INYO PRIVACY POLICY

1. BACKGROUND

The Services are powered and hosted by Inyo. During your registration on the Site or opening an Account, you are registering with Inyo. An “Account” means a unique login to the Site, the App or other platform provided by Inyo through which you may access the Services. Many of our Services do not require you to create an Account with us, so we do not provide an account for all customers.

Services are provided pursuant Inyo terms of use that are separate from this Privacy Policy and are posted at the Site (the “Agreement”). Your rights and obligations and those of Inyo with respect to your funds are detailed in the Agreement and not in this Privacy Policy.

Some or all of the Site may be hosted or operated by an Agent. Under our authority, Agent assists us in supplying our Services. Agent may, separately, supply you with other services governed by separate terms and policies (each a “Third Party Servicer Agreement”). We are not party to Third Party Servicer Agreements or their related privacy policies that form part of them and we are not liable for the acts of Third Party Servicers that are outside of their capacity as our Agents for the supply of Services.

2. INFORMATION WE COLLECT

We collect personal information about you from a variety of sources in the course of operating the Site and providing the Services. Personal information is any information or data relating to you that may be used to identify you, either directly or indirectly, or to contact you. Personal information we collect about you and the sources of such personal information include the following:

We collect personal information directly from you when you express an interest in obtaining information about us or the Services, when interact with the Site, or when you contact us. The personal information that we collect depends on the context of your interactions with us and the Site, the choices you make, and the Services you use. The personal information we collect may include but is not limited to the following:

• Your name; phone numbers; email addresses; mailing or residential addresses; job titles; usernames; passwords; billing addresses; contact or authentication data; contact preferences; debit/credit card numbers; source of funds (description of document); copy of identification (document); unique governmental identification number; IP address; place of birth; date of birth; and beneficiary’s information (full name, address, and country; bank, bank code, account number and account type), social security number, tax identification number, corporate documents, corporate registrations, source of funds, bank statements, and creditworthiness.

We collect personal information when you submit personal information on applications or other forms to us or our Agents, including in connection with the Services, through your enrollment and participation in loyalty programs, and when you provide additional information that we may reasonably request for fraud prevention purposes.

In case your mode of payment is ACH, real time payments (“RPT”), check or wire, we collect information relating to your bank accounts such as account number and routing number which are obtained during the process of your bank account verification. Such bank account verification is completed by Inyo using the services of its third-party partners or vendors.

We collect information about your transactions with us, including recipient information, transaction history, frequency of use, amounts transferred, origin currency, original payment method, destination currency, service type, net amount, fees, exchange rate and receiving amount.

In connection with identity verification, fraud prevention and similar security purposes, we collect and/or confirm certain identity-related information, financial background and similar information through third party sources such as our business customers, government agencies and consumer reporting agencies.

We collect information regarding your online activity as described in the section below titled “Internet Technology”.

We may collect personal information otherwise with your consent or as permitted or required by law.

3. HOW WE USE PERSONAL INFORMATION

We use personal information to provide the Services, and for the following purposes:

• 3.1. Information we collect is collected by us directly or by our Agent on our behalf. Therefore, Agents will often collect, store and provide to us all information you provide. We may also use an Agent to deliver information to you, such as transaction information and receipts.
• 3.2. Authorizing and processing your transactions, including effecting and administering money transfers and payments and ensuring proper payment to the designated recipient of funds.
• 3.3. Collecting amounts owing to us, and otherwise enforcing and collecting on your Accounts or agreements with us.
• 3.4. Meeting legal, regulatory, risk management, fraud prevention and security requirements, which may include (among other measures) verifying the identity of the sender and recipient of funds and checking identities against money laundering, terrorist financing or similar watch lists established by regulatory agencies or similar bodies in the United States or in other countries. For identity verification purposes, senders and recipients of money transfers or payments may be required to produce valid identification, provide information related to their mobile carrier (or consent to verification by other means, including obtaining information from their mobile carrier) before releasing funds.
• 3.5. For marketing and promotional purposes, unless you “opt out” or withdraw consent, as described in the section entitled “Offers, Promotions and Opting Out” below.
• 3.6. Maintaining business and transaction records for reasonable or required periods of time, and generally managing and administering our business.
• 3.7. In connection with certain business transactions relating to Inyo, its business or assets, as further described in the section entitled “Information We Disclose” below.
• 3.8. Meeting insurance, audit and processing requirements.
• 3.9. Responding to law enforcement requests for information and complying with such requests as required by applicable law.
• 3.10. Subpoena response subject to your rights to challenge such requests set out in the Agreement.
• 3.11. Otherwise with your consent or as permitted or required by law.

4. DISCLOSURE PRACTICES

We may disclose your personal information to our Agents, Partners (as defined below) and third parties, affiliates, successors and assigns for various purposes as summarized in the table below and the descriptions below the table.

• Provide Services. Your personal information may be shared with the recipient of a money transfer or payment, our Agents, Partners (third- party service providers that assists in the provision of the Services including but not limited to, Agent and any, payment processor, data processor or correspondent Inyo or its Agents), and, if applicable, intermediary banks or financial institutions involved in the transaction. Additionally, personal information may be disclosed to Business Partners when you participate in joint programs or services.
• Marketing. We may disclose personal information to our affiliates for marketing purposes, but you can “opt-out” to that disclosure.
• Third Party Servicers. When you engage with Third Party Servicers (such as for example a telco that whose bill you are paying with our Services) and our Services are used to make a payment to the Third Party Servicer or our Services are otherwise integrated with those of the Third Party Servicer, we may obtain from such Third Party Servicer information concerning your account or their services provided to you and we may disclose to the Third Party Servicer information concerning you in support of our carrying out the Services.
• Third Party Service Providers and Partners. We may also share personal information with third-party service providers (e.g. one of our banks) and affiliates that perform services on our behalf, for example, marketing, information technology, payment processing, data analysis, and/or data hosting, email delivery, and customer service. Some of these providers may be located outside of the United States, and your personal information may be collected, used, disclosed, stored, and processed in or outside of the United States, subject to the applicable data protection and privacy laws. In the Agreement, these third parties are referred to as Third Party Servicers or Partners. We take reasonable measures to ensure that personal information that may be processed by these third-party service providers on our behalf is protected and not used or disclosed for purposes other than as directed by us, subject to legal requirements in the United States and other foreign countries. We may allow selected third parties to use tracking technology on the Site, which will enable them to collect data on our behalf about how you interact with our Site over time. This information may be used to among other things, analyze and track data, determine the popularity of certain content, pages or features, and better understand online activity. Unless described in this notice, we do not share, sell, rent or trade any of your information with third parties for their promotional purposes.
• Affiliates - General. We may share your information with our Affiliates, in which case we will require those Affiliates to honor this privacy policy. “Affiliates” include our parent company and any subsidiaries, joint venture partners or other companies that we control or that are under common control with us.
• Affiliates – Creditworthiness – Not Shared. We will not, however, share your creditworthiness information with our Affiliates, other than as permitted by state and federal law, unless you provide consent to make those disclosures.
• Business Transactions. Your personal information may be used by us and disclosed to third parties connected with financing, securitization, insuring, sale, assignment, or other disposals of all or part of our business or assets (including, for example, your Account with us). All such third parties with whom we contract are bound by non-disclosure agreements with Inyo and are required to comply with applicable data protection and privacy laws.
• Successors and Assigns. Successors and assigns of Inyo and/or its business or assets may use and disclose your personal information for similar purposes as in this Privacy Policy.
• Legal, Regulatory. We may disclose your personal information as necessary to meet legal, regulatory, insurance, audit, and security requirements, and as otherwise with your consent or as permitted or required by law (including applicable United States and foreign laws). This may include lawful requirements to disclose personal information to government authorities in the United States and in foreign countries, for example disclosures in compliance with suspicious activity reporting requirements under anti-terrorism, anti-money laundering and similar laws and regulations in the United States or in foreign countries.

5. OFFERS, PROMOTIONS AND OPTING OUT

We may use your personal information and information about your use of the Services for marketing and solicitation purposes. This may include sending you offers, promotions or information about additional products and services that may be of interest to you.

You may “opt out” or withdraw consent to the use and/or disclosure of your personal information for the purposes described in this section at any time by checking the appropriate box on an online or offline form, if available, or by contacting us as described in “Contact Us” below.

6. DELETION OF ACCOUNT

Upon your request for deletion of your Account or the personal information that we hold, we will process the request and delete your Account along with all of your records and personal information, subject to any legal obligation to retain certain information. In accordance with Federal and State regulations pertaining to money transfers, we will retain your records in archive for the period necessary to adhere to our record keeping obligations. We will only utilize the archive for limited purposes such as to fulfil our regulatory obligations or to adhere to any request from a regulatory body having jurisdiction over our activities.

7. ELECTRONIC COMMUNICATION

Some of the Services are made available using online forms on the Site. Personal information you provide on online forms or by other electronic means will be collected used and disclosed as described generally in this Privacy Policy.

In addition, when you visit or use the Site, we collect information about the domain and host from which you access the Internet; your computer’s Internet address; the browser and operating system software you use; the date and time you access this Site and the Internet address of the site from which you linked to this Site when you visit us. We use this information to diagnose, administer and optimize this Site and web-related services. When registering or creating an Account with us, we collect your password, login name and other information we may request in order to identify you, maintain security of this Site and verify and control access to your Account or online profile. If you make inquiries through the e-mail links, forms or other contact methods provided on this Site, these inquiries are forwarded to the relevant office or department, and are used to respond to your inquiry and maintain a record of correspondence.

We use Internet technologies like cookies and web beacons to facilitate the services we provide on this Web site and your use of this Web sites, including:

• 7.1. To assist us in providing services to you;
• 7.2. To allow you to navigate the Site during your visit without having to re-enter your password;
• 7.3. To store your preferences and other information and to track activity on our website;
• 7.4. To better understand the effectiveness of our promotional campaigns;
• 7.5. To determine whether you came to our site from a banner ad or an affiliate website;
• 7.6. To deliver Information specific to your interests on additional websites; and
• 7.7. To determine whether you’ve acted on our promotional messages.

8. CHILDREN’S PRIVACY

The Services are not directed at children under the age of 13. We do not knowingly collect or maintain personal information from persons under the age of 13. Information collected about persons between the ages of 13 and 18 (or the legal age is in their jurisdiction), is only collected with parent or guardian permission. If we learn that we have inadvertently collected personal information of persons under the age of 13 years old, or between the ages of 13 and 18 years old without parent or guardian permission, we shall immediately take steps to delete the information as soon as possible. If you learn that a child has provided us with personal information in violation of this Privacy Policy, then you may alert us at the contact information listed below.

9. EXTERNAL SITES

This Site may be linked to or from third party websites. These links are provided as a convenience only, and this website is not responsible for the content or privacy practices of Sites that are linked to or from this Site. You are advised to review the privacy policies of any third party websites you visit as Inyo is not responsible for such third-party services.

10. YOUR CONSENT

Consent to the collection, use and disclosure of personal information may be given in various ways. Consent can be express (for example, orally, electronically or on a form you may sign describing the intended uses and disclosures of personal information) or implied (for example, when you provide information necessary for a service you have requested). You may provide your consent in some circumstances where notice has been provided to you about our intentions with respect to your personal information and you have not withdrawn your consent for an identified purpose. This could be done, for example, by using an “opt out” option provided, if any. Consent may be given by your authorized representative (such as a legal guardian or a person having a power of attorney).

Generally, by providing us with your information including personal and bank account related information, you are indicating your consent to our collection, use and disclosure of such information for the purposes described in this Privacy Policy. When using this service, you also consent to entering your bank account related information (e.g. internet banking credentials and MFA responses) to enable Inyo and its Agents and Partners to verify the ownership of such bank accounts. Such verification will be completed by Inyo using the services of its third party service providers.

You may withdraw your consent to our collection, use and disclosure of personal information at any time, subject to contractual and legal restrictions and reasonable notice. Note that if you withdraw your consent to certain uses of your personal information, we may no longer be able to provide all or some of our products or Services. Note also that where we have provided or are providing Services to you, your consent will be valid for so long as necessary to fulfil the Services and for the purposes described in this Privacy Policy or as otherwise described at the time of collection, and you may not be permitted to withdraw consent to certain necessary uses and disclosures (for example, but not limited to, maintaining reasonable business and transaction records, disclosures to The United States and foreign government entities as required to comply with laws, and reporting on credit information after credit has been granted, if applicable).

We may also be required or permitted under applicable law to collect, use or disclose personal information without your consent, for example to comply with a court order, to comply with local or federal regulations or a legally permitted inquiry by a government agency, or to collect a debt owed to us.

11. CONFIDENTIALITY AND SECURITY

We endeavor to maintain physical, electronic and procedural safeguards to protect personal information against loss or theft, as well as unauthorized access, disclosure, copying, use or modification. Authorized employees, Agents, Partners, representatives and mandataries that require access to your personal information in order to fulfill their job requirements will have access to your personal information.

While we strive to protect your personal information, no data transmission over the Internet or the telephone can be guaranteed to be perfectly secure. Therefore, any personal information you submit to us or access electronically or over the telephone is done at your own risk. We do not guarantee or warrant the security of information transmitted in these manners. You should be aware that third parties may unlawfully intercept your transmissions or may wrongly instruct you to disclose personal information to them while posing as this website and you should exercise caution when providing personal information to any person.

Our record retention policies dictate that we maintain information about you, including your opt-out choices, for a fixed time period. If you do not perform another transaction during the fixed time period, your Information, as well as your opt-out choice will be removed. If you perform another transaction or otherwise provide us with personal information thereafter, you will be afforded another opportunity to opt-out.

12. HOW LONG DO WE KEEP YOUR INFORMATION?

We will retain your personal information for at least five (5) years and as long as it is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements).

When we have no ongoing legitimate business need to process or store your personal information, and at least five (5) years have passed since you last used our Services or provided us with information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

13. ACCESS AND CORRECTION

We may establish and maintain a file of your personal information for the purposes described in this Privacy Policy, which will be accessible at the location listed in the Contact Us section below. If you wish to request access or correction of your personal information in our custody or control, you may write to the mailing address provided below, with attention to the Chief Privacy Officer. Your right to access or correct your personal information is subject to applicable legal restrictions, including the GDPR and CCPA where applicable. To protect your privacy and security, we may require additional information to verify your identity when requesting access or correction. Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. We may share your personal information for our everyday business purposes, such as to process your transactions, maintain your Account(s), respond to court orders and legal investigations, or report to credit bureaus. We may also share personal information as stated above in the section entitled “Information We Disclose.” You may not limit sharing of this information. Certain states may have additional rights.

14. CHANGES

We reserve the right to modify this Privacy Policy from time to time, with such modifications being effective upon their posting on the Site or as otherwise required by law. You can get updated versions of this Privacy Policy by calling us at the telephone number listed below or by visiting the Site. We urge you to review this Privacy Policy frequently to obtain the current version. Your continued use of the services or provision of personal information following any changes to this Privacy Policy constitutes your acceptance of any such changes.

15. VERMONT, CALIFORNIA, AND NORTH DAKOTA CONSUMERS

Inyo will disclose information about consumers with a Vermont, California, or North Dakota mailing address only with your written authorization (“consent”), unless otherwise permitted or required by law. Written authorizations from Vermont consumers may be delivered to us at the email or mailing address below and must contain your name, address, signature and your consent. You may revoke your consent at any time by calling us at 1-888-702-5656, or by writing or emailing us at the addresses below. California consumers should contact us at the mailing address below for instructions on how to deliver their consent.

Golden Money Transfer, Inc. dba Inyo
45 Prospect St., Cambridge, MA, 02139 USA
Tel: 1-888-702-5656
Email: info@gmtnorthamerica.com

16. TEXAS CONSUMERS:

If you have a complaint, first contact the consumer assistance division of Inyo Financial Services, Inc. at 1-888-702-5656. If you still have an unresolved complaint regarding the company’s money transmission activity, please direct your complaint to: Texas Department of Banking, 2601 North Lamar Boulevard, Austin, Texas 78705,1-877-276-5554 (toll free), www.dob.texas.gov.

17. NEVADA CONSUMERS:

If you prefer not to receive marketing calls, you may be placed on our internal opt-out list by calling us at 1-888-702-5656or you may also contact the Nevada Bureau of Consumer Protection, Office of the Nevada Attorney General, 555 E. Washington St., Ste 3900, Las Vegas, NV 89101; telephone 702-486-3132;email: BCPINFO@ag.stcrte.nv.us.

18. CALIFORNIA CONSUMERS:

This Privacy Notice for California Residents (“Notice”) supplements the information contained in Inyo’s Privacy Policy and applies to all visitors, users, and others who reside in the State of California (“consumers” or “you”). We adopt this Notice to comply with the California Consumer Privacy Act of 2018 (CCPA) and any other applicable privacy laws. Any terms used but not defined herein shall have the meaning ascribed to them in these laws.

A. Scope

The personal information that we collect, use, and disclose relating to California residents under the CCPA, as well as residents of other jurisdictions under applicable privacy laws, will vary based on our relationship or interaction with the individual. Some personal information may be subject to more restrictive privacy laws, such as the Gramm-Leach-Bliley Act (GLBA). Personal information subject to GLBA is not covered by the CCPA.

B. Information We Collect and Disclose to Third Parties

In the past twelve (12) months, we have collected, and disclosed to third parties for our business purposes, the following categories of personal information relating to California residents covered by this Notice:

C. How We Use Your Personal Information

We may use or disclose your personal information for one or more of the following purposes:

• To provide our services and fulfill the reason you provided the information.
• To maintain and support our website and mobile app.
• To process transactions, payments, and prevent fraud.
• To improve our services and personalize your experience.
• To comply with legal obligations and respond to law enforcement requests.
• For testing, research, analysis, and product development.
• For internal and external audits and security purposes.
• Fraud prevention.
  

D. Categories of Third Parties We Share Information With

In the last 12 months, we may have shared your personal information with the following categories of third parties:

• Service providers and vendors performing tasks on our behalf.
• Affiliates and subsidiaries for internal business purposes.
• Third Party Servicers that you contracted with to help integrate our Services with theirs
• Government entities and law enforcement, as required by law or in response to valid requests by public authorities.
• Advertising and social networks to deliver targeted ads.
  

E. Sale of Personal Information

Inyo does not sell personal information subject to the CCPA, including the personal information of minors under the age of 16. We share some data with trusted service providers to improve and market our services and operate our website, but these service provider are contractually prohibited fromusing the information for their own purposes.

F. Your Rights Under the CCPA

As a resident of California or any other state where such rights are recognized by law, you have the following rights:

• 1. Right to Know and Data Portability: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you in the last 12 months.
• 2. Right to Delete: You have the right to request that we delete your personal information, subject to certain exceptions.
• 3. Right to Opt-Out: Although we currently do not sell your data, you retain the right to opt-out in the event we change our practices in the future.
• 4. Right to Non-Discrimination: We will not discriminate against you for exercising your rights under the CCPA.

• Calling: 1-888-702-5656
• Emailing: info@gmtsend.com
• Visiting: https://www.gmtnorthamerica.com

19. CONTACT US:

If you have any questions or concerns about how we collect, store, process or disclose information concerning you please contact us or our Agent:

Golden Money Transfer, Inc. dba Inyo
45 Prospect St., Cambridge, MA, 02139 USA
Tel: 1-888-702-5656
Email: info@gmtnorthamerica.com