API Privacy Policy

This Privacy Policy (“Policy”) governs your use of the products, services, content, features, or technologies offered by the Transferzero Money Transfer Entidad De Pago, S.A, trading under the name “AZA Finance” (hereinafter also referred to as “AZA”, “TransferZero” “we”, “us”, “our” or “the Company”) (collectively, including all updates and other modifications thereto.

You accept and consent to the terms of this Policy when you sign up for, access, or use our services. By accepting and consenting to this Policy, you expressly consent to our use and disclosure of your personal information and direct us to do so in the manner described in this Policy.

1. Overview

In order to access our services and to reduce the risk of fraud, as  the data controller, we may ask you to provide us with information about yourself and your organisation, as well as any other types of information specified in this Policy.

By consenting to, and agreeing to the terms of this Policy  you expressly consent and agree to us processing your data in the manner set out herein. This Policy describes the information we collect and how we use that information. 

We take the processing of your information very seriously and will use your information only in accordance with the terms of this policy. For the purposes of this Policy, the term “information” means any confidential and/or personally identifiable information or other information related to users of our services, specified in this Policy.

We will not sell or rent your information to third parties for their marketing purposes without your explicit consent. However, in order for us to offer our services; enhance the quality of our services from time to time; and protect the interests of our users, we will in limited circumstances share some of your information with third parties under strict restrictions, as described in greater detail in the following sections of this Policy. It is important for you to review this Policy as it applies to all our services.

2. Changes to this Policy

All future changes to this Policy are incorporated by reference into the Website Terms of Use and will take effect as specified in the Policy updates, when they may occur. “Policy Update” means a prior notice of changes to any of our terms which we may make available to you in writing, including in electronic form. If you disagree with the terms of this Policy, please do not register for or use of our services.

3. Notification of changes

This Policy may be revised over time as new features are added to our services, or as we incorporate suggestions from our customers and or users. We may change this Policy at any time by posting a revised version of it on our website. Unless we have legal grounds to do otherwise, we will provide you with at least 30 days’ prior notice of the effective date of the revised Policy. 

We may post a notice on our website and/or send the notice by email. As of the effective date of the revised Policy, you will be considered as having consented to all changes to the Policy. If you disagree with the terms of this Policy, you may close your account at any time.

4. Information we collect

  • Required Information: To use our services, you must provide your designated contact’s name & email address, business name, business address, business phone number, incorporation certificate and incorporation documents reflecting the directors and shareholders, the identification document of the directors and shareholders, proof of address of directors and shareholders or other information to be determined by us from time to time. We may also ask you to choose different security questions to answer.
  • Using your device: When you use our services using any device (whether connected via wireless connection or by a fixed line or otherwise), we may additionally collect and store device sign-on data (including but not limited to device ID) and geolocation data, in order to provide our services.
  • Information about you from other sources: We may also collect information about you from other sources, including from other entities of the group to which we belong, other companies (subject to their privacy policies and applicable law), and from other accounts we have reason to believe you control (whether in part or in whole).
  • Website Traffic Information: Because of the way internet communication standards work, when you arrive at or leave our website, we may automatically receive the web address of the site that you came from or are going to. We also collect information on which pages of our website you visit, IP addresses, the type of browser you use and the times you access our website.
  • Cookies, Web Beacons, Local Storage and Similar Technologies:When you access our website, or use our services, we (including companies we work with) may place small data files on your computer or other device. These data files may be cookies, pixel tags, “Flash cookies,” or other local storage provided by your browser or associated applications (collectively “Cookies”). We may use Cookies to recognise you as a customer, customise our services, content and advertising, measure promotional effectiveness, help ensure that your account security is not compromised, mitigate risk and prevent fraud, and to promote trust and safety across our sites and our services.

    You are free to decline our Cookies if your browser or browser add-on permits, unless our Cookies are required to prevent fraud or ensure the security of websites we control. However, declining our Cookies may interfere with your use of our website and our services.

  • Communications: When you communicate with us for customer service or other purposes (e.g., by emails, phone calls, etc.), we may retain such information and our responses to you in the records of your account, for the purpose of proof of commercial transactions and communications.
  • Questionnaires, Surveys, Sweepstakes and Account Data: From time to time, we offer optional questionnaires, surveys and sweepstakes to our users for such purposes as collecting demographic information or assessing users’ interests and needs. If we collect personally identifiable information from our users in these questionnaires, surveys, and sweepstakes, the users will be given notice of how the information will be used prior to their participation in the survey, questionnaire or sweepstake.
  • Account information: For the purposes of this Policy, account information (“Account Information”) includes without limitation: contact person’s name, email address, business name, business address, phone number, IP address, device ID, geolocation information, details of identity collected as part of our “know your customer” checks on you, and customer correspondence.


5. How we use the information we collect

We collect, store and process your information on servers located in the European Union. Our primary purpose for collecting your information is to provide you with a safe, smooth, efficient, customised experience and in complying with applicable laws and regulations, including cooperating with relevant authorities and regulators.

6. You agree that we may use your personal information to:

  • Verify identity and conduct screening, including during account creation and or password reset processes;
  • Manage risks, Detect, prevent or remediate violations of policies or applicable user agreements;
  • Planning, performing and managing the business relationship with Users;
  • Provide you with customer support services;
  • Improve our services by customising your user experience;
  • Measure the performance of our services and improve their content and layout;
  • Manage and protect our information technology infrastructure;
  • Provide targeted marketing and advertising, provide service updates, and deliver promotional offers based on the communication preferences you have defined for your account with us (please refer to the section “Our Contact with Customers” below) and your activities when using the our services; and
  • Questionnaires, Sweepstakes, Surveys and Account Data: If you choose to answer our optional questionnaires or surveys, we may use such information to improve our services, send you marketing or advertising information, manage the sweepstakes, or as otherwise explained in detail in the survey itself.


7. Our contact with customers:

We communicate with our users on a regular basis via email and chats to provide requested services. We may also communicate with our users by phone to:

  • Resolve customer complaints or claims made by users;
  • Respond to requests for customer service;
  • Inform users if we believe their accounts or any of their transactions have been used for an illegitimate purpose;
  • Confirm information concerning a user’s identity, business or account activity;
  • Conduct customer surveys; and
  • Investigate suspicious transactions.

We use your email or physical address to confirm your information about important changes to our products and services, and to send notices and other disclosures required by law. Generally, users cannot opt out of these communications, but they will be informational in nature, and not promotional.

We can also use your email address to send you other types of communications that you can control, including “news”, “customer surveys” and “notice of special promotions”. You can choose whether to receive all or none of these communications when you complete the registration process, or at any time thereafter, by logging in to your account and then selecting settings and updating your communication preferences.

In connection with independent audits of our financial statements and operations imposed by applicable law, the auditors may seek to contact a sample of our customers to confirm that our records are accurate. However, these auditors cannot use personally identifiable information for any secondary purposes.

8. Marketing

If you don’t wish to receive marketing communications from us, or to participate in our ad-customisation programs, simply unsubscribe.

9. How we share information with other third parties

Just like most banks or financial/payment service providers, we work with third-party service providers which provide important functions to us that allow us to be an easier, faster, and safer way to carry out our services to our customers. We need to disclose user data to them from time to time, so that the services can be performed.

We will not transfer, disclose, sell or rent any of your personal information to third parties for their marketing purposes without your explicit consent, and will only disclose this information in the limited circumstances and for the purposes described in this Policy. This includes transfers of data to non-EEA countries; which we  will always endeavour to carry out in compliance with the requirements of the applicable data protection law. In this regard, transfers to non- EEA countries may notably be carried out on the basis of adequate contractual arrangements, a copy of which may be provided to you upon request.

In order to provide our services, some information we collect from or about you, may be required to be transferred to other AZA group entities or other entities, in their capacity as service providers, payment providers or payment processors (or similar capacities). You acknowledge that according to their local legislation, such entities may be subject to laws, regulations, inquiries, investigations, or orders which may require the disclosure of information to the relevant authorities of the relevant country.

10. Specifically, you consent to and direct us to do any and all of the following with your information:

  • Disclose necessary information to: the police and other law enforcement agencies; security forces; competent governmental, intergovernmental or supranational bodies; competent agencies, departments, regulatory authorities, self-regulatory authorities or organisations and other third parties, including any of the Transferzero Money Transfer Entidad De Pago, S.A, that (i) we are legally compelled and permitted to comply with; (ii) we have reason to believe it is appropriate for us to cooperate with governmental agencies or payment or processing partners in investigations of fraud or other illegal activity or potential illegal activity, to the fullest extent permitted by law, or (iii) to conduct investigations of violations of our User Agreement (including without limitation, your funding source or mobile wallet or credit or debit card provider).
  • If you are covered by the FATCA or CRS Law, we are required to give you notice of the information about you that we may transfer to various authorities. If we believe your account may be subject to these regulations, we may notify you separately.
  • We and other organisations, including financial institutions that cooperate with us, may also share, access and use (including from other countries) necessary information (including, without limitation the information recorded by fraud prevention agencies) to help us and them assess and manage risk (including, without limitation, to prevent fraud, money laundering and terrorist financing).
  • Disclose necessary information in response to the requirements of other financial institutions or a civil or criminal legal process.
  • Disclose necessary information to the payment processors, auditors, services providers and fraud agencies, financial products providers, commercial partners, marketing and public relations companies, operational services providers, group companies, agencies, marketplaces and other third parties listed here. The purpose of this disclosure is to allow us to provide our services to you.
  • Disclose necessary information to your agent or legal representative (such as the holder of a power of attorney that you grant, or a guardian appointed for you).
  • Disclose aggregated (i.e.: anonymised) statistical data to our business partners or for public relations. For example, we may disclose that a specific percentage of our users live in a certain city. However, this aggregated information is not tied to personal information.
  • Share necessary Account Information with unaffiliated third parties (listed below for their use for the following purposes:
  • Fraud Prevention and Risk Management: to help prevent fraud or assess and manage risk, as permitted by applicable law.
  • Customer Service: for customer service purposes, including to help service your accounts or resolve disputes (e.g., billing or transactional).
  • Legal & Compliance service providers: to help us comply with anti-money laundering and counter-terrorist financing verification requirements, as permitted by applicable law.
  • Service Providers: to enable service providers under contract with us to support our business operations, namely fraud prevention, bill collection, marketing, customer service and technology services. Our contracts dictate that these service providers only use your information in connection with the services they perform for us and not for their own benefit.
  • Mergers or Acquisitions: As with any other business, it is possible that in the future we could merge with, or be acquired by, another company. If such an acquisition occurs, you consent to the successor company having access to the information maintained by us, including customer account information, and such successor company would continue to be bound by this policy unless and until it is amended.


11. Cross border transfers of your information

We are committed to adequately protecting your information regardless of where the data resides and to providing appropriate protection for your information if your data is transferred outside of the EEA. In this regard, transfers to non-EEA Member States may notably be carried out on the basis of adequate contractual arrangements, a copy of which may be provided to you upon request.

12. Information Security

We are committed to handling customer information with high standards of information security. We use computer safeguards such as firewalls and data encryption, we enforce physical access controls to our buildings and files, and we authorise access to personal information only for those employees who require it to fulfil their job responsibilities, and who have committed themselves to confidentiality undertakings.

The security of your account also relies on your protection of your account password. You may not share your password with anyone. Our representatives will never ask you for your password, so any email or other communication requesting your password should be treated as unauthorised and suspicious and forwarded to us

If you do share your password with a third party for any reason, including because the third party has promised to provide you additional services such as account aggregation, the third party will have access to your account and your personal information, and you may be responsible for actions taken using your password. If you believe someone else has obtained access to your password, please change it immediately by logging in to your account and changing your Account settings, and also contact us right away.

13. Accessing and changing your information

You can review the personal information you have provided to us and make any desired changes to such information, or to the settings for your account, at any time by logging in to your account on the AZA website.

If you close your account, we will mark your account in our database as “Closed” but will keep your account information in our database for a period of 10 years. This is for instance necessary in order to fulfil our data retention requirements to comply with applicable laws and regulations, and for other legitimate business reasons, such as to deter fraud, by ensuring that persons who try to commit fraud will not be able to avoid detection simply by closing their account and opening a new account. However, if you close your account, your personally identifiable information will not be used by us for any further purposes, nor sold or shared with third parties, except as necessary to prevent fraud and assist law enforcement authorities, or as required by law. The information you provide us with will not be kept for longer than necessary with regards to the purpose of its processing described above, subject to statutory retention periods imposed by applicable law.

14. Contact us and exercising your rights

Our legal and privacy department is responsible for ensuring that our day-to-day procedures comply with this Policy. If you want to exercise your right to access your information, make changes or have any questions about this privacy statement, our information practices, or data protection, you can write to us at [email protected]

By writing to the above address, and subject to certain conditions set out by applicable data protection law, you may also exercise your rights to:

  • object to the processing of your information;
  • ask for erasure of your information within the limits permitted by applicable laws and regulations;
  • ask for portability of your information;
  • object to the use of your information for marketing purposes.

Finally, you acknowledge the existence of your right to lodge a complaint with a competent data protection supervisory authority.