End User Privacy Notice

Last updated: August 2024

This website is operated and provided by Volt Technologies Holdings Limited (“Volt“, “we“, “us“, “our“) having its registered office at 42 Berners Street, London W1T 3ND.

1. INTRODUCTION

Welcome to Volt’s general privacy notice (“Privacy Notice“). Volt respects your privacy and is committed to protecting your personal data.

This Privacy Notice explains what personal data Volt collects from you, or that you provide to us, what we will use it for and with whom we share that information. The notice also sets out your rights and who you can contact for more information. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. 

In this Privacy Notice the term “Data Protection Legislation” means all applicable legislation relating to privacy or data protection in force from time to time, including the EU General Data Protection Regulation (“GDPR“) and the GDPR as it forms part of the domestic law of the United Kingdom. Please note that some privacy rights and obligations may differ in certain locations based on applicable local data protection laws. We have included supplemental information for certain jurisdictions as addendums to this Privacy Notice.

2. WHO DOES THIS PRIVACY NOTICE APPLY TO?

This Privacy Notice applies to: 

  • Website Users: people who use Volt to purchase goods and services.

References to “you“, and “your” are references to Volt’s Website Users. 

3. CHANGES TO THIS PRIVACY NOTICE

Any changes we make to this notice in the future will be posted on this page of the Volt website. We strongly encourage users to check our Privacy Notice each time they use the Volt website. However, any material changes to this Privacy Notice will be notified through an appropriate method. 

 4. CONTROLLER

Volt is a controller of your personal data, which means we decide how to process your personal data and have certain responsibilities in relation to your personal data.  Personal data means any information that can be directly or indirectly related to you.

5. HOW WE COLLECT YOUR PERSONAL DATA 

We may collect your data in different ways as follows: 

Information you give to us:

In order to make a payment, we ask you to provide the details of your bank, including the country of that bank. Often, we will also need to ask you for your bank account number (i.e. IBAN) or other unique bank details to allow us to request the payment from your bank. We also ask you to confirm transaction information passed to us by the merchant or provider.

Information we automatically collect about you: 

As you interact with our website, we automatically collect technical data about your equipment, browsing/usage and patterns. This includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive technical data about you if you visit other websites employing our cookies. Please see our Cookies Policy, which explains what cookies are, which cookies we use and what information they collect, for further information on this. 

Information provided to us by third parties:

We may receive personal data about you from merchants, various third parties and public sources including:

  • information about your transaction with the merchant or provider, including a unique order reference, transaction date and the beneficiary, amount and currency of your payment. If you have provided your bank account number to the merchant, we will often be sent this. We will receive information from your bank relating to the status of this payment, including any decision to decline a payment, and your bank account number. We may also process account information provided by merchants and banks including your email address, bank name, account details including sort code, account number, whether a business or personal account, balance and currency, transaction history and analysis.
  • technical data such as internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website from analytics providers and advertising networks; 

6. PERSONAL DATA WE COLLECT 

The personal data we process may include: 

End Users

Communication Data

Personal data that you provide to us when you contact us, for example your name, contact details (residential address, email address and telephone number), details of your query and any extra information that you choose to tell or provide to us.

Identification Data 

Name, date of birth and any other information that may be required for AML purposes. 

Financial Data  

Bank account information, payment data (amount, currency etc.).

Device and Web Data

Online identifiers (including IP address), device information and information about your visit to our website (including the full Uniform Resource Locators (URL), clickstream to, through and from our website (including date and time), length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs) and methods used to browse away from the page).

 

7. HOW WE USE YOUR PERSONAL DATA

Data Protection Legislation requires that we process your personal data for purposes that we tell you about and only where we have a lawful basis to do so. The below table sets out our purposes of processing, the lawful basis of processing we rely on, and the personal data processed for that purpose.

Purpose of processing

Lawful basis of processing

Personal Data

End Users

To execute payment

 

Identification Data, Financial Data

To comply with a legal or regulatory obligations

 

Communication Data, Identification Data, Financial Data, Device and Web Data

To provide you with a safe, smooth, efficient, and customised experience on our website

  • Our legitimate interests (to provide, run and administer our website)

Communication Data, Device and Web Data

To ensure that the content on our website is presented in the most effective manner for you and your device

  • Our legitimate interests (to provide you with content relevant to you in the most optimum format)

Device and Web Data

To provide you with the information and services that you request from us

  • Our legitimate interests (to run and administer our business, to provide you with information you have requested or to respond to queries from you)

Communication Data

To monitor use of our website and use your information to help us monitor, improve and protect our services, including asking you to leave reviews or take surveys related to our products or services

  • Our legitimate interests (to run and administer our website and to evaluate, develop and improve our services)

Communication Data, Device and Web Data

To administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes

  • Our legitimate interests (to run and administer our website and to evaluate, develop and improve our services)

Device and Web Data 

As part of our efforts to keep our website safe and secure

  • Our legitimate interests (to maintain the security of our website)

Device and Web Data

To place cookies or use similar technologies to read information on your device for non-essential purposes as further set out in our Cookies Policy

  • Where you have provided us with your consent to do so

Device and Web Data

 

8. SHARING YOUR PERSONAL DATA

Personal Data

Who we share it with

Our reason for sharing

Website Users 

Communication Data

  • Our affiliates, subsidiaries and business partners
  • Third party service providers

To ensure your payment is processed by the appropriate party in accordance with your reasonable expectations

  • Regulators or other authorities 

Where we are required to do so to comply with our legal obligations

Identification Data

  • Our affiliates, subsidiaries and business partners
  • Third party service providers

To ensure your payment is processed by the appropriate party in accordance with your reasonable expectations

  • Regulators or other authorities 

Where we are required to do so to comply with our legal obligations

Financial Data

  • Our affiliates, subsidiaries and business partners
  • Third party service providers
  • Our merchants

To ensure your payment is processed by the appropriate party in accordance with your reasonable expectations

  • Regulators or other authorities 

Where we are required to do so to comply with our legal obligations

Device and Web Data 

  • Our affiliates, subsidiaries and business partners
  • Third party service providers

To administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes

  • Regulators or other authorities

Where we are required to do so to comply with our legal obligations

 

9. INTERNATIONAL TRANSFERS OF YOUR PERSONAL DATA

We may transfer your personal data to a recipient based in a country outside of the UK and/or European Economic Area (“EEA“).

Where we do so, we will ensure that such transfer is in accordance with our obligations under Data Protection Legislation. For example, a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is in place.

We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission and/or equivalent authorities in the United Kingdom as applicable, or with whom we have put in place appropriate measures to ensure that data is adequately protected. These measures will usually include use of approved standard contractual clauses.

In case we actually initiate such a transfer the information about it will be here, we will indicate, among other things, its purpose and recipient of the data.

Please contact us if you want further information on the topic.

10. HOW LONG WILL WE KEEP YOUR PERSONAL DATA FOR?

We will only keep your personal data for as long as it is required for the purposes for which it was collected, or as required to comply with applicable law or to defend or enforce our legal rights.

11. LINKS TO OTHER SITES

The Volt website may contain links to other websites. Volt is not responsible for the privacy policies of third party websites to which links are provided. You should check the privacy policies on these sites before providing any personal data. 

12. HOW WE PROTECT YOUR PERSONAL DATA 

We take your online security seriously and maintain appropriate physical, organisational and technical measures so as to prevent any loss, misuse, unauthorised access, disclosure or modification of your personal data. 

Please note, however, that the transmission of information via the Internet is not completely secure and we cannot guarantee the security of your personal data transmitted to us or provided though the Volt website.

13. YOUR LEGAL RIGHTS

You have the right to ask us for a copy of your personal data; to correct, delete or restrict (stop any active) processing of your personal data; and to obtain the personal data you provide to us for a contract or with your consent in a structured, machine-readable format.

Where we have asked for your consent, you may withdraw consent at any time, although this will not affect any processing which has already taken place at that time and we may have other legal grounds for processing your data for other purposes, such as those set out above. In some cases, we are able to send you direct marketing without your consent, where we rely on our legitimate interests. 

In addition, you can object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement, or where we are using the data for direct marketing). You can ask us to stop sending you marketing messages at any time by following the unsubscribe links on any marketing message sent to you or by contacting us. Where you opt out of receiving these marketing messages, this will not affect our processing of data for other purposes (see above).

These rights may be limited, for example if fulfilling your request would reveal personal data about another person, where it would infringe the rights of a third party (including our rights) or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. Relevant exemptions are included in both the GDPR and in the Data Protection Act 2018. We will inform you of relevant exemptions we rely upon when responding to any request you make.

To exercise any of these rights, you can get in touch with us, or make a complaint, by emailing dpo@volt.io. 

Where we process your data for the purpose of entering or performing a contract with you, certain data is mandatory for that purpose. Any information provided to facilitate a payment you have requested is therefore mandatory, as well as any information which we are required to collect for regulatory reasons, for example, for anti-money laundering checks. Where provision of data is mandatory, if relevant data is not provided, then we will not be able to fulfil your requests to register, initiate payments or otherwise engage with Volt. All other provision of your information is optional.

14. RIGHT TO COMPLAIN 

You also have the right to complain to the regulator about Volt’s information rights procedures. In the UK, the relevant regulator is the ICO and you can make your complaint via the ICO’s website here. Alternatively, where you are in the EU, you may contact our lead Supervisory Authority – the UODO – and you can make your complaint via their website here.  Where you are in Brazil, you may contact the ANPD using the contact details listed in the Brazil Addendum. Where you are in Australia, you may contact the Office of the Australian Information Commissioner using the contact details listed in the Australia Privacy Policy. 

We would, however, appreciate the chance to deal with your concerns directly so please contact us in the first instance.

15. CONTACT DETAILS

If you have any questions, comments or requests regarding this Privacy Notice, including any requests to exercise your legal rights, please contact us using the details set out below. You may also use these contact details if you wish to make a complaint to us relating to your privacy. 

Our contact details are as follows:

  • Full name of legal entity: Volt Technologies Holdings Limited
  • Email: dpo@volt.io
  • Postal address: 12 Melcombe Place, London, England, NW1 6JJ

Last updated: May 2024

1. APPLICABILITY

This Australia Addendum (“Australia Addendum”) supplements Volt Technologies Holdings Limited’s (“Volt”, “we”, us” and “our”) Staff Privacy Notice (”Privacy Notice”), to the extent that the Privacy Act 1988 (Cth) (”Australian Privacy Act”) applies in relation to our processing of personal data. In case of any inconsistences between this Australia Addendum and the Privacy Notice, this Australia Addendum prevails. 

2. PERSONAL DATA UNDER THE AUSTRALIAN PRIVACY ACT

In this Australia Addendum and in the Privacy Notice, in relation to the processing of personal data governed by the Australian Privacy Act, “personal data” has the same meaning as “personal information” as defined in the Australian Privacy Act. 

The concept of a “controller” does not exist under the Australian Privacy Act. 

3. SHARING OF PERSONAL DATA OVERSEAS

We generally collect and store your personal data in Australia. However, we may share your personal data with our service providers and related bodies corporate located overseas, including in the United Kingdom, Netherlands, Poland, Germany and Brazil.

We only ever share your personal data outside of Australia where we are permitted to do so under applicable personal data protection laws. Generally this means we will take reasonable steps to ensure your personal data is treated securely and in accordance with applicable privacy laws, or with your consent. 

4. HOW TO ACCESS OR SEEK CORRECTION TO YOUR PERSONAL DATA

Some of the rights set out in the Privacy Notice only apply under the GDPR or other foreign privacy laws, and do not apply under the Australian Privacy Act.

However, you are entitled to request access to any of your personal data that we collect, or to request that any of the personal data that we hold about you is corrected. To make such a request, please contact us at dpo@volt.io

We may decline your request to access or correct your personal data in certain circumstances in accordance with the Australian Privacy Act. If we do decline your request, we will provide you with a reason for our decision. 

5. HOW TO MAKE AN ENQUIRY OR COMPLAINT ABOUT THE HANDLING OF YOUR PERSONAL DATA

If you have any questions or concerns about this Australia Addendum or how we have handled your personal data, you may contact us at dpo@volt.io.

Please also contact us if you have a complaint about privacy. If you make a complaint about privacy, the following will occur:

No.

Step

1.

We will first consider your complaint to determine whether there are simple or immediate steps which can be taken to resolve it. We will generally respond to your complaint within a week.

2.

If your complaint requires more detailed consideration or investigation:

  • we will acknowledge receipt of your complaint within a week and endeavour to complete our investigation into your complaint promptly; and
  • we may ask you to provide further information about your complaint and the outcome you are seeking.

3.

We will then typically gather relevant facts, locate and review relevant documents and speak with the individuals involved.

4.

In most cases, we will respond to your complaint within 30 business days from when we receive your complaint. If the matter is more complex or our investigation may take longer, we will let you know.

 

If you are not satisfied with our response to a complaint, or you consider that we may have breached the Australian Privacy Act (including the Australian Privacy Principles), you are entitled to make a complaint to the Office of the Australian Information Commissioner (the Australian privacy regulator).

The Office of the Australian Information Commissioner can be contacted by telephone on 1300 363 992, or you can fill out this form to make a complaint about our handling of your personal data. Full contact details for the Office of the Australian Information Commissioner can be found online here.

1. APPLICABILITY 

This section will apply for personal data processing activities performed by Volt for the Brazilian market, which includes any processing activity (i) carried out in Brazil, (ii) aimed at offering or providing goods or services or processing data of individuals located in Brazil, or (iii) collected in Brazil. In this context, any personal data processing activities will be carried out in accordance with the laws of Brazil, including the Marco Civil da Internet, Federal Law No. 12.965/2014 (“MCI”) and the General Data Protection Law, Federal Law No. 13.709/2018 (“LGPD”).

For the avoidance of doubt, matters not addressed in this section should be referred to the general Privacy Notice above.

2. INTERNATIONAL TRANSFERS

Some of the third parties who will receive your data are based outside Brazil. The countries receiving the data that we transfer may not offer adequate levels of personal data protection under applicable regulations. In such cases, Volt will take appropriate steps to ensure that recipients of your personal data are bound to duties of confidentiality and implement appropriate measures to ensure your personal data will remain protected in accordance with Volt Consumer Privacy Notice, such as standard contractual clauses or other mechanisms provided for in the applicable law.

The services provided by Volt require the support of a technological infrastructure, such as servers and cloud services, which may be provided by third parties. Some of this infrastructure may be established outside Brazil.

3. YOUR LEGAL RIGHTS

You have the following data protection rights, which you can exercise at any time by contacting us by email (dpo@volt.io) or postal address (Rua Dr. Virgílio de Carvalho Pinto, No. 306, apt. 121, Zip Code 05415-020, São Paulo).

  • The right to access your personal data and confirm the existence of processing. 
  • The right to correct, update or request anonymisation, blocking or deletion of your personal data. 
  • The right to object to the processing of your personal data where it is based on our legitimate interests or in case of non-compliance with LGPD. 
  • The right to ask us, in some situations, to restrict the processing of your personal data or to request portability of your personal data. 
  • If we collect and process your personal data with your consent, you have the right to withdraw your consent at any time and request deletion of your personal data. Withdrawing your consent will not affect the lawfulness of any processing carried out prior to your withdrawal, nor will it affect processing of your personal data carried out on a legal basis other than consent. 
  • The right to request a review of decisions based solely on automated processing, which may affect your interests. 
  • The right to petition the National Data Protection Authority – ANPD about our collection and use of your personal data. 
  • The right to request portability of your personal data to another service provider.
  • The right to request information about with whom your personal data has been shared.

We respond to all requests we receive from individuals who wish to exercise their data protection rights in accordance with applicable data protection laws. If you are aware of changes or inaccuracies in your information, you must inform us of such changes so that our records can be updated or corrected. 

To exercise your rights, you or your authorised legal representative may contact us using the contact details provided above. Once we receive your request, we may verify it by requesting sufficient information to confirm your identity.

Where we process your data for the purpose of entering or performing a contract with you, certain data is mandatory for that purpose. Any information provided to facilitate a payment you have requested is therefore mandatory. Where provision of data is mandatory, if relevant data is not provided, then we will not be able to fulfil your requests to register, make a purchase or otherwise engage with Volt. All other provision of your information is optional.