Back to Home

Privacy Policy

Last Updated: January 26, 2026

1. Introduction

This Privacy Policy describes how JetCash, a trade name of La Orange BG Ltd, registered in the Republic of Bulgaria, with its registered office at Blvd. Dragan Tsankov 23A, Business Building TETRIX, 4th Floor, 1113 Sofia, Bulgaria (hereinafter referred to as "JetCash", "Company", "we", "us", or "our"), collects, processes, stores, transfers, and protects personal data.

JetCash operates a digital prepaid gift card and electronic money platform that enables individuals and corporate clients to purchase, manage, distribute, and redeem gift cards electronically.

This Privacy Policy is issued in compliance with:

  • Regulation (EU) 2016/679 (General Data Protection Regulation – "GDPR")
  • Bulgarian Personal Data Protection Act
  • Applicable EU anti-money laundering legislation
  • Applicable payment services and electronic money regulations

JetCash acts as a Data Controller in relation to personal data processed for the purposes described in this Policy.

By using our platform, website, mobile application, or services, you acknowledge that your personal data will be processed in accordance with this Privacy Policy.

2. Definitions

For the purposes of this Privacy Policy:

  • Personal Data means any information relating to an identified or identifiable natural person.
  • Data Subject means the individual to whom the personal data relates.
  • Processing means any operation performed on personal data, including collection, storage, use, disclosure, or deletion.
  • Controller means the entity determining the purposes and means of processing personal data.
  • Processor means a third party processing personal data on behalf of the Controller.
  • Special Categories of Data refers to sensitive data under Article 9 GDPR.

3. Categories of Personal Data We Collect

JetCash may collect and process the following categories of personal data:

3.1 Identification Data

  • Full name
  • Date of birth
  • Nationality
  • Personal identification number (where required)
  • Identity document details (passport/ID card)
  • Photograph (for verification purposes)

3.2 Contact Information

  • Email address
  • Mobile phone number
  • Residential or business address
  • Billing and delivery address

3.3 Financial and Transaction Data

  • Payment card details (processed securely via payment providers)
  • Bank account information (for redemption purposes)
  • Gift card transaction history
  • Account balance information
  • Currency and payment preferences

3.4 Corporate Client Data

  • Company name
  • Company registration number
  • VAT number
  • Registered address
  • Authorized representative details

3.5 Technical and Usage Data

  • IP address
  • Device type
  • Browser type
  • Operating system
  • Log data
  • Cookies and tracking information

3.6 Compliance and Risk Data

  • AML/KYC documentation
  • Politically Exposed Person (PEP) status
  • Sanctions screening results
  • Fraud monitoring data

JetCash does not intentionally collect special categories of personal data unless required by law.

4. Purposes and Legal Basis for Processing

JetCash processes personal data based on the following legal grounds under Article 6 GDPR:

4.1 Performance of a Contract

We process personal data to:

  • Register and manage user accounts
  • Issue and activate gift cards
  • Process transactions and redemptions
  • Provide customer support
  • Maintain transaction history

4.2 Compliance with Legal Obligations

We are legally required to process personal data for:

  • Anti-Money Laundering (AML) compliance
  • Counter-Terrorist Financing (CTF) obligations
  • Identity verification (KYC procedures)
  • Regulatory reporting
  • Tax compliance

4.3 Legitimate Interests

We process personal data to:

  • Prevent fraud and abuse
  • Protect system security
  • Improve platform functionality
  • Conduct internal audits
  • Manage business operations

Where processing is based on legitimate interests, we ensure that such interests do not override fundamental rights and freedoms of data subjects.

4.4 Consent

Where required (e.g., marketing communications), we rely on explicit consent. Consent may be withdrawn at any time.

5. Data Retention

JetCash retains personal data only for as long as necessary to fulfill the purposes outlined in this Policy.

Retention periods are determined based on:

  • Legal and regulatory requirements (AML laws may require retention up to 5–10 years)
  • Statutory limitation periods
  • Ongoing contractual relationships
  • Dispute resolution requirements

Upon expiration of retention periods, personal data will be securely deleted or anonymized.

6. Sharing of Personal Data

JetCash may share personal data with:

6.1 Payment Service Providers

To process transactions securely.

6.2 Regulatory Authorities

Where required by Bulgarian or EU law.

6.3 Banking Institutions

For redemption transfers and financial operations.

6.4 Technology and Hosting Providers

Cloud hosting, IT infrastructure, fraud monitoring systems.

6.5 Professional Advisors

Legal, accounting, compliance consultants.

All third-party processors are contractually bound to comply with GDPR and maintain confidentiality.

JetCash does not sell personal data.

7. International Data Transfers

Where personal data is transferred outside the European Economic Area (EEA), JetCash ensures appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the European Commission
  • Binding Corporate Rules (where applicable)

8. Data Security Measures

JetCash implements appropriate technical and organizational measures, including:

  • SSL/TLS encryption
  • Secure data storage
  • Access control mechanisms
  • Multi-factor authentication
  • Regular security audits
  • Fraud detection systems
  • Data minimization principles

Despite best efforts, no system is entirely secure. In case of a data breach, JetCash will notify the competent supervisory authority and affected individuals as required by GDPR.

9. Rights of Data Subjects

Under GDPR, data subjects have the following rights:

  • 9.1 Right of Access – To obtain confirmation whether personal data is being processed.
  • 9.2 Right to Rectification – To correct inaccurate or incomplete data.
  • 9.3 Right to Erasure ("Right to be Forgotten") – Subject to legal retention requirements.
  • 9.4 Right to Restrict Processing
  • 9.5 Right to Data Portability
  • 9.6 Right to Object
  • 9.7 Right to Withdraw Consent

Requests may be submitted via:

JetCash will respond within one month, unless legally extended.

10. Automated Decision-Making and Profiling

JetCash may use automated systems for:

  • Fraud detection
  • Risk scoring
  • AML monitoring

Such processing is necessary for compliance and security purposes. Data subjects may request human review where legally applicable.

11. Cookies and Tracking Technologies

JetCash uses cookies for:

  • Essential functionality
  • Security
  • Performance analytics
  • User experience optimization

Users may manage cookie preferences via browser settings or cookie consent tools. For more information, please see our Cookie Policy.

12. Children's Data

JetCash services are not intended for individuals under the age of 18. We do not knowingly collect personal data from minors.

13. Supervisory Authority

If you believe your rights have been violated, you may lodge a complaint with:

Commission for Personal Data Protection (CPDP)

Republic of Bulgaria

Website: https://www.cpdp.bg

14. Changes to This Privacy Policy

JetCash reserves the right to amend this Privacy Policy. Material changes will be communicated via email or website notification at least 30 days prior to entry into force where required by law.

15. Contact Information

For any questions regarding this Privacy Policy or data protection matters, please contact:

La Orange BG Ltd (JetCash)

Blvd. Dragan Tsankov 23A

Business Building TETRIX, 4th Floor

1113 Sofia, Bulgaria

Email: [email protected]