SUNMONEY Solar GmbH
Widenmayerstrasse 32, München 80538, Germany

PRIVACY POLICY

This policy was made by Peak Card Services Limited (registered office: Suites 7B & 8b 50 Town Range Gibraltar; company number: 111314) ("Peak", "we", "us", or "our" as applicable) and it governs your use of Sunmoney Wallet, a mobile app software ("App") and any website, including but not limited to http://www.sunmoney.cards ("Webapp"), where we provide products, services, content, features, technologies or functions to you ("Services").

The branding of Sunmoney Wallet is provided by SUNMONEY Solar GmbH (registered office: Widenmayerstrasse 32, München 80538, Germany), a contractual partner of Peak.

Please read this policy carefully before ticking the "I agree with the Privacy Policy" box while downloading or using the App and the Webapp.

1. Your privacy

1.1. Peak is the data controller of the personal data provided by you.

1.2. Personal data is information you give us about yourself by filling in forms on the App and/or the Webapp, or by corresponding with us. It includes information you provide when you download the App and subscribe to any of our Services, participate in discussion boards or other social media functions on the App or the Webapp, enter a competition, promotion or survey and when you report a problem with the App, the Services, or the Webapp. If You contact us, we will keep a record of that correspondence.

1.3. Personal data may include your name, address, date and place of birth, nationality, mother’s maiden name, e-mail address, phone number, username, password and other registration information, your financial details of your bank account, identification document numbers, copies of identification documents (for example, passport, driving licence or utility bill), personal description and photograph and any other information you provide us in order to prove your eligibility to use our Services.

1.4. If you give us personal information about other people which we use to provide Services, then you confirm that (i) you know they agree to our holding and use of that data or that you are otherwise allowed to give us this information and consent on their behalf to our holding and use of it, as well as (ii) you provided such other people with all the information regarding the processing of personal data as required under the applicable law.

1.5. Your personal data will be controlled to provide you the Services, for security, identity verification, and communication purposes and for the purposes determined by law.

1.6. We will keep the personal data confidential, but we may share it with other entities (who, according to the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council, the GDPR, are also bound to keep it secure and confidential) if we have a duty to disclose it, if it is required for the provision of our services to you, or for legitimate purposes including business purposes and where your rights or freedoms are not infringed.

1.7. We will never pass the personal information to a third party for them to use in their own direct marketing without your consent.

1.8. In particular, we may share Your personal data with:

(a) companies in the same group as Peak;

(b) our service providers (including their sub-contractors);

(c) payment-processing service providers and others that help us process your payments and/or provide our services to You;

(d) anyone to whom we transfer or may transfer our rights and duties related to providing the Services;

(e) fraud prevention agencies (in particular, we will always tell fraud prevention agencies if You give us false or fraudulent information. They will also allow other organisations, including law enforcement agencies, to access this information to prevent and detect fraud, money laundering or other crimes;

(f) any third party after a restructure, sale or acquisition of Peak, provided that they use the Personal Information for the same purposes as it was originally given to us and/or processed by us.

1.9. If we are sharing your personal data with organisations in another country (including outside of the EEA), we will ensure they agree to apply equivalent levels of protection as we do (for this purpose, we will take the necessary legal steps to ensure that such transfer is compliant with the law). If this is not possible – for example because we are required by law to disclose the personal data – we will ensure the transfer of the data is lawful.

1.10. We may retain your information for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes and enforce our agreements.

1.11. To comply with the law and for your own security, it is essential that you keep us informed of changes to your contact, personal details or any other important changes that are relevant to us.

1.12. In accordance with the law you have the following rights:

(a) Request information about whether we hold personal information about you, and, if so, what that information is and why we are holding/using it.

(b) Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.

(c) Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.

(d) Request deletion of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).

(e) Object to the processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.

(f) Object to automated decision-making including profiling, that is not to be subject of any automated decision-making by us using your personal information or profiling of you.

(g) Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example, if you want us to establish its accuracy or the reason for processing it.

(h) Request transfer of your personal information in an electronic and structured form to you or to another party (commonly known as a right to “data portability”). This enables you to take your data from us in an electronically useable format and to be able to transfer your data to another party in an electronically useable format.

(i) Withdraw consent. In the limited circumstances where you may have provided your consent to the collection, processing, and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so by law.

If you want to exercise any of these rights, you can do it:

(a) Gibraltar Regulatory Authority, 2nd floor, Eurotowers 4, 1 Europort Road, Gibraltar.

(b) by using the contact methods provided on the Webapp or in the App.