Through this Policy, we wish to provide you, as an End User, with a simple and straightforward explanation of the information Belvo collects and about how we use, share that information and how we participate in data processing as a processor. While our Clients must inform you of the services we provide them, the applicable notices or policies, and must obtain, where appropriate, any consent necessary to process your information, we value transparency and want to provide you with a concise description of how we process your information.
Identity and contact details of the Processor
Belvo Technologies SAPI de CV (for Mexico and Colombia) or Belvo Tecnologias LTDA (for Brazil) (hereinafter, “Belvo”) is in charge of the processing of End Users’ personal data to fulfill the purposes established here. To resolve any doubts or clarifications regarding the use of your personal data, you can contact Belvo through the following e-mail: firstname.lastname@example.org, indicating who is the Client making use of your personal data so that we can inform them about your contact with Belvo.
Purpose for the treatment of your personal data
Belvo uses your personal data for the purposes listed below:
- To comply with the legal relationship established with the Client (corporate Clients).
- Ensure the security of Belvo’s services by creating and encrypting your access credentials, applying security measures to the information you share through our services and applying measures to prevent fraud and malicious activity that can affect the security of our systems and your information.
- Statistics and improvement of the use of our services, investigation of illegal uses of Client’s applications and investigation of violations of our Terms and Conditions, criminal activity or unauthorized access to Belvo’s services.
Who can we share your information with?
In order to fulfill our contractual relationship with our Clients, we may share your personal data, inside and outside your country of residence, with the recipients and for the purposes explained below:
|Purpose of the transfer||Category of recipients|
|Communicate the Client with the information of the End Users Financial Account to the extent necessary to provide the services you have contracted with said Clients, who use Belvo’s services.||Digital service providers (Clients) who use Belvo technology to provide their services to End Users.|
|Management and administration of End User data and statistics on the use of our services.||Holdings, affiliates or subsidiaries; and companies in the same business group, which operate under the same internal policies and processes.|
|Compliance with judicial or administrative requirements to fulfill information requirements.||Judicial or administrative authorities.|
|Cloud software, platform and infrastructure services.||Cloud computing service providers that provide their services to Belvo as data processors.|
For the purposes of auditing, security, fraud control, preservation of rights, we may keep your data for a longer period in the event that the law or regulatory rule so establishes or for the preservation of rights.
The collected data may be stored on our servers, as well as in an environment of resource usage or servers in the cloud (cloud computing), which may require a transfer and / or processing of this data outside the country in which it was collected.
When personal data is sent outside of your place of residence, the Client and Belvo ensure compliance with all legal and information security requirements established by applicable regulations, through contracts, clauses and controls necessary to ensure protection of your information.
Belvo’s responsibility and Client’s responsibility
Belvo processes the personal data of End Users who connect their financial accounts to a Client’s application or otherwise connect their financial accounts through the Belvo platform. Belvo accesses, treats and uses the personal data of End Users only during the period in which they remain linked to the Client’s applications or the Belvo platform.
It is up to you to read the privacy and data handling policies of such portals, applications or platforms outside our environment, and it is your responsibility to accept or reject them. We are not responsible for the privacy and data processing policies of third parties, nor for the content of any websites, content or services linked to environments other than ours.
Storing your personal data; criteria for its determination
Belvo will keep your personal data for the periods strictly necessary to comply with the instructions of the Client (our corporate clients) and, if applicable, until the period of prescription of the actions resulting from the legal relationship that gave rise to the processing of your data.
Data Subject’s rights; means for exercising it
As a processor, Belvo does not process requests to exercise the rights of personal data subjects, since such requests must be met by those responsible for the personal data of End Users.
If you request the exercise of your rights of access, rectification, cancellation or opposition, among others, Belvo will redirect your request to the corresponding Client, if applicable.
Automatic means of collecting personal data
Cookies have an expiration date, which can vary from the duration of the session or visit to our website, until a specific date after which they are no longer operational. Most of the cookies used on www.belvo.com are associated only with an anonymous User and his computer equipment, it does not provide references that allow the User’s name and surname to be deduced, cannot read data from his hard drive or include viruses in his texts.
We may also collect information using “web beacons”, “pixel tags”, “clear gifs” or similar means (generically “web beacons”) that allow us to obtain non-personal or aggregated information, such as domain names, areas of the website what you visit, your operating system, the version of the operating system you use, the browser version and the URL prior to your visit. This information is used to understand traffic patterns.
You can configure your browser to automatically accept or reject all cookies or to receive an on-screen notice about the receipt of each cookie and decide right away whether or not you want to implement it on your hard drive. In any case, you can delete cookies from our website at any time, following the procedure set out in the help section of your browser.
If any point of this Policy is considered unenforceable by the Data Authority or the court, the other conditions will remain in full force and effect.
Date of last update: February 22, 2021