This page includes legal information related to the Privacy Policy of SEQURA WORLDWIDE, S.A. (hereinafter “SEQURA”).

Our privacy policy revolves around our commitment to the privacy and security of information linked to the personal data of our users, based on the principles of confidentiality, integrity, transparency and availability, as well as on compliance with our legal obligations.

Below we show our Privacy Policy, don't forget that it has a legal nature.

SEQURA provides you with additional information regarding the processing of your personal data, as established by the relevant regulations: REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of April 27, 2016 (RGPD)

1. Who is responsible for the processing of your personal data?

SEQURA WORLDWIDE, S.A (hereinafter, “SEQURA”) with CIF A66054164 registered in the Mercantile Registry of Barcelona and with address at C/ Alí Bei 7-9, Entresuelo, C.P. 08010, Barcelona is responsible for the processing of your personal data in accordance with the terms set out in this privacy policy. If you have any questions about the processing of your personal data, you can contact our data protection team at the following email address dpo@sequra.es

2. Necessary and updated information

All fields marked with an asterisk (*) in electronic forms must be completed, so that the omission of some of them could make it impossible to provide you with the services or information provided.

You must provide true information, so that the information provided is always up to date and does not contain errors, you must inform SeQura as soon as possible of any modifications and corrections to your data that may occur by sending an email to clientes@sequra.es.

In addition, by “clicking” on the “I accept” button or equivalent incorporated in the above-mentioned forms, you declare that the information and data you have provided in them are accurate and true.

3. What categories of personal data do we process?

Below, we describe the categories of data that will be processed in accordance with the purposes of the processing detailed in section 4.

• Identification data: Name, date of birth, occupation, gender, billing and delivery address, email address, mobile phone number, nationality, age, national ID.
• Order Data: Description relating to the products/services you have purchased at the Store, as well as the name of the product or service or the order number.
• Payment Information: Credit or debit card details (card number, expiration date and CVV code)
• Information derived from the use of SEQURA services: History of pages visited, items clicked, data entered and other relevant interactions on the SEQURA Website.
• Device information: IP address, browser name and configuration, time zone, operating system, unique identifier and device fingerprint.
• Data from financial solvency and credit files: data obtained by consulting solvency files relating to credit solvency and a history of non-payment of credit.
• Information from external sanctions lists and PEP lists: In compliance with money laundering regulations, SEQURA consults the sanctions lists and lists of politically exposed persons (“PEP”) where information such as name, date of birth, place of birth, occupation or position and the reason why the person is on the list in question can be obtained.
• Loan data: current loan details, principal, installments, repayments, repayments, late fees, communication history and claims.
• Historical loan and loan application data: Data and history of previous loans and previous credit requests.

4. For what purposes are your personal data processed and on what legal basis?

The following are the treatments that SEQURA may carry out with your personal data:

Purposes of the treatment

1. Credit Risk Assessment:

Before the credit agreement is concluded, SEQURA must evaluate the consumer's creditworthiness. In this process, credit solvency is evaluated, a study and analysis of the credit transaction is carried out, and eligibility for the granting of consumer credit is determined.

For this purpose, an automated system for creating credit risk profiles or “scoring” is used to evaluate your creditworthiness when you request the granting of a loan offered by SEQURA. This “scoring” is the result of a mathematical-statistical test necessary to evaluate your ability to pay the amounts you must pay by contract and determine your level of risk. You can consult section 6 for more information on profiling and automated decisions.

SEQURA will carry out this evaluation based on the following information:

• The information you provide directly to us at the time of the request.
• The information derived from the credits you have in force with SEQURA or also the credit history you have had with SEQURA.
• Consult public sources or external sources for reasons of “scoring” or fraud, complying with the procedures and guarantees established at all times by current legislation, such as:

1. ASNEF — National Association of Funding Entities, responsible for processing the “ASNEF” file. You can access more information about this file on their website (www.asnef.com)
2. EXPERIAN BUREAU DE CRÉDITO, S.A., responsible for processing the “Badexcug” file, You can access more information about this file on its website (www. experian.es)

Based on the risk and credit rating resulting from the “scoring”, SEQURA may approve, modify or deny the requested credit request.

Legal Basis

Contract execution; Compliance with legal obligation.

Purposes of the treatment

2. Verification and verification of the applicant's identity

Legal Basis

Contract Execution and Compliance with Legal Obligation.

Purposes of the treatment

3. Credit management. Carry out the necessary steps related to the contracted linked credit (including but not limited to: compliance of the linked credit, payment management, notification of payment dates, changes in the payment plan, accounting and tax management, change of credit/debit card).

Legal Basis

Contract Execution and Compliance with Legal Obligation.

Purposes of the treatment

4. Debt collection activities. In the event that the User has any amount of the credit outstanding, SEQURA may take appropriate actions to ensure compliance with the contract and the payment of the amounts due. Debt collection can be carried out through companies specialized in debt collection management and lawyers. Additionally, in certain cases, the Merchant may be informed of the non-payment to ensure compliance with the contract. These techniques involve the communication of your data.

SEQURA may contact you to carry out collection activities through a telephone call, SMS, Whatsapp, email, postal mail or other electronic or electronic means.

Legal Basis

Contract Execution and Compliance with Legal Obligation.

Purposes of the treatment

5. Create a SEQURA account to manage payments and have information about your credit.

Legal Basis

Contract execution.

Purposes of the treatment

6. Consultation and communication of data to financial and credit solvency files. Upon your request for consumer credit, SEQURA may consult a solvency file and, in the event of default, report such debt to Experian Credit Bureau or other solvency files.

Legal Basis

Contract execution.

Purposes of the treatment

7. Prevention of abuse and fraud: we will process the data to control and prevent any form of abuse of our services, such as fraudulent activities, denial of service attacks, unauthorized access to our users' accounts, as well as any other practice that is contrary to current legislation.

Legal Basis

Contract execution, compliance with a legal obligation.

Purposes of the treatment

8. Prevention of money laundering and terrorist financing: Identify, prevent and combat money laundering and terrorist financing and comply with applicable regulations in this regard and how to proceed to verify and verify your identity.

Legal Basis

Compliance with a legal obligation.

Purposes of the treatment

9. Segmentation tasks. Segmentation or profiling may be carried out in order to direct the services and advertising to be sent. The analysis of the profiles together with information about the interested party may lead to the denial of credit or to determine the level of risk, as well as the advertising to be sent. Under no circumstances will the analysis of the profiles have any significant effect against the rights of the interested party.

Legal Basis

SEQURA's legitimate interest in improving its products and services.

Purposes of the treatment

10. To perform data analysis for product development and tests to improve our risk and credit models and to design our services (if possible, we first anonymize the data, which means that no personal data is processed thereafter).

Legal Basis

SEQURA's legitimate interest in improving its products and services.

Purposes of the treatment

11. Preparation of statistics and reports for economic analysis or analysis of payment trends, payment volumes, in general segmentation and market analysis (if possible, we first anonymize the data, which means that no personal data is processed thereafter).

Legal Basis

SEQURA's legitimate interest in improving its products and services.

Purposes of the treatment

12. Advertising and commercial prospecting activities through different media and communication channels for own products and services. We may offer you, by any of the following means: postal mail, email, SMS, telephone and mobile applications, opinion polls, distance selling offers, advertising, promotions and free samples of our services and/or products.

Legal Basis

Consent and legitimate interest in advertising and improving their products and services.

Purposes of the treatment

13. Satisfaction surveys. SEQURA may contact you via email, telephone, text messages or other communication channels to carry out satisfaction surveys to assess the services provided by SEQURA.

Legal Basis

Consent and legitimate interest in improving our products and services.

Purposes of the treatment

14. Transfer of data. SEQURA will transfer your personal data to the recipients described in the fifth section for the correct execution of the contract.

Legal Basis

Contract execution.

Purposes of the treatment

15. Anonymization process for the purpose of analyzing information related to our services and products and analyzing customer behavior.

Legal Basis

Legitimate interest.

Purposes of the treatment

16. Management of different legal claims before public, private bodies and courts as well as the protection of SeQura's legal rights.

Legal Basis

Legitimate interest.

Purposes of the treatment

17. Transfer the right to collect your credit to third parties.

Legitimate interest.

Purposes of the treatment

18. Customer service and improvement of service quality (may include telephone recordings)

Legal Basis

Execution of the contract and legitimate interest.

Purposes of the treatment

19. Contact through the website or social networks to answer the questions raised.

Legal Basis

Legitimate interest.

Purposes of the treatment

20. Managing vulnerable consumers.

Legal Basis

Legal obligation.

Purposes of the treatment‍

21. Management of GDPR rights exercises.

Legal Basis

Legal obligation and legitimate interest.

5. Can consent be withdrawn?

For those treatments detailed in the previous section where it is indicated that the legal basis of the treatment is consent (advertising and commercial prospecting activities and satisfaction surveys), you can withdraw this consent at any time by sending an email to arco@sequra.es.

In addition, the User may object to segmentation and scoring processes that are not strictly necessary for compliance with SeQura's legal or contractual obligations.

6. How do we analyze your creditworthiness to decide if we will grant you credit?

SEQURA uses an automated decision system to carry out the solvency analysis prior to the granting of credit. The decision system evaluates the credit request according to the data provided by the applicant, as well as the product or service linked to the credit request in accordance with this privacy policy. As a result of this process, our credit algorithm evaluates the viability of granting credit. In this way, we draw up a profile of your behavior as a user and your financial situation and compare this data with behaviors and conditions that correspond to the different levels of risk defined by SEQURA.

In certain cases, after the automated evaluation, a second solvency analysis will be carried out manually by our agents if deemed necessary in accordance with the rules and criteria established by SEQURA to ensure compliance with legal and security obligations and to prevent fraud. As a result of the above-mentioned solvency analysis, it is possible that the result of your request to grant consumer credit is negative.

However, the User may request that a new manual solvency assessment be carried out by a member of our team if the decision to deny their credit application has been taken exclusively automatically.

To request this new evaluation, you must request it to the email address dpo@sequra.es providing your DNI/NIE number and the name of the Merchant where the credit request was made. Once we have received your request, SEQURA will carry out a new solvency assessment within a maximum period of 30 days. To carry out such an evaluation, the person responsible for carrying it out may request additional information from the User that they consider necessary to make a decision. In the event that the result of such evaluation is positive, the User must make a new credit request using the same personal data, Commerce and product. Otherwise, the request may be rejected again.

SEQURA reserves the right to accept or reject any request if the conditions previously indicated are not those required for the granting of credit.

7. Data communication

The personal data processed by SEQURA may be transferred in the following cases:

• To third parties in the event of the transfer of credit or the management and/or administration of the same. For illustrative purposes: Financiera Española de Crédito a Distancia EFC, S, A (hereinafter, FINDIRECT) with NIF A84101682 and registered office at Avda Fuente de la Mora 4, 28050 Madrid, Sequpres 835, S.L. (hereinafter, SEQUPRES) with NIF B67012542 and registered office at C/ Alí Bei 7-9, Entresuelo, C.P. 08010, Barcelona, Axioma 7 Internacional, S.L. (hereinafter AXIOMA) with NIF B10903441 and registered office at C/ Antoni Griera, 47, C.P.. 08196, Sant Cugat del Vallés, Barcelona. In these cases, all personal data linked to the credit or its management will be transferred to that third party, including, where appropriate, a copy of the ID card that will become the holder of the contracted credit. In any case, this transfer will not alter the characteristics of the credit product or the management for the payment of your purchase by SEQURA. In the event that this assignment takes place, you will be informed of the identity and contact of the transferee.
• When the analysis of the credit transaction is carried out, your data may be communicated, if necessary, to financial institutions, as well as to entities that hold information service files on financial solvency and credit, for the purpose of carrying out mandatory inquiries in the legally established cases, and those derived from the breach of their monetary obligations.
• When the market analysis treatment is carried out, it may be carried out through third parties who analyze such data at our request, which may entail a transfer of personal data. Such processing will be subject to the corresponding data processing agreements which will guarantee their confidentiality and integrity.
• When commercial prospecting and advertising is carried out, your personal data, including the email address if you have provided it to us, may be given prior consent to FINDIRECT, SEQUPRES, AXIOMA or third parties to keep you informed by mail, telephone, SMS and even by electronic means, about financial and insurance products and services. The carrying out of treatments for advertising and commercial prospecting purposes may involve the communication of your data to third parties in the specified sectors, as well as to companies providing services, so that they are processed for these purposes and to be able to carry out cross-processing to determine if you are a customer and avoid duplicate shipments. Finally, we inform you that if you do not want personal data to be processed for advertising and commercial prospecting purposes on the terms indicated and/or to be communicated to third companies in the sectors specified for these purposes, you can indicate this by sending an email to clientes@sequra.es.
• Certain companies providing services will also have access, in this case already as data processors. These providers will only be able to access the data for the sole purpose of providing the contracted service, following the instructions of the Company and without being able to use it for any other purpose. All providers sign confidentiality commitments in the use of the information they access through their service in accordance with current regulations.
• When the User is in a situation of default with SEQURA, it may transfer the data to companies that manage solvency files.
• When the User is in a situation of default with SEQURA, in the case of credits granted linked to the provision of a service, the latter may transfer data on the unpaid credit to the service provider in order to comply with the legally agreed contract between the parties seeking payment of the unpaid credit.
• SEQURA may transfer the photocopy of the ID card to the Merchant when it is required for regulatory reasons and compliance with Law 10/2020 on the Prevention of Money Laundering and Terrorist Financing, the identification of the customer by means of a photocopy of the ID and with the prior consent of the User.

8. How long do we keep your data?

Personal data will be kept for as long as necessary for the purposes indicated.

In the case of contracting SeQura services, your data will be kept as long as the business relationship with SeQura is maintained. If the right of deletion is exercised, your data will be blocked and will be kept only for the purpose of meeting the legal responsibilities derived from the service. Specifically, your personal data related to the execution of the contract will be kept for the life of the contract and after the end of the contractual relationship, for a period of 6 years.

With regard to the processing of personal data for the purpose of carrying out satisfaction surveys, the additional information that you may provide in them will be kept for a period of 1 year after the survey was carried out.

Regarding the processing of personal data for the sending of commercial communications, the data will be kept as long as the user does not withdraw the consent given.

Regarding the processing of personal data to meet legal obligations, we inform you that personal data collected for the purpose of meeting legal obligations deriving from money laundering controls (purpose No. 8) will be kept for a period of 10 years from the beginning of the contractual relationship in compliance with current regulations.

In the event that your credit application is not accepted or the contracting process has not been completed, SEQURA will keep the information for a limited time and then this information will be deleted. Specifically, your data will be kept for a maximum period of 3 years, during which time they will be kept only for the purpose of meeting possible legal responsibilities of SEQURA.

SeQura periodically carries out an analysis of data retention periods, eliminating ex officio data because it considers that the information has become obsolete or out of date.

9. User Rights

• Anyone has the right to obtain confirmation as to whether or not SEQURA is processing personal data that concerns them.
• Interested persons have the right to access their personal data, as well as to request the rectification of inaccurate data or, where appropriate, request its deletion when, among other reasons, the data are no longer necessary for the purposes for which they were collected.
• Under certain circumstances, interested parties may request the limitation of the processing of their data, in which case we will only keep them for the possible legal liabilities that arise from the service.
• Under certain circumstances and for reasons related to their particular situation, interested parties may object to the processing of their data. SEQURA will stop processing the data, except for compelling legitimate reasons, or the exercise or defense of possible claims.
• Interested persons have the right to have SEQURA transmit the personal data that the interested party has provided to another data controller.

The User can exercise their rights of access, rectification or deletion, limitation, opposition and portability provided for in the RGPD, by means of a written communication addressed to SEQURA WORLDWIDE, S.A, C/ Alí Bei 7-9, Entresuelo, C.P. 08010, Barcelona; or by email addressed to arco@sequra.es. In both cases, the interested User must accompany a copy of their national identity document, passport or other valid document that identifies them.

The User can withdraw the consent given for commercial prospecting and market analysis by notifying it by means of a written communication addressed to SEQURA WORLDWIDE, S.A, C/ Alí Bei 7-9, Entresuelo, C.P. 08010, Barcelona; or by email addressed to arco@sequra.es without affecting the lawfulness of the treatment based on the consent previously given by the interested party.

Finally, inform the User that they can contact the competent Authority. In the case of Spain, the Spanish Data Protection Agency through its website www.agpd.es.

10. We value your collaboration

At SEQURA we try to control, within our means, the correct use of the personal data for which we are responsible by third parties to whom we have had to provide them. For this reason, we request that, if you are aware or suspect that any of our clients or suppliers, indicated above, is misusing your personal information, you notify us without delay so that we can take the appropriate actions that may be appropriate to take.

Also, to ensure that the data we have is correct and up to date, we ask that, if there are any changes to your data, or if, for any reason, you detect that we have any incorrect data about you, please let us know as soon as possible to proceed with the appropriate correction.

11. Origin of the data

The personal data processed by SeQura come directly from the interested parties through the electronic forms enabled by SeQura. When carrying out the registration, in addition to the data that appears in the form, we collect different data such as IP, the browser used, the operating system and the navigation configuration of the Portal, by installing the cookies detailed in our Cookies Policy section.

We also process data that may come from our portal and/or mobile application if some of our electronic communication services are used, an email is sent or, in some cases, we can also process information through our telephone service.

The data may also come from creditworthiness information files.

In addition, in the purchasing and selection of payment methods, the Merchant communicates to SEQURA information necessary for the loan granting process.

The categories of data communicated are:

• Identification data: Name, billing and delivery address, email address, mobile phone number, nationality, age, national ID.
• Order Data: Description relating to the products/services you have purchased at the Store, as well as the name of the product or service or the order number.

Specially protected data is not processed.

12. International transfers

Some of SeQura's service providers may have their servers hosted outside the European Economic Area, in these cases the relationship is duly regulated by service contracts that include current regulations on international data transfer. Specifically, contracts with those service providers located outside the European Economic Area will include the mandatory Standard Contractual Clauses approved by the European Commission through the Commission's Implementing Decision (EU) 2021/914 of June 4, 2021, ensuring at all times an adequate level of protection for the data transferred.

13. Safety measures

The User's personal data will be treated by SEQURA under the strictest confidentiality, applying the appropriate technical and organizational security measures in accordance with current regulations.

SEQURA stores payment card data in a system that complies with the payment card industry data security standard (Payment Card Industry Data Security Standard), a standard that establishes a set of measures, practices and tools that aim to ensure security in the processing of information associated with payment cards. For more information, go to www.pcisecuritystandards.org.

14. Prohibition for minors

Minors are prohibited from accessing SEQURA services.

15. Third-party data

Before providing, through the different means of collecting information, personal data relating to third parties, the User must obtain their prior and express consent, having been informed of the terms contained in this Privacy Policy. The User undertakes to hold SEQURA harmless from any possible claim, penalty, fine or sanction that he may be forced to endure as a result of the User's breach of the duty described in this paragraph

16. Cookie Policy

Remember that you can access our Cookies Policy through the following link https://legal.sequra.com/politica-cookies.

Version effective as of April 13, 2023.