Privacy Policy

1. Important Information About Ads-Wall

Ads-Wall provides a business platform that enables approved users to access, manage and use virtual payment cards for legitimate advertising and business-related online spending.

Ads-Wall is not a bank, credit institution, card issuer, electronic money institution or payment institution. Ads-Wall does not itself issue payment cards, hold customer funds as a bank deposit, provide regulated payment services, issue electronic money or operate a payment account in its own capacity.

Virtual cards, payment processing, card issuing, safeguarding of funds, transaction authorisation, settlement, chargeback handling, fraud monitoring and any regulated financial services are provided by authorised third-party banking, card issuing, payment processing and compliance partners (the "Authorised Partners").

Your use of certain services may be subject to additional terms, rules, limits, compliance requirements and decisions of the relevant Authorised Partners, card schemes, acquiring banks, payment processors, advertising platforms and other third-party providers.

2. Who This Privacy Policy Applies To

This Privacy Policy applies to:

• visitors to our website;
• persons who submit an account application or enquiry;
• registered users and account holders;
• company representatives, directors, shareholders, beneficial owners and authorised signatories associated with a business account;
• team members and authorised users invited to access an account;
• persons who contact us by email, phone, live chat, social media or any other communication channel;
• persons whose personal data is provided to us as part of onboarding, verification, KYB, KYC, AML, sanctions or compliance checks;
• persons whose personal data is processed in connection with transactions, top-ups, refunds, chargebacks, disputes or compliance reviews;
• any other individual whose personal data we receive or process in connection with our platform and services.

3. Our Role as Controller or Processor

In most cases, Ads-Wall (TIWALLET LTD) acts as the data controller for personal data collected through the platform, website, account registration, support communications and related services.

Where we process personal data on behalf of an Authorised Partner, card issuer, payment processor, compliance provider or other third party, we may act as a data processor or joint controller, depending on the arrangement.

Where our Authorised Partners collect or process personal data directly in connection with card issuing, payment processing, compliance checks, transaction monitoring or regulated financial services, they may act as independent data controllers or joint controllers for that processing.

4. Personal Data We Collect

We may collect and process the following categories of personal data, depending on your relationship with us, the services you use and the requirements of our Authorised Partners:

4.1 Account and Contact Data

Full name, email address, phone number, job title, company name, company role, business address, country of residence, preferred language and communication preferences.

4.2 Business Verification Data

Company registration number, registered office address, trading address, date of incorporation, jurisdiction of incorporation, business type, industry, website URLs, business description, ownership and control structure, UBO (ultimate beneficial owner) details, shareholder details, director details, authorised signatory details and any other business information required for KYB, compliance or partner onboarding.

4.3 Identity Verification Data

Full legal name, date of birth, nationality, country of residence, government-issued identity document type and number (passport, national ID card, driving licence), document images, selfie or liveness check images, proof of address documents, PEP (politically exposed person) status, sanctions screening results and any other identity information required for KYC, AML, sanctions or compliance checks.

4.4 Payment and Top-Up Data

Payment method type, card brand, last four digits of the payment card, card token or reference, billing address, payment amount, payment currency, payment date and time, payment status, payment processor reference, 3D Secure authentication result and any other payment information required to process top-ups, refunds or chargebacks.

4.5 Virtual Card and Transaction Data

Card identifiers, card status, card currency, card limits, card creation date, card expiry, assigned campaign or account labels, transaction amount, transaction currency, transaction date and time, merchant name, merchant category code (MCC), transaction status, authorisation result, decline reason, chargeback status and any other transaction data related to the use of virtual cards.

4.6 Compliance, AML, Sanctions and Fraud Data

KYC verification results, KYB verification results, AML screening results, sanctions screening results, PEP screening results, adverse media screening results, fraud risk scores, fraud alerts, compliance review notes, investigation records, suspicious activity reports and any other compliance-related data required by law, regulation or our Authorised Partners.

4.7 Advertising Activity Data

Advertising platform names, advertising account identifiers, campaign names, campaign URLs, landing page URLs, product or service descriptions, advertising screenshots, ad account status, advertising spend data and any other advertising-related information you provide or that we collect in connection with compliance, risk review or onboarding.

4.8 Technical, Device and Usage Data

IP address, device type, device identifier, operating system, browser type and version, screen resolution, referring URL, pages visited, time spent on pages, click data, scroll data, session duration, access times, login history, feature usage, API usage, error logs and any other technical data collected through cookies, pixels, scripts, SDKs or similar technologies.

4.9 Communications Data

Emails, support tickets, live chat messages, phone call records, social media messages, feedback, survey responses and any other communications between you and Ads-Wall.

4.10 Marketing Data

Marketing preferences, newsletter subscription status, email open and click data, marketing campaign responses, referral source and any other data related to marketing communications.

5. How We Collect Personal Data

We collect personal data from the following sources:

• directly from you, when you create an account, submit an application, complete a form, contact support, provide documents, use the platform or communicate with us;
• from your company, employer or authorised representative, where they provide your details as part of a business account application, team invitation or compliance process;
• from our Authorised Partners, card issuers, payment processors, compliance providers and fraud prevention providers;
• from third-party identity verification, KYC, KYB, AML, sanctions screening and fraud prevention providers;
• from publicly available sources, including company registries, sanctions lists, PEP databases, adverse media databases, court records and other public records;
• from advertising platforms, where relevant to compliance or risk review;
• from cookies, pixels, analytics tools and similar technologies on our website and platform;
• from your browser, device and network when you access the platform;
• from other users, where they provide your information as part of a referral, team invitation or complaint.

6. How We Use Personal Data

We use personal data for the following purposes:

6.1 To Provide the Platform

To create and manage your account, provide access to the dashboard, process top-ups, issue and manage virtual cards, process transactions, display transaction history, provide reporting, enable team management, provide API access and deliver the services you have requested.

6.2 To Verify Users and Businesses

To perform identity verification, KYC, KYB, AML screening, sanctions screening, PEP screening, adverse media screening, fraud checks, document verification, liveness checks, address verification, ownership verification and any other verification required by law, regulation or our Authorised Partners.

6.3 To Process Payments, Top-Ups and Card Transactions

To process balance top-ups, authorise card transactions, manage card controls, handle refunds, process chargebacks, reconcile transactions, manage settlement and facilitate payment processing through our Authorised Partners.

6.4 To Comply With Legal and Compliance Obligations

To comply with applicable laws, regulations, court orders, legal processes, regulatory requirements, reporting obligations, record-keeping requirements, tax obligations and requests from regulators, law enforcement authorities, courts, ombudsmen or other competent authorities.

6.5 To Prevent Fraud and Protect Security

To detect, prevent, investigate and respond to fraud, money laundering, terrorist financing, sanctions violations, unauthorised access, security incidents, data breaches, abuse, misuse and other harmful or illegal activity.

6.6 To Review Advertising and Prohibited Use Risk

To review advertising activity, landing pages, products, services, websites, traffic sources and business models for compliance with our terms, acceptable use policy, Authorised Partner requirements and applicable advertising platform rules.

6.7 To Communicate With You

To send you service-related communications, account notifications, transaction alerts, security alerts, compliance requests, support responses, policy updates and other operational messages.

6.8 To Improve and Develop the Platform

To analyse usage patterns, identify technical issues, improve performance, develop new features, conduct research, generate aggregated or anonymised analytics and improve the overall user experience.

6.9 To Send Marketing Communications

To send you marketing emails, newsletters, product updates, promotional offers and other marketing communications, where you have consented or where we have a legitimate interest and you have not opted out.

7. Lawful Bases for Processing

We process personal data on the following lawful bases under applicable data protection law:

7.1 Contract

Processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract, including providing the platform, managing your account, processing transactions and delivering the services.

7.2 Legal Obligation

Processing is necessary to comply with a legal obligation to which we are subject, including AML requirements, sanctions obligations, KYC and KYB requirements, tax reporting, regulatory reporting, record-keeping and responding to lawful requests from authorities.

7.3 Legitimate Interests

Processing is necessary for our legitimate interests or the legitimate interests of a third party, provided those interests are not overridden by your rights and freedoms. Our legitimate interests include:

• operating, improving and securing the platform;
• preventing fraud, abuse and misuse;
• managing business risk and protecting our rights;
• enforcing our terms and policies;
• communicating with users about the services;
• conducting analytics and research;
• marketing our services to existing or prospective business users;
• complying with Authorised Partner, card scheme and payment processor requirements;
• exercising or defending legal claims.

7.4 Consent

Where we rely on your consent, you have the right to withdraw consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal. We may rely on consent for marketing communications, cookies and similar technologies and any other processing where consent is required.

7.5 Vital Interests

In rare circumstances, we may process personal data where it is necessary to protect the vital interests of you or another person.

8. Special Category Data and Criminal Offence Data

We do not generally seek to collect special category data (such as data revealing racial or ethnic origin, political opinions, religious beliefs, health data, biometric data or sexual orientation).

However, in the course of identity verification, compliance screening, fraud prevention or regulatory processes, we may receive or process data that falls within special categories or relates to criminal offences or allegations, such as sanctions screening results, PEP status, adverse media results, fraud investigation records or law enforcement requests.

Where we process such data, we do so only where permitted or required by applicable law, including for reasons of substantial public interest, for the establishment, exercise or defence of legal claims, or to comply with legal and regulatory obligations.

9. Automated Decision-Making and Risk Scoring

We and our Authorised Partners may use automated processes, algorithms, risk scoring, machine learning and rules-based systems to support decision-making in areas including:

• identity verification and document checks;
• fraud detection and prevention;
• AML and sanctions screening;
• transaction monitoring and risk alerts;
• account approval and onboarding decisions;
• card issuing and limit decisions;
• advertising activity risk assessment;
• chargeback risk scoring;
• account restriction or suspension decisions.

Where automated decision-making has a significant legal or similar effect on you, you may have the right to request human review, express your point of view and contest the decision, subject to applicable law and regulatory requirements.

10. Who We Share Personal Data With

We may share personal data with the following categories of recipients:

• Authorised Partners, including card issuers, payment processors, acquiring banks, settlement providers and electronic money institutions;
• identity verification, KYC, KYB, AML, sanctions screening and fraud prevention providers;
• compliance, legal and regulatory advisers;
• card schemes (such as Visa and Mastercard);
• hosting, infrastructure, cloud storage and IT service providers;
• analytics, monitoring and performance providers;
• email, communication and customer support providers;
• marketing and advertising technology providers (where consent is given or a legitimate interest applies);
• auditors, accountants and financial advisers;
• regulators, law enforcement authorities, courts, ombudsmen and other competent authorities, where required by law or regulation;
• any party involved in a merger, acquisition, restructuring, sale or transfer of business assets;
• any other third party where necessary to provide the services, comply with law or protect our rights.

We require third parties to process personal data only in accordance with our instructions, applicable law and appropriate security measures.

11. International Transfers

Personal data may be transferred to, stored in or accessed from countries outside the United Kingdom and the European Economic Area (EEA), including countries where our Authorised Partners, service providers, hosting providers, compliance providers or other third parties are located.

Where personal data is transferred internationally, we ensure that appropriate safeguards are in place, which may include:

• transfers to countries that have been recognised as providing an adequate level of data protection;
• standard contractual clauses approved by the UK Information Commissioner's Office (ICO) or the European Commission;
• binding corporate rules;
• other lawful transfer mechanisms recognised under applicable data protection law.

12. How Long We Keep Personal Data

We retain personal data for as long as necessary to fulfil the purposes for which it was collected, comply with legal, regulatory and contractual obligations, resolve disputes, enforce our terms and protect our rights.

Retention periods may vary depending on:

• the type of data;
• the purpose of processing;
• applicable legal and regulatory retention requirements (including AML record-keeping obligations, which may require retention for at least five years after the end of the business relationship);
• Authorised Partner and card scheme retention requirements;
• ongoing investigations, disputes, chargebacks or legal proceedings;
• our legitimate business interests.

When personal data is no longer required, we will securely delete, anonymise or destroy it in accordance with our data retention policies.

13. Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, destruction, alteration, disclosure or misuse.

These measures may include:

• encryption of data in transit and at rest;
• access controls and authentication;
• regular security assessments and testing;
• employee training and awareness;
• incident response and breach notification procedures;
• secure hosting and infrastructure;
• monitoring and logging.

While we take reasonable steps to protect personal data, no method of transmission or storage is completely secure. We cannot guarantee the absolute security of personal data.

14. Cookies and Similar Technologies

We use cookies and similar technologies on our website and platform. For full details, please see our Cookie Policy.

You can manage your cookie preferences through your browser settings or through any cookie consent mechanism provided on our website.

15. Marketing Communications

We may send you marketing communications about our services, features, offers and updates where you have consented or where we have a legitimate interest in doing so.

You can opt out of marketing communications at any time by clicking the unsubscribe link in any marketing email, contacting us at info@ads-wall.com or updating your preferences in your account settings.

Opting out of marketing communications does not affect service-related communications that are necessary for the operation of your account.

16. Your Rights

Under applicable data protection law, you may have the following rights in relation to your personal data:

• the right to access your personal data;
• the right to rectification of inaccurate or incomplete personal data;
• the right to erasure of personal data in certain circumstances;
• the right to restriction of processing in certain circumstances;
• the right to data portability in certain circumstances;
• the right to object to processing based on legitimate interests or direct marketing;
• the right to withdraw consent at any time, where processing is based on consent;
• the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal or similarly significant effects, subject to applicable exceptions;
• the right to lodge a complaint with a supervisory authority.

To exercise your rights, please contact us at info@ads-wall.com. We may need to verify your identity before processing your request. We will respond within the timeframes required by applicable law.

Some rights may be limited where we have a legal obligation to retain data, where data is necessary for compliance purposes or where an exemption applies.

17. Complaints

If you are not satisfied with how we handle your personal data or respond to your request, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO).

Information Commissioner's Office
Website: https://ico.org.uk
Phone: 0303 123 1113

We encourage you to contact us first so that we can try to resolve your concern.

18. Third-Party Links and Services

Our website and platform may contain links to third-party websites, services or applications. We are not responsible for the privacy practices, content or security of third-party websites or services.

We encourage you to read the privacy policies of any third-party websites or services you visit.

19. Children

Our platform and services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children.

If we become aware that we have collected personal data from a child, we will take steps to delete it as soon as practicable.

20. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, regulatory guidance, Authorised Partner requirements or operational needs.

Where changes are material, we may notify you by email, through the platform or by other reasonable means.

The updated Privacy Policy will apply from the date stated in the updated version. We encourage you to review this Privacy Policy periodically.

21. Contact

If you have any questions, concerns or requests regarding this Privacy Policy or the processing of your personal data, please contact us at:

TIWALLET LTD
Company number: 17179279
Registered office: Dept 6752, 196 High Road, Wood Green, London, United Kingdom, N22 8HH
Email: info@ads-wall.com
Phone: +44 7455 726203