9.1. Personal data is processed for this purpose in compliance with legal requirements related to:
9.1.1. Establishing and verification of the client's identity;
9.1.2. Conclusion and execution of agreements with the client or in order to take steps at the request of the client;
9.1.3. Execution of transfers of funds and transmission of necessary information together with a transfer in accordance with legislation;
9.1.4. Implementation of the "Know Your Client" principles;
9.1.5. Continuous and periodic monitoring;
9.1.6. Risk assessment;
9.1.7. Updating clients' data in order to ensure their accuracy;
9.1.8. Prevention of possible money laundering and terrorist financing, prevention of fraud, detection, investigation and informing of such activity, determination of politically exposed persons or financial sanctions imposed on the client;
9.1.9. Ensuring proper risk and organization management.
9.2. For this purpose, the following personal data may be processed: name, surname, personal identification number, address, date of birth, data from an identity document and a copy of the document, photo, direct video transmission (direct video broadcast) recording, citizenship, email address, phone number, payment account number, IP address, current activity, current public function, other data required by the Law on Prevention of Money Laundering and Terrorist Financing.9.3. These personal data are collected and processed on the basis of a legal obligation imposed on the payment service provider, and are required in order to open an account and/or provide a payment service.
9.4. Data retention period: 8 (eight) years after the termination of the business relationship with the client. The retention period may be extended for a period not exceeding 2 (two) years, provided there is a reasoned request from a competent authority. Such data retention period is required by the Law on Prevention of Money Laundering and Terrorist Financing.
9.5. Data providers: the data subject, credit and other financial institutions and their branches, PE Center of Registers, databases for checking the data of personal documents (databases of expired documents and other international databases), authority check registers (registers of notarized authority and other databases), the Register of Incapacitated and Disabled Persons, the Population Register, companies maintaining registers of international sanctions, other persons.
9.6. Groups of data recipients: supervisory authorities, credit, financial, payment and/or electronic money institutions, pre-trial investigation institutions, the State Tax Inspectorate, payment service agents of Increscendo Group (if the operation is carried out using their services), beneficiaries of transaction funds receiving the information in payment statements together with the funds of the transaction, debt collection and recovery agencies, companies processing consolidated debtor files, lawyers, bailiffs, auditors, other entities having a legitimate interest, other entities under an agreement with Increscendo Group, only provided you have given your separate consent for that.
9.7. Data may be provided to third countries only in the case your payment transfer is carried out to a third country, or a partner (correspondent) from a third country is engaged in the payment execution.