Our policy

Information you provide to us

To open an account or use WorldFirst services, you will be asked to provide identifying information about yourself (e.g. name, address, and email address), your company and documents to verify the information provided – such as, a copy or record of your identity cards, passport or other travel document information, your proof of address, occupation, nationality, country of birth, source of funding, source of wealth and/or other information from checks, credit cards, bank statements.

In order to make payments, you will be asked to provide the information required to facilitate the payment – e.g. beneficiary information, bank account details and source of funds.

Through the course of our business relationship, we may ask for additional evidence in order for us to comply with our legal obligations – e.g. anti-money laundering regulations. These can include, but are not limited to, documents required to verify any information provided or evidence of source of funds.

Information we collect when you use our website or app

Our website uses cookies to provide you with a better experience on our website, for fraud prevention and to provide internet-based advertisements such as banner advertisement on the website or app. For detailed information on the cookies we use and the purposes for which we use them, please see our full Privacy Policy.

The WorldFirst user community participants will have their sessions recorded to allow us to capture the feedback to improve our services and help with the development of new products. This will always be based on your consent, which you can withdraw at any time.

For the detection and prevention of fraud and cyber-crime, we will collect information, including session, device and IP address to help ascertain the legitimacy of the account login.

Public information

For non-registered users, we may contact you using publicly available information or information from third parties, which you have consented to being shared, to let you know about products that could be relevant for your business. Further information on setting your preferences, including opting out, is set out below.

Transactional information

Once your account is fully set up and you begin to transact with us we will collect, process and store your WorldFirst financial and transactional information. This information includes the amount, currency, type of transaction, source of funds, exchange rate, recipient name and bank details.

Information about you that we receive from third parties

To protect ourselves and our customers against fraud, we verify the information you provide with anti-fraud agencies and electronic identity verification services. In the course of verification, we receive and process information about you from such services. This may include the collection of biometric information (via facial recognition technologies) used for real identity verification and authentication purposes.

Information may also be collected from credit reference agencies.

Communications

All calls are recorded and correspondence retained for the purposes of quality control and training, as evidence of transactions and to fulfill regulation requirements. Any information you disclose to us will be held on these recordings.

Individuals who are not registered users of WorldFirst

Connected parties

WorldFirst will collect information about connected parties to a WorldFirst client during the course of the business relationship from the client to comply with our legal obligations – e.g. directors or shareholders of a company. Where customers provide this information, they are required to bring this Privacy Policy to the attention of the individuals concerned.

Beneficiaries

WorldFirst will collect information required to be able to send a payment to an individual, who may not be a WorldFirst client. This will include name and bank account details that are required by regulations to process the payment.

Registration and administration

We use your information to enable you to register with us. Once you have an account with us we will use your details to contact you and to reply to any queries or requests. We may use your information in the administration of your account, which includes us contacting you in order to update your account details (this assists us with keeping our records as up to date as possible) or in order to notify you of changes or improvements to our products or services that may affect our service to you.

Our products and services

We use your information in order to supply our products and services to you and to meet our contractual obligations to you. Additionally, we may need to notify you of any changes relating to our products and services.

Prevention and detection of crime

We are subject to strict anti-money laundering and counter-terrorist financing regulations which requires us to undertake due diligence on our customers and their beneficiaries. This may include the conduct of soft searches through an identity-referencing agency and through other sources of information and the use of scoring methods to identify risk and to verify identity. These activities may involve the use of electronic verification tools (such as, facial recognition technologies) and the collection of biometric data. As part of our verification requirements we may also require copies of identification documents and proof of address. We may require additional documentation and information from time to time throughout the course of our business relationship with you to ensure we comply with our anti-money laundering and counter-terrorist financing obligations.
We may also use your information to comply with any other applicable laws, regulations, codes of practice, guidelines or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority.

Direct Marketing

We may use your information to keep you up to date concerning WorldFirst Group Companies products and services, tell you about new products/services or to ask about your experience with us. Further information on setting your preferences, including opting out, is set out below.

Monitoring

We record all our telephone calls for security and training purposes.

WorldFirst group companies

WorldFirst Group Companies refers to the companies owned (whether partially or wholly) by Ant Group, including but not limited to the companies listed below:

• World First UK Ltd (UK)
• World First Netherlands B.V. (EU)
• World First Pty Ltd (Australia)
• World First Asia PTE Ltd (Singapore)
• World First Japan K.K (Japan)
• World First Asia Ltd (China – Hong Kong)

These WorldFirst Group Companies will access and process your personal information to assist in the provision of services to you including, for back-up purposes, to assist with compliance and anti-money laundering activities and for internal audit purposes. However, the way information is accessed, processed and transmitted and our level of security remains consistent across WorldFirst Group Companies.

Banking partners

WorldFirst uses various banking partners around the world to ensure your payment can get to where it needs to go as quickly as possible. When you transact with WorldFirst, we will need to share your personal information with payment providers or banking partners including, those located outside of the UK, such as intermediary or beneficiary banks – e.g. if you ask us to make a USD payment to China – Hong Kong the funds may be cleared through an intermediary bank in the US before reaching China – Hong Kong.

When we share information globally, we will take reasonable steps to ensure that such overseas banking partners protect your information in the same way that we do.

For transparency, verification and legal requirements, we are required to include certain information on the payment which could include:

• Your name
• Your date of birth
• Your address
• Beneficiary details
• Your national identity reference (e.g. passport)

In addition, where you use the services of a banking partner of ours, and/or a banking partner requests us to provide certain data about you according to your authorisation, we may share your data with such banking partner to provide the relevant banking services to you.

Trusted partners

If one of our trusted partners introduced you to WorldFirst, we may provide them with your information to fulfil our contractual obligations with the partner.

We may also cooperate with trusted partners to provide financial services to you. In order to provide such financial services that are suitable for you, we may share your data and information with trusted partners to determine whether you are suitable for such services and accordingly credit worthiness and your credit. This may include the conduct of soft searches and the use of scoring methods to identify risk and verify identity. These activities may also involve the use of electronic verification tools (such as, facial recognition technologies) and the collection of biometric data. We require trusted partners to undertake a strict confidentiality obligation and not to use your data that we share with them for any other purposes. We would also require trusted partners to adopt sufficient technical security measures to protect your data.

Additionally, we may share your details with a trusted partner for marketing purposes if you have given your consent to do so.

Other parties

We may share your information with trusted companies providing services to us under confidentiality agreements or to companies that assist us in meeting our obligations to you and our regulators e.g. the processing of card transactions or the verification of documentation. These companies do not have any rights to market other services with you.

These trusted companies may be outside your country of residence or the WorldFirst entity you transact with (and if you are an EEA resident, possibly outside of the EEA). WorldFirst will always ensure that the company is based in a country with adequate data protections under their law, or that we impose contractual obligations to require them to maintain a framework of protection deemed suitable by WorldFirst. WorldFirst performs due diligence to ensure third parties are compliant with applicable legal and contractual requirements.

If you are a seller on an e-commerce platform, we may share certain information with those e-commerce platforms to help detect and prevent fraud, money laundering, dealing in counterfeit goods and other criminal or abusive behavior.

Also, we may share your information with any person acting on your behalf provided that you have given us the permission to do so.

Regulators and law enforcement

We may need to pass necessary information on to Governmental departments, regulatory bodies, law enforcement/tax/customs agencies, courts of law or other third parties where we are legally compelled or authorised to do so.

We will never sell any personal data that we hold about you.

WorldFirst will only retain your information for as long as is necessary for providing our service to you and will not hold or process your information for any longer than we are legally required. The criteria used to determine the appropriate retention includes:

• • Regulatory requirements in respect of which WorldFirst is subject
  • Whether a legal claim could be brought against WorldFirst
  • Necessity of information to provide our service to our customers
  • The legal basis for processing your information – e.g. consent

Information about connected parties and beneficiaries, which may not belong to a WorldFirst client, are stored for a period to comply with applicable legal requirements.

We communicate with you on a regular basis via email and phone to provide excellent customer service and fulfil requests.

Additionally, we use your email address, phone number and postal address to:

• Provide notification as part of the on-boarding and trading lifecycle
• Send you important changes to our products and services
• Send notices and disclosures required by law

Due to the service-orientated nature of these communications, you cannot opt out to receiving these.

Marketing

WorldFirst Group Companies would like to keep you up to date concerning our products and services.

Once you are a client of WorldFirst and have consented to receiving the following communications, WorldFirst Group Companies may use your information to provide product information, and rate and market updates that are relevant to you and/or your company. We may also use your information (whether you are a registered WorldFirst user or a visitor to our website) to keep you up to date on general products, market updates or rate movements.

If you change your mind on which communications you would like to receive or how you would like to receive them or you decide that you do not wish to receive these types of communications, you can unsubscribe at any time by:

• emailing [email protected];
• managing your preferences through the WFO trading platform, if you are a registered user; or
• clicking the link at the bottom of any email that you receive.

You will not miss any service we provide by not choosing to receive marketing from us and you can change your mind whenever you like as often as you like.

We recognize and support the rights outlined below. In some countries some or all of these are legal requirements, in others they are not, but we will endeavor to comply with any request relating to the below regardless in those jurisdictions. If you would like to exercise any of the below rights then please contact Privacy Office ([email protected]) and we will respond to your query.

We will require you to provide proof of identity and to provide sufficient information to allow us to locate relevant information and in order to verify that the person making the request is the account holder or acting with their permission.

Non-registered users (e.g. website users, connected parties and beneficiaries of payments) have the same rights as any registered user and can contact WorldFirst to request these.

For more information about your rights, please have a look at your local data protection regulator’s website.

To ask for information that WorldFirst holds about you to be corrected

If you notice any of the information on your account is incorrect, you can contact us and we will make any necessary changes, subject to verification of the information.

To ask us to erase your information if we no longer have a reason to hold it

WorldFirst will retain your information only for as long as necessary based on our obligations and business needs. This will be in line with our data retention policy. For more information, please see the How long do you hold my information for? section of this Policy. Additionally, you can request for your data to be deleted, subject to our legal and contractual obligations.

We will retain a record of your erasure request but we will not use this information for any other purpose.

To ask for a copy of the information WorldFirst holds about you

You have the right to request details of the information we hold about you, a description of that data, the purposes for which it is being used and any parties with which we share your information. Where we are legally permitted to, we may decline your request or part of your request, but we will provide an explanation with the response.

To ask WorldFirst not to further process your information.

If you make a request for us to stop processing information, we will investigate to see if there is compelling reason for processing to continue and will discuss the conclusion of the investigation with you.

You can not object to the processing which is a legal obligation or where we must process your information to satisfy a contract to which you are a party.

Also, you can object to marketing communications at any time. Please see the marketing section for more details.

To ask not to be subject to automated decision making and profiling

WorldFirst puts people first. There will not be any scenarios in which profiling or automated decision making will have a legal impact on you without a person reviewing or making a decision on the result. If you feel you may have been unfairly impacted, please contact us to discuss this further.

We store all data electronically and physically in a secure manner to protect its confidentiality, integrity and availability. Data is stored on servers which are protected by actively maintained firewalls. We make use of up-to-date anti-virus software and our servers have restricted access.

If you provide paper-based documentation for the purpose of identity verification these will be stored electronically and the original will be destroyed securely or returned to you.

Transmission of data on the internet can never be completely secure. We do not and cannot guarantee the security of information collected or transmitted electronically however, we take reasonable care to safeguard your personal information.

If at any time you are not happy with how we handle your information, you can make a complaint to us. For further information, please see our complaints policy.

We would really like the opportunity to set things right with you, but you also have the right to raise any data protection concerns with your local data protection regulator directly if you are unhappy with the way we are handling your information.

If you would like to get in contact with us, please contact our Privacy Office by sending an email to [email protected].