Effective Date: 24.11.2023.

This Privacy Policy presents important information about your personal data. Please take time to read this Privacy Policy carefully to understand how we handle your data. By using our ProfitApp platform, i.e., our website, mobile application, and services we provide, you consent to the practices described below.

Introduction

Those responsible for the ProfitApp program are the Joint Stock Company “ProfitApp International” with its registered office at Bulevar Svetog Petra Cetinjskog 120, 81000 Podgorica, Montenegro, and its subsidiary company the Profit Pay d.o.o. with its registered office at Kamniška Ulica 25, 1000 Ljubljana Slovenia.

Both are hereinafter referred to collectively as “ProfitApp”/” we”/” our”/”us”.

We believe in the idea that it is possible to create a formula that enables everyone to win. Therefore, we have, proudly, created a loyalty program that enables customers (buyers) to control their finances with the benefit of receiving instant cashback. In return our platform also serves our partners, business owners, to receive a constantly increasing number of new and loyal customers. The unique set of services and tools that we provide via our ProfitApp mobile application are specifically designed to ensure that all our users will receive their benefits in the most convenient manner.

We take our responsibility for protecting your data seriously, therefore we process your data in accordance with the applicable data protection laws, including the Regulation (EU) 2016/679 of the European Parliament and of the Council, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and reappealing Directive 94/46/EC (GDPR), and Slovene Data Protection Law (Zakon o varstvu potrošnikov – ZVOP-2).

Definitions Of the Terms We Use in This Policy

  • ProfitApp” or “we/our/us” stands for the JSC “ProfitApp International” and “ProfitPay d.o.o.” entities that are responsible for the collection and processing of your personal data under this Privacy Policy in the frame of providing our Services.
  • Personal Data” refers to any information that relates to an identified or identifiable natural person, also known as data subject. Personal data encompasses a wide range of information that we use, collect and process to identify an individual and to improve and protect our platform and services.
  • Services” refers to all products and services that we, together with other businesses and organizations, provide to you such as our ProfitApp mobile application, Merchant and User Dashboard, cashback, promotion, payment processing etc.
  • Business Relationship” refers to any of ProfitApp-provided services-based relationship between ProfitApp and you (such as business relationship between ProfitApp and Merchant for providing of acquiring services and promotion, business relationship between End-User and ProfitApp for providing of cashback, etc.).
  • Service User” or “you” is the user of products and/or services provided by ProfitApp. Since we provide services for commercial and/or personal use, depending on the context, “you” can relate to the Merchant and can also relate to:
  1. the Representative, when you are acting on behalf of the Service User (e.g., you are a founder of a company, or administering a business relationship with ProfitApp for a Merchant, who is a Service User);
  2. the End User, when you directly use the ProfitApp-provided Services for your individual personal use;
  3. the Potential Service User, when you visit our website or web-application (e.g., you send us a message asking for more information because you are considering being a user of our products or services).
  • Merchant” refers to a person, business or entity that is selling goods and/or services and is part of our ProfitApp program.
  • Paywiser” refers to PAYWISER d.o.o, the regulated Electronic Money Institution – EMI, authorized and regulated by the Bank of Slovenia under license number 0.04.5.4-5/2020-70. Paywiser is responsible for opening User’s payment account for e-money and for issuing e-money to a User. ProfitApp acts as an electronic money distributor of Paywiser. Paywiser provides payment accounts and issues electronic money.
  • KYC” refers to “Know Your Customer” process which is a set of procedures and verification methods that we use to confirm the identity of our users. The KYC process is essential for preventing fraud, identity theft, money laundering and other financial crimes and is needed for you to qualify for full functionality.
  • Terms and Conditions” refers to a legal agreement between ProfitApp and You. Terms and Conditions define the rules and guidelines that you must follow when using our Services and outline the rights, responsibilities, and limitations for both-us, as the service provider and you, as the User. This Privacy Policy presents an integral part of our Terms and Conditions for Users.

Who Is the Data Controller of Your Personal Data

Joint Stock Company “ProfitApp International”, with its registered office at the address Bulevar Svetog Petra Cetinjskog 120, 81000 Podgorica, Montenegro, and its subsidiary company the Profit Pay d.o.o. with its registered office at Kamniška Ulica 25, 1000 Ljubljana Slovenia act as Joint Controllers under data protection regulations (the GDPR) for processing your personal data when providing services related to ProfitApp program, whereas the JSC “ProfitApp International” acts as Primary Data Controller that handles your data. The Data Protection Officer is available via paper post at the registered office and via email: office@profitapp.me.

For the purpose of the distribution/redemption of electronic money, ProfitPay d.o.o. and “Paywiser d.o.o.” with its registered office at Bravničarjeva ulica 13, 12000 Ljubljana, Slovenia act as a “Joint Data Controller” under data protection regulations (the GDPR) and, therefore, share their responsibilities and obligations with JSC “ProfitApp International”. The Data Protection Officers for both companies are available via paper post at their registered offices and via email, for “Profit Pay d.o.o.” at info@profitapp.si and for “Paywiser d.o.o.” at privacy.eu@paywiser.com.

Information We Collect and Process

  • Personal Information: such as your name and surname, email address, postal address, and phone number once you have provided it to us voluntarily. When you opt for the Payment Account, we might collect your gender, date, place and country of birth, citizenship, nationality, employment status, tax number (TIN), tax residency, US person (yes/no), the purpose and nature of business relationship and source of funds,  payments to and from countries, volume of received payments per month and volume of yearly turnover, all for the purpose of the KYC.

  • Identification documents: information about your ID document such as the type and number of the document, the date of the issuance, issuer, and date of validity together with the copy of the ID document and the facial capture, as a part of our KYC process, only in case you decide to opt for a Payment Account
  • Financial Information: such as transaction records, billing amount and bank account details, as well as IBAN when your Payment Account is created.
  • Usage Information: about how you use our website/mobile application, this includes your IP address, browser type, operating system, and usage patterns.
  • Cookies: We use cookies and similar technologies to collect data about your interactions with our website. You may manage cookie preferences in your browser settings.
  • Demographic Information: such as age, location, or language.
  • Information about your choice of our merchant partners (that provide you with products or services).
  • Information about goods or services you purchase.

Collection Methods

We collect your personal data directly from your use of our services. We rely on consent-based data collection. Depending on the actions you take, details you provide to us will be regarded as a consent in the following ways:

  • When you visit our website and register for an account.
  • When you provide information to earn cashback with merchants.
  • When you contact our support team via email, phone, live chat.
  • When you take part in user surveys, forums, or promotions.

We may also collect your data from third party sources (such as identity verification partners) in accordance with the relevant laws.

Purposes of Processing Data

We only process your personal data for specified, explicit and legitimate purposes, as stated in Art.6(1) of GDPR, this includes:

  • Verifying your identity under KYC (Know Your Customer), verification process is our legal obligation, this is in accordance with Fourth, Fifth and Sixth Anti-Money Laundering Directive (EU).
  • Processing cashback transactions and payouts as necessary to perform our contractual obligations and in some cases legal obligations, in accordance with the European Union’s Payment Services Directive, Anti-Money Laundering Regulation, Regulation on information on the payer accompanying transfers of funds, Consumer Protection laws and other relevant European Union and Slovenian legislation.
  • Providing customer support and responding to inquiries, based on our legitimate interest and in accordance with the Directive on Consumer Rights (EU).
  • Improving existing products and developing new features, based on our legitimate interest.
  • Detecting and preventing fraud, spam, abuse and illegal activity, this is done in accordance with the Payment Services Directive (EU), Anti-Money Laundering Regulation, Regulation (EU) on information on the payer accompanying transfers of funds, Consumer Protection laws,  Directive  (EU) on non-cash payment, Directive on attacks against information systems and other relevant Slovenian legislation
  • Personalizing content and communications based on your preferences on the basis of our legitimate interest or when necessary, your explicit consent, this is done in accordance with (EU) Directive on Unfair Business-to-consumer Commercial Practices.

If you do not want to disclose your personal data to us in the cases described in this chapter, we may not be able to perform contractual obligations, duties, and rights as defined in the Terms and Conditions for fulfilling your applications and requests. Terms and Conditions are available at https://profitapp.rs/opsti-uslovi-poslovanja-za-korisnike-profit-app-aplikacije-srb/ .

We only process data necessary for each purpose and obtain your consent where required.

Data stated above is collected by the Primary Data Controller, as well as by Joint Controllers ProfitPay d.o.o. and Paywiser d.o.o. In specific, Paywiser collects and process data in cases where you opt to register for a Paywiser account (please refer to “Who Is the Data Controller of Your Personal Data“section above). For more information on how Paywiser process your personal data please read the Paywiser’s Privacy Policy published on www.paywiser.com.

Services That are Subjected to Cooperation Between ProfitPay d.o.o. and Paywiser d.o.o.

As a part of our expansion process in the European market, Joint Stock Company “ProfitApp International” with its registered office at Bulevar Svetog Petra Cetinjskog 120, 81000 Podgorica, Montenegro, has partnered up with Paywiser d.o.o. with its registered office at the address Bravničarjeva ulica 13, 1000 Ljubljana, Slovenia.

Paywiser is authorised by the Bank of Slovenia as an Electronic Money Institution under license number 0.04.5.4-5/2020-70, issued on 2.11.2021. and, as such, enables us to distribute and redeem Electronic Money within the European Union through our joint controller ProfitPay d.o.o. with its registered office at the address Kamniška Ulica 25, 1000 Ljubljana Slovenia.

ProfitPay d.o.o. and JSC “ProfitApp International” enable you, via our ProfitApp mobile application, to create user accounts, receive cashback from our Merchant partners and receive information about promotions. In addition, our cooperation with Paywiser d.o.o. enables you to store, receive and manage your money electronically.

Your Privacy Rights

When it comes to exercising your data protection rights, such as the right to rectify, access or delete your personal data, there is specific legislation that grants you these rights:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation).
  • The Slovenian Personal Data Protection Act (ZVOP-2)
  • Any legislation for the purpose of transposing or applying legislation stated above or that has been adopted following the EU Regulation.
  • Any other relevant data protection laws or regulations during the term of this Agreement.

As a user, you have the following rights related to your personal data:

  • Right to access and rectify your data.
  • Right to have your data erased.
  • Right to restrict or object to processing.
  • Right to data portability.
  • Right to withdraw consent.
  • Right to lodge complaints with the data protection authority.

You are entitled to request us to erase any personal data we hold about you as per Art.17 of the General Data Protection Regulation (GDPR) of the EU.

We will do our best to respond promptly and in any event within one month of the following:

  • Our receipt of your written request; or
  • Our receipt of any further information we may ask you to provide to enable us to comply with your request, whichever happens to be later.

In certain cases, we may contact you to verify your identity.

When resolving complaints related to the processing of personal data, which we cannot resolve directly with you, we cooperate with the competent regulatory authorities. You have the right to legal protection. You can contact the Information Commissioner of the Republic of Slovenia. Before each application, please contact us so that we can solve your problem together.

To make requests regarding your privacy rights, please contact us at office@profitapp.me (our headquarters in Montenegro) or at info@profitapp.si (our office in Slovenia).

For further information about GDPR please visit: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679.

Data Security

We implement technical and organizational measures to protect your data including:

  • Encryption of data transmitted online and stored in systems.
  • Access controls for authorized staff only.
  • Staff training and policies on data handling.
  • Physical security controls on data centers.

In the event of a breach, we will notify affected users and the relevant data protection authority within 72 hours.

Data Sharing

We may disclose your personal data to:

  • Service providers and contractors for operational functions but limited to the required data and secured through contractual protections.
  • Financial institutions about your payments.
  • Fraud prevention agencies and law enforcement to detect unlawful acts.
  • Tax authorities, regulators, courts, or other public authorities if compelled by law or public duty.
  • Our Merchant partners may use data collected, on our behalf, about you:
    • to improve their products/services.
    • to offer personalized services.
    • to create promotional offers.
    • for marketing and advertising purposes.
    • to do market research and to gain better understanding of customer behavior.
  • Any third party when explicitly authorized and consented by you.

Data Export Outside of the European Union

As our Joint Stock company “ProfitApp International” is located in Podgorica, Montenegro we have to export your data outside of the EU. This process is done under the Binding Corporate Rules (BCRs) that allows us, as an international organization, to make transfers of personal data across borders and in compliance with the GDPR within our group.

Before exporting any of your personal data, we will ensure an adequate level of data protection.

Retention Periods

We retain your personal information as long as you maintain an active account with us. Closed account information is anonymized after 36 months unless we have to comply with legal requirements for further retention. Inactive user accounts will be deleted after 36 months.

In case you opt for a Payment Account, we keep personal data in accordance with limitation periods and retention obligations that are imposed by applicable law. As a rule, your personal data is kept for ten (10) years after the termination of the business relationship or execution of the transaction.

Data processed, on the basis of your consent, is kept until your cancellation or requests for data deletion, but no longer than ten (10) years after the termination of the business relationship or until the purpose for which they were acquired is fulfilled.

Contact Us

If you have any concerns about our privacy practices, please contact us at office@profitapp.me or info@profitapp.si or write to us at:

  • “Profit App International AD Podgorica”, Blvd. Svetog Petra Cetinjskog 120, 81000 Podgorica,Montenegro.
  • “ProfitPay d.o.o.” Kamniška Ulica 25, 1000 Ljubljana Slovenia.

Changes to this Policy

We may modify this Privacy Policy from time to time and in accordance with potential changes that may occur in existing legislation. We will post updated versions on our website and notify you when changes have been made.

Your continued use of our services indicates acceptance of the changes.

Version 1.0.

Last updated: 17th November 2023.