Agents
Correspondents

Monty Global Payments, S.A.U, E.P.

Data protection

Information in compliance with personal data protection regulations

In Europe and Spain, there are data protection regulations designed to protect your personal information, which our organisation is required to comply with. Therefore, it is very important to us that you fully understand what we are going to do with the personal data we request from you. We will be transparent and give you control over your data, using simple language and clear options that will allow you to decide what we will do with your personal information.
Please, if you have any questions after reading this information, do not hesitate to ask us. Thank you very much for your cooperation.

Print
Download

Who are we?

Monty Global Payments, S.A.U, E.P

  • Company Tax ID Number A-83949222
  • PAYMENT ENTITY No. 6814
  • Our address: C/ Miguel Ángel No. 21, 7th floor. Madrid 28010
  • Our contact telephone number: +34 (91) 701 12 80
  • Our address for contacting our Data Protection Officer: dpo@mgpsa.com.
  • Our website: https://www.montyglobal.es/

For your confidence and security, we inform you that we are a company registered in the Madrid Mercantile Registry, volume 19,847, book 0, folio 165, section 8, page number M-349,644, entry 1.
Our main activity is subject to prior administrative authorisation. For your confidence and security, we provide you with the details of this authorisation and the identification details of the competent supervisory body:

  • Administrative authorisation: 6814 Payment Institution
  • Body responsible for our supervision: Banco de España

We are at your disposal, please do not hesitate to contact us.

What data will we process, what is the basis for doing so, and for how long?

In general, your personal data will be used to interact with you and provide you with our services.

More information +
Purpose-based processing
Legitimate basis
Storage period
Manage your registration and user preferences within the registered user area, as well as to provide you with the services you have requested from our website.
Contract performance
6 years from the execution of the contract or after the withdrawal of consent
Manage the contracting of services carried out via the website or by other means (telephone, post, etc.).
Contract performance
6 years from the execution of the contract
To respond to and appropriately handle any queries, comments, incidents or suggestions made by Users through the means provided on the Website.
Consent
2 years from the completion of communication
Send or request money, or other additional services.
Consent and, where applicable, performance of the contract
6 years from the execution of the contract or after the withdrawal of consent
Periodically send communications about services, events, and news related to the activities carried out by MONTY, by any means, including electronic means.
Consent
Until consent is revoked or opposition to processing is expressed
To comply with legally established obligations, as well as to verify compliance with contractual obligations, including fraud prevention and money laundering prevention.
Legal obligation
Throughout the term of the contract and, upon its termination, for 10 years.
Transfer of data to organisations and authorities, provided that they are required in accordance with legal and regulatory provisions.
Legal obligation
For the time necessary to fulfil the contractual relationship and, in any case, for the limitation periods required by current legislation.
Ensuring the proper use of our platform, preventing any illegal use or use contrary to our policy, values or current legal regulations, and even terminating your registration as a user.
Legitimate interest
For the time necessary to fulfil the contractual relationship and, in any case, for the limitation periods required by current legislation.
Manage the receipt of CVs received via the website and carry out the selection process.
Consent
1 year from receipt of CV
Manage suggestions, complaints, and queries regarding products and/or services purchased through our website.
Legal obligation / Legitimate interest
For the time necessary to fulfil the contractual relationship and, in any case, for the limitation periods required by current legislation.

¿Por qué necesitamos usar sus datos?

Your personal data is necessary for us to communicate with you and provide you with our
money transfer services. In this regard, we will provide you with a series of checkboxes
that will allow you to make clear and simple decisions regarding the use of your personal
information.

Who will have access to the information we request from you?

Generally, only authorized personnel within our organization will have access to the information we request from you.
Similarly, your personal information may be accessed by third parties that require it to provide the services we offer. For example, our payment correspondents will need your data to complete the payment at the destination, or the bank will access your data if the payment for our services is made via card or bank transfer.
Additionally, your information may be disclosed to public or private entities when we are legally obliged to do so. For instance, the Anti-Money Laundering Law requires us to provide the competent authorities with specific information about economic transactions that exceed certain thresholds or are considered risky.
Your data may also be shared if requested by competent public bodies such as Tax Authorities, Law Enforcement Agencies, Judges, and Courts, whenever MONTY is legally required to provide such information.
If, beyond these situations, we need to disclose your personal data to other entities, we will first request your consent through clear options that will allow you to make an informed decision.

How will we protect your data?

We will protect your data with effective security measures according to the risks involved in the use of your information.
At MONTY, we maintain the highest levels of security required by law to protect your personal data against accidental loss, as well as unauthorized access, processing, or disclosure, considering the state of technology, the nature of the data stored, and the risks involved. When we receive your data, we use rigorous procedures and security features to prevent any unauthorized access.

The actions described in this section, intended to guarantee an adequate level of security proportional to the identified risk, may include the following measures if necessary:

  1. Pseudonymization and encryption of personal data.
  2. Measures to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services.
  3. Measures to promptly restore the availability and access to personal data in the event of a physical or technical incident.
  4. The existence of a process for regularly verifying, evaluating, and assessing the effectiveness of technical and organizational security measures.
  5. Periodic evaluation of the risk of accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access to personal data transmitted, stored, or otherwise processed.
  6. Measures to ensure that any person acting under MONTY’s authority who has access to personal data can only process such data according to MONTY’s instructions.

Will we transfer your data to other countries?

Due to the provision of services to companies or individuals outside the European Economic Area or in countries deemed inadequate under Article 45 of the GDPR (you can consult the list of approved countries here), we are required to transfer your personal data to such parties in order to provide the requested services.

It may occur that we collaborate with providers who may have access to your data and will process such data on behalf of and under the instructions of MONTY. The selection of these providers follows a rigorous compliance verification process to ensure adequate data protection controls. Furthermore, a contract will be signed in which these providers commit to implementing appropriate technical and organizational measures and to processing personal data solely in accordance with the documented instructions of the joint controllers.

If any of the data processors are located outside the European Economic Area, the joint controllers will enter into Standard Contractual Clauses with them, which provide adequate safeguards and ensure that any third-party access to your data is fully protected at all times.

What are your data protection rights?

At any time, you may contact us to find out what information we hold about you, correct it
if it is inaccurate, and delete it once our relationship has ended, provided that this is legally
possible.
You also have the right to request the transfer of your information to another entity. This
right is known as “data portability” and may be useful in certain situations.
To exercise any of these rights, you must submit a written request to our email address
(dpo@mgpsa.com) or by postal mail to Calle Miguel Ángel, 22, 7th floor, along with a
photocopy of your ID in order to verify your identity.
Our agents’ offices have specific forms to request these rights, and we offer assistance to
help you complete them.
For more information about your data protection rights, you can visit the website of the
Spanish Data Protection Agency (www.agpd.es).

¿Puede retirar su consentimiento si cambia de opinión en un momento posterior?

Can you withdraw your consent if you change your mind at a later time?
You may withdraw your consent at any time if you change your mind about the use of your
data.
For example, if you were previously interested in receiving advertising about our products
or services but no longer wish to receive such communications, you can notify us by
submitting an objection form available at our offices.

If you believe that your rights have been disregarded, where can you file a complaint?

If a user considers that there is a problem with the way MONTY is processing their data, they may address their complaints to the Data Protection Officer (dpo@mgpsa.com) or to the relevant data protection supervisory authority, which in Spain is the Spanish Data Protection Agency.

  • o Electronic headquarters: www.agpd.es
  • o By postal mail: Spanish Data Protection Agengy. Street Jorge Juan, 6 28001-Madrid
  • o By phone: (0034) 901 100 099 y (0034) 91 266 35 17

Filing a complaint with the Spanish Data Protection Agency involves no cost and does not require the assistance of a lawyer or legal representative.

Will we create profiles about you?

It may happen that, for the purposes of service provision, commercial use, or other reasons, we need to create profiles based on your information. An example could be using your transaction history to offer you products or services tailored to your preferences or needs.
In such cases, we will implement effective security measures to protect your information at all times from unauthorized persons attempting to use it for their own benefit.

Will we use your data for other purposes?

Our policy is not to use your data for purposes other than those we have explained to you. However, if we need to use your data for different activities, we will always request your prior consent through clear options that will allow you to make an informed decision.

Confidentiality

The personal data that may be collected will be treated with absolute confidentiality. We commit to maintaining secrecy regarding such data and to safeguarding them by adopting all necessary measures to prevent their alteration, loss, and unauthorized processing or access, in accordance with the applicable legislation.