Last revision date 26th February 2025

1. Introduction This Privacy Policy, together with our Terms and Conditions, governs your use of:

• • Our websites at dttcl.com and www.dttmt.com (collectively, the “Sites”);
  • The DT&T Mobile App (“App”) after you download and install it on your mobile device;
  • Any services accessible through the App or the Sites (the “Services”).

This Privacy Policy outlines how DT&T Corporation Ltd (“DT&T,” “we,” “us,” or “our”) collects, processes, and protects your personal information. It also explains your rights and choices regarding your data.

2. Data Controller and Data Protection Officer DT&T Corporation Ltd is registered as a data controller with the UK Information Commissioner’s Office (ICO) under registration number Z3598016.

We have appointed a Data Protection Officer (DPO) responsible for:

• • Ensuring compliance with UK GDPR, the Data Protection Act 2018, and other applicable laws;
  • Raising awareness and providing staff training on data protection;
  • Conducting internal audits and risk assessments;
  • Liaising with the ICO and other supervisory authorities.

If you have questions or wish to exercise your rights under data protection laws, please write to us.

3. Information We Collect and How We Use It

We collect and process the following types of personal data:

a) Information You Provide Directly (“Submitted Information”): This includes personal information you submit when:

• • Registering for an account or using our Services;
  • Completing online forms, surveys, or engaging in chat functions;
  • Contacting our customer support team;
  • Entering competitions or promotional events.

This may include your name, address, date of birth, email, phone number, financial details (e.g., bank account and payment card information), identification documents, and proof of address.

b) Information We Collect Automatically: When you access our Sites or App, we collect:

• • Technical Data: IP address, browser type/version, operating system, device type, mobile network details.
  • Usage Data: URLs visited, page response times, interaction data (e.g., clicks, scrolls, session duration).
  • Transaction Data: Payment history, transaction timestamps, recipient details, exchange rates, and location data.
  • Location Data: If you enable location services, we use GPS and IP addresses for fraud prevention and account security.
  • Third-Party Data: We may collect verification and identity confirmation data from trusted third-party service providers.

4. Legal Basis for Processing Your Data We process your personal data under the following legal bases:

• • Contractual Necessity: To provide you with our Services, process transactions, and manage your account.
  • Legitimate Interests: To improve our Services, conduct market research, prevent fraud, and maintain security.
  • Legal Compliance: To meet regulatory obligations, such as anti-money laundering and fraud prevention laws.
  • Consent: Where required, such as for marketing communications (you can withdraw your consent at any time).

5. Marketing Preferences We may send you marketing communications based on your preferences. You can opt out of receiving these messages at any time by:

• • Adjusting your preferences under the ‘Privacy’ section in the ‘Profile’ tab of your account.
  • Clicking the unsubscribe link in any marketing email.

Service-related notifications, such as security alerts and legal updates, are mandatory and cannot be opted out of.

6. Data Sharing & Disclosure We share your personal data only where necessary and with strict safeguards in place. This includes:

• • Fraud prevention agencies to verify your identity and prevent financial crime.
  • Banking and financial partners to facilitate transactions.
  • Cloud storage providers for secure data hosting.
  • Regulatory bodies and law enforcement when legally required.
  • Third parties with your explicit consent.

If DT&T undergoes a merger, acquisition, or asset sale, your data may be transferred to a new entity. You will be notified of any changes.

7. International Data Transfers If we transfer your data outside the UK, we ensure appropriate safeguards, such as Standard Contractual Clauses (SCCs) or adequacy decisions, to protect your rights.
8. Data Retention We retain personal data:

• • As long as your account is active or required for providing Services.
  • To comply with legal, tax, and regulatory obligations.
  • For fraud detection and security monitoring purposes.

Once retention is no longer necessary, your data will be securely deleted.

9. Your Data Protection Rights Under UK GDPR, you have the right to:

• • Access your personal data.
  • Rectify inaccurate or incomplete data.
  • Request erasure (“right to be forgotten”).
  • Restrict processing under certain conditions.
  • Object to processing (e.g., marketing communications).
  • Data portability – obtain your data in a commonly used format.
  • Withdraw consent at any time.

To exercise these rights, contact us in writing. We aim to respond within 30 days. Requests deemed excessive may incur a small administrative fee.

10. Security Measures We implement robust security protocols to protect your data against unauthorized access, loss, or misuse. This includes:

• • Encryption of sensitive data.
  • Multi-factor authentication for account security.
  • Regular security audits and staff training.

Despite these efforts, no system is completely secure. Always safeguard your credentials and notify us of any suspicious activity.

11. Changes to This Privacy Policy We may update this Privacy Policy periodically. Changes will be:

• • Posted on this page;
  • Communicated via email, SMS, or in-app notifications where necessary.

Continued use of our Services after updates constitutes acceptance of the revised Privacy Policy.

Contact Information

You can contact us about this privacy policy by writing or emailing us at the address below:

DT & T Corporation Ltd, 3 Harbour Exchange Square, Canary Wharf, London E14 9GE

Email: privacy@dttcl.com

Phone: +44 (0)20 8806 6444