As a financial institution Mollie processes a large amount of data from our customers, who are using the services provided by Mollie, and our customers’ customers (consumers). Both the customer and the consumer are invaluable to Mollie. Therefore it is extremely important to Mollie to ensure careful and secure processing of the customer’s and the consumer’s data, in particular personal data.
Mollie processes your personal data because you use Mollie’s services and/or because you provide this information to Mollie yourself. An overview of the personal data processed by Mollie, depending on the service you use, is shown here below.
If you use Mollie’s services as a customer the following personal data are processed:
If you use Mollie’s services as a consumer the following personal data are processed:
If you use Mollie’s websites, the following personal data are processed;
Unlike the processing of payments, Mollie’s websites and services are not aimed at activities that require special and/or sensitive personal data to be processed. Mollie therefore requests that you do not provide this information. Furthermore, Mollie has no intentions at all of collecting information about website visitors who are minors, even if they have permission from their parents or guardians. Unfortunately, Mollie cannot check whether a visitor is a minor and therefore Mollie advises parents or guardians to be involved in their children’s online activities in order to prevent minors’ data from being processed by Mollie.
Should you, in spite of the above, be convinced that Mollie unlawfully processed special or sensitive data, Mollie requests you to contact us at firstname.lastname@example.org or +31 20 820 20 70. Mollie will then delete this information as soon as possible.
Mollie only processes data insofar as this is necessary for its services. Your personal data will therefore only be processed for the following purposes.
If you use Mollie’s services, your personal data are processed:
If you use Mollie’s websites, your personal data are processed:
If Mollie wants to process your personal data for other purposes than described above, for example for commercial purposes, Mollie will only do this after your explicit permission has been requested and obtained. You can withdraw this permission at any time without providing a motivation.
Mollie will not keep your personal data longer than the mandatory statutory period or, if such a mandatory statutory period does not apply, no longer than is strictly necessary for the realization of the objectives for which your personal data were obtained. The personal data that Mollie receives relating to the assessment of your application, the preparation and performance of the agreement and the processing of payments, will not be kept longer than five years after rejection of your application or the termination of the agreement.
Mollie will share your personal data with third parties if this is necessary for the performance of the agreement or if it’s based on legal obligations. Mollie concludes a processors’ agreement with third parties, which process your personal data for Mollie. This means that Mollie ensures that your personal data are always protected to at least the same level of security and that the confidentiality of your personal data is guaranteed. Mollie nevertheless remains fully responsible for these processing operations and will therefore take all reasonable administrative, technical and physical measures to protect your personal data against unauthorized access, unintentional loss or alteration.
Your personal data may also be shared with third parties which are not necessarily part of Mollie's services. In that case, Mollie will only do so after requesting and obtaining your explicit consent.
Opt out of cookies
You can opt out of cookies by setting your internet browser such that it does not store cookies anymore. In addition, you can delete all information previously saved via the settings of your browser.
You have the right to view, correct, limit or delete the personal data that Mollie processes, unless Mollie cannot grant these rights based on a legal obligation. You can send your request for access, correction, limitation or deletion to email@example.com. However, to establish the legitimacy of your request Mollie does asks you to send a copy of your identification (i.e. a passport or identity card) along with the request. Please make sure that in this copy your passport photo, MRZ (machine readable zone, the strip with numbers at the bottom of the passport), passport number and citizen service number (BSN) have been redacted to protect your privacy. Mollie will then respond to your request as soon as possible, but in any case within fourteen business days.
If you believe that Mollie has used your personal data unlawfully or if you are not satisfied with Mollie’s response to your request, you have the right to report this to the Dutch Data Protection Authority or to take it to court. More information about this can be found on https://autoriteitpersoonsgegevens.nl/en.
The protection of your personal data is very important to Mollie. Mollie therefore takes all appropriate technical and organizational measures to prevent misuse, loss, unauthorized access, unwanted disclosure and unauthorized modification.
To report possible problems with the security of Mollie's systems, a Responsible Disclosure Policy has been made available.
Mollie acts as the controller as referred to in the General Data Protection Regulation, (EU) 2016/679. Mollie acts in this position because as a financial institution Mollie:
The data processing has been reported by Mollie to the Dutch Data Protection Authority under number 1449126.
Mollie has appointed a Data Protection Officer (DPO). Among other things, the DPO is responsible for supervising the processing of personal data by Mollie, taking stock of data processing and advising on technology and security.
If, in spite of the above, you suspect that your data is not properly secured, has been misused or if you believe that Mollie does not adequately guarantee the correct processing of personal data, please send an e-mail to: firstname.lastname@example.org for the attention of Mr. M. Polder.
Amsterdam, 11 december 2017