Version 3.2 - April 2025

This Privacy Notice explains how we process your Personal Data when you engage with our services, whether by browsing our website or mobile application, completing transactions, visiting our establishments, or interacting with us in any other way. It also details how we may share your Personal Data with third parties and the safeguards we have implemented to protect your information.

References to “we,” “us,” and “our” in this Privacy Notice refer to Xe, a segment of Euronet Worldwide. The specific legal entity acting as the Data Controller is listed in Our Companies section.

To reach the Privacy Department or the Data Protection Officer (DPO)

• Email: dpo@xe.com
• Postal mail: DPO, Calle Cantabria 2, 2-A Alcobendas Madrid, Spain

We recommend reviewing this Privacy Notice regularly for updates, which will be posted on our Website/App. Where local laws require additional information, these are provided in the Regional Privacy Notices section.

Frequently Asked Questions (FAQs)

What Personal Data do we collect?

We only collect the Personal Data necessary to provide our services and comply with legal obligations. The specific categories of Personal Data collected may vary depending on the service or interaction.

From where do we obtain your data?

We collect Personal Data mainly from you, when you interact with our company and services. However, we may collect additional data to fulfil our obligations from other sources.

Why do we collect Personal Data?

We collect Personal Data to comply with our obligations with you and to comply with our legal obligations. We process your Personal Data to ensure the delivery and security of our services and/or improve our operations. Whenever we process your Personal Data for additional purposes, we will make sure to inform you and, when necessary, gather your consent.

For how long do we retain Personal Data?

We retain Personal Data only for as long as necessary to fulfill the purposes for which it was collected, including the provision of services, compliance with legal obligations, or the exercise or defense of legal claims. Once Personal Data is no longer required, we securely delete or anonymize it in accordance with applicable laws.

With whom do we share Personal Data?

We may share Personal Data with Euronet Group companies, legal authorities, and selected third parties/partners when required to meet regulatory standards or fulfill contractual commitments.

Where is Personal Data stored?

We store Personal Data in secure facilities with stringent security controls. Any international transfer of Personal Data complies with all legal obligations and maintains the highest security standards.

What are your rights regarding Personal Data?

Depending on your location, you may have specific rights concerning your Personal Data under applicable laws. Common rights are described under the section “Your Rights”.

Notice to Website visitors

By visiting or using our Website, you acknowledge that you have read, understood, and agree to be bound by this Privacy Notice. You should not provide us with any of your information if you do not agree with the terms of this Privacy Notice. 

To the extent this Website allows access to other websites owned and operated by third parties, please note that this Privacy Notice will not apply to such websites, and thus, we will not be held responsible for the protection of personal data processed by these third parties. 

What Type of Personal Data Do We Collect?

The categories, purposes, and legal bases for collecting and processing your Personal Data when you visit and/or use our Website are listed below. Where the collection and processing of Personal Data is based on your consent, you may withdraw your consent at any time. 

Identification and contact data

This may include name, email, phone number, address, title, and other contact details. It may also include data you voluntarily provide during chats, calls, or written correspondence.

Purposes and Legal Basis for Processing

• Service Provision: To manage your online inquiry via the Website form (i.e. registering your inquiry, contacting you, processing and responding to your inquiry). This processing is carried out based on our pre-contractual and/or contractual obligations.
• Legal Claims and Archiving: To pursue any legal claims, as well as for archival purposes related to this purpose, including securing information in the event of the need to prove facts, when necessary to protect our legitimate interests.
• Marketing: To provide advertising and marketing, including measuring the impact of our emails, based on your consent.
• Giveaway Participation: To manage your participation in events or giveaways, based on your consent.
• Regulatory Compliance: To comply with applicable laws, regulatory obligations, and decisions by competent authorities. This processing is required to meet our legal obligations.

Behavioral and Technical Information

Information collected through cookies or other tracking technologies such as IP address, network activity, browsing behavior, browser type, time zone, screen resolution, plug-ins, operating system, device signature, and technical characteristics.  

For more information, please read our Cookie Policy.

Purposes and Legal Basis for Processing

• Website Security and Integrity: To ensure the efficient operation, management, safety and security of our Website. Please note that, amongst other safeguards, we have tools to protect our Website for the purposes of fraud prevention and security controls. This processing is based on our legitimate interest.
• Website Maintenance and Improvement: To undertake activities to verify or maintain the quality of the Website, and to improve, upgrade, or enhance the Website, including to administer the Website for internal operations, such as troubleshooting, data analysis, testing, research, statistical and survey purposes. This processing is based on our legitimate interest.
• Usability Tracking and Testing: To track detailed user activity across the Website or other platforms (e.g. which buttons are clicked, how far pages are scrolled, etc.). These tools allow us to understand how visitors interact with our content and features, enabling us to test improvements and optimize usability. This tracking is cookie-based and implemented under our legitimate interest in improving our services and user experience. Where required by applicable law, we obtain your consent before activating such tracking technologies.
• Personalization: To measure and evaluate your behavior using automated processing to provide you with a more personalized Service. This processing activity is based on your consent.

Location Data

• Service provision: We may collect information about your location when you visit our Website. This does not include your exact location. This information is processed based on our legal obligations.
• Nearby Locations: We may collect information about your location when you visit our Website to show you our nearest locations. This information is based on your consent.

Non-identifiable Data

Whenever possible, we use data where you cannot be directly identified (such as anonymous demographic and usage data) rather than Personal Data (“Non-identifiable Data”). This Non-identifiable Data may be used to improve our internal processes or delivery of services, without further notice to you. We may use aggregate data for a variety of purposes, including analyzing, evaluating and improving our Website and its content. 

Notice to Money Transfer users

What Type of Personal Data Do We Collect?

Identification Data

We collect identification data, such as your name, email, phone number, address, date of birth, gender, images, videos, and signature. We also process sociodemographic data such as age, marital status, family situation, residences, education and occupation (type of contract, type of occupation, employer), level of education and professional experience. We also process sociodemographic data such as age, marital status, family situation, residences, education and occupation (type of contract, type of occupation, employer), level of education and professional experience.

Purposes and Legal Basis for Processing:

• Service Provision: To deliver our services, based on our contractual obligations.
• Customer Service: To provide customer service, based on our contractual obligations.
• Record of Conversations: We will monitor and record (via automated means or transcripts) our telephone calls, emails, and chat conversations with you, on any platform, to confirm the instructions provided to us. This is based on our legitimate interest.
• Account Management: To manage your account(s) (i.e.: registration, administration, maintenance and servicing accounts).  This processing is necessary for the performance of a contract.
• Marketing: To provide advertising and marketing. This processing is based on your consent.
• Giveaway Participation: To manage your participation in events or giveaways. This processing is based on your consent.
• Regulatory Compliance: To fulfill legal obligations, including retention requirements.
• Identity Verification: In very limited circumstances, to perform a credit check for identity verification. This processing is necessary to comply with legal obligations.
• Market research & consumer feedback: To analyse any information that you voluntarily share with us about your experience of using our products and services. This processing is based on consent.

Financial Information

To provide our services, we collect financial information such as bank details and transaction purposes.

Purposes and Legal Basis for Processing:

• Service Provision: For transaction processing. This processing is necessary for the performance of a contract.
• Regulatory Compliance: For anti-money laundering and anti-terrorist financing. This processing is necessary to comply with legal obligations.
• Account Management: To manage your account. This processing is necessary for the performance of a contract.
• Credit Checks: In very limited circumstances, to perform a credit check in order to provide the Services. This processing is necessary to comply with legal obligations.
• Identity Verification: To verify the customer’s identity (i.e., KYC: for additional information click here). This processing is necessary to comply with legal obligations.

We will never ask you to provide your payment information (i.e., credit/debit card details). None of our employees or agents will ever ask for your payment information. Where payment information is required, we will ask you to enter the information directly into secure payment processing systems managed by authorized third-party payment processors (which may include Euronet group affiliates). These processors handle the data in compliance with the Payment Card Industry Data Security Standard (PCI DSS).

Transactional Data

We collect personal data like the beneficiary details, bank account information, contact information, the destination where you are sending money and bank preferences.  Depending on the local regulation, we may also collect details such as the relationship with the beneficiary, transfer reason and additional documentation related to the transaction.   

Purposes and Legal Basis for Processing:

• Service Provision: To provide the Services, including completing a transaction.  This processing is necessary for the performance of a contract.
• Regulatory Compliance: For compliance purposes related to a transaction. This processing is necessary to comply with legal obligations.

Location Information or Geolocation Data

We may collect information about your location when you use our Services.  

Purposes and Legal Basis for Processing:

• Nearby Locations: To provide the Service, including using device location to identify nearby locations for pick-up and drop-off. This processing is based on your consent.
• Service Provision: We need to know the country you are based in order to provide you with our services. This processing is necessary to comply with legal obligations. Note that we will never have your exact location, only the country of origin.

Audio and Video Surveillance

We may utilize CCTV footage (image, video, and audio/voice recording) to ensure safety in our stores or offices in compliance with local regulations. The retention period of the recordings shall not exceed the duration mandated by our legal obligations.

Purpose and Legal Basis for Processing:

• Security: To maintain safety in our stores or offices. This processing activity is based on our legitimate interest, or where required by local regulations, to comply with legal obligations.
• Fraud Prevention: Where permitted by local regulation, we may access CCTV content to verify transactions, prevent fraudulent activities, and protect our assets and our customer rights. This processing is necessary to comply with legal obligations.

Sensitive Personal Data

When strictly necessary, we may collect sensitive data, such as biometric data (e.g., face scans), government ID numbers, and health information, in compliance with local laws. Where required by applicable law, we will obtain your consent or present you with an opportunity to opt out before processing your Sensitive Personal Data.

Purposes and Legal Basis for Processing:

• Legal Compliance: For KYC and fraud prevention. This processing is carried out to comply with legal obligations.
• Security and Verification: To verify identity during service use. This processing activity is carried out to comply with our legal obligation. When required, we will ask for your consent.

Non-Identifiable Data

When possible, we use non-identifiable data to enhance services, such as anonymous demographics or aggregated usage data.

Personal Data of a Beneficiary

For money transfer services, Personal Data of beneficiaries is collected from customers, as it is essential to fulfill the contractual agreement between us and our customer. As the beneficiary, you are the recipient of the payment transaction initiated by our customer.

The types of Personal Data we may collect about you include:

• Identification Data: Name, surname and government ID.
• Financial Data: Bank information or payout information like wallet, card or mobile number.

We process the Personal Data of a beneficiary exclusively to meet our contractual and regulatory obligations.

In some cases, we may contact you, the beneficiary, to inform you of a transaction in progress that requires your attention and action. We will never contact you to promote our services but only to comply with our contractual or legal obligations.

Your data, as a beneficiary, will not be used for other purposes.

If you have questions about how we process your Personal Data as a beneficiary, please contact us at dpo@euronetworldwide.com.

Know Your Customer (e-KYC) process

For our digital services, and where legally permitted and required, we may verify your identity using an electronic Know Your Customer (e-KYC) process. This may involve submitting a valid photo ID, video or selfie through our secure service provider’s platform. This process enhances fraud detection and ensures compliance with anti-money laundering regulations.

When biometric data, such as face scans, is collected, we will request your consent if required by local law. If you prefer not to provide biometric data, please contact our customer care team for assistance.

During the verification process, a video, including audio, may be recorded to ensure the integrity of the procedure. All biometric data shared with our service providers is carefully controlled and used strictly for identity verification purposes. Neither we nor our service providers will sell, lease, or trade your biometric information, and robust security standards are maintained to prevent unauthorized access.

In line with applicable privacy laws, you may have rights regarding your biometric data, such as access rights. For more information, refer to the “Your Rights” section. For questions about the e-KYC process, contact us at dpo@euronetworldwide.com.

Where do we obtain your Personal Data?

We collect Personal Data mainly from you when you interact with our company and services. However, we may collect additional data from the following sources:

• Passive collection on our websites, including information about your page clicks, time spent, and other automatically gathered metadata.
• Advertising networks and social media platforms.
• Service providers, including but not limited to data analytics providers, internet service providers, operating systems and platforms, and other third parties that support the delivery, operation, security or analysis of our services.
• Other Parties such as government databases, business partners and third-party sources

Personal Data Collected from Other Parties

We may collect your Personal Data from other sources, depending on the service and local legal requirements. These third-party sources include:

Authorities and Public Records

We may obtain Personal Data from public record sources (such as federal, state, or local government organizations) in order to comply with legal obligations and ensure the accuracy of the information we hold.

Purposes for Processing:

• Identification purposes: We may check the Personal Data you have provided us with our third parties to make sure your identity matches the information you have provided us. The legal basis for this processing is our legal obligation.
• Fraud prevention: We may compare data collected from you with data provided by third parties for fraud prevention, including impersonation, misuse of services, or other suspicious activity.

Business Partners and Other Third Parties

We may also obtain your Personal Data (such as name, email, phone number, employer) from our business partners and other third parties. Any Personal Data obtained from these sources is processed only for specific legitimate purposes and in accordance with applicable data protection laws. These parties are responsible for collecting your consent when sharing your Personal Data with us, if applicable. However, if you believe we should not have your Personal Data, you can request your deletion at dpo@euronetworldwide.com. 

Purposes for Processing:

• Service delivery and support: We may process your data to ensure we can provide you with seamless experience, especially when our services are offered through our business partners and clients as part of integrated or partner-branded solutions.
• Promotion of our services: To provide you with information about our products or services, where permitted by law and based on your consent, if required.
• Business Development: To maintain and develop business relationships and ensuring relevant and accurate communication with potential and existing business partners. This processing is based on consent.

If we process any additional data obtained from a third party, we will inform you as soon as possible and obtain your consent where required by applicable law.

How Long We Keep Personal Data

We retain Personal Data only as long as necessary to provide requested services and to meet legal, accounting, and reporting obligations. The retention period is determined by specific requirements and may include:

• Customer Service and Contractual Relationship: We retain your Personal Data while you remain our customer. When our contractual relationship concludes, we restrict your data to ensure it is only accessible to comply with legal requirements.
• Marketing: We will process your Personal Data for marketing purposes unless you have opted out, as described in this Privacy Notice, or until we become aware that you are no longer interested, or that your data is no longer accurate.
• Legal and Regulatory Requirements: We keep your Personal Data as long as needed to comply with all applicable legal obligations, including commercial, tax, and anti-money laundering regulations. During this period, your Personal Data is restricted to prevent use for any other purpose and will be accessed only when necessary to fulfill these obligations.

Please note that if you request data deletion we may still be required to retain some of it to comply with our legal obligations. The information retained will only be accessible by limited personnel to comply with any legal requirement and will be dully deleted after the obligation is due.

Do We Disclose Personal Data?

Euronet Group Affiliates

We may disclose Personal Data to Euronet and its affiliated companies for everyday business purposes and fulfil compliance obligations within the Group.

Types of Personal Data: Identification Data, Video Surveillance, Transactional Data, Financial Details, Behavioral and Technical Data.

Purpose: Sharing data with affiliates for customer service, compliance, and daily business functions. This may include 24/7 customer support requiring data access across Euronet Group affiliates.

In the event of a sale, acquisition, merger, or reorganization involving Euronet or any company within the Euronet Group, we may transfer Personal Data to third parties, ensuring appropriate protection measures.

This processing is carried out to comply with legal obligations and/or to perform contractual obligations, as applicable.

Third-Party Service Providers

We may share certain Personal Data with third-party service providers to support compliance verification, service delivery, and marketing efforts.

Types of Personal Data: Identification and Biometric Data, Financial Details, Contact Details, Transactional, Behavioral, and Technical Data.

Purpose

• Compliance and Fraud Prevention: Personal Data may be shared with verification and analytics providers to fulfill regulatory obligations and mitigate risk (e.g., to verify customer data or detect suspicious activity).  This processing is carried out to comply with our legal obligations or, where applicable, based on your consent.
• Service Delivery: Our Partners and third parties, such as agents and correspondents, may access Personal Data to assist in delivering services. This processing is based on our contractual obligation.
• Marketing: Advertising networks and social media platforms may receive data to deliver personalized ads and adapt to user preferences. This processing is based on your consent.

Note: The definition and scope of “third-party service providers” may vary based on country regulations.

Authorities

We may be required to disclose your Personal Data, including Sensitive Personal Data, to legal or regulatory authorities for compliance, to enforce agreements, or to fulfill legal requests.

Types of Personal Data: Identification Data, Video Surveillance, Transactional Data, Financial Details.

Purpose: To comply with applicable laws, respond to binding requests from public authorities, support investigations, or fulfill obligations related to the processing of financial transactions. This processing is based on our legal obligations.

Partners

Personal Data may be shared with strategic partners when necessary to deliver our services or to ensure they comply with their legal obligations.

Types of Personal Data: Identification Data, Transactional Data, Financial Details.

Purpose and Legal Basis for Processing

• Purpose: Service provision in collaboration with strategic partners. This is carried out as part of our contractual obligations.
• Regulatory Compliance: To help our partners comply with legal or regulatory requirements applicable to them. This processing is based on legal obligations.
• Operational Efficiency and Risk Management: To support secure and seamless service delivery across different partners or service providers, or to prevent abuse or misuse of our services. This processing is based on our legitimate interests.

Professional Partners

We may disclose Personal Data to professional advisors, including lawyers, consultants, auditors, or accountants, to fulfill our legal and business obligations.

Types of Personal Data, Identification Data, Video Surveillance, Transactional Data, Financial Details. (Legal obligation and Legitimate interest)

Legitimate Interest

When we use your Personal Data to pursue our legitimate interests, we will make every effort to match our interests with yours so that your Personal Data will only be used as permitted by relevant law, or when it will not adversely affect your rights. You may request information on any processing based on legitimate interest.

International Transfers

We are a global company with global operations, partners and suppliers. Where it is necessary for the efficient and effective performance of a business transaction or the fulfilment of one of the uses of Personal Data outlined above, we may need to transfer your Personal Data, from the country of collection to other countries, which may have data protection laws that are different from the laws where you live. When such transfer is required, we implement appropriate safeguards to ensure it receives the same level of protection and the transfer is done according to our legal obligations.

Personal Data of Minors

We do not provide services directly to minors, as defined by applicable local legislation, or proactively collect their personal information. If you are considered a minor under your local laws, ensure to have the necessary authorizations from your legal guardian to use the Sites or Offerings or share personal data with us.

If you learn that a minor has unlawfully provided us personal data, please contact us at dpo@euronetworldwide.com. 

Security

We are dedicated to safeguarding your Personal Data and have implemented robust, commercially reasonable security measures to prevent its loss, misuse, or unauthorized alteration. We continuously work to protect your data in line with international best practices by applying rigorous physical, electronic, and managerial safeguards.

To prevent unauthorized access, we employ advanced physical and organizational security measures that are regularly updated to ensure the highest level of protection while maintaining cost efficiency. All Personal Data is stored in secure locations, protected by firewalls and other sophisticated security systems with restricted administrative access.

Our personnel, as well as all activities related to your Personal Data, are governed by strict confidentiality agreements that enforce compliance with our organization’s Privacy Policy.

Our goal is to uphold the highest standards of data protection by industry-leading practices that safeguard your privacy.

Accuracy of Personal Data 

We are committed to keeping your Personal Data accurate and up to date. We take reasonable steps to ensure the accuracy of your Personal Data by ensuring that the latest Personal Data we have received is accurately recorded and when considered necessary, we run periodic checks and request that you update your Personal Data.

You may request a correction or update to your Personal Data if it is inaccurate, as outlined in the Your Rights section below.

Your Rights

To exercise any of your rights, please email us at dpo@euronetworldwide.com. To safeguard your privacy and maintain security, we may ask you to verify your identity and provide additional information.

Depending on your location, your rights concerning Personal Data under applicable laws may include:

1. Right to Know: You have the right to know what Personal Data is collected, sold, or shared, and with whom.
2. Right to Access: You may request access to a copy of your Personal Data.
3. Right to Correct: You can request corrections to inaccuracies in your Personal Data.
4. Right to Delete: You may request deletion of your Personal Data under certain conditions.
5. Opt-Out Rights:
   • You may opt-out of the processing of Personal Data for targeted advertising.
   • You may opt-out of the processing of Sensitive Personal Data.
   • You may opt-out of the processing of Personal Data for profiling that leads to legal or significant effects on you.
6. Right to Limit Use of Sensitive Data: You may request to limit the use and disclosure of Sensitive Personal Data to specific, permitted purposes.
7. Right to Restrict Processing: You can request restrictions on data processing under certain conditions.
8. Right to Object: You may object to the processing of your Personal Data, for example, for direct marketing purposes.
9. Rights Related to Automated Decision-Making: You have the right not to be subject to decisions based solely on automated processing, including profiling, that produces legal or similarly significant effects.
10. Right of No Retaliation: You have the right not to face discrimination for exercising your Personal Data rights.

We will respond to your requests promptly and within the timeframe required by law. For specific rights in your jurisdiction, refer to the Regional Privacy Notice section below.

Please note that some rights may not be enforceable due to business or legal requirements necessary to provide our services, such as anti-money laundering, contractual, or compliance obligations. However, we will always respond to any rights requests as outlined above, and you may have additional rights based on your location.

Privacy Complaints

If you have a complaint about how we process your Personal Data, please contact us at dpo@euronetworldwide.com. 

Under applicable privacy laws, you may also have the right to lodge a complaint with a Data Protection Authority or other regulatory body if you believe we have not fulfilled our obligations under this Privacy Notice or the relevant legal requirements.

Access to your Device Features

We may request access to certain features on your device to enhance your experience and enable specific functionalities. Access to these features is optional and based on your prior consent:

• Contact List: through the App, we may access your contact names and numbers solely to allow convenient selection of beneficiaries. These contacts remain stored locally on your device and are not downloaded, processed, or used for any other purpose.
• Camera and Microphone: When necessary for identity verification (e.g., during e-KYC), the App may access your camera and microphone. These features are used exclusively to complete the verification process securely.
• Location Services: If enabled, your location may be used to tailor services such as identifying nearby branches or adapting content regionally.

You can revoke access to these features at any time through your device or App settings.

Use of Artificial Intelligence

We may use Artificial Intelligence (AI) and Machine Learning (ML) technologies, either developed internally or provided by trusted third parties—to assist with operational, regulatory, and compliance purposes across its global services.

The use of such technologies is strictly limited to the legitimate purposes outlined in this Privacy Notice and is implemented in a manner that respects individual rights and freedoms. Where required under applicable law, Euronet performs Data Protection Impact Assessments (DPIAs) to evaluate and mitigate any risks associated with the deployment of AI/ML systems.

These technologies do not make decisions that produce legal or similarly significant effects on individuals without appropriate human oversight. Where applicable, and in accordance with regional data protection laws, individuals have the right to:

• Request information about the existence and nature of any automated processing involving their data,
• Object to processing based solely on automated decision-making,
• Request human intervention or to express their point of view in such contexts.

Euronet maintains appropriate safeguards to ensure the transparency, accuracy, fairness, and security of any AI or ML technologies used in the processing of personal data and regularly reviews such systems to ensure ongoing compliance with global data protection standards.

Machine learning 

Machine Learning (ML) is used to support internal processes such as project management, data analysis, communications, system security, anti-money laundering and fraud prevention. These technologies may be used, for example, to extract necessary information from documents submitted for identity verification (KYC), Anti-Money Laundering (AML), fraud detection, and transaction monitoring.

When photos and selfies are uploaded during the identity verification process, they are analyzed to confirm whether the individual registering matches the person shown in the provided identification. This technology scans images, converts them into digital templates, and compares them against each other and a database of images to determine a match.

We have developed machine learning models to support regulatory compliance by identifying potential transactional fraud. This analysis helps us provide requested services while meeting legal obligations related to fraud prevention, money laundering, and terrorism financing. The process involves analyzing transactional data, assigning values to specific indicators, and processing these values through a machine learning model to assess the likelihood of fraudulent activity.

Profiling and Automated Decision-making

When expressly agreed, we provide you with tailored information regarding our products and Services. We undertake data analysis in order to target appropriate communications and advertisements to you including invitations to exclusive client events that we think you may be interested in as well as recommending products and services that we think might be suitable for you.

In some cases, we use automated decision-making and profiling if it is authorized by legislation and necessary for the performance of a contract. For example, the automated authorization for remittance services. The legal basis to proceed with the profiling and the automated decision-making is legitimate interest.

We also make automated decisions in processes such as transaction monitoring in order to counter fraud in compliance with the legal requirements related to prevention of money laundering terrorist financing and financial services. Depending on your residence, you may have a right to request not to be subject to fully automated decision-making, including profiling, if such decision-making has legal effects or similarly significantly affects you. This right may not apply if the decision-making is necessary in order to enter into or to fulfil an agreement with you if the decision-making is permitted under applicable data protection laws or we have received your explicit consent.

Chatbot

Our services may include a chatbot functionality. This service records the conversations not only for quality assurance purposes but also to ensure compliance with our regulatory obligations.

In some cases, the chatbot feature is supported by an AI system. This service does not reuse your data nor learn from the data you post. This service is used to provide answers directly extracted from our systems.

Marketing Communications Based on Soft Opt-In and Consent

You may receive marketing communications from us through two different mechanisms:

1. Based on Your Consent (Regular Opt-In)

You will receive marketing messages if you have explicitly given us permission to use your Personal Data for that purpose. This occurs, for example, when:

• You opt in during registration; or
• You update your preferences in your profile settings.

With your consent, we provide tailored information about our products and services. We use data analysis to offer targeted communications, advertisements, and invitations to exclusive events, along with product and service recommendations that may interest you. You may withdraw your consent at any time.

2. Based on a Legitimate Interest (Soft Opt-In)

Where allowed by local law, you may also receive marketing communications if:

• You have a contractual relationship with us (e.g., you are actively using our Services); and
• You have not specifically opted out.

This applies only to products or services that are similar to those you have used before, and you will always be informed during registration and use of our Services that your Personal Data may be used for this purpose.

How to Opt Out or Withdraw Consent

You can stop receiving marketing communications at any time. If you do so, we will remove you from our marketing list and you will no longer receive promotional updates. You may also opt back in later if you wish.

You can withdraw your consent or opt out using any of the following:

• By updating your preferences in your profile;
• By clicking the opt-out link included in our communications;
• By contacting us at dpo@euronetworldwide.com. 

If you have any additional questions or if you wish to start receiving marketing communications, please contact dpo@euronetworldwide.com. 

Third Party Advertisement

Third-party advertisers provide advertisements that are displayed on our website, our App, or elsewhere in our Services. Third-party advertisers don’t have access to any of the information our customers have given us directly. Typically, advertisers rely on cookies or some other web/app-based mechanism to assess which advertisements may be interesting to you.

We do not place “Targeting Cookies” or enable “Targeting” on your system without your consent, where required by law.

If you have provided your consent by accepting Targeting Cookies on the Website or enabled Targeting on the App, we may use third parties to do so (remarketing and Similar Audience features). With your consent, we may share your Personal Data with third parties for such marketing purposes. You can opt-out of advertising by modifying your cookies settings.

Third parties are not bound by our Privacy Notice. To understand the privacy practices of a third-party, you should visit the third-party website and review their privacy policy. You can find all the third parties that may use Cookies for targeting in our Cookie Policy.

Captcha and Bot Protection Tools

To protect our website and forms from spam, abuse, and automated misuse, we use CAPTCHA technologies. These tools analyze user behavior to distinguish human users from bots.

Where applicable, we may use non-intrusive CAPTCHA services to prevent fraud or abuse. These tools are designed to verify users without significantly affecting their experience. This processing is also based on our legitimate interest in securing our digital services.

Regional Privacy Notices

Notice to United States Residents for Financial Services

Applicability of Gramm-Leach-Bliley Act (GLBA)

This Notice informs U.S. consumers and customers (including former ones) about the federal Gramm-Leach-Bliley Act (“GLBA”) requirements. It concerns the collection, disclosure, and protection of “nonpublic personal information” (“NPI”).

For this Notice, NPI is personally identifiable information collected as a financial institution under the GLBA that is not publicly available. NPI may include any:

• Information provided by an individual when obtaining a financial product or service.
• Information obtained about an individual from transactions involving financial products or services.
• Information acquired about an individual in connection with providing a financial product or service, such as information from a consumer report or court record.

All disclosures of NPI are made as permitted by law. A “nonaffiliated third party” is any person except a financial institution’s affiliate or a person employed jointly by a financial institution and a company that is not the institution’s affiliate.

The categories of information disclosed and to whom under joint marketing/service provider exception of the Privacy Rule are listed here.

If NPI may be disclosed to nonaffiliated third parties, and that disclosure does not fall within any of the exceptions of the Privacy Rule under the GLBA, consumers’ and customers’ have the right to opt out of these disclosures and an opt-out mechanism will be provided to the consumer or customer.

Notice of the information sharing among Euronet Group and it’s provided in accordance with the Fair Credit Reporting Act.
 

We comply with the rules issued to implement Executive Order 14117, restricting the exchange of Sensitive Personal Data with the identified countries of concern as defined under the Final Rule.

Universal Opt-Out Mechanism: We recognized an opt-out preference signal in a frictionless manner. The opt-out preference signal applies to your device, consumer, and/or offline sales, and grants you the right to opt-out of having your personal data shared for targeted advertising purposes. To implement an opt-out preference signal, please visit https://globalprivacycontrol.org/ to learn how to download a supported browser or extension.

By providing your mobile number, you consent to receive SMS messages, including fraud alerts. When required, such messages will only be sent if you have previously consented. Message frequency may vary. Standard message and data rates may apply. You can opt out at any time by replying “STOP” or following the instructions in any message.

 We will not share your number with third parties or affiliates for marketing or promotional purposes. We may share your number with subcontractors supporting service delivery, such as customer service. All text messaging consent data is excluded from such sharing.

California Residents

In accordance with the California Consumer Privacy Act, residents of California may exercise the following rights:

• Right to Know
• Right to Access
• Right to Correct Inaccuracies
• Right to Deletion
• Right to opt Out of Sale or Sharing of Personal Data for cross-contextual behavioral advertising purposes
• Right to limit Sensitive Personal Data use and disclosures to specifically permitted purposes.
• Right of No Retaliation Following opt-out or Exercise of other Rights

From the day we receive your request, we will respond to you within a maximum time of 45 days, unless an extension is requested. Internal Appeals Process If you receive notice from us that your Personal Data rights request has been refused, you may appeal the refusal within a reasonable period after receiving the notice by sending an email to dpo@euronetworldwide.com.

Our use of cookies or other tracking technologies may be considered a "sale" or "sharing" under applicable law. You may have the right to opt out of having your personal data shared for purposes of targeted advertising. We do not provide Services directly to children under 16, we do not knowingly sell or share personal information of consumers under 16 years of age. 

In the prior 12 months, we may have shared the following categories of personal information: Identifiers such as contact information, internet and other electronic network activity information including behavioral and technical data. 

In the prior 12 months, we may have shared your personal information to the following categories of third parties: Third-party service providers including advertisers or advertising networks and social media companies.  

Texas Residents

If you have a complaint, first contact the consumer assistance division of Dandelion Payments, Inc. at +18774431399 if you still have an unresolved complaint regarding the company's activity, please direct your complaint to: Texas Department of Banking, 2601 North Lamar Boulevard, Austin, Texas 78705, 1-877-276-5554 (toll free),www.dob.texas.gov.

Notice to European (EEA) Residents

In accordance with the General Data Protection Regulation (GDPR) and in addition to the rights stated above, all residents of the Economic European Area (EEA) may exercise the following rights:

• Right to Access
• Right to Correct Inaccuracies
• Right to Deletion
• Right to Restrict Processing
• Right to Data Portability
• Right to Object
• Rights related to Automated Individual Decision-Making

To exercise any of the rights listed above, you shall comply with the obligations set above in this Privacy Notice.

From the day we receive your request, we will respond to you within a maximum time of 30 days, unless an extension is requested.

The Data Protection Authorities in the EEA are listed in this link, Europe (EEA): Members | European Data Protection Board (europa.eu)

Notice to UK Residents

In accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, all residents of the UK may exercise the following rights:

• Right to Access
• Right to Correct Inaccuracies
• Right to Deletion
• Right to Restrict Processing
• Right to Data Portability
• Right to Object
• Rights related to Automated Individual Decision-Making

To exercise any of the rights listed above, you shall comply with the obligations set above of this Privacy Notice, relating to sending our request to dpo@euronetworldwide.com  and verification of your identity.

From the day we receive your request, we will respond to you within a maximum time of 30 days, unless an extension is requested.

To contact the Data Protection Authority, you can follow this link: Information Commissioner Officer (ICO)

Notice to New Zealand Residents

To all resident in New Zealand, the rights you may exercise regarding the processing of your Personal Data are the following:

• Right to Know
• Right to Access
• Right to Correct Inaccuracies
• Right to Deletion
• Right to Restrict Processing

To exercise any of the rights listed above, you shall comply with the obligations set out in this Privacy Notice, relating to sending our request to dpo@euronetworldwide.com and verification of your identity.

From the day we receive your request, we will respond to you in a maximum time of 20 days.

To contact the local Data protection authority, go to: Office of the Privacy Commissioner

Notice to Australian Residents

To all residents in Australia, the rights you may exercise regarding the processing of your Personal Data are the following:

• Right to Know
• Right to Access
• Right to Correct Inaccuracies
• Right to Deletion
• Right to Restrict Processing

You may also ask us to explain our data policies and practices according to the applicable law.

From the day we receive your request, we will respond to you within a maximum time of 30 days.

While processing your Personal Data, we need to share your Personal Data according to the following:

To contact the local Data protection authority, go to: Office of the Australian Information Commissioner

Notice to Canadian Residents

To all residents in Canada, the rights you may exercise regarding the processing of your Personal Data are the following:

• Right to Know
• Right to Access
• Right to Correct Inaccuracies

From the day we receive your request, we will respond to you within a maximum of 30 days.

To contact the local Data protection authority, go to: Office of the Privacy Commissioner of Canada

Our Companies

The controller is XE represented by the companies below, depending on country and service:  

Contact Euronet Privacy

For queries, suggestions, or complaints, please contact our Privacy department directly.

• Email: dpo@euronetworldwide.com
• Postal mail: DPO, Calle Cantabria 2, 2-A Alcobendas Madrid, Spain