Privacy Policy

www.mountainexperience.it collects some Personal Data from its Users.

Personal Data collected for the following purposes and using the following services:

    • Advertising

      • Facebook Audience Network

        Personal Data: Cookies; unique device identifiers for advertising (Google Advertiser ID or IDFA, for example); Usage Data

      • Facebook Lookalike Audience

        Personal Data: Cookies; Usage Data

    • Analytics

      • Google Analytics, Google Analytics with anonymized IP, Google Ads conversion tracking and Facebook Ads conversion tracking (Facebook pixel)

        Personal Data: Cookies; Usage Data

    • Contacting the User

      • Mailing list or newsletter

        Personal Data: address; city; company name; country; date of birth; email address; first name; gender; last name; phone number; province; state; Usage Data; ZIP/Postal code

      • Phone contact

        Personal Data: phone number

    • Content performance and features testing (A/B testing)

      • Google Optimize and Google Optimize 360

        Personal Data: Cookies; Usage Data

    • Handling payments

      • PayPal

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Heat mapping and session recording

      • Hotjar Heat Maps & Recordings

        Personal Data: Cookies; Usage Data; various types of Data as specified in the privacy policy of the service

    • Interaction with data collection platforms and other third parties

      • GetSiteControl Subscribe widget

        Personal Data: Cookies; email address; Usage Data

    • Interaction with external social networks and platforms

      • Twitter Tweet button and social widgets, Facebook Like button and social widgets, LinkedIn button and social widgets, Google+ +1 button and social widgets, Pinterest “Pin it” button and social widgets and GetSiteControl social widget

        Personal Data: Cookies; Usage Data

    • Interaction with live chat platforms

      • Tawk.to Widget

        Personal Data: Cookies; Data communicated while using the service; Usage Data

    • Platform services and hosting

      • PrestaShop

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Registration and authentication

      • Facebook Authentication and Google OAuth

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Remarketing and behavioral targeting

      • Facebook Remarketing and Remarketing with Google Analytics

        Personal Data: Cookies; Usage Data

      • Facebook Custom Audience

        Personal Data: Cookies; email address

    • Social features

      • Inviting and suggesting friends

        Personal Data: various types of Data

    • SPAM protection

      • Google reCAPTCHA

        Personal Data: Cookies; Usage Data

    • Tag Management

      • Google Tag Manager

        Personal Data: Usage Data

Further information about Personal Data

    • Satispay

      How we use your information

      Satispay Limited (“Satispay”) is committed to complying with the Data Protection Act 1998 (“DPA”).

      As a financial technology company operating from the United Kingdom but with services in a number of European Economic Area (EEA) countries, Satispay will only process (i.e. collect, store and use) personal data in a manner that is compatible with the DPA, as implemented in each European Country. This means that we will always strive to ensure that we handle personal data fairly and lawfully with justification.

      Our aim is not to be intrusive by invading your privacy or to undertake any task that is irrelevant. Instead our aim is to ensure we collect information that is of the highest quality in terms of accuracy, relevance, adequacy and non-excessiveness and which by all accounts, is “fit for purpose”.
      What is a Data Privacy Policy?

      To ensure that we process your personal data fairly and lawfully we are required to inform you:

      why we need your data;
      how it will be used and;
      who it will be shared with.

      This is the purpose of our Data Privacy Policy.

      Satispay is authorised as an Electronic Money Institution (“EMI”) by the Financial Conduct Authority (the details of which can be checked at http://www.fsa.gov.uk/register/home.do) and we are required to counter the risk that we might be used to further financial crime. To do this we may use the information you give us, and the information we hold about you, to detect and prevent crime or fraud.

      For the purposes of the DPA, Satispay is a Data Controller (the holder, user and processor) of the information. We will keep all information safe and secure.
      How do we collect personal about you?

      The information we collect about you comes from:

      information you have given us as part of the sign-up application process to allow to give you access to the Satispay services;
      information that you have given us over the telephone, via email or social media; and
      details of any checks we have made to ensure the accuracy of the information we hold.

      What is personal data?

      Personal data is defined as any data, which relates to a living individual who can be identified:

      from the information held, or
      from the information combined with any other information which is already in the possession of, or
      likely to come into the possession of, the person or organisation holding the information

      Personal data also includes any expression of opinion about an individual, and any indication of the intentions of the data controller or any other person in respect of the individual.

      Examples of personal data include:

      names and home address details;
      national insurance number;
      bank account details;
      dates of birth;
      telephone numbers;
      email addresses.

      What is sensitive information?

      Certain types of data are categorised as “sensitive personal data”, for example:

      racial or ethnic origin;
      physical or mental health/condition;
      sexual life;
      criminal offences (including alleged offences);
      religious or other similar beliefs of a similar nature.

      What types of personal data do we handle?

      We do not handle sensitive personal data. In order to carry out our duties we hold data in relation to personal details such as names, dates of birth, addresses, telephone numbers, email addresses, bank account details.
      What is the purpose of holding data?

      Satispay has notified the Information Commissioner that personal data will be held and used for the following purposes:

      to provide a e-money transfer service;
      to prevent and detect financial crime;
      maintain our accounts and records;
      promote our services; and
      to support and manage our staff.

      Whose personal data do we handle?

      In order to carry out our duties as an EMI we handle personal data from a range of individuals. This includes:

      private individuals;
      relatives, guardians and associates of the individual concerned;
      staff including volunteers, agents, temporary casual workers, members, self-employed and other persons contracted to work on our behalf;
      suppliers;
      complainants, correspondents and enquirers;
      former and potential members of staff, pensioners and beneficiaries;
      business or/other contacts.

      Whom may we share the information with?

      We obtain and share personal data with a variety of sources, which include but are not limited to:

      individuals themselves;
      relatives, guardians or associated people with the individual – i.e. where there is a legal duty to;
      ombudsman and other regulatory authorities;
      licensing authorities;
      financial institutions e.g. Banks;
      law enforcement agencies including the Police, the National Crime Agency;
      Third Party Data processors that work on behalf of Satispay.

      It may be necessary to transfer personal information overseas. When this is needed information is only shared within the EEA. Any transfers made will be in full compliance with all aspects of the Data Protection Act.
      Why do we share information?

      There are a number of reasons why we share information. This can be due to:

      current legislation and regulations which imply that we must;
      we may have to comply with a Court Order;
      for the purposes of keeping your personal data safe and secure;
      you have consented to disclosure.

      Any disclosures of personal data are always made on case-by-case basis, using the personal data appropriate to the specific purpose and circumstances and with the necessary security controls in place.

      We only use the data we hold to fulfil these functions efficiently and effectively. Information held is only shared with those agencies and bodies who have a “need to know basis”.

      Your personal data is not used for any sales or marketing purposes outside of Satispay or Satispay Group of Companies and we will not pass your information onto third parties unless we have your consent to do so or we are required by law to do so e.g. for fraud or crime purposes.

      At any time, you are able to tell us to stop using your personal data for our own marketing purposes.
      How do we ensure the security of personal data?

      Satispay takes the security of the personal data held very serious. We have data security procedures and an Information Security Policy to ensure we protect all data from accidental loss or misuse. We only permit access to information with there is a legitimate reason to do so.
      What if the data we hold about you is incorrect?

      It is important to us that the data we hold about you is accurate and up to date. If you are moving house or changing your name please contact us (support@satispay.com or via social media) immediately so we can update our records.
      How long is my data held?

      In some instances, the law sets the length of time information has to be kept, but in most cases we use our discretion to ensure that we do not keep records outside of our normal business requirements – i.e. providing a service to you.

      Your information is only held for as long as necessary and will be disposed of in a secure manner when it is no longer needed.
      Can I find out what information is held on me?

      You can submit a data subject access request to see what information is held about you. All we ask is that you write to us and clearly specify the information you require.

      All subject access requests require proof of ID and a £10 fee by cheque (which is the maximum we are allowed to charge).

      Your cheque must be made payable to Satispay Limited. Upon receipt of your eligible request, a response will be sent to you within the statutory limit of 30 calendar days.

      You have the right to amend, integrate or ask for the deletion of the collected information.
      Am I entitled to all the information that is held about me?

      Data subject access requests are subjected to the exemptions of the DPA.

      In some limited cases we may have to redact names or withhold information where it relates to:

      a third party or where the information has been provided in confidence;
      the prevention and detection of fraud;
      the catching or prosecution of offenders;
      the assessment and collection of taxes and duties;
      the ways benefit fraud is detected or prevented;
      the health and safety of staff;
      where the disclosure of medical opinions may cause distress or serious harm to a person.

      Of course we will try to provide you with as much information as possible.
      Links to external websites

      We may provide links to other content such as websites, web apps and downloadable apps. Unless expressly stated, this content is not under Our control. We neither assume nor accept responsibility or liability for such third party content. The provision of a link by Us is for reference only and does not imply any endorsement of the linked content or of those in control of it.

    • Selling goods and services online

      The Personal Data collected are used to provide the User with services or to sell goods, including payment and possible delivery.
      The Personal Data collected to complete the payment may include the credit card, the bank account used for the transfer, or any other means of payment envisaged. The kind of Data collected by www.mountainexperience.it depends on the payment system used.

    • Automated decision-making

      Automated decision-making means that a decision which is likely to have legal effects or similarly significant effects on the User, is taken solely by technological means, without any human intervention. Www.mountainexperience.it may use the User's Personal Data to make decisions entirely or partially based on automated processes according to the purposes outlined in this document. Www.mountainexperience.it adopts automated decision-making processes as far as necessary to enter into or perform a contract between User and Owner, or on the basis of the User’s explicit consent, where such consent is required by the law.
      Automated decisions are made by technological means – mostly based on algorithms subject to predefined criteria – which may also be provided by third parties.
      The rationale behind the automated decision making is:

      • to enable or otherwise improve the decision-making process;
      • to grant Users fair and unbiased treatment based on consistent and uniform criteria;
      • to reduce the potential harm derived from human error, personal bias and the like which may potentially lead to discrimination or imbalance in the treatment of individuals etc.;
      • to reduce the risk of User's failure to meet their obligation under a contract. To find out more about the purposes, the third-party services, if any, and any specific rationale for automated decisions used within www.mountainexperience.it, Users can check the relevant sections in this document.

      Consequences of automated decision-making processes for Users and rights of Users subjected to it

      As a consequence, Users subject to such processing, are entitled to exercise specific rights aimed at preventing or otherwise limiting the potential effects of the automated decisions taken.
      In particular, Users have the right to:

      • obtain an explanation about any decision taken as a result of automated decision-making and express their point of view regarding this decision;
      • challenge a decision by asking the Owner to reconsider it or take a new decision on a different basis;
      • request and obtain from the Owner human intervention on such processing.

      To learn more about the User’s rights and the means to exercise them, the User is invited to consult the section of this document relating to the rights of the User.

    • Personal Data collected through sources other than the User

      The Owner of www.mountainexperience.it may have legitimately collected Personal Data relating to Users without their knowledge by reusing or sourcing them from third parties on the grounds mentioned in the section specifying the legal basis of processing.
      Where the Owner has collected Personal Data in such a manner, Users may find specific information regarding the source within the relevant sections of this document or by contacting the Owner.

    • Analysis and predictions based on the User’s Data (“profiling”)

      The Owner may use the Personal and Usage Data collected through www.mountainexperience.it to create or update User profiles. This type of Data processing allows the Owner to evaluate User choices, preferences and behaviour for the purposes outlined in the respective section of this document.
      User profiles can also be created through the use of automated tools like algorithms, which can also be provided by third parties. To find out more about the profiling activities performed, Users can check the relevant sections of this document.
      The User always has a right to object to this kind of profiling activity. To find out more about the User's rights and how to exercise them, the User is invited to consult the section of this document outlining the rights of the User.

Contact information

    • Owner and Data Controller

      Mountain eXperience s.n.c.
      via A. Palareti, 37
      47039 Savignano sul Rubicone (FC) - Italia
      tel. +39 0541 943563

      Owner contact email: info@mountainexperience.it