Above all, the protection of data also means protecting your privacy. We, the viafintech GmbH (hereinafter referred to as “viafintech”), respect your privacy, which is why we committed ourselves to protect and safeguard it. To achieve this goal, we strictly observe legal regulations when processing your personal data. Our handling of personal data is based on this principle.

To learn more about our approach to handling your personal data, please read the following information carefully and take note of it.

In particular, the following provides an overview of the way personal data is processed when using this website (Section 1) and also when using the “viacash” product (Section 2). Finally, we would like to inform you regarding a few general points on data protection (Point 3) that apply to both our website and the product.

1. Data processing when using the website

The contact person and data controller for processing your personal data when you visit this website in accordance with the basic EU General Data Protection Regulation (GDPR) is

viafintech GmbH
Budapester Straße 50
10787 Berlin
Tel.: +49 30 – 346 46 16 – 00
Fax: +49 30 – 346 46 16 – 01
Email: (PGP-Key)

If you have any questions regarding data protection when using our website, please do not hesitate to contact our data protection officer. He can be reached at the above postal and email address (first line: “For the attention of the data protection officer”)

1.1 Accessing our website/access data

Every time you use our website, we collect the access data that your browser automatically transmits in order to make your website visit possible. The access data includes in particular:

• the IP address of the requesting device,
• the date and time of the request
• the address of the called website and the website from which it was called,
• information about the browser and operating system used,
• online identifiers (e.g. device IDs, session IDs).

It is necessary to process this access data in order to enable the website visit and to guarantee the constant functionality and security of our systems. The access data is also temporarily stored in internal log files for the purposes described above; this is done to compile statistical data on the use of our website, to further develop our website with regard to the usage habits of our visitors (e.g. if the proportion of mobile devices accessing our site increases) and to maintain our website in an administrative sense. The legal basis is Art. 6 (1) (1) (b) GDPR.

The information stored in the log files is stored for 14 days and archived after subsequent anonymisation.

1.2 Contact

You have various possibilities to contact us. These include the general contact form or contact options for business customers. We process data in this relation exclusively for the purpose of communication with you. The legal basis is Art. 6 (1) (b) GDPR.
The data we process when you use the contact forms will be stored for 30 days after your request has been fully processed; this is done for allocation reasons in case you have any queries about our answer/processing and will be automatically deleted at the end of the 30 days, unless we still need your request to fulfil contractual or legal obligations (see section “Storage period”).

1.3 Applications

You can use the e-mail address jobs@viacash and use the contact form in our career section to send us your application. The purpose of data processing is the selection of applicants for employment.
The legal basis for processing your application documents is Art. 6 (1) (1) (b) and Art. 88 (1) GDPR in conjunction with Section 26 (1) (1) of the German Federal Data Protection Act (BDSG).

1.4. Use of our own cookies

For some of our services, it is necessary for us to use cookies. A cookie is a small text file that is stored by the browser on your device. Cookies are not used to run programs or download viruses onto your computer. Rather, the main purpose of our cookies is to provide a website that is tailored to your needs and to make the use of our services as time-saving as possible.

Most browsers are set to accept cookies by default. However, you can set your browser to refuse cookies or only save them after your prior consent. If you refuse cookies, our website may not function entirely smoothly for you.

We use our own cookies in particular

• to save your language settings,
• to note that information placed on our website has been displayed, so that it will not be displayed again the next time you visit the website.

We use cookies to make the use of our website more comfortable and individual for you. These services are based on our aforementioned legitimate interests; the legal basis is Art. 6 (1) (1) (f) GDPR. We also use cookies and similar technologies (e.g. web beacons) from partners for analysis purposes. This is described in more detail in section 3.6.

1.5 Google Maps

Our website uses the map service Google Maps for users from the European Economic Area, Switzerland and Liechtenstein from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland and for all other users it is offered from Google LLC 1600 Amphitheater Parkway Mountain View, CA 94043, USA (together “Google”). So that the Google map material used by us can be integrated and displayed in your web browser, when you visit a page your web browser must connect to a Google server that may also be located in the USA. This gives Google the information that the contact page of our website has been called up from the IP address of your device. The legal basis is Art. 6 (1.1) (f) GDPR, based on our legitimate interest in the integration of a map service, in particular for the presentation of partner affiliates. Google and viafintech GmbH have laid down the respective data protection obligations in an agreement.

If you call up the Google map service on our website while you are logged into your Google profile, Google can also link this event to your Google profile. If you do not wish to be assigned to your Google profile, it is necessary that you log out of Google before calling up our contact page. Google stores your data and uses it for the purposes of advertising, market research and personalized presentation of Google Maps. You can object to this data collection from Google.

You can find more information on this in Google’s data protection declaration and the Additional Terms of Use for Google Maps.

2. Data Processing when using the “viacash” Product

“viacash” offers many possibilities: for example, it allows you to shop online, pay bills or do your banking. Depending on the area of application and the type of processing, the legal responsibility for data protection may lie with our partners or with us:

When entering mobile phone numbers in the web portal “” to request barcodes for cash payments via retail outlets, the contact person and data controller for processing your personal data within the meaning of the GDPR is viafintech GmbH, Wallstr. 14a, 10179 Berlin, Germany. viafintech acts in this respect in its own name and under its own responsibility. This also applies to the entry of e-mail addresses and mobile phone numbers, which you must provide to some of your contractual partners for the use of “viacash” on a separate checkout page. viafintech also acts in its own name if the e-mail address and mobile phone numbers are transferred to viafintech by the contractual partners in order for you to receive the cash payment slip or pay-out slip, unless the contractual partner is explicitly the controller (viafintech is then a so-called contract data processor).

When providing personal data (in particular name, address, email address, mobile phone number) for carrying out checks under money laundering law, the contact person and data controller for processing your personal data within the meaning of the GDPR is GRENKE BANK AG, Neuer Markt 2, 76532 Baden-Baden, Germany (“GRENKE BANK”).
In this case, viafintech acts as a contract data processor. This also applies in the case of bank details, which you can enter at the web portal “” in order to receive a repayment to your account using “viacash”. If viafintech is responsible, you can contact our data protection officer at any time. He can be reached at the above postal address and at the e-mail address: (first line: “For the attention of the data protection officer”)

If GRENKE BANK is responsible, you can contact us at any time at (keyword: “For the attention of “viacash”). If your contractual partner is responsible, please refer to its Privacy Policy to find out its data protection officer’s contact details. If you are not sure of your correct contact with regard to data protection, please contact viafintech and we will forward your request, if necessary.

2.1 Use of “viacash”

When using “viacash”, personal data is entered (in particular e-mail address, mobile phone numbers and account details) and processed by your contractual partner (online shop or other company at which you have made your purchase/order and at which you have chosen the “viacash” payment method), GRENKE BANK and us in compliance with the data protection laws in every case. Your data will only be processed to the extent necessary for the implementation of the “viacash” payment method, for the purpose of sending you information by text message and/or e-mail in accordance with the descriptions below or to comply with regulatory provisions, and in particular money laundering regulations.

• In order to receive a payment slip via e-mail for the “viacash” payment method, your e-mail address is required. viafintech will then send you the “viacash” payment slip (“payment slip”) or pay-out slip (“pay-out slip”) to the e-mail address provided. The legal basis is Art. 6 (1) (1) (b) GDPR.

• Your mobile phone number is required if you would like to receive a barcode as a text message instead of presenting a (also printable) payment slip or pay-out slip at a viacash partner’s retail checkout. If you enter your mobile phone number on the order process checkout page in the appropriate input mask and click on the field “SEND Text Message”, or if you click on “Code via text message”, your mobile number will be sent to viafintech. The legal basis is Art. 6 (1) (1) (b) GDPR.

• viafintech and/or GRENKE BANK will also use your e-mail address and mobile phone number to statistically record the frequency and manner of “viacash” usage in connection with an evaluation of the total use of “viacash” for market research purposes and for creating product information tailored to your needs (if you request this, see next section), whereby these statistical results are only used by viafintech and/or GRENKE BANK, and not by other third parties. The legal basis is Art. 6 (1) (1) (f) GDPR, based on the aforementioned interests of viafintech and GRENKE BANK.

We would also like to point out that we compile statistics on the usage behaviour of our e-mail notifications. This is done with the help of small graphics embedded in the messages (called pixels). If you do not want your usage behaviour to be analysed, you can deactivate graphics in your e-mail program by default.
For more information, see the instructions for Microsoft Outlook as well as Mozilla Thunderbird. In this case, however, messages will not be displayed in their entirety and you may not be able to use all functions.

• In the event that you have agreed to receive individually tailored product information from viafintech by checking the corresponding box on the checkout page, viafintech will save the mobile phone number and e-mail address you enter on the checkout page and will also use it in future to send you information and offers via text message and/or e-mail about viafintech and its products as well as those of third parties with whom viafintech maintains a business relationship (cooperation partners), which is individually tailored to you and your interests. To this end, viafintech will evaluate and analyse the data it receives from the online shop or another company from which you have made purchases or ordered services and paid for with “viacash”; this may include information regarding i) the “viacash” transaction ii) the online shop or other company or iii) at which retailer you redeemed your payment slip at what time. It is made clear that viafintech will never transfer your mobile phone number and e-mail address to these or any other third parties, except to comply with regulatory provisions, and in particular money laundering regulations. The legal basis for this is Art. 6 (1) (1) (f) GDPR.

• viafintech may also transfer your mobile phone number and/or e-mail address to GRENKE BANK for compliance with money laundering regulations. The legal basis is Art. 6 (1) (1) (b) GDPR.

• Your bank details are required if you have chosen the option of bank transfer for the refund of an amount paid via “viacash”. For this purpose, viafintech will share your bank details with GRENKE BANK so that GRENKE BANK can carry out the transfer to you. The legal basis is Art. 6 (1) (1) (b) GDPR.

2.2 Transfer of data when using “viacash”

viafintech will transfer your personal data that is stored by the contractual partner (in particular name, address, e-mail address, mobile phone number) to GRENKE BANK at their request. GRENKE BANK is entitled to this requirement insofar as it is necessary to fulfil its regulatory obligations, in particular obligations under money laundering law.

To dispatch “viacash” payment slips or pay-out slips and send information, viafintech works with the email service provider The Rocket Science Group, LLC675 Ponce De León Ave NE, Suite 5000 Atlanta, Georgia 30308, USA (“The Rocket Science Group”) and Mailjet GmbH, c/o Workrepublic, Berliner Allee 26, 40212 Düsseldorf, Deutschland (“Mailjet”). Mailjet uses only European data centres, while The Rocket Science Group has servers in the USA. Further information on data protection can be found in the Privacy Policy of The Rocket Science Group and the Security & Privacy information of Mailjet.

To dispatch “viacash” payment slips or pay-out slips and send information, viafintech works with the e-mail service provider Michael Kloppe, Uhlandstraße 11, Insingen (“Kloppe Media”) and CM Telecom Germany GmbH, Mainfrankenpark 53, 97337 Dettelbach, Deutschland (“CM Telecom”). Kloppe Media and CM Telecom only use European data centres. Further information on data protection can be found in the Privacy Policy
of Kloppe Media and the Privacy Policy of CM Telecom.

2.3 Storage period for “viacash”

In the event that you have entered your e-mail address and/or mobile phone number when ordering goods and services, your e-mail address and/or mobile phone number will be stored by viafintech for a period of two years after purchase and receipt of the goods; this is done to make it possible to create a corresponding personal reference in the event of a possible return of goods to the seller and refund of the purchase price via “viacash”.
If the seller or service provider does not have the right to return the ordered goods or services, your e-mail address and/or mobile phone number associated with the order will be deleted immediately after the payment form has been redeemed or cancelled. The same applies to redeemed or cancelled pay-out slips.

3. General information

The following information applies both to data processing on the website and to the use of the “viacash” product.

3.1 Storage duration

In principle, we only store personal data for as long as necessary to fulfil the contractual or statutory obligations for which we have collected the data. After this period has ended, we delete the data immediately, unless we need to store the data until the end of the statutory limitation period for purposes of evidence for civil law claims or due to statutory retention obligations.

3.2 Transfer of data

The data we collect will only transferred if:

• you have given your express consent pursuant to Art. 6 (1) (1) (a) GDPR,
• the transfer pursuant to Art. 6 (1) (1) (f) GDPR is required to assert, exercise or defend legal claims and there is no reason to believe that you have a prevailing legitimate interest in not disclosing your data,
• we are obligated to the transfer pursuant to Art. 6 (1) (1) (c) GDPR, or
• it is legally permissible and pursuant to Art. 6 (1) (1) (b) GDPR is required for the processing of contractual relationships with you or for carrying out contractual measures.

Part of the data processing may be carried out by our service providers. In addition to the service providers mentioned in this data protection declaration, this may include in particular consulting firms. If we transfer data to our service providers, they may only use the data to fulfil their tasks. We have carefully selected and commissioned these service providers. They are contractually bound by our instructions, have appropriate technical and organisational measures in place to protect the rights of data subjects and are regularly checked by us. In addition, data may be transferred in connection with official inquiries, court orders and legal proceedings if this is necessary for legal prosecution or enforcement.

3.3 Your rights

You have at any time the right to request information about the processing of your personal data. In accordance with this information provision, we will explain our data processing to you and provide an overview of the personal data concerning you that we store. If any of your personal data is incorrect or out of date, you have the right to have this data rectified. You may also request that your data be deleted. If, in exceptional cases, deletion is not possible due to other legal regulations, the data will be blocked so that it is only available for this legal purpose. You can also have the processing of your data restricted, e.g. if you believe that the data is incorrect. You also have the right to data portability, i.e. you can request a digital copy of the personal data that you have provided.
To exercise your rights as described here, you can always contact the controller at the contact details above. This also applies if you wish to receive copies of guarantees that prove an adequate level of data protection.
In addition, you have the right to object to data processing based on Art. 6 (1) (e) or (f) GDPR. Finally, you have the right to complain to the competent data protection supervisory authority. You may exercise this right with a supervisory authority in the member state of your place of residence, your place of work or the place of the alleged breach. The responsible supervisory authority for Berlin, the headquarters of viafintech is: Berliner Beauftragte für Datenschutz und Informationsfreiheit, Friedrichstr. 219, 10969 Berlin.

3.4 Right to revocation and objection

Under Art. 7 (2) GDPR, you have the right to revoke the consent you have previously given to us at any time. This will prevent us from continuing the data processing based on this consent with future effect. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation. If we process your personal data on the basis of legitimate interests pursuant to Art. 6 (1) (f) GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR and cite reasons stemming from your particular situation and which in your opinion indicate that you have predominating interests that are worthy of protection.

If you object to data processing for direct marketing purposes, you have a general right of objection, which we will implement without you having to provide reasons.

If you would like to exercise your right of revocation or objection, please send an indication of this in any form to the contact details listed above.

3.5. Data security

We employ up-to-date technical measures to ensure data security, in particular to protect your personal data from dangers during data transfers and to prevent it from becoming known by third parties. These are adapted accordingly to the current state of the art.
To secure the personal data you provide on our website, we use Transport Layer Security (TLS), which encrypts the information you enter.

3.6 Google Analytics

We use Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”). According to Google, the contact partner for all data protection issues is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Analytics uses cookies and similar technologies to analyse and improve our website and our product based on your user behaviour. The data generated in this context can be transmitted by Google to a server in the USA for evaluation and is stored there. However, your IP address will be shortened before the usage statistics are evaluated, so that no conclusions can be drawn about your identity. For this purpose, Google Analytics has been expanded to include the “anonymizeIP” code to ensure that IP addresses are recorded anonymously.
Legal basis is Art. 6 (1) (a) GDPR.

Google will process the information obtained from the cookies in order to evaluate your use of the website and the products, compile reports on website activity for the website operator and provide other services related to website and internet use.

As shown above, you can configure your browser to reject cookies, or you can prevent the collection of data generated by cookies and related to your use (including your IP address) and the processing of this data by Google, by downloading and installing a browser add-on provided by Google. As an alternative to the browser add-on or if you access our website from a mobile device, please use this opt-out link: Deactivate Google Analytics

This will prevent Google Analytics from collecting data on this website in the future (the opt-out only works in the browser and only for this domain). If you delete your cookies in this browser, you must click this link again.

You can find more information on this in Google’s data protection declaration.

3.7 Facebook Fanpage

We operate a page (fan page) on the social network Facebook, for users outside the USA and Canada from Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”) and is offered for all other users by Facebook Inc., 1601 Willow Road, Menlo Park, California 94025, USA (“Facebook”) in a joint responsibility with Facebook, in order to communicate with followers (such as our customers and prospects) and to discuss our products and to provide information on our services.

In doing so, we can receive statistics from Facebook on the use of our fan page (e.g. information about the number, names, interactions such as likes and comments, as well as summarized demographic and other information or statistics). You can find more information on the type and scope of these statistics in the information provided by Facebook and the corresponding help pages. You can find details on the respective responsibilities in the information on page insights. The legal basis for this data processing is Art. 6 (1) (f) GDPR based on our aforementioned legitimate interest.

We have no influence on data processed by Facebook on our own responsibility in accordance with the Facebook terms of use. However, we would like to point out that when you visit the fan page, data on your usage behaviour is transferred from Facebook and the fan page to Facebook. Facebook itself processes the aforementioned information in order to create more detailed statistics and for our own market research and advertising purposes, over which we have no influence. You can find more information on this in Facebook’s data policy.

Insofar as we receive your personal data when operating the fan page, you have the rights specified in this data protection declaration. If you also want to assert your rights against Facebook, the easiest way to do this is to contact Facebook directly. Facebook knows both the details of the technical operation of the platform and the associated data processing as well as the specific purposes of the data processing and can implement appropriate measures on request if you exercise your rights. We are happy to support you in asserting your rights, as far as we can and we will forward your inquiries to Facebook.

3.8 Changes to the Privacy Policy

We may update this Privacy Policy from time to time, for example when we adapt our website or when legal or regulatory requirements change.

Date: 17.08.2021