Privacy notice - Central Treasury Remittance Regulatory Unit

Go to content

Main menu:

Footer

Privacy notice
___________________________________________________________________________________________________________________________________________
© Central Treasury Remittance Regulatory Unit

In order to pursue its mandate and mission, the CTRRU processes information about individuals ("Personal Data"). The CTRRU takes your privacy seriously. This Privacy Notice describes how the CTRRU collects and processes Personal Data, and how, in doing so, the CTRRU complies with its Personal Data Protection Policy.

What kind of personal data does the CTRRU collect and for which purpose?

The nature of the Personal Data the CTRRU collects depends on your relationship with the CTRRU. Typically, the CTRRU may process the following Personal Data: contact information (eg name, email, address, postcode, phone number); online information (eg cookies and IP address, if you visit the CTRRU websites); or contractual information (eg personal details in relation to services provided to the CTRRU).
The CTRRU collects and processes personal data only for the legitimate purposes set out herein below and only processes the Personal Data, which is relevant to achieve these purposes.

What are the principles of the CTRRU Personal Data Protection Policy and the legitimate purposes for which the CTRRU processes personal data?

The CTRRU processes Personal Data in accordance with the following principles:

Lawfulness, fairness and transparency

The CTRRU shall process Personal Data for legitimate purposes, in a fair and transparent manner.
Legitimate purposes for the processing of Personal Data are:

      • Processing is required in order for the CTRRU to be able to carry out its mandate and mission, purpose and functions;
      • Processing is necessary in order to protect the vital interests of a natural person;
      • Processing is necessary for establishing and asserting the status, privileges and immunities of the CTRRU or its staff members;
      • Processing is required for the performance of a contract to which the CTRRU is a party;
      • Processing is necessary for compliance with the CTRRU policies procedures and rules;
      • Processing is required for any other activity of the CTRRU and the individual has given their express consent for such processing.

Purpose limitation

Personal Data shall be collected for one or more specified and legitimate purposes, and not further processed in a manner incompatible with those purposes.

Data minimisation

Processing of Personal Data shall be adequate, relevant and reasonably limited to what is necessary in relation to the legitimate purposes for which Personal Data is processed.

Storage limitation

The CTRRU shall retain Personal Data for the duration specified in its applicable retention schedule(s) adopted by the CTRRU.

Accuracy

Personal Data shall be recorded as accurately as possible and, where necessary, updated to fulfil the legitimate purpose(s) for which it is processed.

Integrity and confidentiality

Personal Data shall be recorded as accurately as possible and, where necessary, updated to fulfil the legitimate purpose(s) for which it is processed.

Accountability

The CTRRU has established appropriate accountability and oversight mechanisms.

How long does the CTRRU keep your personal data?

Your Personal Data will be kept for as long as necessary to fulfil the purposes for which they were collected or to comply with legal or internal policy requirements. The CTRRU applies criteria to determine the appropriate periods for retaining your Personal Data depending on its purpose and in accordance with the CTRRU retention policies.

How does the CTRRU protect your Personal Data?

Your Personal Data are protected by appropriate technical and organisational safeguards against unauthorized processing and against accidental loss, destruction, damage, alteration, disclosure, access, or use.

With whom and how does the CTRRU share your Personal Data?

The CTRRU may share your Personal Data with third parties (eg suppliers or service providers). The CTRRU will only transfer Personal Data to third parties where they comply with a standard of protection of Personal Data equivalent at least to the level of protection established by the CTRRU Personal Data Protection Policy.



Back to content | Back to main menu