Personal

Business

Our fees

Resources

Help center

Personal

Business

Our fees

Resources

Help center

Personal

Business

Our fees

Resources

Help center

Personal

Business

Our fees

Resources

Help center

Open account

Privacy Policy

Terms and conditions
Cookies Policy
Card Terms & Conditions
Bug Hunting Terms & Conditions
Non-Solicitation Statement
Terms and Conditions for your Altery Account
Complaints Policy
Privacy Policy
Terms and conditions
Cookies Policy
Card Terms & Conditions
Bug Hunting Terms & Conditions
Non-Solicitation Statement
Terms and Conditions for your Altery Account
Complaints Policy
Privacy Policy

This Global Privacy Policy (the “Policy”) explains how we collect, use, and process your personal data when you use our website www.altery.com (“Website”), our applications (“Apps”), including but not limited to web, mobile or Telegram apps, (“Web App”), our mobile application (“Mobile App”) and communications that we send to you (jointly called “Services”).

This Privacy Policy applies to customers, suppliers, website visitors, and other external parties engaging with Altery’s products and services.

If you are applying for a role with Altery, please instead refer to our Candidate Privacy Notice, available on our careers website, which explains how we collect, use, and protect applicant and recruitment-related personal data.

By continuing your interactions with us, such as by submitting information to us, registering for an account, or using our Services, you confirm that you understand and explicitly consent to the collection, use, disclosure, and processing of your personal data (or the personal data of any individual you provide) as described in this Policy.

We are committed to collecting and processing only data strictly necessary in the context of our relationship with (prospective) customers, (future) partners, users/visitors of our website(s) and online resources, in order to provide services and/or information for specific and legitimate purposes. 

Altery is dedicated to protecting the privacy and confidentiality of information in its possession and is committed to appropriate use and protection of personal data, with transparency and respect for rights in accordance with EU Regulation 2016/679 the General Data Protection Regulation (GDPR), UK Data Protection Act 2018 and applicable data protection legislation (“data protection law”). 

Altery is dedicated to protecting the privacy and confidentiality of information in its possession and is committed to the appropriate use and protection of personal data, with transparency and respect for rights. Altery complies with all applicable data protection law, including the EU General Data Protection Regulation (GDPR), the UK Data Protection Act 2018, and the Data (Use and Access) Act 2025 (DUAA). In line with the DUAA, Altery also acknowledges its statutory duty to uphold “public trust” in the way it collects, uses, and shares personal data, with particular emphasis on children’s and vulnerable persons’ data. 

We make our Policy available on our website www.altery.com in its most recent version. Please review it carefully. It contains information on how we collect, use, share and protect the personal data that we obtain.

  1. Who we are and how to contact us

We are Altery (or we / us / our) and we are the "controller" of your personal data under European Union (EU) and UK data protection laws.

The Data Controllers for the collection, processing and use of personal information are listed in the table below.

Country or Region

Entity

Company Details

Contact Details

Data Protection Authority

UK

ALTERY LTD

ALTERY LTD is a limited company incorporated in England and Wales with registered number 06984177 and trading under name Altery. ALTERY LTD is registered with the Information Commissioner’s Office (ICO) and its registration number is ZA572310. 

Post: One Canada Square, Office 24, Hgs 24, London, United Kingdom, E14 5AB

Email: [email protected] 

Telephone: +44 208 191 1211

Information Commissioner’s Office (ICO) (www.ico.org.uk)

Republic of Cyprus

Altery EU LTD

Altery EU LTD is a limited company incorporated in Cyprus with registered number HE415141 and trading under name Altery.

Post: Flat 202, 6 Ioanni Stylianou, 2003 Nicosia, Cyprus

Email: [email protected] 

You can find the list of EU data protection authorities and their contact details at (https://edpb.europa.eu/about-edpb/about-edpb/members_en)

If you have any questions regarding this Policy, please contact us at DPO@altery.com.

  1. This notice

This notice describes how we use your personal data in connection with:

  • Customer and/or member services: This means the provision of payment and e-money products and services (including through our online platform and/or our Altery card) by us to actual and prospective customers and/or members (collectively known as “customers”).

  • Affiliate or introducer schemes: This is where you take part in our affiliate or introducer schemes such as when you introduce us to your friends who register to use our services.

  • Supplier services: This means the provision of products and services by suppliers to us.

  • Website activities: This means the provision of personal data you provide through your use of our website(s).

Please note that any references to customers, suppliers, agents or other third parties include their staff whose personal details we process as part of our business relationship with such parties.

This notice tells you what personal data we collect about you, how we collect it, how we use it, why we use it, whom we share it with, and the rights to which you may be entitled.

Your privacy is important to us. We aim to be open about how we use your personal data.

If you have any questions or need any further clarity, please contact us using the contact details above.

This notice relates only to use of your personal data by Altery or on our behalf.

  1. Personal data collection and usage

We will collect, store and use your personal data for the purposes set out in Section 2. Personal data includes any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Certain types of personal data are more sensitive than others. Special categories of personal data include information about your race, ethnicity, sex life, sexual orientation, political opinions, religious or philosophical beliefs, trade union membership, health, genetic and biometric data. In specific circumstances, we may collect, receive and use special category data about you.

We may also collect and use personal data about your criminal offences (or alleged offences).

We have identified the types of personal data we may use about you, the method of collection and how and why we will use them in the table below.

We may process your personal data for more than one legal basis depending on the purpose for which we are using your personal data. Separately, please note that where we base our use of your personal data on legitimate interests, as indicated in the table below, this will apply only where we consider that our legitimate interest is not overridden by the individual's interests or rights which require protection of their personal data. You can obtain further information about this from our Data Protection Officer.

If you log into our Services using your social network or messenger account (including Apple ID, Facebook, Google or Telegram) we will receive relevant information that is necessary for us to enable our Services to authenticate your access. The social network will provide us with access to certain information that you have provided to them, including but not limited to your name, profile image, email address, phone number or any other personal information held by the provider, in accordance with the social network or messenger service provider’s privacy policy. We use such information, together with any other information you directly provide to us when registering or using our Services, to create your account and to communicate with you about the information, products and services that you request from us. You may also be able to specifically request that we have access to the contacts in your social network account.

We will collect personal information about you which you provide to us when accepting the use of our services, contact us through our website, request information or otherwise provide personal information to us. You must ensure that the personal information you provide to us is accurate and complete. 

In providing the personal data of any individuals other than yourself, including connected persons, you confirm that you have obtained explicit consent from such individuals to disclose their personal data to us or are otherwise entitled to provide this information to us. You also confirm that you have brought this Policy to their attention if legally necessary, and have received their explicit consent to our collection, use and disclosure of such personal data for the purposes set out in this Policy. The term ‘connected person’ means an individual connected to Altery through the use of our Services and could be an account holder, payment beneficiary, recipient of a designated payment, guarantor, director, shareholder, partners or members of a partnership, trustee, authorised signatory of a designated account, a friend you have recommended, individuals in your contact list or any other person who has a relevant relationship with Altery.

We may receive information about you if you use any of the other websites we operate or the other services we provide. We also work closely with third parties and may receive information about you from them. This may include:

  • the payment service providers you use to transfer money to us will provide us with your personal information, including your name and address, as well as your financial information, including your bank account details;

  • the bank whose account you link to your Altery account for the purpose of satisfying regulatory verification may provide us with your name, address and financial information, including source of funds and bank statement information;

  • if you are a ‘connected person’ for an Altery customer, then that Altery customer may provide your personal information to us:

  • Payment beneficiaries: name, account details, email, and additional verification information if requested by the recipient bank.

  • Directors and ultimate beneficial owners: name, date of birth and country of residence.

  • business partners may provide us with your name and address, as well as financial information, including card payment information;

  • advertising networks, analytics providers and search information providers may provide us with pseudonymised information about you, including confirmation of how you found our website;

  • in some jurisdictions, we may check the information you have provided to us with governmental or private identity record databases or with credit reference agencies to confirm your identity and to combat fraud.



What personal data we collect and how we collect it

How we use your personal data

Legal basis for processing

a.

Personal data that our customers give us to register with us:

  • your contact details including: your name, address, email address*, and telephone number(s);

  • your identification details, including your date of birth, gender, country of residence.

We use this personal data to:

  • process your application or registration request;

  • on-board you as a customer;

  • provide our products and services;

  • manage and administer our services including your account with us;

  • communicate with you about your account and our services, including informing you of changes to our fees and our terms and conditions related to our services and sending surveys to you regarding your satisfaction of our products and services;

  • send personalised offers of services and products.

We use this personal data because:

  • it's necessary to enter into or perform a contract with you;

  • it's in our legitimate business interests of managing and administering our services;

  • we have a legitimate business interest in obtaining feedback from you in order to improve our products and services;

  • we have a legitimate business interest in promoting our products and services, and in personalising the information that our website sends to you about these things.

b.

Know Your Client (KYC) personal data from you, third parties and/or publicly available sources including:

  • passport or other government-issued identity document and the data within that document (such as document number, date of issue, and term of validity);

  • your photograph or video (whether provided by you or a third party or captured by us through our online functionality);

  • documents establishing your source of funds;

  • results of KYC or Politically Exposed Person (PEP) checks, including information collected by our suppliers. For example, we will automatically compare data derived from your identity documents against data available in independent external registers to verify your identity;

  • intended use of our services;

  • your turnover (where this is personal data for example, because you are a sole trader);

  • your geolocation data;

  • your computer or device data (such as device signature) – this data will be compared against previous sessions from the same IP address and / or the same device.

We use this personal data to:

  • carry out regulatory checks and meet our obligations to our regulators;

  • help us ensure that our customers are genuine and to prevent and detect fraud, money laundering and other crime (such as terrorist financing and offences involving identity theft).

We use this personal data because:

  • it's necessary to enter into or perform a contract with you;

  • we are legally required to do so under UK financial services law;

  • it's in our legitimate business interests of protecting our business against damage.

c.

Personal data you provide as part of your account with us including:

  • your password;

  • your account and marketing preferences.

We use this personal data to:

  • provide our services to you;

  • manage and administer your account with us;

  • communicate with you regarding your account and our services.

We use this personal data because:

  • it's necessary to enter into or perform a contract with you;

  • it's in our legitimate business interests of managing and administering our services;

  • we have a legitimate business interest in promoting our products and services, and in personalising the information that our website sends to you about these things.

d.

Personal data relating to your use of our payment and e-money services including:

  • your instructions to us;

  • your transactions using your payment accounts with us, including your bank account and payment card details, the amount, currency, originator or beneficiary, and time/date of the payments you make and receive;

  • your use of and transactions relating to our affiliate and introducer schemes, and any rewards you earn from those schemes;

  • information about the digital device through which you access our services, such as device type, operating system, screen resolution, unique device identifiers, the mobile network system;

  • IP address;

  • date and time of log-in and requests;

  • personal data in your correspondence with us, by email, telephone, messaging, texts, on-line chats, via social media, or otherwise;

  • whether you've clicked on links in electronic communications from us, including the URL clickstream to our website;

  • personal data that you provide in response to our surveys.

We use this personal data to:

  • provide our services to you;

  • manage and administer our services and systems;

  • check if you are in a location or using a device consistent with our records in order to help prevent fraud;

  • develop and improve our services based on analysing this information, the behaviours of our users and the technical capabilities of our users;

  • improve our services to better suit the behaviours and technical capabilities of the users of our service;

  • answer any issues or concerns;

  • monitor customer communications for quality and training purposes.

We use this personal data because:

  • it's necessary to enter into or perform a contract with you;

  • it's in our legitimate business interests of managing and administering our services;

  • it's in our legitimate business interests of protecting our customers and our services against fraud and damage;

  • it's in our legitimate business interests of developing and improving our services and attempting to meet our customers' needs;

  • it's in our legitimate business interests to understand customer feedback and in response to customer communications in a consistent way, and to ensure our staff deal properly with calls and communications and to train our staff to do so.

e.

Personal data that we collect from third parties in order to be able to register you as a customer or to provide services to you:

  • personal data related to payments to or from your accounts with us, provided by payment processing services, banks, card schemes and other financial services firms;

  • personal data from credit reference agencies or fraud prevention agencies.

We use this personal data to:

  • provide our services to you;

  • manage and administer our services and systems;

  • help us to prevent and detect fraud.

We use this personal data because:

  • it's necessary to enter into or perform a contract with you;

  • it's in our legitimate business interests of managing and administering our services;

  • it's in our legitimate business interests of protecting our customers and our services against fraud and damage.

f.

Personal data that we collect through your use of our website (whether or not you have registered for our services) including:

  • device information such as operating system, unique device identifiers, the mobile network system;

  • hardware and browser settings;

  • date and time of visits;

  • the pages you visit, the length of the visit, your interactions with the page (such as scrolling, clicks and mouse-overs), methods to browse away from our website, and search engine terms you use;

  • IP address.

Please also see our Cookie Policy, which explains our use of cookies to collect the above personal data.

We use this personal data to:

  • develop new services based on the information being collected, the behaviours of our users and the technical capabilities of our users;

  • identify issues with the website, including website security, and user's experience of it;

  • monitor the way our website is used (including locations it is accessed from, devices it is accessed from, understanding peak usage times and analysing what functionality and information is most and least accessed).
    where our customers have come from online (such as from links on other websites or advertising banners), and the way in which our website is used by different users' groups;

  • do statistical analysis and research with the purpose of better understanding the breakdown of our customers, their use of our services, and what attracts our customers to our services.

We use this personal data because:

  • it's in our legitimate business interests of understanding how our website is accessed, how it is used and any problems users have with it across multiple devices, and ensuring it is secure;

  • we have a legitimate business interest in improving and developing our services.

g.

Special category data or criminal offences (or alleged offences) data that you give us directly or that we receive from third parties and/or publicly available sources:

  • special category data which might be revealed by KYC or other background checks (for example, because it has been reported in the press);

  • special category data implied by your payment transactions that we perform in providing our services;

  • special category data that is revealed by photographic ID although the processing of this type of personal data is incidental to the main purposes of that processing (which are identity verification, fraud prevention and KYC purposes in an online environment);

  • biometric data that you give us or a fraud prevention agency for the purpose of identity verification. For example, we will read and verify the biometric data from a supported identity document where we capture a photograph of that document;

  • criminal offences (or alleged offences) data which might be revealed by KYC or other background checks because it has been reported in the press or is available in public registers

  • special category data that we capture by taking: (1) a portrait photo or video of you; or (2) a photo or video of you holding a supported identity document.

We use this personal data to:

  • comply with our regulatory obligations to conduct anti-fraud and anti-money laundering activities. Conducting KYC may sometimes reveal certain special category data or criminal offence (or alleged offences) data;

  • provide you with our services;
    In the case of portrait photos of you and photos of your identity documents that we capture through our online functionality, we will check if your portrait photograph matches the facial image on your identity document for the purposes of verifying your identity.
    In the case of data captured through video, we will only use this data where verification through photographic means is inconclusive.

We use this personal data because:

  • you have given your explicit consent and/or;

  • it is authorised under UK / EU financial services law, and we have taken measures to safeguard your rights;

  • it's necessary to perform our contract with you.

h.

Personal data that we collect from individuals representing organisations such as our corporate customers and suppliers, including:

  • names, roles, and contact details of individuals working for organisations;

  • other personal data regarding such individuals;

  • any personal data contained in correspondence with those individuals.

We use this personal data to:

  • build relationships with other organisations;

  • provide marketing communications to these individuals;

  • improve our services and develop new services based on the preferences and behaviours of these individuals;

  • obtain services for our business.

We use this personal data because:

  • we have a legitimate business interest in promoting and providing our services to our business customers;

  • we have a legitimate business interest in obtaining products and services required to operate our business.

i.

Personal data that we collect from individuals representing organisations in connection with our promotional or marketing activities, including:

  • names, roles and contact details of individuals working for organisations;

  • personal data provided in response to our surveys; and

  • other personal data regarding such individuals.

We use this personal data to:

  • build relationships with other organisations;

  • provide marketing communications to these individuals;

  • do statistical analysis and research with the purpose of better understanding our potential market, trends in the information provided and what attracts our customers to our services;

  • publish the results of the surveys on an anonymised basis;

  • improve our services and develop new services based on the preferences and behaviours of these individuals;

We use this personal data because:

  • we have a legitimate business interest in promoting our services.

j.

CCTV personal data

We use this personal data to:

  • detect and prevent crime, safety incidents and unauthorised access to our premises and restricted areas;

  • detect and prevent gross misconduct;

  • support safety, security and internal investigations, criminal investigations

  • review security and safety incidents;

  • assist with external investigations with the police, insurance providers, professional advisors or other third parties

On rare occasions, covert CCTV may be used where Altery believes data subjects are involved in criminal activity.

We use this personal data because:

  • we have a legitimate business interest in maintaining a safe and secure business environment and protecting against unlawful civil and criminal activities

* We may use your email address to track the delivery and open rates of the messages we send to you. This information helps us understand the effectiveness of our communications and allows us to tailor our services and communication channels to better meet your needs and preferences. Rest assured that this tracking is conducted solely for the purpose of improving our services and ensuring that you receive relevant and valuable information from us.

Processing of personal identifiers

If you are nationals of certain countries, we may be required to collect and process national identifiers and sensitive document data, in line with local legal or compliance requirements. These identifiers may include:

  • Netherlands – Citizen Service Number (BSN) present on official documents

  • Japan – My Number (including QR-code and 12-digit personal number)

  • South Korea – Resident registration number, passport number, driving licence number, and alien registration number

  • Singapore – National identification numbers and document reference numbers

  • Nigeria – Mastercard ID linked to biometric or national identity databases

We process this data strictly for regulatory compliance, identity verification, anti-money laundering (AML), and fraud prevention purposes, in accordance with GDPR and relevant local laws. Where applicable, we ensure appropriate safeguards are in place for cross-border data transfers.

  1. Direct Marketing

Please note that if you have given consent for marketing communications, this can be withdrawn at any time. You can also unsubscribe from our marketing communications. You can opt out of receiving electronic communications by clicking on the unsubscribe link at the bottom of any electronic communication or through following the opt-out instructions provided in any marketing communication. You can also contact us to unsubscribe using the details listed in Section 1.

Please be aware that from time to time we may need to contact you regarding operational issues or to adhere to the performance requirements of our contract with you. These will not be marketing communications and we will operate under legitimate interests in order to contact you for these reasons.

  1. Automated Decision Making

We will make automated decisions regarding you and using your personal data.

We make automated decisions regarding you in the following situations:

  • When you instruct us to make a payment from your account, or to request a payment into your account from a bank or other payment services provider, our systems (or systems provided to us by our suppliers) will conduct certain automated checks to help us prevent or detect fraud. These checks are made using algorithms to see if the instructed payment indicates an unusual transaction pattern or location. However, in many cases the decision to withhold or execute the payment is made by a natural person rather than our systems.

  • Our systems (or systems provided to us by our suppliers) also make an automated check for authorisation when you use the card allocated to your account. The authorisation is automatically provided or declined by us if there are insufficient funds in your account to pay for the transaction or if your card has been reported as lost or stolen.

  • We also use automated systems for Know Your Customer (KYC) checks. This may include identity verification, address validation, and other checks such as Politically Exposed Person (PEP), Adverse Media, and Sanctions checks. In many cases, however, a human will review and make the final decision.

  • We may use machine learning tools to support analysis of customer data. Any outputs are subject to human review and not used to make solely automated decisions with legal or similarly significant effects.

    If you disagree with the decision you are entitled to contest this by contacting us as described in Section 1.


  1. Legal Requirements

We need to collect certain types of personal data for compliance with legal requirements relating to our anti-fraud / anti-money laundering / know your customer obligations. If this personal data is not provided we cannot agree to provide a service to you but we shall notify you if this is the case at the time your personal data is collected.

Your personal data may also be processed if it is necessary on reasonable request by a law enforcement or regulatory authority, body or agency or in the defence of legal claims. We will not delete personal data if relevant to an investigation or a dispute. It will continue to be stored until those issues are fully resolved.

  1. How long do we keep your personal data

  • Customers: We will keep customers' personal data for the period you have an account with us and a further five years in accordance with anti-money laundering laws and for our legitimate business interests in maintaining contractual records. Otherwise, we will not keep your personal data for any longer period except where necessary in case of any claim or as necessary to comply with legal, regulatory, accounting or reporting requirements.

  • Prospective Customers: We will keep your personal data for up to 12 months from the data of notification of the rejection of the application or from the data of withdrawal of the application, unless legal or regulatory reasons prohibit us from destroying the data or there is another lawful reason justifying longer retention (such as for complaints handling, legal proceedings, investigations, regulatory, tax, money laundering and crime and fraud prevention purposes). 

  • Website visitors: We will keep website visitors’ personal data for up to 12 months from each visit in order to understand how people use our website and any technical issues they have.

  • Suppliers: We will keep suppliers’ personal data for the duration of our relationship with the relevant supplier and a further six years for contractual, legal and tax reasons.

Separately please note that we may convert personal data into anonymous or aggregate data in which case it will cease to be personal data (as it will no longer be able to identify a living individual) and we may use this information indefinitely without further notice.

  1. Personal data we share

There are certain circumstances where we may disclose and transfer your personal data to persons and entities as indicated below.

In addition, we may convert your personal data into anonymous or aggregated form prior to disclosing and/or transferring your personal data, in which case it will cease to be personal data and is not required to be protected under data protection laws.

Type of recipient

Industry / sector

Activities

Location

Customer support and other customer operations services

Our affiliated companies and other suppliers which provide us with technical services

Provides us with technical services including to operate our payment services platform and provide administration and customer support

Our affiliated companies are incorporated in England and Wales, EEA and other countries outside the EEA. Our suppliers are located in the EEA and in other countries outside the EEA

Payment Services and banks

Financial services

Payment services, acquiring services or bank transfers; card schemes

EEA, USA, and other countries outside the EEA

Suppliers related to financial services or operations

Technical / operational services for financial firms

KYC and sanctions screening, fraud prevention, identity verification, transaction monitoring, customer communications, card supply

EEA, USA and other countries outside the EEA.

Internal messaging services suppliers

Messaging services

Messaging services for our staff or our affiliated companies’ staff

EEA, USA and other countries outside the EEA

Communications services

Translations and emails/SMS marketing services

Services to assist us to communicate with our customers

EEA, USA and other locations outside the EEA

IT services suppliers

Disaster recovery, website hosts, data centres/cloud services, IT tracking systems, customer databases, CRM systems

Disaster recovery, website hosting, data and applications hosting, software application provision and maintenance

EEA, USA

Analytics suppliers

Analytics

Analytics, usually of de-identified data

EEA, USA and other countries outside the EEA

Credit reference agencies, fraud prevention agencies, payment processors and banks

Credit reference; financial services

Credit checking; processing payments

EEA, USA and other countries outside the EEA

One of the financial services or operations recipients is Sum and Substance Ltd (registry code 09688671 and located at 30 St. Mary Axe, London, England, EC3A 8BF) who is:

  • a processor (acting on our behalf) of your personal data (including personal data or special category data derived from any digital photos and videos of you taken through its online functionality) for the purposes of performing identity verification services in connection with KYC, fraud prevention and anti-money laundering; and

  • a controller of your personal data to the extent necessary for developing, testing, improving and altering the functionality of its verification services, and producing anonymised or anonymised and aggregated statistical reports and research.
    You can contact Sum and Substance Ltd's data protection officer via [email protected] and can raise a complaint with Sum and Substance Ltd at the Information Commissioner's Office here. Sum and Substance Ltd's privacy policy, which outlines how it processes data when acting as a controller (including how it complies with the European Union General Data Protection Regulation 2016/679), can be found here.

We will share your personal data with our affiliated companies for operational, administrative and management reasons as well as to provide you with efficient and effective services and products that meet your requirements.

We may also transfer your personal data to potential buyers of our business, and to our professional advisers (such as lawyers, accountants, auditors, IT consultants, management consultants), located in and outside the EEA.

No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. We take your privacy seriously, and you can rest assured that we will not disclose any of your mobile-related data to external parties for these purposes. It's essential to note that the above do not include text messaging originator opt-in data and consent. This information holds a special status, and we want to assure you that it will not be shared with any third parties. Your consent is of the utmost significance, and we will honour and protect it to safeguard your privacy.

Your personal data may be transferred to other third party organisations if we're required to by law, or under any regulatory code or practice we follow, or if we are asked by any public or regulatory authority, for example the police.

  1. Where your personal data will be held

We will ask for your consent to pass on your personal data to third parties, including internationally, where required by law. Some of our service providers are based outside of the EEA and UK as indicated in section 8. Where we authorise the processing or transfer of your personal information outside of the EEA and UK, we require your personal information to be protected to data protection standards and we ensure that there are adequate safeguards in place for data protection. The GDPR prohibits transfers of personal data outside the European Economic Area to a third country that does not have adequate data protection. Where transfer occurs outside the EEA and UK the following mechanisms and data protection laws are in place with the third parties: 

  • Data Protection clauses in our contracts and agreements with third-parties, including  the standard data protection clauses adopted by the European Commission in accordance with Article 46(2)(c) of the General Data Protection Regulation (GDPR) and the UK International Data Transfer Agreement (IDTA);

  • In some limited circumstances, we may also transfer your personal data outside the EEA and UK based on derogations as permitted by the EU and UK GDPR and other applicable data protection laws. This includes for instance situations where it is necessary for the performance of a contract between us and you or where the transfer is necessary in connection with legal proceedings;

  • EU-US Transatlantic Data Privacy Framework; 

  • UK Extension to the EU-US Data Privacy Framework;

  • LAW 125(I) of 2018;

  • Data Protection Act 2018; 

  • Adequacy decisions approved by the European Commission and/or the UK secretary of state (as applicable).

However, to ensure your personal data is properly protected in line with EU and UK data protection law, the transfer of this personal data is, in general, governed by a contract including the Standard Contractual Clauses approved by the European Commission in accordance with Article 46(2)(c) of the General Data Protection Regulation (GDPR), and the UK International Data Transfer Agreement approved by the ICO.

In some limited circumstances, we may also transfer your personal data outside the EEA if the GDPR (under Article 49) allows this. This includes where it is necessary for the performance of a contract between us and you. This also includes where the transfer is necessary in connection with legal proceedings.

  1. Your Rights

You have certain rights in relation to your personal data. The availability of these rights and the ways in which you can use them are set out below in more detail.

Some of these rights will only apply in certain circumstances. If you would like to exercise, or discuss, any of these rights, please contact our Data Protection Officer as described in Section 1. You will not have to pay a fee to access your personal data or to exercise any of these rights although we may charge a reasonable fee if your request is manifestly unfounded, excessive or repetitive. Alternatively, we may refuse to comply with your request in these specific limited circumstances.
Please be aware that for security reasons, we cannot deal with your request if we are not sure of your identity so we may ask you for proof of your ID. This is to protect your and other individuals’ personal data from unlawful disclosure to third parties.

  • Access: you are entitled to ask us if we are processing your personal data and, if we are, you can request access to your personal data. This enables you to receive a copy of the personal data we hold about you and certain other information about it. We do not have to provide this information if this would adversely affect the rights and freedoms of others.

  • Correction: you are entitled to request that any incomplete or inaccurate personal data we hold about you is corrected.

  • Erasure: you are entitled to ask us to delete or remove personal data in certain circumstances, including where the personal data is being processed by us on the basis of your consent and you have withdrawn consent to our using it or we no longer need it in connection with your account or for other legitimate reasons. There are also certain exceptions where we may refuse a request for erasure, for example, where the personal data is required for compliance with law or in connection with claims.

  • Restriction: you are entitled to ask us to suspend the processing of your personal data in certain circumstances, for example if you want us to establish its accuracy or the reason for processing it.

  • Transfer: you may request the transfer of certain of your personal data to another party. This right only applies where we use your personal data based on your consent or if the personal data is processed for the performance of a contract with you personally and we are carrying the processing out by automated means. To help with that you have a right to ask that we provide your personal data in an easily readable format to another company.

  • Objection: where we are processing your personal data based on legitimate interests (or those of a third party) you may challenge this however we may be entitled to continue processing your personal data based on our legitimate interests. You also have the right to object where we are processing your personal data for direct marketing purposes.

  • Automated decisions: you may contest any automated decision made about you where this has a legal or similar significant effect and ask for it to be reconsidered.

You also have a right to lodge a complaint with a supervisory authority. In the UK you can make a complaint to the Information Commissioner's Office (Tel: +44 303 123 1113 or at www.ico.org.uk). In the EU you can make a complaint to the Office of the Commissioner for Personal Data Protection (Tel: +357 22818456 or at www.dataprotection.gov.cy). However, we would encourage you to contact us in the first instance so we can try and resolve any concerns you may have in relation to our processing of your personal data. You can contact us as detailed in Section 1.

  1. Security

We are committed to keeping your personal data safe. Our website is hosted on servers in the EEA. However, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee the security of your data during transmission, and any transmission is at your own risk. Once we have received your information, we use strict procedures and security features to ensure it stays secure, including physical, technical and administrative measures in place to prevent unauthorised access or use of your personal data:

  • encryption;

  • restricted access measures;

  • reviewing, auditing and improving plans for the ongoing confidentiality, integrity, availability and resilience of processing systems and services

  • business continuity plans to ensure the ability to restore personal data in the event of a physical or technical incident; and 

  • training programmes for all our staff.

We have procedures in place to deal with any suspected personal data breach and will notify you and the UK Information Commissioner’s Office and / or the Office of the Commissioner for Personal Data Protection where we are legally required to do so in the event of a personal data breach.

  1. Links to third party websites

Our website, newsletters, email updates and other communications may, from time to time, contain links to and from the websites of others including our partner networks, advertisers, suppliers, other companies and/or social networks.
The personal data that you provide through these websites is not subject to this privacy policy and the treatment of your personal data by such websites is not our responsibility. If you follow a link to any of these websites, please note that these websites have their own privacy policies which will set out how your personal data is collected and processed when visiting those sites. For more information, please visit the privacy policies of these websites to learn more about how your personal data is collected and used.

  1. Children

Altery’s services are not intended for individuals under the age of 18, and we do not knowingly collect or process personal data relating to minors.

If you are under 18 years old, you must not submit any personal data to us or use our services. If you believe we may have inadvertently collected personal information from or about someone under 18, please contact our Data Protection Officer immediately using the details provided in Section 1.

  1. Changes to this Notice

This notice will be changed from time to time.
If we change anything important about this notice (the personal data we collect, how we use it or why) we will highlight those changes at the top of the notice and provide a prominent link to it for a reasonable length of time following the change.

  1. Acceptance and Consent 

You hereby state that you have been informed about the personal data protection terms and conditions and you accept and consent to the processing of said personal data by Altery in the way and for the purposes set out in this Global Privacy Policy.

Terms and conditions
Cookies Policy
Card Terms & Conditions
Bug Hunting Terms & Conditions
Non-Solicitation Statement
Terms and Conditions for your Altery Account
Complaints Policy
Privacy Policy

Legal Information

Terms & Conditions

Card Terms & Conditions

Privacy Policy

Cookies Policy

Altery

Altery Fees

Altery Status

Contacts

Open Banking

Resources

Help Center

App Store

Google Play

Telegram mini app

Apple Pay

Socials

Altery EU Ltd is a company registered in the Republic of Cyprus under registration number HE415141, trading under Altery name. It is authorised and regulated by the Central Bank of Cyprus as an Electronic Money Institution (Licence No. 115.1.3.61), permitted to provide payment services and issue electronic money.

All rights reserved. © 2025

Legal Information

Terms & Conditions

Card Terms & Conditions

Privacy Policy

Cookies Policy

Altery

Altery Fees

Altery Status

Contacts

Open Banking

Resources

Help Center

App Store

Google Play

Telegram mini app

Apple Pay

Socials

Altery EU Ltd is a company registered in the Republic of Cyprus under registration number HE415141, trading under Altery name. It is authorised and regulated by the Central Bank of Cyprus as an Electronic Money Institution (Licence No. 115.1.3.61), permitted to provide payment services and issue electronic money.

All rights reserved. © 2025

Legal Information

Terms & Conditions

Card Terms & Conditions

Privacy Policy

Cookies Policy

Altery

Altery Fees

Altery Status

Contacts

Open Banking

Resources

Help Center

App Store

Google Play

Telegram mini app

Apple Pay

Socials

Altery EU Ltd is a company registered in the Republic of Cyprus under registration number HE415141, trading under Altery name. It is authorised and regulated by the Central Bank of Cyprus as an Electronic Money Institution (Licence No. 115.1.3.61), permitted to provide payment services and issue electronic money.

All rights reserved. © 2025

Legal Information

Terms & Conditions

Card Terms & Conditions

Privacy Policy

Cookies Policy

Altery

Altery Fees

Altery Status

Contacts

Open Banking

Resources

Help Center

App Store

Google Play

Telegram mini app

Apple Pay

Socials

Altery EU Ltd is a company registered in the Republic of Cyprus under registration number HE415141, trading under Altery name. It is authorised and regulated by the Central Bank of Cyprus as an Electronic Money Institution (Licence No. 115.1.3.61), permitted to provide payment services and issue electronic money.

All rights reserved. © 2025