collect?
There are a number of reasons for gathering personal data about you. For instance, we need to know how to get in touch with you, we need to be certain of your identity and we need to comply with regulatory requirements regarding the provision of financial services. The personal data we collect falls into various categories, such as:
Identity & Contact information:
Name, date of birth, copies of ID, contact details, PPS number (or foreign equivalent), security details to protect identity, nationality, home status and address, email address, work and personal phone numbers, marital status, family details, tax residency and tax related information. If you engage with us through social media then this may also include your social media contact details, such as your LinkedIn address or Twitter username.
Company name, date of incorporation, company number, registered address, VAT number, details of directors and shareholder information, documentation such as, but not limited to, copies of ID, proofs of address bank statements etc.
Bank account details (including Account number, sort code), any International Bank Account Number (IBAN), currency information, payments information including, payment reference information (this may identify precisely who makes payments to you and who you make payments to and the purpose of the transaction), transaction credits, transaction debits, payment source/destination details, income and asset details, personal guarantees provided, application processing and administration records, transaction details, contact outcomes, authorised signatories details.
Marital status and/or financial associations:
If you are married or are financially linked to another person in the context of a particular product or service, a financial association may be created between your records and their records, including any previous and subsequent names used by you. This means that we may treat your financial affairs as affecting each other.
Information you provide us about others or others provide us about you:
Information we collect about you from publicly available sources:
We may collect information available from social media (depending on your settings and the applicable privacy policies), including social media engagement metrics such as numbers of connections, followers and clicks, and information from resources such as Companies Registration Office and Companies House.
Sensitive or special categories of data:
We may hold information about you which includes sensitive or special categories personal data, such as but not limited criminal conviction information or biometric information used to uniquely identify you. We will only hold this data when we need to for the purposes of the product or services we provide to you, where we are processing the data for a substantial public interest, where we have a legal obligation or where we have your consent to do so. Examples of when we use this type of data include:
- If you have criminal convictions, we may process this information in the context of compliance with our anti-money laundering obligations.
- We may use your biometric information to help identify you when you open or operate an account.
Information which you have consented to us using:
Your contact details and marketing preferences are used to share news about relevant services, products and offers that we think may be of interest to you
Information from online activities:
- We collect information about your internet activity using technology known as cookies, which can often be controlled through internet browsers and by using our cookie preference centre on our website. For detailed information on the cookies we use and the purposes for which we use them, see our Cookies Policy, which is available on our website.
- We collect information about your internet browser settings and Internet Protocol (IP) address and other relevant information to help us identify your geographic location when providing you with our services.
Other personal information:
- Telephone recordings and email communications.
- Information in relation to requests made by you e.g. data access, correction, restriction, deletion, porting and complaints.
2. When and How do we collect your data?
You directly provide NoFrixion with most of the data we collect. We collect data and process data when you:
- Register online or apply to be a customer of our services.
- Voluntarily complete a customer survey or provide feedback on any of our services.
- Use or view our website via your browser's cookies.
- When you use our products or services, including making transactions on your account, or instructing a third-party payment service provider to initiate payments on your account, we gather details about who you get money from, who you pay money to, how much the payments are for and when the payments are made.
- Tracking cookies
3. How will we use your data?
NoFrixion collects your data so that we can:
- Establish your eligibility for our products and services.
- Manage and administer your accounts.
- Process your applications for services.
- To comply with our legal and regulatory obligations.
- Contact you by post, phone, text message, email, digital message, using our website or other means, but not in a way contrary to your instructions to us or contrary to law.
- Monitor and record our conversations when we communicate (for example, to check your instructions to us, to analyse, to assess and improve customer service; for training and quality purposes; and for verification, fraud analysis and prevention purposes).
- Protect our business, reputation, resources, and equipment, manage network and information security (for example, developing, testing and auditing our websites and other systems, dealing with accidental events or unlawful or malicious actions that compromise the availability, authenticity, integrity and confidentiality of stored or transmitted personal data, and the security of the related services) and prevent and detect fraud, dishonesty and other crimes.
- Manage and respond to a complaint or appeal.
4. How do we store your data?
We use appropriate technical and organisational security measures to protect the security of your personal data both online and offline including the implementation of access controls, implementation of firewalls, network intrusion detection and use of anti-virus software. Please note that no system is completely secure. So, while we strive to protect your data, we cannot guarantee that unauthorised access, hacking, data loss or a data breach will never occur. standards and codes of practice pertaining to system and data security in the cloud.
NoFrixion engages Microsoft as a Cloud Service Provider for the secure storage of your data in their Azure cloud service. Microsoft Azure has adopted numerous standards and codes of practice pertaining to system and data security in the cloud.
Your data is fully encrypted both in transit and while stored as part of this arrangement.
5. How long do we store your data?
NoFrixion shall adhere to the GDPR requirement to process personal data for no longer than is necessary for the purpose for which it was collected in the first place. In doing so, NoFrixion has defined procedures for adhering to statutory retention periods as set out by legislation.
As a general rule, we keep your information for a period of not less than 5 years after the date on which a transaction has completed or you cease to be a customer.
NoFrixion would like to send you information about products and services of ours that we think you might like. If you have agreed to receive marketing, you may always opt out at a later date. You have the right at any time to stop NoFrixion from contacting you for marketing purposes.
7. What are your data protection rights?
NoFrixion would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
The Right to be Informed
GDPR, Article 13 & Article 14
Data subjects have the right to be informed about the collection and use of their personal data. This is a key transparency requirement under GDPR. Where personal data is being collected directly from an individual, NoFrixion’s privacy notice will be provided.
- GDPR, Article 13 & Article 14
The Right of Access
GDPR, Article 15
Data subjects are entitled to make an access request for a copy of their personal data and for information relating to that data. NoFrixion shall ensure that this information is provided free of charge and in writing, or by other means where authorised by the data subject.
- GDPR, Article 15
Right to Rectification
GDPR, Article 16 & Article 19
Under GDPR Article 5 (1)(d), personal data processed by NoFrixion should be reviewed and verified as being accurate wherever possible. Where inconsistencies are identified by NoFrixion, or where a data subject or other party informs the Company, every reasonable step should be taken to ensure that such inaccuracies are corrected with immediate effect. All requests for rectification of personal data shall be forwarded to the DPO without delay.
- GDPR, Article 16 & Article 19
Right to Erasure
GDPR, Article 17
The right to erasure, whereby individuals can petition NoFrixion to have their data erased from its systems, is also known as ‘the right to be forgotten’. The right to erasure is not absolute and only applies in certain circumstances. All requests for erasure of personal data shall be forwarded to the DPO without delay.
- GDPR, Article 17
Right to Data Portability
GDPR, Article 20
The right to data portability allows data subjects to manage their personal data for their own purposes across different platforms and services. Data portability facilitates data subjects to transmit personal data from one IT environment to another without hindrance to usability.
The right to data portability is not absolute and will only apply to circumstances set out in Article 20(1).
All transmission requests under the portability right should be assessed to ensure that no other data subject is concerned. Where the personal data relates to more individuals than the data subject requesting the transmission to another controller, this is always to be effected without prejudice to the rights and freedoms of the other data subjects. All requests received regarding data portability should be forwarded to NoFrixion’s DPO.
Data subjects also have a right to complain to a relevant supervisory authority. The contact details for the DPC are as follows:
Telephone: +353 578 684 800
Online: Data Protection Commission - Contact Page
A data subject and may exercise any of these rights by contacting NoFrixion’s DPO (email@example.com)
Right to Object
GDPR, Article 21
The right to object, whereby data subjects have the right to object on grounds relating to their situation, at any time to processing of personal data concerning them which is based on point (e) or (f) of Article 6(1) of the GDPR, including profiling based on those provisions. NoFrixion shall no longer process the personal data unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
- GDPR, Article 21
Automated Individual Decision-making
GDPR, Article 22
The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them.
This shall not apply if the decision is: necessary for entering into a contract between the data subject and NoFrixion; is authorised by Union or Member State law to which NoFrixion is subject and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests; or is based on the data subject’s explicit consent.
- GDPR, Article 22
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email:
Or write to us:
c/o- Data Protection Officer
8 Harcourt Street,
Dublin 2, D02 AF58
Cookies are text files placed on your computer to collect standard Internet log information and visitor behaviour information. When you visit our websites, we may collect information from you automatically through cookies or similar technology.
For further information, visit allaboutcookies.org.
- Keeping you signed in
- Understanding how you use our website
What types of cookies do we use?
There are a number of different types of cookies, however, our website uses:
- Functionality - NoFrixion uses these cookies so that we recognize you on our website and remember your previously selected preferences. These could include what language you prefer and location you are in. A mix of first-party and third-party cookies are used.
- Advertising - NoFrixion uses these cookies to collect information about your visit to our website, the content you viewed, the links you followed and information about your browser, device, and your IP address.
How to manage cookies?
You can set your browser not to accept cookies, and the above website tells you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.
9. Privacy policies of other websites
11. How to contact us
Email us at: firstname.lastname@example.org
Or write to us at:
8 Harcourt Street,
Dublin 2, D02 AF58
12. How to contact the appropriate authority
Should you wish to report a complaint or if you feel that NoFrixion has not addressed your concern in a satisfactory manner, you may contact the Information Commissioner's Office: