Privacy Policy

PRIVACY POLICY

Dear visitor!

This Privacy Notice informs you about the collection of your personal data by “Rubicon” Sha, if you are in the role of:

  1. Requesters – individuals who contact “Rubicon” for various information;
  2. Complainants – individuals who direct a concern or complaint to “Rubicon”;
  3. Visitors to the rbcn.al and pago.al websites and the “Pago” application (customers or potential customers);
  4. Job applications.

The following information is in accordance with and in accordance with the provisions of Law No. 124/2024 dated 19.12.2024 “On the Protection of Personal Data” as well as the internal regulations of the company “Rubicon” Sha, which are mandatory for implementation.

Pala përgjegjëse për përpunimin e të dhënave personale është “Rubicon” me NUIS M02129014T dhe seli në Tiranë, Rr. “Donika Kastrioti”, Pallati “Teknoprojekt”, Kati 6, Dera 3, Tiranë, Shqipëri, e cila ka një strukturë të posaçme (DPO) për çështjet e të dhënave personale.

Privacy policies may change in the event of legal changes or changes in working conditions at “Rubicon”. Changes enter into force 15 days after publication.

[A] Privacy PolicyPURPOSE OF PROCESSING PERSONAL DATA

  1. Identifikimi – ofrimi i shërbimeve për klientët, duke identifikuar identitetin e tyre në përmbushje të detyrimeve ligjore dhe gjithashtu pëprunimi i të dhënave personale të stafit të “Rubicon” për ushtrimin e veprimtarisë. Procedura “Njih Klientin Tënd” kërkon monitorimin e vazhdueshëm dhe periodik të aktivitetit të klientit; vlerësimin e rrezikut; përditësimin e të dhënave; parandalimin e pastrimit të parave dhe financimit të terrorizmit, etj.

For this purpose, depending on the case, personal data such as: name, surname, identification number, address, date of birth, citizenship, video recording, e-mail address, professional and financial activity, etc. are processed, which are stored in accordance with the requirements of the Archives Law.

Does the customer have to provide their personal data? Yes. As part of the business relationship, the customer must provide the personal information necessary to establish and continue the business relationship with “Rubicon”. If the customer does not agree to make this data available to us, it is impossible for us to establish/continue the business relationship.

However, in any case, the customer is not obliged to give us consent to the processing of data, if this data is not necessary for the fulfillment of a contract, or if it is not required by law or regulations. The customer’s will is always free and it is his right to choose whether to give consent to the processing of personal data.

  1. Trajtimi i ankesave, – Personal data under this purpose is processed to resolve customer complaints, disputes, or to file claims, requests, lawsuits, etc. We retain personal data related to complaints in accordance with the law and our personal data retention policy. It is kept secure and access to it is limited based on the principle of “need to know and to be known only for the purpose of resolving the concern”.
  2. Analizat statistikore përmirësimi i cilësisë së shërbimeve / produkteve – Të dhënat personale nën këtë qëllim përpunohen për qëllime statistikore dhe studimi (për të treguar qasjen e vizitorëve, për të parë se cilat janë rubrikat më të ndjeshme dhe për rrjedhojë interesin e subjekteve të të dhënave personale, gjithnjë pa i bërë ata të identifikueshëm.
  3. Komunikim dhe Marketing – To maintain proactive communication with customers, supporting and managing customer relationships, informing them of changes to existing services and announcing new products. The processing of personal data to send advertising materials or commercial information for the sale of products or services by Rubicon Sh.a requires the prior consent of the sender.
  4. Ofrimi i shërbimeve përmes palëve të treta – In cases where “Rubicon” services are provided by third party agents, the client is regularly informed of any data processing for the purpose of providing services through third parties, and the data is processed only with the client’s express consent.
  5. Për masat shtesë të sigurisë at Rubicon and the client – ​​The internal premises of “Rubicon” are monitored by cameras in order to implement legal requirements of public safety, to protect the life and health of clients, visitors and recruited staff. This data is stored according to the deadline set out in Law 19/2016.

The personal data of the data subject are used for the above purposes and are transmitted to third parties (BoA, AIF, Court, DPT, Auditor, etc.) only if necessary for this purpose. The data are processed only for the time necessary to fulfill the purposes for which they were collected. Certain security measures are implemented to prevent data loss, illegal and improper use, and unauthorized interference.

[B] Privacy PoliciesSECURITY AND PRIVACY MEASURES

“Rubicon” Sh.a guarantees each data subject that after submitting information and data to the server of our websites, a system with a high security standard is implemented for the storage and further processing of this data, in accordance with the requirements provided for by Law No. 124/2024 dated 19.12.2024 (previously Law No. 9887, dated 10/03/2008) “On the protection of personal data”.

“Rubicon” Sh.a uses a risk-based approach, when assessing and understanding risks and uses all physical, personnel, technical and procedural means to achieve appropriate security measures. The institution takes into account developments in technology and implementation costs to achieve a level of security appropriate to the nature of the information and the damage that may result from a security breach, while rigorously protecting data from manipulation, loss, destruction, unauthorized access and disclosure.

Për të mbrojtur sigurinë e informacionit dhe aseteve, ne kemi një Sistem të Manaxhimit të Sigurisë së Informacionit (ISMS) në përputhje me Standartin ISO 27001.

“Rubicon” assesses the integrity of staff before the start of the employment relationship, monitors their compliance with security-related obligations. All staff are strictly subject to the obligation to maintain the confidentiality of information, which is given to the latter to exercise their functions. “Rubicon” provides guidance and training to its staff to enable them to understand and implement their responsibilities in respecting security.

[C] Privacy Policy – DATA TRANSFER TO THIRD COUNTRIES

Every customer who opens an account on the “Pago” platform, if they wish, can be provided with a debit card (it can be of the Mastercard or Visa type). For this purpose, basic customer data such as Name, Surname and Pago account number are transferred to countries that meet the conditions with a sufficient level of personal data protection according to decisions approved by the Commissioner for the Right to Information and Personal Data Protection.

Currently, companies that offer debit card services are headquartered in the United States, Great Britain, and Belgium.

Also, in order to comply with the legal obligations of the Foreign Account Tax Compliance Act (“FATCA”), as a Financial Institution, reporting is carried out once a year to the US tax authority, “IRS” – Internal Revenue Service.

[D] Privacy Policy – RIGHTS OF PERSONAL DATA SUBJECTS

In accordance with the provisions of Law No. 124/2024 “On the Protection of Personal Data”, the data subject has the following individual rights:

  1. The right to be informed about the data that is being processed solely for oneself.
  2. The right to withdraw consent to the processing of personal data.
  3. The right to access and copy personal data.
  4. The right to correct processed data if it is incomplete or inaccurate.
  5. The right to request the deletion of data, under conditions when they are no longer necessary, when the purpose and deadline for which they were collected have ended, when the data subject withdraws consent, or when the processing has not been lawful.
  6. The right to object and restrict data processing in cases provided for by law.
  7. The right to complain. This right may be exercised by any person who claims that his or her rights, freedoms and legitimate interests have been violated as follows:
  8. Near Rubicon
  • by e-mail to the service email address [email protected];
  • Call the phone number: +355 4 562 0560. Customer service hours are 09:00 – 17:00;
  • By writing to its official address: “Donika Kastrioti” Street, PLL. Teknoprojekt Floor 6, Tirana 1005, Albania;
  1. “To the Commissioner for the Right to Information and Personal Data Protection”
  • me e-mail në adresën [email protected].
  • Call the phone number: +35542237200 or Toll-Free No.: 08002050. Service hours are 08:00-16:30 (Monday – Thursday) and 08:00-14:00 Friday.
  • By writing to the official address: Rr. “Abdi Toptani”, No. 5, 1001, Tirana

In the event that the data subject has filed an appeal, Rubicon Sh.a will not make any changes to his/her personal data until the decision is rendered.

[E] KUKIT (COOKIES)

Our website uses cookies. Cookies are text fragments that are stored on your device during your visit. We use cookies primarily for anonymous analysis of website usage. We also use cookies to provide you with additional features on the website, to make it easier to interact with the website and to ensure error-free use (e.g. to enable navigation on the website or to save your preferences for the next visit).

No personal data of users is collected from the website. Cookies are not used to transmit personal data, and no cookies of any kind, so-called persistent cookies, nor any other system is used to track users. The use of so-called session cookies (which are not stored permanently on the user’s computer and are destroyed when the website browser is closed) is strictly limited to the transmission of session identification data (composed of random numbers generated by the server) which is necessary to enable secure and efficient browsing on the website. The so-called session cookies used on this site constitute an alternative to the use of other ICT techniques which may violate the confidentiality of users’ searches and do not allow the acquisition of the user’s personal identification data.

  1. Cookies të nevojshme:  Cookies, which are necessary for basic functions on the site, are stored by us due to contractual obligations.
  2. Cookies funksionale:  Cookies, which allow us to analyze the use of the website, are used by us based on legitimate interest.
  3. Cookies për marketing:  Cookies, which allow us to provide you with advertising tailored to your interests, are used by us based on legitimate interest.

Some cookies are stored on the terminal until the visitor deletes them. The visitor has the right to choose whether to block, deactivate or delete them. There are a variety of tools for this purpose (including search engine control). You can find information here in the “help section” of the browser you use. If all Cookies used by us are deactivated, their display to the visitor may be limited.

  • Programming language and tracing

Our website uses Cookies and other market controls, in particular to control and improve our online presence (JavaScript and tracking pixels). All data is recorded in an anonymous manner.

  • Google Analytics

Kjo faqe web-i përdor Google Analytics (ofruar nga Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google Analytics përdor cookies, të cilat ruhen në kompjuterin tuaj. Google e përdor këtë informacion në interesin tonë për të vlerësuar përdorimin e faqes, apo për të krijuar raporte mbi aktivitetin e faqes. Ju mund të parandaloni ruajtjen e Cookies, duke adaptuar motorin tuaj të kërkimit, por në këtë rast nuk do të jeni në gjendje të përdorni të gjithë funksionalitetet e kësaj faqeje web-i në shtrirjen e saj të plotë. Ju mund të ndaloni Google të mbledhë të dhënat tuaja në lidhje me Google Analytics duke shkarkuar dhe instaluar adaptues të motorit të kërkimit në dispozicionin tuaj në link-un: http://tools.google.com/dlpage/gaoptout

Për më shumë informacion mbi termat e përdorimit dhe politikat e privatësisë së Google vizitoni: https://www.google.com/analytics/terms/https://policies.google.com/privacy/partners?hl=en

  • Google Maps

On this website and the “Pago” app, we use the services of the Google Maps API (provided by Google, Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). By integrating this service on our website, minimal data such as: IP, time of visit, screen resolution of the visitor, URL (referrer), browser identification and search terms are transferred to Google. For more information on the purpose and scope of data collection and processing by Google, Inc., visit https://policies.google.com/privacy?hl=en&gl .

We generally retain data for a period of one month to ensure the security of our homepage. Retention for a longer period may be necessary in the event of an investigation into attacks against our website, or due to legal claims.

For any changes to this Policy, customers will be notified 15 days prior to the changes, via e-mail, sms or notification in the “Pago” app.

Last updated February 19, 2025 .

For Individuals

For Businesses

About Us

Download now

Pago is registered in Albania as a trademark of Rubicon Sh.a.

We are licensed (No. 52, dated 22.01.2022) by the Supervisory Council of the Bank of Albania as an electronic money financial institution.

© All rights reserved Rubicon 2025