Privacy Statement

As a financial institution Mollie processes a large amount of data from our customers, who are using the services provided by Mollie, and our customers’ customers (consumers). Both the customer and the consumer are invaluable to Mollie. Therefore it is extremely important to Mollie to ensure careful and secure processing of the customer’s and the consumer’s data, in particular personal data.

1. Personal data processed by Mollie

Mollie processes your personal data because you use Mollie’s services and/or because you provide this information to Mollie yourself. An overview of the personal data processed by Mollie, depending on the service you use, is shown here below.

If you use Mollie’s services as a customer the following personal data are processed:

  • Your first and last name;
  • Your date of birth;
  • Your place of birth;
  • Your nationality;
  • Your address details;
  • Your telephone number;
  • Your email address;
  • Your IP address;
  • Your internet browser and device type;
  • Other personal data that you actively provide, for example by creating a profile on this website, in correspondence and by telephone.

If you use Mollie’s services as a consumer the following personal data are processed:

  • Your payment details (e.g. bank account number or credit card number);
  • Your IP address;
  • Your internet browser and device type;
  • In some cases, your first and last name;
  • In some cases, your address details;
  • In some cases, information about the product or service that you have purchased from our customer;
  • Other personal data that you actively provide, for example in correspondence and by telephone.

If you use Mollie’s websites, the following personal data are processed;

  • Your location data;
  • Your details about your activities on the websites;
  • Your IP address;
  • Your internet browser and device type;

2. Does Mollie process special and/or sensitive personal data?

Unlike the processing of payments, Mollie’s websites and services are not aimed at activities that require special and/or sensitive personal data to be processed. Mollie therefore requests that you do not provide this information. Furthermore, Mollie has no intentions at all of collecting information about website visitors who are minors, even if they have permission from their parents or guardians. Unfortunately, Mollie cannot check whether a visitor is a minor and therefore Mollie advises parents or guardians to be involved in their children’s online activities in order to prevent minors’ data from being processed by Mollie.

Should you, in spite of the above, be convinced that Mollie unlawfully processed special or sensitive data, Mollie requests you to contact us at info@mollie.com or +31 20 820 20 70. Mollie will then delete this information as soon as possible.

3. Why are your personal data processed?

Mollie only processes data insofar as this is necessary for its services. Your personal data will therefore only be processed for the following purposes.

If you use Mollie’s services, your personal data are processed:

  • To assess your application;
  • To draft and perform the agreement;
  • To process payments;
  • To send information about your product or service and changes to it;
  • To ensure the safety and integrity of the financial sector, for example by identifying, investigating, preventing and actively countering (attempted) criminal/illegal conduct;
  • To perform analyses for statistical and scientific purposes;
  • To train and assess Mollie employees;
  • To record evidence;
  • In order to establish that Mollie actually does have contact with you as a customer or one of your (duly authorized) representatives, for example by telephone or in written correspondence;
  • In order to comply with legal obligations as a financial institution, for example under the Dutch Financial Supervision Act (Wft) and the Dutch Money Laundering and Terrorist Financing (Prevention) Act (Wwft).

If you use Mollie’s websites, your personal data are processed:

  • To create a personal environment (dashboard) on Mollie’s websites;
  • To provide access to your personal environment;
  • To analyze your behavior on Mollie's websites in order to improve the websites and to tailor the range of products and services to your preferences;
  • To analyze your browsing behavior on Mollie’s websites based on which Mollie tailors products and services to your needs;
  • To perform analyses for statistical and scientific purposes;
  • To ensure the safety and integrity of the financial sector, for example by identifying, investigating, preventing and actively countering (attempted) criminal/illegal conduct;
  • In order to comply with legal obligations as a financial institution, for example under the Dutch Financial Supervision Act (Wft) and the Dutch Money Laundering and Terrorist Financing (Prevention) Act (Wwft).

If Mollie wants to process your personal data for other purposes than described above, for example for commercial purposes, Mollie will only do this after your explicit permission has been requested and obtained. You can withdraw this permission at any time without providing a motivation.

4. How long does Mollie keep your personal data?

Mollie will not keep your personal data longer than the mandatory statutory period or, if such a mandatory statutory period does not apply, no longer than is strictly necessary for the realization of the objectives for which your personal data were obtained. The personal data that Mollie receives relating to the assessment of your application, the preparation and performance of the agreement and the processing of payments, will not be kept longer than five years after rejection of your application or the termination of the agreement.

5. Does Mollie share your personal data with third parties?

Mollie will share your personal data with third parties if this is necessary for the performance of the agreement or if it’s based on legal obligations. Mollie concludes a processors’ agreement with third parties, which process your personal data for Mollie. This means that Mollie ensures that your personal data are always protected to at least the same level of security and that the confidentiality of your personal data is guaranteed. Mollie nevertheless remains fully responsible for these processing operations and will therefore take all reasonable administrative, technical and physical measures to protect your personal data against unauthorized access, unintentional loss or alteration.

Your personal data may also be shared with third parties which are not necessarily part of Mollie's services. In that case, Mollie will only do so after requesting and obtaining your explicit consent.

6. How does Mollie analyze your website visit?

Mollie uses functional, analytical and tracking cookies. A cookie is a small text file that is stored in the browser of your device such as a computer, tablet or smartphone when you first visit Mollie’s websites. On the one hand, Mollie uses cookies with a purely technical functionality. These cookies ensure that the website works properly and, for example, remembers your preferred settings, so that Mollie is able to optimize the websites. On the other hand, Mollie uses cookies that keep track of your browsing behavior so that Mollie can offer you tailor-made content and advertisements.

Opt out of cookies
You can opt out of cookies by setting your internet browser such that it does not store cookies anymore. In addition, you can delete all information previously saved via the settings of your browser.

Cookies are also placed on Mollie’s websites by third parties, for example advertisers and/or social media companies. More information about Mollie’s use of cookies can be found here: Cookies.

7. Your rights

You have the right to view, correct, limit or delete the personal data that Mollie processes, unless Mollie cannot grant these rights based on a legal obligation. You can send your request for access, correction, limitation or deletion to info@mollie.com. However, to establish the legitimacy of your request Mollie does asks you to send a copy of your identification (i.e. a passport or identity card) along with the request. Please make sure that in this copy your passport photo, MRZ (machine readable zone, the strip with numbers at the bottom of the passport), passport number and citizen service number (BSN) have been redacted to protect your privacy. Mollie will then respond to your request as soon as possible, but in any case within fourteen business days.

Complaints
If you believe that Mollie has used your personal data unlawfully or if you are not satisfied with Mollie’s response to your request, you have the right to report this to the Dutch Data Protection Authority or to take it to court. More information about this can be found on https://autoriteitpersoonsgegevens.nl/en.

8. Security of your personal data

The protection of your personal data is very important to Mollie. Mollie therefore takes all appropriate technical and organizational measures to prevent misuse, loss, unauthorized access, unwanted disclosure and unauthorized modification.

To report possible problems with the security of Mollie's systems, a Responsible Disclosure Policy has been made available.

9. Mollie’s responsibilities

Mollie acts as the controller as referred to in the General Data Protection Regulation, (EU) 2016/679. Mollie acts in this position because as a financial institution Mollie:

  • determines which personal data must be processed for the correct execution of a payment;
  • determines for which other purposes the personal data may be processed as long as these purposes are in accordance with the purpose for which the personal data were obtained by Mollie;
  • has to comply with its own legal obligations, for example under the Dutch Financial Supervision Act (Wft), the Dutch Money Laundering and Terrorist Financing (Prevention) Act and the Dutch Civil Code;
  • has drawn up its own general terms and conditions that are directly applicable to the customer and the consumer.

The data processing has been reported by Mollie to the Dutch Data Protection Authority under number 1449126.

10. Data Protection Officer

Mollie has appointed a Data Protection Officer (DPO). Among other things, the DPO is responsible for supervising the processing of personal data by Mollie, taking stock of data processing and advising on technology and security.

If, in spite of the above, you suspect that your data is not properly secured, has been misused or if you believe that Mollie does not adequately guarantee the correct processing of personal data, please send an e-mail to: compliance@mollie.com for the attention of Mr. M. Polder.

Amsterdam, 11 december 2017