PRIVACY POLICY

This privacy policy governs the use of the “PagoPlus” software application for mobile devices developed by Rubicon Sh.a. As a FinTech company in Albania, Rubicon Sh.a. is licensed by the Central Bank of Albania to operate as an Electronic Money Institution (IPE) (for more information click here) . The EMI license authorizes Rubicon Sh.a. for providing financial solutions and developing a payment processing network.

The “PagoPlus” software application is a reduced version of the “Pago” software application with limited functionalities. This document describes the means and methods of administering this website and application in relation to the processing of information and personal data of users who visit the “PagoPlus” website and application. The following information is in accordance with the provisions of Law No. 9887, dated 10/03/2008, “On the Protection of Personal Data”, as well as the internal regulations of the company RUBICON Sh.a. mandatory for implementation. In addition to the above, this document also relies on Recommendation 2/2001 adopted by the European Union on the protection of personal data to identify minimum requirements for the collection of personal data via the Internet. The party responsible for the processing of personal data is “RUBICON” Sh.a. with headquarters in Tirana, “Donika Kastrioti” Street, Pll. Teknoprojekt, 6th Floor, Door 3.

METHOD OF PROCESSING PERSONAL DATA

Data processing in relation to the services provided via the internet by this website is managed by the technical staff of the office responsible for data processing. The personal data provided by users requesting documents is used only for the purpose of providing the service or fulfilling the request and is transmitted to third parties only if necessary for this purpose.

TYPES OF DATA PROCESSED

Website search data The ICT systems (Information and Communication Technology systems) and software procedures responsible for the operation of this website receive, within the framework of normal operation and only for the duration of the connection, personal data, the transmission of which occurs during the use of communication protocols via the Internet. This data is not collected to establish links with identified parties, but by its nature, through processing or linking to third-party information and data, it enables the identification of users. This category includes the IP addresses or domain names of computers used by people accessing this site, the Uniform Resource Identifier (URI) addresses for the requested resources, the time of the request, the method used to submit the request to the server, the size of the file received in response, the code number that determines the status of the response provided by the server (ok, error, etc.) as well as other parameters related to the user’s operating system and IT environment.

This information may be used to determine responsibilities in the event of possible information technology crimes being committed to damage the website: without prejudice to this use, the actual data on website contacts does not remain for more than seven days. Data provided voluntarily by the user All optional, explicit and voluntary emails sent to the addresses specified on this website include the subsequent collection of the sender’s address which is necessary to respond to requests as well as any other personal data contained in the email.

SECURITY AND CONFIDENTIALITY MEASURES

Rubicon Sh.a guarantees each user that after submitting information and data to the server of the “PagoPlus” website and application, a system with a high security standard is implemented for the storage and further processing of this data, in accordance with the requirements provided for in articles 27 and 28 of Law No. 9887, dated 10/03/2008 “On the protection of personal data”. The processing of personal data to send advertising materials or commercial information for the sale of products or services by Rubicon Sh.a requires the prior consent of the sender.

No personal data of users is collected from the website. Cookies are not used to transmit personal data and no cookies of any kind, so-called persistent cookies, nor any other system is used to track users. The use of so-called session cookies (which are not stored permanently on the user’s computer and are destroyed when the website browser is closed) is strictly limited to the transmission of session identification data (composed of random numbers generated by the server) which is necessary to enable secure and efficient browsing on the website. The so-called session cookies used on this site constitute an alternative to the use of other ICT techniques which may violate the confidentiality of users’ searches and do not allow the acquisition of the user’s personal identification data.

PROCESSING TOOLS

Personal data is processed with automated tools only for the time necessary to fulfill the purposes for which they were collected. Certain security measures are implemented to prevent data loss, illegal and improper use, and unauthorized interference.

USER RIGHTS REGARDING PERSONAL DATA

Users whose personal data are processed have the right to obtain at any time confirmation of the existence or non-existence of personal data and to know their content and origin, to verify the accuracy or inclusion of the request, and to update or correct based on Article 13 of Law No. 9887, dated 10/03/2008, “On the Protection of Personal Data”. Pursuant to the same article, interested parties have the right to request the cancellation, transformation into anonymity or blocking of information and data that are processed in violation of the law, as well as, in any case, to object, for legitimate reasons, to their processing. In accordance with Article 16 of Law No. 9887, dated 10/03/2008, “On the Protection of Personal Data”, the user has the right to complain if he claims that his rights, freedoms and legitimate interests in relation to personal data have been violated. In the event that the data subject has filed an appeal, Rubicon Sh.a will not make any changes to his/her personal data until the decision is rendered. Requests should be addressed to [email protected] or sent to “Rubicon Sha”, Street “Donika Kastrioti” Pll. Teknoprojekt, 6th Floor, Door 3, Tirana, Albania. Complaints can be addressed to the Commissioner for the Right to Information and Personal Data Protection” http://www.idp.al

This document constitutes the “Privacy Policy” of this website, which will be subject to further updates. By accessing this website, you confirm that you have read and accepted the terms and conditions set forth above.