Wall Money Store Privacy Policy

1. Introduction

Thank you for using Wall Money – Pre-Sale Platform (hereinafter the “Platform”). By visiting, accessing or using the Platform, and by purchasing vouchers redeemable for a financial service (a bank account or other financial or non-financial services provided by Wall Money) (hereinafter the “Services”), you (hereinafter the “User”, “you” or “your”) acknowledge and agree to this Privacy Policy (hereinafter the “Policy”).

This Policy explains how we collect, use, share, secure and store your personal data in connection with your use of the Platform and the Services, in particular when you visit or browse the Platform, register a user account, purchase vouchers, redeem vouchers, or otherwise interact with us in relation to the pre-sale.

2. Scope and Data Controller

This Policy applies to all personal data processed in connection with the Wall Money – Pre-Sale Platform operated by Wall it s. r. o. (hereinafter the “Company”), in particular when you visit or use the Platform, register a user account, purchase or redeem vouchers, or otherwise interact with us in relation to the pre-sale.

Wall it s. r. o. is a company incorporated under the laws of the Slovak Republic, with its registered office at Obchodná 559/37, 811 06 Bratislava – Staré Mesto, Slovak Republic, as recorded in the Business Register of the Slovak Republic (Obchodný register Slovenskej republiky) under identification number (IČO) 47 565 730.

Wall it s. r. o. acts as the controller of your personal data within the meaning of Regulation (EU) 2016/679 (General Data Protection Regulation – “GDPR”) and Act No. 18/2018 Coll. on Personal Data Protection, as amended.

As Wall it s. r. o. is established in the Slovak Republic, your personal data is processed in accordance with GDPR and the above Slovak data protection act.

You also have the right to lodge a complaint with the Office for Personal Data Protection of the Slovak Republic (Úrad na ochranu osobných údajov Slovenskej republiky), Hraničná 12, 820 07 Bratislava 27, Slovak Republic, www.dataprotection.gov.sk.

3. Definitions


For the purposes of this Policy, the following terms shall have the meanings set out below:

“Personal Data” means any information relating to an identified or identifiable natural person. In the context of this Platform, this mainly includes your name, surname, email address, billing address, any identifiers that we receive when you register or log in (for example your CorePass identifier), and, where you create an account directly with us, your login credentials (such as your email address and password), as well as any other information that can be reasonably linked to you.

“Sensitive Data” means personal data which is afforded special protection under applicable law. We do not intentionally collect Sensitive Data through the Platform and you should not provide such information to us via the pre-sale Platform.

“Services” means the functionalities provided via the Platform in connection with the pre-sale, including the possibility to purchase vouchers, receive related confirmations and communications for the purposes of the voucher pre-sale.

“User”, “you” or “your” means any natural person who visits or uses the Platform or purchases vouchers through the Platform.

4. What Data We Collect

We collect personal data that you provide to us directly when you use the Platform and, to a limited extent, technical information generated by your use of the Platform.

In the context of the pre-sale Platform, we collect in particular:

  • Identification and contact details: your name and surname, and your email address.
  • Billing details: your billing address, which we use for invoicing and accounting purposes.
  • Registration and account data: when you register or log in via CorePass, we receive from CorePass your CorePass identifier (CoreID) and email address.
  • Order and voucher information: information about your voucher purchase(s), such as the type of voucher, date and time of purchase, price, order number and voucher identifier. Although such information mainly relates to the transaction, it may be associated with your personal data for accounting, business and record-keeping purposes.

When you create an account with us manually, we collect your first name, email address and a password that you choose. We store your password in a secure form.

When you purchase without creating an account, we collect the information necessary to process your order, such as your name, surname, email address and billing address.

Payments are processed for us by third-party payment service providers, currently Stripe and Coinbase Commerce. When you make a payment, your payment details (for example payment card information) are collected and processed by the relevant payment service provider for the purpose of completing the transaction. As a rule, we do not store your full payment card number, card verification value (CVV) or online banking credentials. We receive and keep only limited payment information such as a payment confirmation, transaction ID, payment amount, currency and, where applicable, partial card details (for example the last four digits) for reconciliation, accounting and fraud-prevention purposes. The processing of your payment data by Stripe and Coinbase Commerce is governed by their own privacy policies, which you can review on their websites (available at: https://www.coinbase.com/legal/commerce/privacy-policy and https://stripe.com/privacy).

When you visit or use the Platform, we may also receive limited technical information, such as your IP address, browser type and version, referring URL and date and time of access. We use this information to ensure the security and proper functioning of the Platform and for basic statistical purposes.

5. Legal Basis for Data Processing

We process your personal data on the following legal bases:

  • Performance of a contract: to process your voucher order, issue confirmations and receipts, manage your purchase and provide you with related customer support.
  • Compliance with legal obligations: to comply with obligations arising from accounting, tax and consumer-protection laws, including the obligation to issue and retain invoices and keep appropriate business records.
  • Legitimate interests: to operate, secure and improve the Platform, to prevent fraud and misuse and to respond to your enquiries, provided that such interests are not overridden by your rights and interests.

6. Use of Your Personal Data

We use your personal data for the following purposes:

  • Order processing: to process your voucher purchase, issue order confirmations and receipts and manage your orders and vouchers.
  • Communication and support: to communicate with you about your orders, the pre-sale, Platform updates and to handle your requests, questions or complaints.
  • Platform operation and security: to operate, maintain and protect the Platform, including troubleshooting, preventing abuse, monitoring for suspicious activity and generating basic usage statistics.
  • Legal and compliance purposes: to comply with legal and regulatory requirements that apply to us and to establish, exercise or defend legal claims where necessary.

7. Sharing and Disclosure of Data

We do not sell your Personal Data. We only disclose Personal Data to third parties in the following circumstances:

  1. Service Providers and Partners

We may share Personal Data with trusted service providers who perform services on our behalf, such as:

  • payment service providers and banks(currently Stripe and Coinbase Commerce);
  • identity and authentication service providers (for example, where you choose to register or log in using CorePass, in which case we receive your CorePass identifier and email from that provider – CorePass Privacy Policy available at: https://corepass.net/privacy-policy);
  • hosting, infrastructure and IT-security providers;
  • legal, audit and other professional advisers.

These service providers act under contractual obligations to keep Personal Data confidential, to use it only for the agreed purpose and to implement appropriate security measures.

  1. Affiliates

We may share Personal Data with affiliated entities within the Wall Money group (if any), solely for operational, compliance or support purposes and always in accordance with this Policy.

  1. Authorities and Regulators

We may disclose Personal Data when required by applicable law or regulation, or to respond to valid legal process, lawful requests or regulatory requirements (e.g. courts, supervisory authorities, law enforcement).

  1. Business transfers

In connection with any merger, acquisition, restructuring or sale of all or part of the Company, personal data may be transferred to the relevant third parties, subject to appropriate confidentiality and data protection safeguards.

8. International Data Transfers

Your Personal Data may be processed and stored in countries outside your country of residence, including jurisdictions that may not provide the same level of data protection as your home country.

Where required by law, we will ensure that appropriate safeguards are in place for such transfers (e.g. standard contractual clauses or equivalent legal mechanisms), and we will take steps to ensure that your Personal Data continues to receive adequate protection.


9. Data Storage, Security and Retention


Security Measures

We implement appropriate technical and organisational measures designed to:

  • protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access; and
  • ensure ongoing confidentiality, integrity and availability of systems and services.

These measures may include encryption, access controls, secure storage, logging and monitoring, regular security reviews and staff training.

Retention

We retain Personal Data only for as long as necessary to fulfill the purposes described in this Policy, including:

  • for as long as you maintain a user account or hold vouchers;
  • for the duration required by legal, regulatory and tax obligations;
  • for the time needed to resolve disputes and enforce our agreements.

– Account data (such as identification and contact details associated with your user account) are retained for up to 5 years after the end of the relationship (for example, after your account is closed), unless a longer period is required by law or necessary to establish, exercise or defend legal claims.

– Payment records and transaction data (including information relating to voucher purchases, payments and other financial operations) are retained for up to 10 years from the end of the relevant accounting period, in order to comply with statutory accounting, tax and anti-money laundering obligations.

– Marketing data and consent records (such as your email address for marketing communications and logs of your subscription/opt-out choices) are retained for as long as we send you such communications and for a limited period thereafter to document your preferences and our compliance with applicable law, or until you object to such processing, whichever occurs first.

After the relevant retention period, Personal Data will be deleted, anonymized or otherwise processed in a way that prevents further use, unless continued retention is required or permitted by law.

10. Rights of Users

You have the following rights in relation to your personal data, subject to the conditions and limitations set out in applicable data protection law:

  • Right of Access: to obtain confirmation whether we process your Personal Data and to receive a copy of such data.
  • Right to Rectification: to request correction of inaccurate or incomplete Personal Data.
  • Right to Erasure (“Right to be Forgotten”): to request deletion of Personal Data in certain situations (e.g. where it is no longer necessary for the purposes for which it was collected), subject to legal retention requirements.
  • Right to Restriction of Processing: to request that we limit processing in certain circumstances (e.g. while a complaint or objection is being investigated).
  • Right to Object: to object to certain processing activities, such as processing based on legitimate interests.
  • Right to Data Portability: to receive certain Personal Data in a structured, commonly used and machine-readable format and to have it transmitted to another controller, where technically feasible.
  • Right to Withdraw Consent: where processing is based on your consent, to withdraw that consent at any time, without affecting the lawfulness of processing based on consent before withdrawal.
  • Right to Lodge a Complaint: to file a complaint with the competent data-protection authority if you believe your rights have been violated.

11. Age Restrictions

The Platform and Services are intended only for individuals who are at least 18 years old. We do not knowingly collect Personal or Sensitive Data from persons under this age.

12. Changes to This Privacy Policy

We may update or modify this Privacy Policy from time to time, for example to reflect changes in our processing activities or applicable law. The updated Privacy Policy will be posted here. Your continued use of the Platform after the effective date of the updated Privacy Policy will be deemed to constitute your acceptance of it. If you do not agree with the updated Privacy Policy, you should stop using the Platform and our Services.

13. Contact and Privacy Queries

If you have questions, concerns or requests regarding this Policy or how we process your Personal Data, please contact us at [email protected] or [email protected].

Scroll to Top