Our data protection privacy policy

Our data protection
privacy policy

Edenred takes the issue of collecting and processing your personal information seriously. Edenred is committed to protecting your personal information and to informing you of your rights with respect to your personal information. Edenred aims to set out clearly at the time we collect your personal information:

  • what your personal information will be used for;
  • where it will be processed; and,
  • how long it will be kept.

You should also familiarize yourself with the section at the end of this Edenred Privacy Policy headed: Your Data Subject Rights that informs you how you may control the use of your personal information.

This Edenred Privacy Policy (Policy) applies to all services offered by Edenred and whenever we process your personal information.

In this Policy, references to ‘we’ or ‘us’ or ‘our’ are to the Edenred company with whom you are in correspondence.

1. Scope of our Policy

Our Policy applies to anyone (you, your*) who interacts with us, including Legal Persons (such as an incorporated company), who enquires about our products and services or who makes use of them, via any media including electronic media such as email, website, apps, telephone etc.

*You may be an Edenred: prospect, client, employee, agent or consultant, Edenred client, Edenred employee, agent or consultant providing services to Edenred or to whom Edenred is providing services

2. What is personal information?

In most cases, personal information is information relating to a living individual that can be used to identify or contact them.

3. What is processing?

We process your personal information when we collect, store, use it in any way, for any purpose or delete your personal information.

4. What personal information do we collect and why?

In order for Edenred to provide services to you and discharge regulatory and legal obligations in respect of its processing activities, Edenred will have to process your personal information. If we are unable to process your personal information, we may not be able to provide our services to you or administer our business.

The personal information we need to collect will depend on the service(s) that we provide to you, but we will only process personal information that is adequate and required to enable us to do so. We usually collect personal information about you from you directly, but in certain circumstances, we may collect personal information on you from other sources such as publicly or privately available records.

In general, Edenred commonly collects personal information as follows:

  • Photographic ID and documents to verify both your identity and residential address in order to satisfy anti-money laundering regulations. If you do not provide this personal information to us, we will not be able to establish or continue in a business relationship with you or any person acting for you;
  • Your contact details, including but not limited to, telephone numbers, location details such as personal or business address and email address in order to communicate with you;
  • We may conduct criminal background checks at the start of and during our business relationship as part of our anti-money laundering screening or counter-terrorist financing screening to comply with relevant legislation;
  • We may collect proof of age and location in order to ensure that we may legally provide you with the relevant product or service;
  • Bank details where you are required to make payment to us, or we are required to remit payment to you;
  • Recording, monitoring, storing data from certain telephone calls in which you participate, in order to comply with regulatory or contractual obligations, and to confirm instructions given to us; and,
  • For Legal Persons, we may also collect documents to establish your identity and existence.We will always tell you beforehand about any use we make of your personal information if you have not already consented to such use.You are responsible for giving us accurate and up-to-date information.Where you provide us with information about other individuals or Legal Persons in connection with your dealings with us, you must ensure that they agree to us using their information for the purposes set out in our letter of engagement or agreement, and you will need to tell them how to find the Edenred Privacy Policy.

5. How do we use personal information?

We process personal information primarily for the purpose of providing a contracted service(s) to you, but in addition to this, we may use your information for the following purposes:

  • To meet a legal or regulatory requirement – please see examples of this in section 4
  • To advise you of changes that may affect you that we feel are in your best interests, such as communications about purchases and changes to our terms and conditions, and policies. As this information is important to your interaction with Edenred, you may not opt out of receiving these communications
  • For internal administrative and accounting, auditing, data analysis and research purposes in the normal course of managing our business and improving Edenred services and customer communications.
  • If we believe that we have a legitimate interest or that you have a legitimate interest and to not use your personal information may have a negative impact on you.

6. Who processes your personal information?

Edenred personnel will process your information; however, Edenred may also arrange for third-party service providers such as Edenred’s accountants, your accountants or those appointed by an entity connected to you, our security teams, banks (for instance, for making payments), custodians, depositaries, funds, portfolio managers, distributors, regulatory bodies, your advisors or those appointed by an entity connected to you, our advisors, fund advisors, IT service providers, telecommunications providers, third-party business processing providers, share personal information with our investors or any potential acquiring party, bank or financing institution for Edenred’s legitimate business interests and with other parties with whom Edenred contracts to access and process your personal information in order for the relevant services to be provided to you.

These third-party service providers are variously under the duties of client confidentiality, covering the storage and disclosure of your personal information in order to safeguard it, prevent unauthorized access, and comply with relevant data protection laws.

7. Storing and deleting your personal information

The personal information that we hold may be retained and stored for a period after our relationship has ended. The length of the storage period is determined by relevant local data protection laws and regulations. We will delete your personal information once it is no longer required for processing purposes.

Where regulatory requirements require us to keep your personal information for a longer period, we will have to do so. For example, we may be required by the Anti-Money Laundering Directive to retain personal information processed for our due diligence on you and your financial transaction history for a period of six years after our business relationship ends. Once the legal / regulatory retention period has expired we will securely destroy all of your personal information, except where it is required in litigation, or has been requested by a Supervisory Authority or other law enforcement agency, or where you have requested that it be retained (and have paid an appropriate fee to do so).

8. Cookies and other technologies

Edenred’s websites, online services, interactive applications, email messages, and advertisements may use cookies and other technologies. These technologies help us better understand user behaviour, tell us which parts of our websites people have visited, and facilitate and measure the effectiveness of advertisements and web searches. We treat information collected by cookies and other technologies as non-personal information. However, as Internet Protocol (IP) addresses or similar identifiers are generally considered personal information by some local laws, we also treat IP as personal information.

Please take a moment to familiarize yourself with our Cookie Policy.

9. Using your personal information for marketing

We may use your personal information for reasonable marketing purposes about our products and services, topical news and information if you have given your permission for us to do this.

We will contact you with regard to your activities with us. You may unsubscribe from any marketing update at any time by clicking the unsubscribe link at the bottom of each email or by unsubscribing here. In such a case, Edenred will continue to contact you regarding your account with us but unsubscribe you from marketing communications.

10. Edenred Electronic Communications Policy

Please see the Edenred Electronic Communications Policy on the way in which we may correspond with you using electronic media.

11. Your right to access and correct your personal information

You have a right to have a copy of the personal information that we hold on you by contacting us at EAE.DPO@edenred.com or writing to us at the address below. You also have a right to require that any inaccurate personal information that we hold on you is corrected. If you find that any of your personal information is incorrect, please contact us at EAE.DPO@edenred.com or write to us at the address below, and we will correct it without delay.

For further information on your rights, please see the section below headed: ‘Data Protection Officer and how to contact us’ and ‘Your Rights’.

12. Sharing and transferring your personal information

We will never sell your personal information. We may share your personal information within the Edenred group of companies with third-party service providers to Edenred and regulatory or legal authorities only for the purpose of providing our contracted service(s) to you or as required by regulations or law.

Edenred operates internationally and has offices and personnel in the European Union, and complies with applicable legislation internationally. Edenred has internal processes and safeguards in place for the safe transfer of your personal information between Edenred companies located in the European Union. We apply an equivalent standard of protection to your personal information in all of our office locations globally.

Edenred also uses a number of third parties service providers who may, on occasion or routinely depending on their role, have access to your personal information as set out in section 6 above. Edenred has made arrangements with these third-party services providers so that your personal information may be moved safely to and from their offices and personnel.

13. Changes to this Policy

We will place any updates to this Policy (or any other policies referred to in this Policy) from time to time on our website. When we change this Policy in a material way, a notice will be posted on our website along with the updated Policy.

Additional information will be given to you if required for specific interactions or in relation to specific products or services or depending on the way we interact with each other. For example, if you use Edenred-provided third-party apps, we may provide you privacy notices just in relation to a particular data type collected through that app.

Data Protection Officer and how to contact us

We have appointed a Data Protection Officer who is responsible for ensuring that Edenred is fully compliant with relevant data protection laws. If you have any questions or concerns about personal information or our Policy, or you wish to make a complaint about how we have processed your personal information, or you wish to exercise any of your rights as a data subject, please contact our Data Protection Officers by email at EAE.DPO@edenred.com.

You may also contact us by post at the following address:

Data Protection Officer
Edenred
43rd floor
Single Business Tower,
Business Bay
P.O. Box 34920
Dubai
United Arab Emirates

Alternatively, please feel free to contact your Edenred contact.

You also have a right to make a complaint to your local privacy Supervisory Authority where:

  • you are living
  • you work, or
  • the alleged infringement took place.

In the UAE to the two Supervisory Authorities are as follows:

Federal Law: UAE Data Protection Agency – to be established

Financial Free Zone/DIFC: the Commissioner of Data Protection

*Please note that the above websites are provided by the external parties and not by Edenred, and therefore our policies will not apply to your use of this website.

Your rights

Please take a moment to familiarize yourself with Your Data Subject Rights to learn how to review any personal information that may be associated with you.

You are entitled to ask for details of any personal information that we hold. This will be provided as quickly as possible in the circumstances. We will not normally charge for accessing and providing you with the information.