Your Personal and Business Data are treated with extreme caution, safety and always in agreement to the GDPR rules


Welcome to website (the “Site”). In this privacy policy (“Privacy Policy”), the expressions “we” and “us” means Prepaid Financial Services Ltd. We take your privacy seriously and this Privacy Policy explains the steps we take to ensure information about you is kept secure and confidential.


We will collect personal information about you which you provide to us when using the Site, for example, when you activate your eCREDO Prepaid Mastercard, log in to manage your eCREDO account and eCREDO Prepaid Card, contact us through the Site, request information or otherwise provide personal information to us. Such information may include (but is not limited to) your Prepaid Card number and PIN, your full name, address, telephone number, email address, date of birth, proof of identity documents, proof of address documents, transactional information and telephone recordings. You must ensure that the personal information you provide to us is accurate and complete.


We collect, use, store and otherwise process personal information about you for the following purposes: (i) to enable you to access and use the Site; and (ii) to run your eCREDO Prepaid Card account; and (iii) to process your fund transfers and transactions; and (iv) to enable us to provide any services which you have requested through use of the Site; and (v) to personalise aspects of our overall service to you; and (vi) to provide you with information regarding products and services that we feel may be of interest to you (see the “Marketing” section below); and (vii) to provide you with account services to you as per our contractual obligations; and (viii) to comply with our legal obligations for the prevention of fraud, money laundering, counter terrorist financing or misuse of services, verifying your identity, contacting you regarding our services to you, and (ix) where requested by law enforcement for investigation of crime.


We will not disclose personal information obtained from you to any third parties other than in connection with legal proceedings or potential legal proceedings or if otherwise required to do so by law or any other Governmental or law enforcement agency (including but not limited to eCREDO, our issuing banks, our processors and our third-party partners.) We may need to disclose your account information and verify personal documents for regulatory obligations we have. This will be in accordance for Anti-Money Laundering and Fraud prevention checks.


We and/or our partners will only use the personal information obtained from you to enable us to provide you with information by email, telephone or post regarding products and services that we feel may be of interest to you if you have provided your consent for us to do so by ticking the relevant box (es) on this website where your personal information is collected.

If you wish to withdraw consent to use this information at any time for either us and/or our partners’, then you should contact the Data Protection Officer at Prepaid Financial Services Ltd by emailing at


We may need to disclose your personal information if you breach this Privacy Policy and/or our Terms of Use or in connection with legal proceedings or potential legal proceedings or if otherwise required to do so by law or any other Governmental or law enforcement agency.


We may store, process and/or transfer the personal information you submit to us through use of the Site to countries outside of the European Economic Area including (without limitation) to the USA. Personal data transferred outside of the EEA will be stored and processed by our group companies or representative offices for business and management purposes, to perform a contractual obligation owed by us to you and/or to provide you with information or services that you have requested. By using this Site, you consent to us transferring your personal information to countries outside the EEA for our legitimate business purposes as outlined in this paragraph. We will take appropriate steps to protect your personal data.

Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.


Cookies are small files on your computer, which can store information that you transmit when accessing the internet. They are transmitted via the web browser to the computer’s hard drive. Cookies cannot transmit any information from a computer system. They instead help to make a return visit to the Site as simple and user friendly as possible. Some cookies remain on the computer’s hard drive so your computer gets recognised on your next visit. You can change your browser options at any time to deactivate cookies. (Some functions are only accessible when cookies are enabled and we therefore recommend allowing cookies.)


This website contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. This privacy policy applies solely to information collected by this Site.


By consenting to this privacy notice you are giving us permission to process your personal data specifically for the purposes identified above. Consent is required to process personal data, but it must be explicitly given. Where we are asking you for sensitive personal data, we will always tell you why and how the information will be used.

Consent for Children Under 16

If you are giving consent on behalf of a child under sixteen (16) years of age then please be aware that Children need specific protection with regard to their personal data, as they may be less aware of the risks, consequences and safeguards concerned, and also of their rights in relation to the processing of personal data for the purposes of using these services. By consenting to this privacy notice, on behalf of a minor, you are giving permission for their data to be used for the purposes described above.

Withdrawal of Consent Conditions

You may withdraw consent from direct marketing at any time by contacting us on Please note, where you have consented to your data being used for carrying out financial transactions, then the right to withdraw consent does not exist. As a payment service provider, PFS are obliged to retain data concerning financial transactions for 6 years in accordance with national law for the purpose of preventing, detecting and investigating, possible money laundering or terrorist financing.

International Data Transfers & Third-Party Disclosures

In limited situations where PFS stores or transfers personal information outside the EEA or the EU, robust procedures and safeguarding measures apply to secure, encrypt and maintain the integrity of the data. PFS will complete continual reviews of the countries with sufficient adequacy decisions, such as the Privacy Shield in the US, and provisions for binding corporate rules, standard data protection clauses or approved codes of conduct. PFS will further perform due diligence checks with all recipients of personal data to assess and verify that they have appropriate safeguards in place to protect the information. PFS undertakes that it shall not transfer Personal Data outside of the EEA or the EU in full compliance with Article 46 of the GDPR, and shall not transfer data outside of the EEA or EU unless the following conditions are fulfilled:

• The data subject has enforceable rights and effective legal remedies;

• PFS shall comply with its obligations under the Data Protection Legislation by providing an adequate level of protection to any Personal Data that is transferred (or, if it is not so bound, uses its best endeavours to assist the Customer in meeting its obligations);

• PFS complies with any reasonable instructions notified to it in advance with respect to the processing of the Personal Data; and

• Upon written direction shall delete or return Personal Data (and any copies of it) unless PFS is required by Law to retain the Personal Data.

Where PFS is required to transfer Personal Data to the United States of America, PFS shall only send such Personal Data to third-party sub-contractors that meet the minimum requirements contained under the Privacy Shield, or in the standard contractual clauses for the transfer of personal data to processors established in third countries under Directive 95/46/EC of the European Parliament.

In the event that the Privacy Shield is repealed at any future date, for whatever reason, PFS shall only contract with third-party sub-contractors that satisfy the requirements contained in the standard contractual clauses for the transfer of personal data to processors established in third countries under Directive 95/46/EC of the European Parliament and of the Customer.

Retention Period

PFS will process personal data for the duration of the contract for services and will store the personal data for six (6) years after that date of termination of the contract.

Your Rights as a Data Subject

At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:

• Right of access – you have the right to request a copy of the information that we hold about you;

• Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete;

• Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. Your data relating to financial transactions, accounts or cards cannot be deleted due to national law associated with the prevention of fraud, money laundering, counter terrorist financing or misuse of services for crime;

• Right to restriction of processing – where certain conditions apply to have a right to restrict the processing;

• Right of portability – you have the right to have the data we hold about you transferred to another organisation;

• Right to object – you have the right to object to certain types of processing such as direct marketing;

• Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling; and

• Right to judicial review, in the event that PFS refuses your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined below.

All of the above requests will be forwarded on should there be a third party involved in the processing of your personal data. You will find a copy of the Subject Access Request Form here:

Choose your favourite Text editor.



In the event that you wish to make a complaint about how your personal data is being processed by PFS (or third parties as above), or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and PFS’s Data Protection Officer by email to