1. Laws and regulations
According to the following laws and regulations, YabandPay is legally obliged to conduct Customer Due Diligence (CDD).
The Payment Service Directive ((EU) 2015/2366 and the rules and regulations promulgated thereunder, together with PSD2: European Payment Services Directive and Dutch Financial Regulation Act (Wet op het financieel toezicht, Wft).
Wft：Wet op het financieel toezicht (Wft) is the Dutch act that regulates (supervise) the Dutch financial sector, including provisions for payment service providers.
The Prudential Rules Act under the Wft (Besluit prudentiële regels Wft; Bpr).
Act on the Supervision of the Business of Financial Enterprises under the Wft (Besluit Gedragstoezicht financiële ondernemingen Wft, Bgfo).
Anti-money laundering and Counter-terrorism financing Act (Wet ter voorkoming van witwassen en financieren van tropicale; Wwft).
The Sanctions Act 1977 (Sanctiewet 1977; Sw): imposes legal requirements on financial (and other) institutions to ensure compliance with national and international rules imposing international, EU and national sanctions.
Publication of guidance and policy rules for the Dutch Central Bank (De Nederlandsche Bank) and other supervisory authorities on the interpretation of applicable laws and regulations.
2. Privacy and data protection policy
YabandPay is a payment institution (betaalinstelling) licenced by the Dutch Central Bank (De Nederlandsche Bank, DNB). YabandPay attaches great importance to data protection, especially personal data protection.YabandPay has established a Privacy and Data Protection Policy.
More specific, YabandPay needs to comply with:
- the Algemene verordening gegevensverwerking (AVG) / the General Data Protection Regulation (GDPR); and
- the Uitvoeringswet Algemene verordening gegevensbescherming (UAVG) / the Dutch Implementation Act of the GDPR.
The GDPR is a legal framework that sets guidelines and rules for i.a. the collection and processing of personal data by organisations that are established in the European Union (EU) and the processing of personal data when offering services to individuals who live in the European Union (EU). The GDPR directly applies to YabandPay.
YabandPay is committed to complying with the GDPR. It has therefore implemented adequate organizational arrangements for the identification, collection, processing and protection of personal data.
YabandPay and all of its staff members are required to comply with this policy. Violation of this policy by YabandPay’s staff members may result in disciplinary action.