Privacy
Learn more about our privacy policy.
Who are we?
Request Finance (hereinafter "Request", “we”, or “Request Finance”) is the one who collects and processes Your Data.
What is this document?
This Privacy Policy aims to inform You of how Request collects and uses Your personal or not Data and how You can exercise Your rights.
This policy is part of the legal documentation -with our Terms & Conditions and the Cookie policy- You accept by using our Services. You must not use our Services if You don’t agree with those terms. You are responsible for ensuring that all persons who access or use the Services through Your Device, company account, or internet connection are aware of those documents and that they comply with them.
Request reserves the right to modify this policy at any time and without prior notice, in particular in order to meet all its operational, legal, and regulatory constraints. Please check this page regularly to stay up-to-date on the latest version.
This policy does not govern the processing of personal data carried out on Your behalf, as a data controller, by Request Finance, as a data processor. To learn more about it, please refer to the DPA attached to our Terms & Conditions.
What definitions should You know?
“Data controller” means the person collecting and processing the Data. The Data controller is Request Finance.
“Data processor” means a natural or legal person, public authority, agency, or other body which processes personal Data on behalf of the Data controller.
“Data” means all information, facts, and statistics collected together.
“Personal Data” means any information that directly, indirectly, or in connection with other information allows for the identification or identifiability of a natural person.
“You” or “Your” means You as a natural person or professional and the company, organization, and/or entity electronically accessing our Services.
“Privacy Policy” means this document, applying to each visitor of our Website or user of our Services.
“Website” means all the Request Websites (including their subdomains), apps and Services.
“Device” means Your computer, mobile, or any Device You use to access our Website.
“DPO” means Data protection officer.
Which Data do we collect?
Please note that some Data are also collected by third parties accessible on our Services. For exemple, if You use our partners’ services, Data (like Your name, date of birth, address, company, etc.) can be collected by our partners (or by Request on their behalf) to meet their anti-money laundering and customer-identification obligations. Request is not responsible for the way in which our partners use Your Data. If You have any questions on this subject, please consult their privacy policy.
Your action
Data collected
Data usage
Legal basis
Retention
Account creation
Names, email address, address, company information, intra-community VAT number, country
Manage contract, proper functioning of our Services, analytics, preventing fraud, managing support, sending notifications
Execution of our contract
2 years after the last use of Your account if You have not closed it before
Request to receive marketing emails (including our newsletter)
Email address, logs
Sending emails on our latest developments, promotions, business relation,
customer survey, marketing,
Your consent
3 years from the request
Request sent to customer support
Depending on the means used: Names, email, telephone number, social media profile, content of our exchanges, identification document (if necessary)
Processing the request, quality control, verifying information is correct and preventing fraud, training of our teams
Execution of our contract
5 years from the request
Browsing our Websites
Cookies, IP address, geographical position, operating system, browser, Devices used, date of visit, URLs of clickstream, errors, duration of visit, pages interaction
Dependent on the purpose of the trackers: Legitimate interest for technical ones & Consent for functional, performance and advertising cookies
Participation in customer surveys
Names, address, company name, country, email address, geographic position, number of employees, phone number, profession, state, usage Data, product opinion, comments
Carrying out marketing studies, improving our products and Services
Legitimate interest
3 years from the participation
Request to be re-contacted on the subject of our B2B products
Names, company information, role, email address
Making contact, sending emails on our latest developments, promotions and customer surveys, marketing
Your consent
3 years from the request
Use of our Services
Names, email address, IP address, clicks, actions, properties (e.g. type, version, language and region recorded for Your operating system), operation information, public keys and bank details
proper functioning of our Services, Bug-fixing, analytics to improve our Services, identify additional services and features You might need, processing requests for assistance, finding and preventing security issues, fraudulent activity and violations, optimising marketing (e.g. information on the most-used functionalities) and sending important information (e.g. security notifications)
Execution of our contract
2 years after the last use of Your account if You have not closed it before
Signing up to our affiliate program
Names, email address, public key
Managing the program, sending emails on the program’s latest developments, remuneration
Execution of our contract
2 years after the last use of Your account if You have not closed it;
How do we use Your Data?
To sum up the previous table, Request uses Your Data for the following purposes:
To conclude and manage our contracts,
To provide our services,
To manage client files,
To manage prospect files,
To create statistics,
To carry out satisfaction surveys,
To manage complaints, customer support and disputes,
To personalize, maintain and improve our Services and features,
To improve the security of our Services,
To make research & development and train our teams,
To comply with our regulatory obligations and in particular the fight against fraud, money laundering and the financing of terrorism,
To manage requests to exercise rights under regulations applicable to the processing of personal Data.
Request does not sell or share Your personal information with third parties for direct marketing purposes.
What about cookies?
Request uses cookies and other identifying technologies on its Services.To learn more about how Request uses cookies, please refer to our Cookie Policy.
Cookies are small text files stored in Your browser or Device by Websites, apps, online media, and advertisements. Request uses cookies and similar techniques for the following purposes:
Authenticate Users,
Remember User preferences and settings,
Establish the popularity of the content,
Deliver and measure the effectiveness of advertising campaigns,
Analyze site traffic and trends, and generally understand the online behaviors and interests of people who interact with our Services.
How do we share Your Data?
For operational purposes
To operate its Services, Request may share Your Data with its service providers and business partners, who are expressly bound not to disclose or use them to any other end. This may concern, for example:
payment institutions or electronic money institutions;
cloud storage providers;
marketing partners and marketing platform providers;
data analytics providers;
consultants, lawyers, accountants, and other professional services providers.
For legal purposes or in the event of a dispute
Request may release Your Data if a law, regulation, operating agreement, legal process, or government request requires it.
This involves the communication of Your Data to the authorities or governmental institutions to protect the rights of Request, or the rights, safety, or property of third parties, or in the event of a claim or dispute relating to Your use of our Services.
For corporate purposes
If Request sells, merges, or transfers any part of its business, it may be required to share Your Data. If so, You will be asked if You'd like to stop receiving promotional information following any change of control.
With Your Consent
Other than as stated above, Request will provide You with prior notice and the opportunity to choose when Your Data may be shared with other third parties.
Where and for how long are Your Data stored?
Your Data are stored in Belgium and Netherlands, but we might have to transfer them to countries outside the European Economic Area to provide You with our services.
We only share Your Data with companies and partners established in a country recognized as offering an adequate level of protection, or with which we have signed standard contractual clauses, or that commit to applying a code of conduct or a certification mechanism validated by the competent authorities.
Your Data are kept for the following periods:
Please, refer to the previous table.
The following Data are stored for different periods:
Financial Data (e.g., payments, refunds, etc.) are kept for the duration required by applicable tax and accounting laws;
For legal reasons, the content created when You use our Services (such as invoicing, payments, etc.) remains visible by the payer or beneficiary;
For technical reasons, everything that is stored on the blockchain remains unalterable.
If Your account has been suspended or blocked, Your Data may be retained to avoid any circumvention on Your part of the rules in force on our platforms and to prevent fraud and improve security. For example, if Request archives a user's account because he behaves dangerously, Request may keep specific Data about this account in order to prevent this user from opening another one later.
In terms of litigation management:
The Data processed to manage a pre-litigation will be deleted as soon as the dispute is settled amicably or, failing that, as soon as the corresponding legal action expires
The Data processed to manage a dispute will be deleted when appeals are no longer possible against the decision rendered to have it executed,
At the end of these periods, the Data is securely deleted or archived in accordance with applicable law.
Decisions rendered may be retained by Request as a definitive archive due to historical interest.
In terms of managing requests to exercise the rights granted to Personal Data:
The Data processed are kept for the duration of the examination of Your request, then archived in accordance with the limitation periods in force (5 years);
Data relating to identity documents will be kept for one (1) year in compliance with the applicable legal deadlines;
In the event of opposition, the Data will be kept for a minimum period of three (3) years to guarantee the effectiveness of Your right of opposition.
For more information on Your Data retention periods, You can contact the DPO of Request at privacy@request.finance.
What are Your rights?
Depending on Your location and subject to applicable law, You may have the following rights described here with regard to the Data we control about You:
The right to request confirmation of whether Request processes Personal Data relating to You, and if so, to request a copy of that Personal Data;
The right to request that Request rectifies or updates Your Personal Data that is inaccurate, incomplete or outdated;
The right to request that Request erases Your Personal Data in certain circumstances provided by law;
The right to request that Request restricts the use of Your Personal Data in certain circumstances;
The right to request that Request exports Your Personal Data that we hold to another company, where technically feasible;
Where the processing of Your Personal Data is based on Your previously given consent, You have the right to withdraw Your consent at any time; and/or
Where Request processes Your Personal Data based on our legitimate interests, You may also have the right to object to the processing.
To exercise these rights, You can send an e-mail to the address privacy@request.finance. All requests must specify, in the subject line, the reason for the request (exercise of the right of access, opposition, etc.), the address to which the response must be sent, and the company concerned by the request.
To exercise Your rights, You must prove Your identity by any means. Where Request has reasonable doubts about Your identity, You may be asked to provide additional information necessary to confirm Your identity.
Request will send You its response within a maximum period of one (1) month from the date of receipt of Your request. However, this period may be extended by two (2) months due to the complexity and number of requests.
Finally, You can contact the competent supervisory authority for Data protection in Your region. For example, the CNIL for France: www.cnil.fr.
What are the legal bases of processing?
To summarize the previous table, Request processes Data under the following legal basis:
execution of a contract. For the most part, the Data that Request collects are those that are necessary for the execution of the contract and our Services concluded between You and Request;
legal obligations. Certain Data must necessarily be collected by Request in order to comply with our legal obligations;
Your consent. Request will be able to process certain Data after obtaining Your consent, for example, for prospecting operations. Mandatory Data are marked with an asterisk;
our legitimate interest. Finally, some Data collected are necessary for the legitimate purposes that Request pursues, in particular and without limitation, the management of the Services, the research, the development and the improvement of our Services (in particular via surveys), personalization of Your customer experience, fraud prevention, network security.
What are our protection measures?
Request implements all technical and organizational measures it deems necessary to safeguard Your Data at an appropriate level of security, including:
An awareness program and employee training,
Encryption during exchanges and storage,
Regular audits of Data hosting companies,
Data redundancy for more resilience in the event of a catastrophe,
Role-based authentication,
Two-factor authentication for our authorised contributors,
Continuous monitoring of the system,
Security assessments in line with industry standards,
Bug bounty program,
Security tests and intrusion tests by independent third parties,
Administrative access to our servers is limited to certain people duly identified with our hosting provider.
To assess the appropriate security level, Request takes into account, among other things, the nature of the Data and the risks its processing presents. Although we strive to ensure optimal Data protection, we would remind You that transmitting information on the Internet is not entirely secure.
To help us protect Your Data, Request encourages You to use a strong password and never share it with anyone or use the same password with other sites or accounts. If You have reason to believe that Your interaction with our Services is no longer secure (e.g., You feel that the security of Your account has been compromised), please contact Request at privacy@request.finance immediately.
Last updated