SimpledCard Privacy Policy

SimpledCard collects a variety of information, including personal data, that you submit directly to us. We process your information, when necessary, to provide you with the SimpledCard Services that you have requested or where we have a legitimate interest to do so. For example, we may have a legitimate interest to process your information to comply with legal directives that also ensure the secure use of SimpledCard Services for our Customers (e.g. anti-money laundering (AML) and anti-terrorist financing regulations).

Without your data, we cannot provide you with the SimpledCard Services you have requested or you may be limited in your use of SimpledCard Services. Whenever we request information from you, particularly personal data, we directly outline the purpose providing a quick and easy understanding of the reason for the request. All detailed information about third party processors, duration of storage and data protection standards can be found in this privacy policy or by contacting us via dataprivacy@simpeldcard.com.

1. Information You Provide to Us
SimpledCard collects information from you through:

1.1 Website:

• Demo requests
• Contact request
• Newsletter subscription
• Case studies & White paper requests
• Job applications

1.2 SimpledCard web- & mobile application:

• Company account registration via the online registration form and administration of your account details
• The SimpledCard Services that you use (e.g. Card Management System: creating new users, activating payment cards for users, uploading receipts to expenses, downloading reports, …)
• Support requests or questions you submit to our Customer Success Team via our integrated chat in the SimpledCard application (e.g., implementation & support forms, user or payment details)

1.3 Phone & email:

• Support requests or questions you submit to our Customer Success Team via email or phone

Information from and about you. The types of information we collect will depend upon 1) the SimpledCard Services you use and your administrator roles & rights within the SimpledCard Services, and 2) your corporate role in the company that is the SimpledCard Customer. The types of data we collect from you may include:

• Name
• Email address
• Phone/mobile number
• Log-in details and password
• Company/employer details (e.g., address, type of business, number of employees)
• ID/passport copy
• Nationality
• Date of birth

Optional information (your “Profile Information”):

• Gender
• Job position
• Employee number
• Reference information

Content. In using the SimpledCard Services, you may upload or input various types of information, including but not limited to: photos of receipts, payment descriptions & transaction information, as well as user information and company information. If you are using the SimpledCard web- or mobile application, we collect and process the content you submit on behalf of the Customer (your employer, company, or organization). As described throughout this Policy and in our Service Agreement, our Customers, and not SimpledCard, are responsible for the secure and proper use of the SimpledCard Services including access, modification, deletion, sharing, and retention of content. For example, a SimpledCard User may provide or remove access to the Services, add or alter transaction descriptions, approve or reject justifications or export transaction information.

Information about others. If you choose to invite new users to the SimpledCard Services, we will ask you for that person’s contact information, which may include their name, phone number and email address, and automatically send an invitation via email. SimpledCard stores the information you provide to send the invitation and to register the new user account.

2. Information We Automatically Collect

When you use our SimpledCard Services we automatically collect certain information as described in this section.

Transaction & user data data: When using the SimpledCard payment cards, all user and expense information (card status, merchant, amount, card number, cardholder name, transaction date) will be automatically processed and listed in the SimpledCard web- and mobile application. The data is stored in audit and application logs for the purpose of error analyses, data backups, and legal purposes.

Website session duration: When visiting our website, we track the duration of your session and how long you stay on which specific website page. We use this information for our marketing analyses to track the success of our website content. This information is collected via cookies.

Login email address recognition: When logging in to our mobile and web-application we remember your email address which is used as a user name / login credential.  This information is stored via cookies.

Web- and mobile application usage: Within the web- and mobile application, we track the user behavior on an anonymized basis. This includes the frequency of using buttons and (time) sequences within the application. The data is anonymized by aggregating the data of all users of a SimpledCard Customer. We use this information for performing analyzes and to improve the SimpledCard Services.

Cookies And Similar Technologies

To collect the information in the “Information We Automatically Collect” section above, we and our service providers use Internet server logs, cookies, tracking pixels, Google Analytics and other similar tracking technologies. A web server log is a file where website activity is stored. A cookie is a small text file that is placed on your computer or mobile device when you visit a site, that enables us to: (i) recognize your computer and login session; (ii) understand which web pages of the Services you have visited; (iii) perform analytics; and (iv) assist with security and administrative functions. Tracking pixels are tiny electronic tags with a unique identifier embedded in emails, and that are designed to provide usage information like email open rates. Google Analytics is a web analytics service that helps us to understand your behavior, needs and potentials of improvement within the SimpledCard Services. As we adopt additional technologies, we may also gather information through other methods.

Please note that you can change your settings to notify you when a cookie is being set or updated, or to block cookies altogether. Please consult the “Help” section of your browser for more information (e.g., Internet Explorer; Google Chrome; Mozilla Firefox; or Apple Safari).

How We Use Your Information

We use your data (as described in this Privacy Policy) for various purposes depending on the types of information we have collected from and about you and the specific SimpledCard Services you use, including to:

• Provide the use of the SimpledCard Services
• Comply with AML and anti-terrorist financing regulations and other directives which are required to provide the SimpledCard Service.
• Respond to your request for information (e.g. brochure, white paper) and provide you with customer service.
• Provide you with service notifications via email and within the SimpledCard Services.
• Help us better understand your interests and needs, and improve the SimpledCard Services.
• Protect our SimpledCard Services and our users.
• Understand and resolve technical difficulties and other issues being reported.

How We Share Your Information

SimpledCard will share your information in the following ways:

Affiliates and Subsidiaries. We may share all information we collect within the SimpledCard family of companies.

Third Party Processors. We may provide access to or share your information with selected third parties who perform services on our behalf. These third party processors provide a variety of services to us, including without limitation payment processing, data storage, security, fraud & AML prevention, customer communication, sales, customer invoicing, product delivery, and legal services.

Business Transfers. If the ownership of all or substantially all of our business changes, we may transfer your information to the new owner so that the SimpledCard Services can continue to operate. In such case, your information would remain subject to the promises and commitments contained in this Privacy Policy until such time as this Privacy Policy is updated or amended by the acquiring party upon notice to you. If such transfer is subject to additional mandatory restrictions under applicable laws, SimpledCard will comply with such restrictions.

Your Choices
We provide you with a number of choices with respect to the information we collect and use as discussed throughout this Privacy Policy. For example: – In commercial emails/newsletter messages, you can also opt-out by following the instructions located at the bottom of such emails. Please note that, regardless of your request, we may still use and share certain information as permitted by this Privacy Policy, our Service Agreement or as required by applicable law. For example, you may not opt-out of certain compliance or service-related emails, such as those reflecting our relationship or agreements with you.

Third Party Processors

SimpledCard works together with Third Party Processors who assist us processing our customer data in order to provide the SimpledCard Services, such as an email service provider for being able to communicate with our Customers, CRM software providers for offering an accurate and quick customer support, or data/cloud storage providers for securely storing our customer data. We may need to share personal data with our Third Party Processors in order to provide SimpledCard Services to you. Unless we tell you differently, our Third Party Processors do not have any right to use personal data or other information we share with them beyond what is necessary to assist us. SimpledCard carefully selects Third Party Processors and particularly considers their security standards and their compliance with the applicable data protection laws such as GDPR.

Your Right

If you want to learn more about the information and personal data collected through the SimpledCard Services, or if you would like to access or rectify your information and/or request deletion of information we collect about you, please contact us using the contact information below. Where you have provided consent, you may withdraw your consent at any time. Please notice that the majority of SimpledCard Services falls under AML and anti-terrorist financing regulations which determine the duration of data retention, including a time span of keeping customer data after they have terminated the SimpledCard Service. If you are dissatisfied with the way we process your information, you may lodge a complaint with the data protection authority (“DPA”) in your jurisdiction. If you are a Customer of SimpledCard and you have a complaint then we advice you to follow the instructions on the complaint flyer in the my.simpledcard.com section.

How Long We Store Your Information

We will retain your information for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required by law. For instance, information that you provide to us via the SimpledCard Website (see Article 1.1., job applications not included) will be stored for 5 years for the purpose to better understand your interests and needs; given that you haven’t requested deletion during that time. Information that has been processed based on the usage of SimpledCard’s web- and mobile application falls under AML and anti-terrorist financing regulations and needs to be kept for a defined period after the termination of the SimpledCard Services.

Changes To Our Privacy Policy

We reserve the right to amend this Policy at any time to reflect changes in the law, our data collection and use practices, the features of our Services, or advances in technology. We will make the revised Policy accessible through the Services, so you should review the Policy periodically. If we make a material change to the Policy, you will be provided with appropriate notice and we will seek your consent to the updated Policy in accordance with legal requirements.

How We Protect Your Information

SimpledCard takes technical and organizational measures to protect your personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access. Technical measures include, among other provisions, data encryption, strong firewall setup, and up-to-date antivirus and anti-malware systems. Organizational measures include, for instance, regular data protection and awareness trainings of the employees. However, no method of transmission over the Internet, and no means of electronic or physical storage, is absolutely secure, and thus we cannot guarantee 100 percent security. If you have any questions about security on our Services, you can contact us using the contact information below.

Simpledcard Contact Info

If you have any questions, complaints or if you wish to contact us in relation to this Privacy Policy, please contact us via email: dataprivacy@simpeldcard.com. Or send us a letter to: SimpledCard Exploitatie B.V., Haarlemmerstraat 124 E-F, 1013 EX Amsterdam, Netherlands.