Ria Payment Institution, EP, S.A.
Data Privacy Notice - v2.2 03.11.20

In this Data Privacy Notice (“Privacy Notice”) we explain how we collect and use your personal information that we obtain when you use our services, visit or use our websites or mobile applications or otherwise interact with us in the European Economic Area (“EEA”), how we share your information and the steps we take to protect your information.

 1. Who we are and the application of this Privacy Notice

This Privacy Notice applies to Ria Payment Institution, EP, S.A. (“RIA”, “we”, “our” or “us”), a subsidiary of Euronet Worldwide, Inc. (“Euronet”).  Further details on Euronet and the companies within the Euronet group global network (the “Euronet Group”) are available at: http://www.euronetworldwide.com. 

We are committed to the privacy and security of your Personal Data (as defined in section 2 below). This Privacy Notice describes how we collect and use Personal Data, in accordance with applicable law and our standards of ethical conduct.

Ria Payment Institution, Ep, S.A. at C/ Cantabria 2, 28108, Madrid (Spain) , will be the “data controller” in relation to any Personal Data provided to us directly in person, or via email, phone, and post or via the following website: https://dc.riafinancial.com/posta-romana (the “Website”). This means that RIA is responsible for deciding how it will hold and use Personal Data about you.

Our Euronet Group Data Protection Officer can be contacted:

• By email at:            dpo@euronetworldwide.com

• By post to:              Ria Payment Institution, EP, S.A.

C/ Cantabria 2

28108, Madrid

Spain      

                    

Attn.: Data Protection Officer                                             

By using or navigating the Website or any product or service offered by us (collectively, the "Services"), you acknowledge that you have read, understand, and agree to be bound by this Privacy Notice. You should not provide us with any of your information if you do not agree with the terms of this Privacy Notice.

We encourage you to review and check the Website regularly for any updates to this Privacy Notice. We will publish the updated version on the Website and by continuing to deal with us, you accept this Privacy Notice as it applies from time to time.

 2. Data Protection Principles

“Personal Data” means any information that enables us to identify you or the beneficiary of your transaction with us, directly or indirectly, such as name, email, address, telephone number, any form of identification number or one or more factors specific to you or your beneficiary’s physical, physiological, mental, economic, cultural or social identity. 

We are committed to complying with applicable data protection laws and will ensure that Personal Data is:

• Used lawfully, fairly and in a transparent way;

• Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;

• Relevant to the purposes we have told you about and limited only to those purposes;

• Accurate and kept up to date;

• Kept only as long as necessary for the purposes we have told you about; and

• Kept securely.

 3. What Personal Data do we collect and how do we collect it?

Personal Data You Give Us. We may collect Personal Data when you give it to us, including when you indicate that you would like to receive any of our Services, when you register with us, when you complete forms online, when you speak with us over the telephone, when you speak with us in person, when you write to us, and when you visit the Website and, in certain circumstances as set out in this Privacy Notice, when you have provided your information to a related company operating under the RIA brand or riafinancial.com (each a “RIA Company” and together the “RIA Companies”). We will also collect details of transactions you carry out through the Website and of the fulfilment of such transactions.  
The types of Personal Data we collect will depend on the products or services you have requested from us.  Any Personal Data collected is necessary for us to perform a contract and without such data we may not provide the desired Services. 

We may collect and process the following Personal Data:

• Personal details, such as data which may identify you and/or the beneficiary of your transaction with us. This may include name, title, residential and/or business address, email, telephone and/or fax numbers and other contact data, date of birth, gender, images, signature, passport/visa details;

• Financial details, such as data relating to you and your beneficiary’s payment data and bank account obtained for the purposes of money transfers; and/or

• Additional details requested by law enforcement or requested pursuant to our compliance procedures in connection with efforts to prevent money laundering, terrorist financing and criminal activity, such as relationship to the beneficiary of the transaction, the purpose of the transaction and proof of funds. 

Cookies and similar technologies. When you use our Website or mobile apps we collect information via cookies and similar technologies, including the IP address of visitors, browser type and version, time zone setting, screen resolution settings, browser plug-in types and versions, operating system and platform. We may use this data for the following purposes:

• To measure the use of our Website and Services, including number of visits, average time spent on a Website, pages viewed, page interaction data (such as scrolling, clicks, and mouse-overs), etc., and to improve the content we offer;

• To administer the Website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes; and

• As part of our efforts to keep the Website safe and secure;

Due to their core role of enhancing or enabling usability or site processes, disabling cookies may prevent you from using certain parts of our Website.  It will also mean that some features on our Website will not function if you do not allow cookies.

For more information please read our cookie policy.

 4. How we use your Personal Data?

We use Personal Data and other data you provide to us only for the following purposes permitted by applicable laws:

• When necessary for the performance of a contract with you: We may use your data on the basis of our need to perform our obligations under a contract with you, to complete your transactions or other requests made by you, to respond to and process your queries or requests, or to contact you as necessary in connection with our performance of a contract with you. For example, if you enter into a contract for our remittance services, your data will necessarily be shared with the payment service provider that will pay out funds to your designated beneficiary in the remittance destination country, it may be shared with our agents and/or contractors to facilitate the refund of a qualifying payment order to you, it may be shared with a Euronet Group company to provide assistance in connection with the Services outside of normal business hours, and it may be used if we find it necessary to contact you in connection with our contract. 

• When necessary to comply with a legal or regulatory obligation: We may use your data to comply with legal requirements and/or regulations specific to our business. For example, when you contract with us for remittance services, we are required to perform a certain level of due diligence prescribed by law and/or commensurate with any assessed risk which may result in the reporting of your data to legal and/or regulatory authorities and/or a request from us for additional information from you to assist in our risk assessment and/or to satisfy our compliance obligations.  

• When you have provided your consent for the processing: If you have consented and you have not withdrawn your consent, we may contact you with marketing communications in relation to our Services or the services and products of RIA Companies (see Section 10 Direct Marketing, below). 

• When necessary in the pursuit of a legitimate interest of RIA: If you provide information to us online or transact with us online, we may use your data to improve the content of our Website and Services in order to enhance your experience. We may use data, such as IP addresses and anonymous demographic data, to tailor your experiences with our Services by showing content in which we think you will be interested and displaying content according to your preferences. We may use aggregate data for a variety of purposes, including analysing user behaviour and characteristics in order to measure interest in (and use of) the various portions and areas of our Services. We also may use the data collected to evaluate and improve our Services and analyse traffic to our Services.

If in the future we use your Personal Data in the pursuit of our legitimate interest, we will strive to align our interests with yours such that under no circumstances will your data be used except as consented to by you or as otherwise permitted by applicable laws.

In some circumstances we may anonymise your Personal Data so that it can no longer be associated with you, in which case we may use such data without further notice to you. 

 5. Is data collected shared with third parties?

RIA Companies

We may share your personal data with other RIA Companies in order to enable or facilitate us to provide you with any of the Services you have requested, where you have asked us to do so, to provide the Services to you outside of normal business hours and, where you have consented and not withdrawn your consent, for the RIA Companies’ direct marketing purposes.
 

Euronet Group

RIA may share your Personal Data with Euronet and affiliates in the Euronet Group (some of which are based outside the EEA – further details are set out at the end of this section 5) for the purposes, or to enable or facilitate the purposes, set out in Section 4 of this Privacy Notice.  This may also include sharing your Personal Data within the Euronet Group for purposes of complying with legal or regulatory obligations.
 

Third party service providers

We may share your Personal Data with the following third party service providers to manage, enable or facilitate certain aspects of the Services (including the maintenance of our servers and processing or fulfilling orders for transactions):

• Compliance verification service providers

• Financial services providers, such as banks 

• Credit control or debt collection agencies

We have safeguards in place with such third party service providers requiring them to protect your personal data.  To obtain a copy of the relevant safeguard measures please contact the Euronet Group Data Protection Officer as indicated in Section 1 above. 
 

Corporate process

We may transfer your Personal Data to a third party as a result of a sale, acquisition, merger, or reorganization involving Euronet, a company within the Euronet Group, or any of their respective assets. In these circumstances, we will take reasonably appropriate steps to ensure that your information is properly protected.
 

Legal and regulatory

We may also disclose your Personal Data in special cases if required to do so by law enforcement agencies, law, court order, or other governmental authority, or when we believe in good faith that disclosing this data is otherwise necessary or advisable, such as to identify, contact, or bring legal action against someone who may be causing injury to – or interfering with – the rights or property of RIA, the Services, another user, or anyone else that could be harmed by such activities (for example, identify theft or fraud).

Sharing Personal Data outside Romania

The nature of our products and Services means that we may need to share your Personal Data with recipients based in countries outside of Romania, including in the EEA and outside the EEA. The countries to which we may need to send your information would normally be obvious to you based on your requested transaction. 
As explained above, we may share your personal data within the Euronet Group, which may involve transferring your data outside the EEA.  Where we do so, we will ensure a similar level of protection to that afforded in the EEA; for example, on the basis the relevant recipient country has been deemed by the European Commission to provide an “adequate” level of protection for Personal Data or by contractual provisions that seek to ensure a level of protection and safeguarding of Personal Data.
If our use of third party service providers involves sharing your Personal Data outside the EEA, we will ensure the service provider provides safeguards and assurances regarding the protection of your Personal Data.

 6. How long is Personal Data retained?

Personal Data is used for different purposes and is subject to different standards and regulations. In general, Personal Data is retained for as long as necessary to provide you with the Services you request, to comply with applicable legal, accounting or reporting requirements, and to ensure that you have a reasonable opportunity to access the Personal Data. 

To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.  For example:

• Legal and Regulatory Requirements. RIA shall retain Personal Data and transactional data for those periods required to comply with all retention and reporting obligations under applicable laws, including without limitation commercial, tax and anti-money laundering laws and regulations.  Generally, this retention period will be a minimum of five years from the date of your transaction or the date our business relationship with you is terminated.

• Customer Service (administration of customer relationship, complaint handling, etc.). RIA may process and retain your Personal Data for as long as we have an on-going relationship with you.  Once our relationship has ended (for example because the Services have been delivered and paid for in full, or you have exercised your right to withdraw from the contract), we will, subject to any retention requirements under applicable laws, erase or anonymise your Personal Data. 

•  Marketing. Personal Data provided to us for marketing purposes may be retained until you opt out or until RIA becomes aware that any such data is inaccurate.

You may obtain a copy of our Retention Policy by contacting our Euronet Group Data Protection Officer.

 

 7. Is correspondence that you send to us saved?

Yes. If you send us correspondence, including e-mails and faxes, we may retain such data along with any records of your account. We may also retain customer service correspondence and other correspondence involving you, us and any Euronet Group company, our partners, and our suppliers. We will retain these records in line with our Retention Policy. 

 8. Data Security

We are committed to maintaining the security of your Personal Data and have measures in place to protect against the loss, misuse, and alteration of the data under our control. 

We employ modern and secure techniques to protect our systems from intrusion by unauthorized individuals, and we regularly upgrade our security as better methods become available. 

Our datacentres and those of our partners utilise state-of-the-art physical security measures to prevent unauthorized access to the facility. In addition, all Personal Data is stored in a secure location behind firewalls and other sophisticated security systems with limited (need-to-know) administrative access.

All RIA employees who have access to, or are associated with, the processing of Personal Data are contractually obligated to respect the confidentiality of your data and abide by the privacy standards we have established. 

Please be aware that no security measures are perfect or impenetrable. Therefore, although we use industry standard practices to protect your privacy, we cannot (and do not) guarantee the absolute security of Personal Data.

 9. Does this Privacy Notice apply to other websites?

No. Our Website may contain links to other Internet websites. By clicking on a third-party advertising banner or certain other links, you will be redirected to such third-party websites.

We are not responsible for the privacy policies of other websites or services. You should make sure that you read and understand any applicable third-party privacy policies, and you should direct any questions or concerns to the relevant third-party administrators or webmasters prior to providing any Personal Data.

 10. Direct marketing

With your consent, RIA or a RIA Company may sometimes contact you (by email, SMS text, letter or phone) in order to provide targeted marketing about our Services or the services of another RIA company or Euronet Group company. Such marketing communications will only be sent to you if you gave your consent (when you registered for our Services or at another point) and you have not withdrawn such consent or if there is another legitimate basis to send such communications to you.
All marketing e-mails you receive from us will include specific instructions on how to unsubscribe and you may unsubscribe at any time.
Additionally, you can unsubscribe from marketing by contacting us by a method described in Section 13 of this Privacy Notice.

You should note that we are opposed to third-party spam mail activities and do not participate in such mailings, nor do we release or authorize the use of customer data to third parties for such purposes.

 11. What are my data protection rights?

Subject to verification of your identity, you may request access to and have the opportunity to update and amend your Personal Data. You may also exercise any other rights you enjoy under applicable data protection laws. Please use the contact details in Section 13 of this Privacy Notice.

“Data Subjects” have the right to:

• Request access to any Personal Data we hold about them as well as related data, including the purposes for processing the Personal Data, the recipients or categories of recipients with whom the Personal Data has been shared, where possible, the period for which the Personal Data will be stored, the source of the Personal Data, and the existence of any automated decision making;

• Obtain without undue delay the rectification of any inaccurate Personal Data we hold about them;

• Request that Personal Data held about them is deleted provided the Personal Data is not required by us, a RIA Company or the Euronet Group for compliance with a legal obligation under applicable law or for the establishment, exercise or defence of a legal claim; 

• Under certain circumstances, prevent or restrict processing of your Personal Data, except to the extent processing is required for the establishment, exercise or defence of legal claims; and

• Under certain circumstances, request transfer of Personal Data directly to a third party where this is technically feasible.

Also, where you believe that RIA has not complied with its obligations under this Privacy Notice or the applicable law, you have the right to make a complaint to a relevant Data Protection Authority or through the courts. Although not required, we would encourage you to let us know about any complaint you might have, and we will respond in line with our Complaints Procedure (see Section 12 of this Privacy Notice). 

 

 12. Privacy-Related Complaints Procedure

Where you believe that we have not complied with our obligations under this Privacy Notice, or the applicable law, you have the right to make a complaint to a Data Protection Authority or through the courts. 

Although not required, we would encourage you to let us know about any privacy-related complaint you might have, and we will respond in line with our complaints procedure – our contact details are set out below.  

Privacy-related complaints or concerns can be lodged with our privacy team:

• By email at:             dpo@euronetworldwide.com

• By post to:              Ria Payment Institution, EP, S.A.

C/ Cantabria 2

28108, Madrid

Spain

                                  Attn.: Data Protection Officer; or

Euronet Services SRL (with copy to Ria Payment Institution, EP, S.A.)

73-81 Bucuresti - Ploiesti Road,

Victoria Park,

2nd Building, 3rd Floor,

Bucharest, Sector 1,

013697, Romania

                                Attn.: Data Protection Officer

                                                                        

Euronet employees are required to direct any privacy-related complaints or concerns to our privacy team.

RIA will aim to send an acknowledgement within 10 days of receipt of the complaint/concern.

RIA will conduct an investigation in accordance with relevant laws and will aim to respond substantively within 28 days of receipt of the complaint/concern. 

If further time is required to investigate your complaint/concern, RIA will write to you within 28 days of receiving the complaint/concern, informing you of the investigation timeline which will be no longer than an additional two months for the complaint procedure to be concluded. 

In the case of a rejection of the complaint, RIA will provide you with a written explanation for the rejection.

If the complaint/concern is considered justified, RIA will take reasonable steps to try to address the complaint/concern to your reasonable satisfaction.

If you are not satisfied with the reply/outcome, or otherwise with the handling of the complaint, you have the right to lodge a claim before a relevant Data Protection Authority or the courts. In Romania the The National Supervisory Authority for Personal Data Processing (website: http://www.dataprotection.ro/ and telephone: +40 21 252 5599).

For all other complaints or concerns about our Services that are unrelated to privacy, please contact our Customer Service department at 0040312295480.

 

 13. Contact Us

If you have any questions or concerns about this Privacy Notice or RIA’s data practices, please contact our privacy team:

• By email at:             dpo@euronetworldwide.com

• By post to:               Ria Payment Institution, EP, S.A.

C/ Cantabria 2

28108, Madrid

Spain

                                  Attn.: Data Protection Officer; or

Euronet Services SRL (with copy to Ria Payment Institution, EP, S.A.)

73-81 Bucuresti - Ploiesti Road,

Victoria Park,

2nd Building, 3rd Floor,

Bucharest, Sector 1,

013697, Romania

                                Attn.: Data Protection Officer

• Any complaints will be handled in line with our complaints procedure as set out in Section 12 of this Privacy Notice.

Data Privacy Notice

PRELIMINARY INFORMATION AND GENERAL TERMS AND CONDITIONS APPLICABLE TO PAYMENT TRANSACTIONS[1]

(“Terms and Conditions”)

ONE.- About RIA

Ria Payment Institution E.P., S.A (hereinafter, RIA), with registration number (CIF) A- 80696792 and head office located at Calle Cantabria 2, 28108, Alcobendas, Madrid (Spain) is authorised by the Ministry of Economy and Treasury of Spain as a Payment Institution since 28 July 2011 and has notified its intention to provide payment services in Romania through its payment services agents. RIA holds license number 6842 with Bank of Spain (RIA´s license details can be accessed at www.bde.es) and has notified to the National Bank of Romania its intention to provide services in Romania. RIA may be contacted by post at its head office address indicated herein, by phone (+34 91 7613760) or by email at TitularServicioCliente@riafinancial.com.

The purpose of these General Terms and Conditions is to establish the rights and essential obligations between RIA and its customers in the provision of payment services regulated in the European Union according to Law no. 209/2019 on Payment Services(hereinafter "Payment Services Law"), to allow the execution of Payment Transactions by signing, where appropriate, the respective individual contracts establishing the specific conditions applicable to the specific payment service in question (hereinafter, the "Individual Payment Orders").

These Terms and Conditions apply exclusively to individuals using RIA´s money remittance service for purposes unrelated to an economic, commercial or professional activity.

TWO.- Definitions

The following terms used throughout these Terms and Conditions shall have the meaning and scope indicated below:

   “Beneficiary” means a person intended to receive funds from a Sender;

"Business Day" means a day on which the relevant payment service provider of the Sender or the payment service provider of the Beneficiary involved in the execution of a Payment Transaction is open for business as required for the execution of a Payment Transaction;

“Customer” means, when acting RIA as the payment servide provider and in the context of a "consumer",  a Sender, a Beneficiary or both who, acts for purposes unrelated to his economic, commercial or professional activity;

“Money Remittance” means a payment service that allows funds to be received from a Sender without creating a payment account in the name of the Sender or the Beneficiary, for the sole purpose of transferring an equivalent amount to a Beneficiary or to another payment service provider that acts in the name and on behalf of the Beneficiary, including in cases where funds are received in the name and on behalf of the Beneficiary and are made availale to him/her;

“Payment Transaction” means an action, initiated by the Sender or by the Beneficiary, as the case may be,  for the purpose of placing, transferring or withdrawing funds, irrespective of any underlying obligations between the two; and

 “Sender” means a person who gives a Payment Transaction instruction for the payment of funds to a Beneficiary.

THREE.- Scope of application

These General Terms and Conditions apply to the following payment services that are provided in the territory of Romania:

• Money Remittance.

FOUR.- Actions of the Customers

When contracting any product or service associated with Payment Transactions, the Customer shall be considered a “consumer” as provided by applicable regulations.

FIVE.- Information obligations prior to the issuance of a Payment Transaction

The Sender and Beneficiary must provide to RIA the information and documentation  determined by RIA from time to time, that may include  without limitation the following:

Full name, surnames, valid and in force identification number (residence card, ID card, passport or valid and in force identification document of the country of origin that includes photograph and signature), nationality, profession, date and place of birth, valid postal address, telephone, IBAN number for bank account deposits (if service available through RIA) and purpose for which the Payment Transaction is made.

The Sender undertakes to verify the accuracy and integrity of the data relating to the Payment Transactions it orders RIA to perform the execution of any of the payment services described in Section Three of these Terms and Conditions, especially as regards the identification details of the Beneficiary and the economic terms of the Individual Payment Order, an order that will have a unique number for future tracking. Such Individual
Payment Order together with these Terms and Conditions form, for the purposes of the Payment Services Law and relevant local legislation, the individual contract that will govern that Payment Transaction.

When a Payment Transaction is executed in accordance with the instructions received from the Sender and recorded in the Individual Payment Order, it will be considered to have been correctly executed in relation to the specified Beneficiary. Therefore, should any of the data provided by the Sender be incorrect for reasons attributable to the Sender, RIA will not be responsible for the non-execution or defective execution of the Payment Transaction. For clarification purposes, the Sender shall not be responsible for any incorrect data originated because of RIA´s fault.

In accordance with applicable laws and regulations,  for each Payment Transaction RIA may request a valid identification document and store copies of such identification documents of the Customers in optical, magnetic or electronic format to guarantee their integrity, the correct reading of the data, the impossibility of their manipulation and their adequate conservation and localisation.

RIA may request at any time for the amount of the Payment Transaction to be credited into a bank account held by RIA.

Furthermore, enhanced due diligence measures for the identification and better knowledge of the Customers will be adopted in accordance with local law requirements but also if the amount of a Payment Transaction, either individually or accumulated for a certain period exceeds that other amount to be determined by RIA from time to time in accordance with its compliance procedures in line with applicable laws.

SIX.- Expenses and applicable fees

For RIA´s provision of payment services, including Money Remittance, the Customer, whether acting as Sender or as a Beneficiary, must pay RIA the expenses and commissions applicable to the Payment Transaction in question in accordance with the settlement that is carried out in the Individual Payment Order.

The Beneficiary of a Payment Transaction will be paid the full amount recorded in the Individual Payment Order delivered to the Sender, it being understood that the Beneficiary agrees  when RIA acting as its payment service provider for RIA to deduct its expenses from the amount transferred before paying it.

If the payment service provider of the Sender or Beneficiary is different from RIA, such payment service provider may charge fees and taxes associated with the Payment Transaction.

In the event that three (3) months have elapsed since the receipt of funds for a Payment Transaction without being such Payment Transaction paid to the Beneficiary  and the respective funds returned to the Sender for reasons out of RIA´s control, RIA may charge a monthly fee against such funds for the purpose of compensating RIA for those reasonable costs incurred by RIA in connection with RIA´s efforts to reimburse the Sender the outstanding funds and RIA´s management of the funds while in its possession. The maximum fees applicable by RIA for those costs incurred by RIA as provided herein are set out in the fees table at the end of these Terms and Conditions.

Information regarding the Terms and Conditions for RIA´s provision of payment services, including Money Remittance, is provided free of charge to the Customer. However, RIA may pass on to the respective  Customer those reasonable expenses incurred by RIA for the revocation of Payment Transactions and those that arise from the recovery of funds for Payment Transactions where the Customer provided an incorrect unique identifier. For clarification purposes, the Customer shall not be responsible for any incorrect data originated because of RIA´s fault.  

The exchange rates applicable, as the case may be, to the currency conversion implicit in the Individual Payment Order will be made available to Customers along with the commissions applicable to the Payment Transaction from time to time  and will be accepted by the Customer with the signature of each Individual Payment Order.

SEVEN.- Consent, irrevocability and cancellation of Payment Transactions.

Consent:

The consent of the Sender to the execution of a Payment Transaction is provided by signing the corresponding Individual Payment Order.

RIA is not responsible for the loss or misuse by the Customer of the document evidencing the Individual Payment Order as provided by RIA.

Irrevocability:

The Sender may not revoke a Payment Transaction order after receipt by RIA of the respective Individual Payment Order signed by the Sender.

Cancellation of Payment Transactions:

The Sender may withdraw consent at any time prior to the time of irrevocability indicated above. RIA may charge expenses proportional to those reasonable costs incurred by RIA for the revocation of the Sender's consent as agreed  with  the Sender for any Individual Payment Order.

Payment Transactions may not be executed if the Sender was unable or refused to provide the required information and/or documentation necessary for the execution of a  Payment Transaction or when failing RIA to execute a Payment Transaction was necessary to comply with RIA´s internal control procedures or with applicable laws and regulations.

If a Sender wishes to cancel a Payment Transaction in person,only after verifying that the Payment Transaction has not been paid at the destination country to a Beneficiary, RIA shall proceed with the cancellation.

If a Payment Transaction is cancelled, RIA will reimburse the funds to the Sender through the agent, its own RIA store/s (if any) or through a deposit into the Sender's bank account as agreed with RIA.

EIGHT.- Execution of payment transactions

8.1. Receiving Payment Transactions

The time of receipt of a Payment Transaction is the date at which the Individual Payment Order and the corresponding funds are received by RIA. If the time of receipt is not a Business Day for RIA, the Payment Transaction will be deemed to have been received the following Business Day.

RIA reserves the right to refuse the execution of a Payment Transaction if, prior to the execution of a Payment Transaction, the Sender does not provide RIA with all funds, including when the Sender initiates the Payment Transaction by means of a payment card or in the event of suspected or actual fraud or security threats. In the event that RIA rejects the execution of a Payment Transaction, it will notify the Sender of said refusal and, if possible, the reasons for it, as well as the procedure to rectify possible errors that led to such refusal, unless any applicable law or regulation prohibits such notification.

Payment Transactions rejected will not be considered as received for the purposes of Section 8.2, below.

8.2. Term of execution and value  date

a) Scope of application.- it is expressly agreed that the provisions regarding the execution period and value date will only be applied to Payment Transactions made (i) in euro or (ii) Payment Transactions involving only one currency conversion between the euro and the currency of a member State of the European Economic Area ("EEA") outside the euro area, provided that the required currency conversion is carried out in the member State outside the euro area concerned and, in the case of cross-border payment transactions, the cross-border transfer takes place in euro.

b) Payment Transactions in which the Customer is the Sender. In relation to Payment Transactions in which the Customer acts as Sender, RIA will ensure that the amount of the Payment Transaction is paid into the account of the Beneficiary's payment service provider, at the latest, at the end of the Business Day following the time of receipt of the Payment Transaction order. If the time of receipt is not a Business Day, the Payment Transaction will deemed to have been received during the following Business Day. These terms will be extended by one Business Day in the case of Payment Transactions processed on paper.

c) Payment Transactions in which the Customer is the Beneficiary. In the case of Payment Transactions in which the Customer is the Beneficiary, RIA will make available the funds of the Payment Transaction no later than the Business Day on which the funds of the Sender's payment service provider have been received.

Payment Transactions involving a payment service provider located outside the EEA or executed in a currency other than a currency of a member State of the EEA are not subject to the above provisions regarding execution date and value date unless otherwise provided herein. In these cases, the execution deadlines will depend on the Beneficiary's payment service provider, with RIA undertaking to perform the transaction (only as the Sender's payment service provider) within a maximum period of three Business Days from the Business Day following the receipt of the Payment Transaction order.

8.3. Safeguarding measures

In the event that funds received from Senders or received through another payment service provider to be paid to the Beneficiary are in RIA's possession at the end of the Business Day following the day they were received, they will be deposited in a separate account in a credit institution or will be invested in secure, liquid and low risk assets as established by applicable laws and regulations.

NINE.- Payment Transactions involving currency conversion and currency exchange services

RIA will make available to its Senders the currency exchange rates applicable to Payment Transactions. In any event, the exchange rates shall be communicated to Senders prior to the Sender´s acceptance to issue a Payment Transaction order and will be included in the Individual Payment Order that includes the settlement thereof.

Payment of the amount to the Beneficiary of the Payment Transaction ordered by the Sender will be made in the currency and through the payment method available through RIA (for example in cash or by crediting the Beneficiary´s bank account) as agreed between  RIA and the Sender.  If the Beneficiary agrees with its service provider  to convert the payout amount into a different currency or change the payment method, such transaction shall be separate and apart from the Payment Transaction sent by RIA, and solely between the Beneficiary and its service provider.

RIA reserves the right to reject any Payment Transactions that, in accordance with its internal regulatory controls, requires additional verifications and prevents the immediate execution thereof.

TEN.- Payment Transactions not authorised or executed improperly

If the Customer becomes aware that an unauthorised or improperly executed Payment Transaction has taken place, it must communicate this fact without undue delay to RIA in order to proceed with the correction to RIA´s Customer Service (contact details set out below in Section 13). The Customer may be required to provide information pertaining to the Payment Transaction  and/or any other information determined by RIA for identification purposes.

Except in those cases in which RIA has not provided or made available to the Customer the information corresponding to the Payment Transaction, the communication referred to in the preceding section must occur within a maximum period of thirteen (13) months from RIA´s date of receipt or payment  to the Beneficiary, as the case may be, of the amount of the Payment Transaction.

When acting RIA as payment service provider of the Sender:

• In case of an unauthorised Payment Transaction, RIA will immediately refund to the Sender the amount of the unauthorised Payment Transaction and in any event no later than by the end of the following Business Day, after noting or being notified of the transaction, except where RIA has reasonable grounds for suspecting fraud and communicates those grounds to the relevant national authority in writing.
• In case of a defective execution of the Payment Transaction for which RIA is liable, RIA will immediately refund to the Sender the amount of the defective Payment Transaction.

When RIA is acting as the payment service provider of the Beneficiary and in case of a defective execution of the Payment Transaction for which RIA is liable, RIA will immediately place the amount of the defective Payment Transaction at the Beneficiary disposal.

ELEVEN.- Data Protection

For purposes of this Article, “Data Controller”, “Personal Data”, “Processing” and “Data Subject” shall have the meanings ascribed to them in the EU General Data Protection Regulation (GDPR) (2016/679) and in the data protection laws and requirements that apply to the parties in the different EU member states in relation to these Terms and Conditions (“Applicable Data Protection Laws”).

RIA acts as Data Controller in respect of the Personal Data that it processes in the context of the services provided under these Terms and Conditions.

                                                                                                                                                                                                            

For information on how RIA may Process Customer’s Personal Data, the types of Personal Data RIA may collect, how RIA uses, shares and protects these Personal Data, Customer’s data protection rights, and how to contact RIA about its privacy practices, please check out our Privacy Notice at https://dc.riafinancial.com/posta-romana.

     

Customer acknowledges and agrees that its Personal Data shall be disclosed, transferred to, or stored by RIA, its group companies or third parties if such disclosure, transfer or storage is reasonably necessary or desirable for purposes of entering into or performing obligations under these Terms and Conditions. Customer’s Personal Data may be transferred outside of the European Economic Area to countries where the laws may not offer the same level of data protection as the country in which the Personal Data were initially collected. In that case, RIA implements required mechanisms to ensure that the transferred Personal Data receive adequate levels of protection in accordance with applicable law. For a complete list of the countries where your information are transferred and for more information about the safeguards in place (including to obtain a copy of them), please contact our Data Protection Officer at DPO@euronetworldwide.com.

Notwithstanding any of the foregoing, RIA shall keep confidential all information relating to the Payment Transactions and other operations of Customers without such information being disclosed to third parties unless otherwise being  necessary to perform the payment services established in Section 3, above, or should applicable laws and regulations allow to disclose any such information to third parties, including without limitation govermental agencies or within the framework of compliance with obligations established in laws for the prevention of money laundering and terrorism financing. This provision shall apply without prejudice to the provisions set out in applicable personal data protection regulations.

TWELVE.- Applicable legislation and language

These Terms and Conditions and the corresponding Individual Payment Orders are governed by Romanian law.

The potential disputes will be solved in an amiable manner or, if this will not be possible, by the competent courts.

The language applicable to the contractual relationship between RIA and the Customer is Romanian.

THIRTEEN – Customer Service & Complaints procedure

For any questions or concerns about a Payment Transaction executed with RIA or these Terms and Conditions, you may contact RIA´s Customer Service at:

RIA CUSTOMER SERVICE:

C/ Cantabria 2

28108, Madrid

Spain

Tel: 0040312295480

E-mail: globalagentemeasa@riafinancial.com

RIA´s agent contact details

Compania Nationala Posta Romana S.A.

Address: Bucuresti, Sector 2, B-dul Dacia, nr. 140, parter, et 3-11

Tel: 0040213182177

Fax: 0040213182130

Trade Registry registration number: 427410

Sole registration number and VAT number: RO427410

E-mail: dsfria@posta-romana.ro

Customers must submit their complaints for addressing any dispute, in writing (i) in person at any of the offices of RIA PAYMENT INSTITUTION, E.P., S.A.; (ii) by post to the attention of the Customer Service Representative of RIA PAYMENT INSTITUTION, E.P., S.A.U., Calle Cantabria 2, 28108, Alcobendas, Madrid (Spain); or (iii) by e-mail to TitularServicioCliente@riafinancial.com.

The Customer Service Department will reply to the complaints submitted by Customers within a maximum period of fifteen (15) Business Days from receipt of the complaint, unless for exceptional circumstances (to be notified by RIA to the Customer within such period) the deadline of the final reply needs to be extended to a maximum of thirty (30) days from the date of receipt of the complaint.

In the event that the complaint  filed with the Customer Service Representative of RIA was rejected or the above mentioned period to reply has elapsed without the aforementioned Customer Service Department having answered, the Customer may submit its claim to:

(i)         Banco de España (Site: www.bde.es)

       By post at:

       Banco de España

       Departamento de Conducta de Mercado y Reclamaciones

       C/ Alcalá 48, 28014 Madrid, Spain

       Tel.: (+34) 900 54 54 54 / (+34) 91 338 8830

For the protection of their rights the Consumers natural persons can contact the Romanian National Authority for Consumers Protection and the Consumer Protection Commissaries.

Contact details:

http://anpc.gov.ro/

CONSUMER’S PHONE NUMBER – 0040219551

Consumer Protection Commissaries

https://anpc.ro/articol/589/comisari-anpc-1

For Bucharest

Consumer Protection Commissary of Bucharest Municipality

Address: Bucharest, Str. Transilvaniei no. 2, sector 1, code 010798

Tel.: 004021/310.63.75 or 004021/9660

Facsimile: 004021/310.63.80

E-mail: reclamatii.bucuresti@opc.ro

The current fees of Ria Payment Institution E.P., S.A.U. (hereinafter, RIA) are not subject to any type of review by the Bank of Spain, are the MAXIMUM and apply to all Customers, both consumers and non-consumers, with RIA reserving the right to apply lower fees to its Customers for any of the items outlined.

1.- ADDITIONAL SERVICES

Additional Services	FEES
Cancellation, modification or return of money remittances (Note 1)	The reasonable expenses that arise for RIA will be passed on to the respective Customer
Money Remittances with insufficient or incorrect data (Note 2)	The reasonable expenses that arise for RIA will be passed on to the respective Customer
Balance management (Note 3)	€ 3.00/month (inclusive of VAT, if applicable)

Note 1. Cancellation, modification or return of Money Remittances.

RIA will take the necessary steps to execute a Payment Transaction order issued by the Sender in order to cancel, modify or attempt to withdraw a Payment Transaction order.

If the actions carried out involve expenses charged by third parties, such expenses being reasonable, these will be passed on to the respective Customer even if said actions were unsuccessful for reasons not attributable to RIA.

     Note 2. Payment Transactions with incomplete or incorrect data.

The omission of any of the data necessary for executing a Payment Transaction will not entail charging an additional fee to the respective Customer thereof, although RIA will pass on  to the respective Customer those reasonable costs incurred by RIA for any steps taken (despite being unsuccessful for reasons not attributable to RIA) to  (i) obtain the details necessary to execute the Payment Transaction as established in Section 8.2, above, or (ii) recover the funds from third parties when the Payment Transaction has been executed  but not paid to the Beneficiary for incorrect or incomplete data or (iii) return the funds to the Sender for a Payment Transaction that has not been executed due to incorrect or incomplete data.

Note 3. Balance management.

In the event that funds received from Senders are in RIA's possession at the end of the Business Day following the day in which received, such funds will be deposited in a separate account in a credit institution or will be invested in safe, liquid and low risk assets as established by applicable laws and regulations. After a period of three (3) months from the receipt of funds without the Payment Transaction being paid to the Beneficiary and the funds being returned to the Sender for reasons out of RIA´s control, RIA may charge a monthly fee against such funds for the purpose of compensating RIA for those reasonable costs incurred by RIA in connection with RIA´s efforts to reimburse the Sender the outstanding funds and  RIA´s management of the funds while in its possession.