Our approachAbout usBlogBlog
Download MonifloDownload Moniflo
Close btn

Willkommen bei Moniflo

Eröffne dein virtuelles Demokonto bei Moniflo mit 10.000 € Guthaben

App StoreApp Store Google PlayGoogle Play
Mehr erfahren über Demokontos >>
Close btn

Lade die Moniflo App herunter

Moniflo ist nur auf Mobilgeräten verfügbar
QR Code
Scanne den QR-Code, um die App herunterzuladen
App Store Google Play

Privacy policies

Select a document to view or download
Moniflo App Privacy Policy
Moniflo Website Privacy Policy

Moniflo App Privacy Policy

Introduction

This Privacy Policy applies specifically to the Moniflo app developed and managed by invesTRe S.A (“invesTRe”, “Moniflo” “we”, “us”, or “our”). It outlines how we collect, use, share, and protect your personal information within the app. It does not cover any other websites or services provided by invesTRe. 

We are dedicated to protecting your privacy and ensuring the security of your personal data. We encourage you to review this policy carefully to make informed decisions about your privacy and the use of our services. Should you have any questions or concerns regarding this policy, please reach out to us on privacy@moniflo.com

Data controller details

Data Controller: InvesTRe S.A. (hereafter InvesTRe or Moniflo)

Address: 209 Rue des Romains, Bertrange, L-8041, Luxembourg

Registered Information: InvesTRe S.A. is registered with the commercial register under B249656.

Representative: Georges Bock, CEO

We have appointed a data protection officer who advises and guides us on matters related to the implementation and maintenance of our data protection management system. You can contact our data protection officer at:

Contact email: privacy@moniflo.com.

As the data controller, we are responsible for the collection, processing, and protection of your personal data within the Moniflo investing app. We strive to adhere to applicable data protection laws and ensure that your privacy rights are respected. If you have any concerns or inquiries regarding the handling of your personal data, please feel free to reach out to us using the contact information provided above.

1 General Information Regarding Data Processing

1.1 Personal Information and GDPR

Personal information refers to any data that can directly or indirectly identify an individual. It includes, but is not limited to, names, contact details, identification numbers, financial information, and other relevant data. At invesTRe and Moniflo, we understand the importance of protecting your personal information and respecting your privacy rights.

The General Data Protection Regulation (GDPR) is a comprehensive data protection regulation that governs the processing of personal data within the European Union (EU) and the European Economic Area (EEA). The GDPR aims to provide individuals with greater control over their personal data and sets out clear guidelines for organizations on how to handle, process, and protect such data. It introduces principles for lawful and fair processing, establishes individuals' rights regarding their personal data, and imposes obligations on data controllers and processors to ensure the security and confidentiality of personal information.

As an organization subject to the GDPR, we are committed to complying with its requirements and ensuring that your personal information is handled in accordance with the regulation's principles. We implement appropriate technical and organizational measures to safeguard your data, protect it from unauthorized access, and prevent any unlawful processing.

By using our services, you acknowledge and agree to the collection, use, and processing of your personal information as outlined in this privacy policy and in compliance with applicable data protection laws, including the GDPR. We respect your privacy and strive to be transparent about how we handle your personal information. If you have any questions, concerns, or wish to exercise your rights under the GDPR, please refer to the "Contact Us" section of this privacy policy for further assistance.

1.2 Your Rights

As an individual whose personal information is processed by invesTRe and the Moniflo App, you have certain rights regarding the protection and control of your data. We are committed to upholding these rights and ensuring that you can exercise them effectively: 

  • the right to access,
  • the right to rectification or erasure,
  • the right to restriction of processing,
  • the right to data portability,
  • If you have provided us with your personal data on the basis of a consent, you can withdraw the consent at any time with effect from the future,
  • You have the right to object to the processing of your personal data based on legitimate interests or for direct marketing purposes. We will assess your objection and cease processing your data unless we have compelling legitimate grounds to continue or if the processing is necessary for legal claims.

To exercise these rights named above you may contact us at any time via email to privacy@moniflo.com.  

You also have the right to lodge a complaint with a supervisory authority of your choice (for example: CNPD https://cnpd.public.lu/en.html.)

An overview of the Data Protection Authorities may be found here: https://cnpd.public.lu/en/commission-nationale/missions.html.

1.3 Storing and Deleting Data

The duration of the data storage depends on the respective data category and processing activity. If the storage period is not further specified, the retention period ends as soon as the purpose or legal basis for storage ceases to apply. 

Upon the closure of your account, withdrawal of consent, or the expiration of the applicable retention period, we take appropriate measures to securely delete or anonymize your personal data to ensure it is no longer identifiable or retained in a form that can be linked to you, unless further retention is required for legal or legitimate purposes.

As a regulated financial institution, we have certain obligations to keep your data, either for five years for anti-money laundering and counter-terrorism requirements; or for ten years for legal reasons for a specific purpose. 

This includes: contact information like name and email; technical information like logins and IP address; transaction history like investments and payments; personal data from third parties like fraud prevention agencies; and / or publicly available information used in enhanced due diligence checks like media stories.

2 Types of data processed

To provide you with our investment services, we collect the following types of personal data:

  • Identity Information: When you sign up for an account, we may collect personal data such as your full name, date of birth, nationality, and government-issued identification details (e.g., passport or driver's license number).
  • Contact Information: We collect your contact details, including your email address, phone number, and residential address, to communicate with you regarding your account, investment opportunities, and related services.
  • Financial Information: In order to facilitate investment transactions, we may collect financial data such as your bank account details, credit card information, and transaction history.
  • Usage Information: When you interact with our investment app, we automatically collect certain data about your usage patterns, including log-in information, IP address, device information, and browsing activities. This helps us ensure the running of our app, enhance security, and provide a better user experience.
  • Communication Data: We may collect and store communication data, including your interactions with our customer support team, feedback, and survey responses, to address your inquiries, improve our services, and ensure customer satisfaction.
  • Third-Party Data: In some cases, we may collect personal data from third-party sources, such as identity verification services, credit bureaus, and publicly available databases and websites, to comply with regulatory requirements, prevent fraud, and ensure the accuracy of the information provided.

3 Purposes of processing

Under data protection laws, we are required to notify you of the purposes of processing your Personal Information, as well as the legal basis for such processing.

Unless otherwise permitted by law, we may process your Personal Information:

  • If you consent to the processing
  • To satisfy our legal obligations
  • If it is necessary to carry out our obligations arising from any contracts we entered with you or to take steps at your request prior to entering into a contract with you
  • In the public interest
  • In your vital interests, or
  • For our legitimate interests, such as to protect our property, rights, or the safety of invesTRe, Moniflo, our customers, or others

Purpose of processing Legal basis
To ensure network and information security.
We process your Personal Information to enhance the security of our services, combat spam or other malware or security risks, monitor and verify identity or service access and to comply with applicable security laws and regulations
For example, when you register or login to the app, we verify your registration with a code via SMS or email ("multi-factor authentication").
By processing personal data for network and information security purposes, we strive to provide a safe and secure environment for our users' financial transactions and sensitive information.
 Processing is necessary for compliance with a legal obligation
To provide our Services
One of the primary purposes for processing personal data is to deliver and facilitate the provision of our services, specifically for our investment app offering access to investment funds.
Processing personal data enables us to facilitate the execution of investment transactions, maintain accurate records, provide personalized investment recommendations, and deliver a secure and seamless user experience.
In order to ensure compliance with legal and regulatory requirements, we are also obligated to verify the identity and suitability of our users as part of our Know Your Customer (KYC) processes.
We handle your personal data with the utmost care, implementing appropriate technical and organizational measures to protect against unauthorized access, disclosure, alteration, or destruction.
Processing is necessary for the performance of a contract to which the Data Subject is party or to take steps at the request of the Data Subject prior to entering into a contract.
To track errors and enhance your experience of our Services
We process your Personal Information to provide the best possible experience on our services. For example, error and interaction data can alert us to issues you might be experiencing with the app.
Without such processing of your Personal Information, we won’t be able to ensure the running of our Services and your continued enjoyment of part or all of our Services.
Processing is necessary for the performance of a contract to which the Data Subject is party or to take steps at the request of the Data Subject prior to entering into a contract.
To provide customer service
One of the core purposes for processing personal data is to support you when you reach out to customer services. We utilize your personal information to address your inquiries, respond to your requests, and provide efficient support throughout your engagement with our services. This includes troubleshooting technical issues, resolving billing inquiries, offering product recommendations, and assisting with account management.
Processing your personal data for customer service purposes allows us to fulfill our contractual obligations and deliver a seamless and tailored experience.
We strive to maintain the highest standards of data protection while ensuring that your interactions with our customer service team are prompt, efficient, and satisfactory.
We may monitor or record any communications between you and us, including emails, to maintain appropriate records, check your instructions, analyse, assess and improve our services, and for training and quality control purposes. 		Processing is necessary for the performance of a contract to which the Data Subject is party or to take steps at the request of the Data Subject prior to entering into a contract.
To engage in marketing activities
If you agree, we may send you marketing communications from time to time. Such marketing communications may contain information about our events, partner events, or promotional offers. We may use your interaction and/or transaction data to provide you with targeted marketing communications.
You can revoke consent to our marketing communications at any time using the unsubscribe link contained in each email.
We strive to maintain the highest standards of data protection while ensuring that your interactions with our customer service team are prompt, efficient, and satisfactory.
If you agree, we also use your Personal Information to run Referral Programs and promotional campaigns.
You can give or revoke consent to our referral programs any time by emailing: privacy@moniflo.com. 		Processing is performed based on the Consent of the Data Subject
To understand the effectiveness of our marketing and advertising
We use session and interaction data to understand the effectiveness of our marketing and advertising. The data processed for this purpose is not used to link interactions to a specific individual. Further information on the data processing can be found in the provider's privacy policy at: https://www.appsflyer.com/privacy-policy/
You can opt out of this processing at any time by emailing privacy@moniflo.com.
Processing is necessary for the purposes of the legitimate interests pursued by Moniflo
To protect against fraud
One of the purposes for processing personal data within our investment fund investing app is to safeguard against fraudulent activities.
We analyze and process Personal Information to detect, prevent, and mitigate potential fraudulent behavior or unauthorized access. This includes monitoring account activities, verifying user identities through Know Your Customer (KYC) processes, and employing advanced security measures to protect sensitive information.
By processing personal data for this purpose, we strive to maintain the integrity of our services, protect user investments, and ensure a secure environment for all users.
Processing is necessary for compliance with legal obligations
To enforce Moniflo’s Terms and Agreements
Processing personal data is necessary to enforce Moniflo's terms and agreements, which establish the legal framework governing the relationship between our investment app and its users.
We may process user data to verify compliance with our terms, investigate potential violations, and take appropriate actions when necessary. This includes analyzing user activities, interactions, and transactions to ensure adherence to our terms of service, acceptable use policies, and other relevant agreements.
By processing personal data for this purpose, we aim to maintain a fair and secure environment for all users, protect the rights and interests of Moniflo and its community, and uphold the integrity of our services.
Processing is necessary for the performance of a contract to which the Data Subject is party or to take steps at the request of the Data Subject prior to entering into a contract.
For research and development purposes
We collect feedback and suggestions for new features of our product through surveys and interviews. We use this information to plan new product features and get feedback on features in development.
You can opt out of this processing at any time by emailing: privacy@moniflo.com. 		Processing is necessary for the purposes of the legitimate interests pursued by Moniflo

Notwithstanding the above, invesTRe reserves the right to use aggregated and anonymized data, which does not contain Personal Information, for the purposes of business analytics, research, publication, and potential sale to third parties.

4 Automated Decision Making

On the Moniflo App, we employ automated decision-making processes to streamline our Anti-Money Laundering (AML) and Know Your Customer (KYC) procedures, ensuring the efficient onboarding of our users. These processes analyze and evaluate the data you provide during the registration process to determine the risk profile associated with your account. This enables us to automatically approve standard-risk profiles without the need for human intervention.

The purpose of this automated decision-making is to expedite the user onboarding process while maintaining compliance with applicable legal obligations. By assessing the data you provide, including personal identification details and other relevant information, we can quickly and accurately identify low-risk profiles and proceed with account approval.

If you believe that our automated decision-making has resulted in an incorrect assessment or an adverse outcome, you have the right to request human intervention, provide your perspective, and contest the decision. We are committed to ensuring fairness, accuracy, and transparency in our automated decision-making processes.

To mitigate risks associated with automated decision-making, we have implemented stringent data protection measures. These include regular assessments of our algorithms and data sources, as well as the utilization of up-to-date and reliable information. We prioritize the security and integrity of your personal data throughout the automated decision-making process.

If you have any questions, concerns, or wish to exercise your rights related to our automated decision-making processes, including obtaining human intervention or understanding the logic behind a decision, please contact us at privacy@moniflo.com

5 Who We Share Information With

In the course of providing our services and conducting our operations, we may need to share certain aspects of your personal information with trusted third parties. These may include:

  • Service Providers: We engage reputable service providers, such as hosting companies, payment processors, and email distribution services, to assist us in delivering our services effectively. These service providers are contractually obligated to handle your personal information solely for the purpose of providing their respective services and are bound by confidentiality obligations.
  • Legal and Regulatory Requirements: In some instances, we may be obligated to disclose your personal data in response to lawful requests or court orders from public authorities, including compliance with legal obligations, regulatory requirements, or to investigate and prevent fraudulent activities.
  • Business Transfers: If there is a merger, acquisition, or any form of corporate restructuring, your personal information may be transferred to the involved parties as part of the transaction. We ensure that appropriate safeguards and legal requirements are in place to protect your data during such transfers.
  • Consent and Sharing Preferences: We may share your information with third-party marketing and advertising networks, subject to your explicit consent. This enables us to effectively promote our products and services on our website and on various platforms. You have the right to manage your sharing preferences and withdraw consent at any time.
  • Aggregated and Anonymized Data: We may publish, share and potentially sell generalized and anonymized information that cannot be linked to any individual. Such data may be used for research, statistical analysis, or industry reporting purposes.

We take comprehensive measures to ensure that any sharing of your personal information complies with applicable data protection laws, including the General Data Protection Regulation (GDPR). We carefully select and assess the privacy practices of our third-party partners, and we enter into agreements that include data protection clauses and confidentiality commitments. Rest assured, we prioritize your privacy and work diligently to protect your information throughout any sharing processes.

6 Data Processing outside the EU

In certain circumstances, as part of our operations, we may transfer your personal data to entities located outside the European Economic Area (EEA). These international transfers may occur when we engage third-party service providers or partners located in countries outside the EEA. We want to assure you that we take appropriate measures to ensure the protection of your personal data during these transfers. Such measures may include implementing standard contractual clauses approved by the European Commission, verifying the recipient's adherence to binding corporate rules, or relying on the recipient's Privacy Shield certification (if applicable). By providing your personal data to us, you acknowledge and consent to the transfer of your data to these countries and the necessary safeguards we have in place to protect your privacy and comply with applicable data protection laws, including the General Data Protection Regulation (GDPR). Rest assured that we will always strive to uphold the highest standards of data protection and security, regardless of the location of the data transfer.

A list of the data processors processing data outside the EU and corresponding information is available by request via email to privacy@moniflo.com

7 Data Security

At Moniflo, we take the security of your personal data seriously and implement appropriate measures to protect it in accordance with the General Data Protection Regulation (GDPR). We maintain a robust data security framework designed to safeguard your information from unauthorized access, disclosure, alteration, or destruction.

We employ industry-standard security practices to ensure the confidentiality, integrity, and availability of your personal data. These measures include:

  • Encryption: We use encryption technologies to secure your personal data during transmission and storage. This helps prevent unauthorized parties from intercepting or accessing your information.
  • Access Controls: We implement strict access controls to limit access to your personal data to authorized personnel only. Access privileges are granted based on the principle of least privilege, ensuring that individuals can only access the data necessary to perform their designated tasks.
  • Regular Security Assessments: We conduct regular security assessments and audits to identify and address any vulnerabilities or potential threats to the confidentiality and integrity of your personal data. This allows us to proactively improve our security measures and maintain a robust security posture.
  • Employee Training: We provide comprehensive data protection and security training to our employees to ensure they understand their responsibilities and obligations when handling personal data. This training includes awareness of data protection laws, security best practices, and the proper handling and processing of personal information.
  • Data Minimization: We practice data minimization, ensuring that we only collect and retain personal data that is necessary for the provision of our investment services. We avoid collecting excessive or unnecessary information to minimize potential risks associated with data storage and processing.
  • Incident Response: In the event of a data breach or security incident, we have established procedures to respond promptly and effectively. We maintain an incident response plan that includes containment, assessment, notification, and mitigation measures to minimize any potential impact on your personal data.

While we implement robust security measures, it is important to note that no method of transmission or storage is entirely secure. We cannot guarantee absolute security, but we are committed to continuously monitoring and enhancing our security practices to protect your personal data.

If you have any concerns regarding the security of your personal data or if you suspect any unauthorized access or breach, please contact us on privacy@moniflo.com

8 Questions?

For further information you may contact us any time, for example via email to privacy@moniflo.com.

Version history of our Privacy Policy

Version 1.1.13 (19/08/2021)

Version 1.1.14 (17/06/2022)

Version 1.1.15 (11/07/2022)

Version 1.1.16 (19/10/2022)

Version 1.1.17 (29/06/2023)

Version 2.1.1 (29/07/2023)

Version 2.1.2 (07/09/2023)

Version 2.1.3 (07/09/2023)

Download document
Moniflo
Help
Media and Legal
Company
Values-based investing
linkedinfacebookinstagram
© 2024 by Moniflo, an application from InvesTRe