Customer Privacy Policy

v1.2 - 26/5/2021
Version 1.1

1. About Juni

We are Juni Technology AB (‘we’, ‘our’, ‘us’) and operate under the business name Juni. Juni is registered with the Swedish companies register (registration number 559248-0908), and with a registered address at Masthamnsgatan 21, 413 28 Gothenburg, Sweden.

For the purposes of data protection law, we are a data controller in respect of the personal data we receive from you, or otherwise collect about you, and we are responsible for ensuring that we use your personal data in compliance with applicable data protection laws in the EU, European Economic Area (EEA) and the UK, such as Regulation 2016/679 (‘General Data Protection Regulation’).

2. Setting the scene

This Privacy Policy describes what information Juni collects about you and how Juni uses your personal data when you open an account with us, use the Juni platform, our cards, or our website www.juni.co. This Privacy Policy also describes your rights in relation to our use of your personal data, and how to exercise them.

Juni is committed to protecting and respecting your privacy and personal data. If you have any questions or concerns about our Privacy Policy, or our practices with regard to your personal data, please contact us at dpo@juni.co.

In the UK, we are registered with the UK data protection authority (Information Commissioner’s Office or ICO) under number ZA841298.

When we use the term personal data, we refer to any information which can be used to personally identify you (for example, a combination of your name and postal address).

If you give us personal data about other people (like Directors, owners, or employees), you confirm that you’ve been authorised by them to disclose this information, and that they understand how we’ll use their personal data.

Please read this Privacy Policy carefully as it will help you make informed decisions about sharing your personal data with us.

3. What personal data do you collect about me?

In short: Juni will collect and use specific types of information about you at different times. We will collect personal data when you interact with us, for example through our website or the Juni platform if you have an account with us, when you apply for a job, or use a service that integrates with Juni. In some cases, we will also collect information about you from third parties.

If you want more detail, here is the information we may collect about you:

When you apply for a Juni account

  • Personal details, such as the full name and date of birth of the applicant (authorised representative of the company), the Director(s), and any ultimate beneficial owners of the relevant company.
  • Contact details, such as the address of the applicant, Director(s), any ultimate beneficial owners, and the applicant’s email.
  • Information about your identity, such as a copy of your passport or relevant identification verification document.

Information we collect or generate about you when you use the Juni platform and card

  • Information about your Juni cards, including the card number, expiry date, and CVC. 
  • Details about transactions made with your Juni card and on integrated accounts, including the date, time, amount, currencies, exchange rate, beneficiary details, details of the merchant or ATMs associated with the transaction (including merchants’ and ATMs’ locations), IP address of sender and receiver, sender's and receiver's name and registration information, messages sent or received with the payment, details of device
    used to arrange the payment, and the payment method used.

Information we collect or generate when you get in touch with us

  • Your email when you contact us via the Juni chat.
  • Your email address and the contents of your communication.
  • Public details from your social media profile (e.g. Facebook) if you reach out to us via these platforms, and the contents of your messages or posts to us.

Information we collect from your device

  • IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our site, and other technical information. This information is primarily collected for security and operational purposes, or analytics.

Information we collect from third parties

When you register with us, we also run checks on your records at:

  • fraud prevention agencies, KYC (Know-Your-Customer) and anti-money laundering service providers to meet our regulatory obligations, and
  • credit reference agencies to help us verify your identity, determine whether we can offer you our services, and calculate your risk profile. The information includes financial transactions, balances, identity and investments. Bear in mind that this is a “soft search”and will have no impact on your credit score.

For enhanced due diligence checks, KYC purposes, or market research, Juni may also collect personal data from publicly available sources, such as official public records and information published in the press or on social media.

4. What legal basis do you use?

In short: Juni will only collect and process your personal data if we have a legitimate reason todo so. We always rely on one of the following legal bases when we use your personal data: contractual obligations, legal obligation, legitimate interest, consent, and substantial public interest.

Contractual obligations

To meet our contractual obligations towards you and be able to offer you our services, Juni needs to use certain personal data.

Legal obligation

In some cases, Juni needs to collect and retain your personal data in order to comply with applicable laws and regulations. For example, we must keep certain personal data about our customers to meet legal obligations imposed by anti-money laundering legislation.

Legitimate interest

Juni might use this legal basis to collect and process your personal data, or share it with other organizations, to pursue our legitimate interests provided that the latter are not overridden by your interests, rights, or freedoms.

Consent

This legal basis applies when you have affirmatively consented to Juni collecting your personal data. This is usually the case when you indicate that you agree that your personal data is collected, e.g. by ticking a box. In cases where Juni processes personal data based on your consent, you reserve the right to revoke this consent at any time. For more information, please refer to section 8 (How to exercise your rights).

Substantial public interest

Sometimes Juni will collect your personal data in order to perform a task in the public interest that is set out in law.

5. How do we use your personal data?

In short: Juni uses your personal data to carry out its operations smoothly and offer you our services, to make sure that we meet all our contractual obligations, to keep both our customers and Juni safe and secure, and comply with all applicable regulations.

Providing our services

When you apply to open an account with us, Juni will use the personal data you provide to verify your identity and reach a decision on whether we will be able to provide you with our services. The ground for processing your data in this case will be our legal obligation.

We also use your personal data to ensure that we can continue offering you our services promptly. For example, if you make any transactions, such as payments with your Juni card, payments into and out of your Juni account, and cash withdrawals, we will use your personal data to properly execute them.

Juni will use your personal data when you contact customer support with any queries or issues you may have in order to assist you.

In these instances, Juni will process your personal data to fulfil contractual obligations.

Product development, marketing, and targeted advertising

Juni or our third party marketing partners will use your personal data to send you marketing and promotional communications regarding our services, and in accordance with your selected preferences. You can always opt-out of our marketing communications at any time by emailing our Data Protection Officer at dpo@juni.co. For more information on how to exercise your rights, please see section 8 (How to exercise your rights).

We may also use your personal data to track, analyse and improve how you respond to the ads we show you, and develop and display content.
 
For the purposes mentioned above, we will process your information based on our legitimate interest in understanding how to market our services to you and improve Juni.

To keep our services up and running

Juni will use your personal data to manage www.juni.co and the Juni platform. For example, we will use your personal data to perform data analysis, testing, research or for statistical purposes, making sure that we keep working on improving your experience and the content that is presented to you. The legal basis for such processing will be the terms of your engagement with the Juni card and/or platform, or Juni’s legitimate business interests, namely to be efficient about how we fulfil our contractual obligations towards you.

For more information, please see our Cookies Policy.

Processing in order to comply with applicable law and enforce our rights

As a financial services provider, Juni needs to use your information to confirm your identity when you sign up with us, perform checks on your record with fraud prevention and credit agencies, and comply with applicable financial crime laws.

Sometimes Juni might need to share your personal data with our regulators, tax authorities, law enforcement or fraud prevention agencies.

In these cases, Juni will process your personal data based on substantial public interest or legal obligation.

For more information on who we share your personal data with, please read section 13 (Who do you share my personal data with?).

We will use your information to protect Juni from legal claims and enforce our rights. We will do so relying on our legitimate interest arising in such instances.

6. Profiling and Automated Decision Making (ADM)

In order to offer you our services more efficiently and achieve accurate, fair, and non-biased outcomes, sometimes we may need to make automated decisions about you. As a financial services provider, we use ADM to protect our customers and comply with regulatory and supervisory requirements, such as the Anti-Money Laundering Directive (AMLD) to detect and prevent fraud, terrorism financing or other criminal activity. For example, Juni employs ADM:

  • when you register with Juni to decide whether we can offer you our services based on a number of factors, including your age, financial position, and other circumstances, such as the results of anti-money laundering and sanctions checks.
  • when you open an account with us to verify the identity documents and information you provided.
  • to monitor your account for fraud and money laundering, and take necessary action.

7. Your rights

In short: Under data protection legislation in the UK and EEA, and this Privacy Policy, you have certain rights, including but not limited to the right to request access to your personal data, to manage it, to request us to delete or update it, or restrict the way it is being used.

Right to be informed
You have the right to be informed about how Juni collects and uses your personal data.We provide you the required information through this Privacy Policy and by answering any privacy-related questions you address to us.
Right to access your data
You have the right to request a copy of the personal data we hold about you.
Right to rectification
You can have inaccurate personal data rectified, or completed if it is incomplete.
Right to erasure

Under certain circumstances, you may have the right to ask us to delete your personal data. You can request your data deletion:

  • if it is no longer necessary for us to process the data for the purpose it was collected,
  • you have withdrawn your consent when the processing was based on that legal basis,
  • we have used your personal data unlawfully, or
  • we have to comply with a legal obligation.

Please note that Juni is a regulated financial services provider and in order to meet our regulatory responsibilities we might not be able to proceed further with your request. For more information, refer to section 15 (How
long do you keep my personal data for?).

Right to restrict processing of your data or object to our processing

In certain circumstances, you may request that Juni restricts or suppresses the processing of your personal data:

  • if you have asked Juni to verify the accuracy of your data,
  • if Juni has processed your data unlawfully, but you do not wish your data to be deleted,
  • Juni no longer needs your personal data, but you do not wish your data to be deleted in order to establish, exercise, or defend a legal claim, or
  • you have objected to Juni using your personal data, but we have to consider whether we have a legitimate ground that overrides yours.
Right to challenge an automated decision
You have the right to request that Juni manually reviews an automated decision made about you if that decision has a legal or similarly significant effect on you.
Right to withdraw consent
If the legal basis we use for the processing of your personal data is consent, you can withdraw your permission any time.

8. How to exercise your rights

If you wish to exercise any of the rights mentioned in the previous section, you may contact us via chat at Juni or send us an email at dpo@juni.co. You may also contact us the same way in case you have any questions about this Privacy Policy. For security purposes, Juni will ask you to verify your identity when you submit a request.

9. How to lodge a complaint

You have the right to lodge a complaint with your national data protection authority if you are not satisfied with how Juni uses your personal data. A list of all competent authorities in the EU can be found here. In the UK, you can refer the issue to the Information Commissioner’s Office, the UK’s supervisory data protection authority.

10. Where do you store my personal data?

All personal data is stored on our secure servers in accordance with the General Data Protection Regulation within the EEA. In limited situations, personal data may temporarily be stored outside the EEA, please see under 12 (Is my personal data transferred internationally?) below.

11. Do you keep my information safe?

In short: We aim to protect your personal data through a system of organizational and technical security measures.

Juni has adopted a series of robust technical and organisational security measures designed to protect your personal data from any unauthorised access, use or disclosure of it. Juni employees receive data protection and information security training in accordance with data protection legislation.

Although we take all reasonable steps to ensure that your personal data is secure and treatedwith the highest level of care, we cannot guarantee that it will be secure during transmission byyou to the Juni platform, website, or other services.

You need to keep your login information to the Juni platform confidential and not share it with anyone.

When you interact with our social network accounts, such as our Facebook Community page, remember that any personal data you share in this space will become publicly available, and thus could be seen, collected, or used by other customers.

12. Is my personal data transferred internationally?

In short: We may transfer, store, and process your information in countries other than your own.

Juni provides an international service which in some instances may require transferring, storing, and processing of your personal data in a country outside the UK and EEA. To do so, we have taken all necessary steps to ensure that your data is afforded a level of protection that is essentially equivalent to that guaranteed within the EEA.

For that reason, we will only transfer your data to a third country:

  • if the European Commission has adopted a decision confirming that a third country provides adequate protection.
  • if we’ve agreed to standard contractual clauses approved by the European Commission with the organization.

13. Who do you share my personal data with?

In short: Sometimes Juni will share your personal data with companies that we do business with, with credit reference, fraud prevention and law enforcement agencies, and with our regulators.

Companies that provide services to Juni

In order to be able to offer our services and deliver a smooth and tailored experience to you, we have business relationships with a number of companies with whom we share your personal data. Juni will only share as little information as possible with the third parties mentioned below:

  • KYC service providers that help us with verifying your identity and carry out fraud checks (TruNarrative)
  • Cloud computing power and storage providers (Amazon Web Services)
  • Cyber security service providers (Auth0)
  • Website hosting providers (Amazon Web Services)
  • Analytics providers and search information providers (Google Analytics)
  • Communications services providers that help us stay in touch with you and provide
    customer service (HubSpot, Chili Piper)
  • Companies that help us with marketing and advertising (Facebook Audience Network,
    Facebook Advertising, Google AdSense, Snapchat, Google Ads Remarketing and
    Facebook Remarketing)
  • Companies that allow you to connect your financial data (Token.io, Plaid)
  • Companies that help us with functionality and infrastructure optimisation (Kickofflabs,
    Zapier, GetResponse)
  • Card producers and networks (allpay cards)
  • Banking-as-a-Service provider (Railsbank)

Fraud prevention agencies

Juni will share your personal data with fraud-prevention agencies to verify your identity when you apply for an account with us. While you are our customer, we might need to share your information with them to assist in preventing fraud and money laundering when it is in our legitimate interest. Bear in mind that if fraud is detected, other organisations might also use this information to refuse their services, finance, or employment.

Law enforcement and other external parties

Juni may share your personal data with the following:

  • Police, courts, alternative dispute resolution bodies, and any other third party (for example, our regulators) to meet our legal obligations.
  • Other financial institutions, such as banks or e-money institutions, to assist their investigation of tracing your funds in case you have been a victim of fraud or there is an ongoing dispute claim about a payment.
  • Competent authorities that carry out financial crime, money laundering, terrorism and tax evasion investigations, if we are required to do so.

14. Do you collect information from minors?

In short: We do not knowingly collect data from or market to children under 13 years of age.

We do not knowingly solicit data from or market to children under 13 years of age. By using the services, you represent that you are at least 18 years of age. If we learn that personal data from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we have collected from children under age 13, please contact us at dpo@juni.co.

15. How long do you keep my personal data for?

In short: We keep your information for as long as it is necessary to fulfil the purposes outlined in this Privacy Policy unless otherwise required by law.

To meet our regulatory obligations under anti-money laundering and e-money laws in the UK, we are required to keep your personal data as long as you are using Juni, and some of your personal and transactional data for 6 years after our contract with you is terminated. In some cases, such as a potential or ongoing court claim, we might need to keep your personal data for longer.

To meet our regulatory obligations under anti-money laundering and e-money laws in the EEA, we are required to keep your personal data as long as you are using Juni, and some of your personal and transactional data for 8 years after our contract with you is terminated. In some cases, such as a potential or ongoing court claim, we might need to keep your personal data for longer.

16. Cookies and similar tracking technologies

Juni uses cookies to analyse how you use our website. Please read the Cookies Policy for more information about cookies.

17. Changes to this Privacy Policy

Juni will post any changes we make to our Privacy Policy on this page and within the Juni platform, and if there are significant changes, we’ll let you know by email, through the Juni platform, or through our website.