Committed to maintaining your trust

We maintain strict protocols in maintaining and safeguarding sensitive information, keeping abreast of changing privacy laws and requirements in every country in which we do business.

We adhere to the Privacy Shield Policy, which sets forth privacy principles with respect to transfers of personal information between member states of the European Union and the United States. We collect, use and disclose personal information only in a manner consistent with this policy.


This Privacy Notice describes how Swift Prepaid Solutions, Inc. (“we”, “our”, “us” and “Swift”) and its Service Providers manage your personal data. It will explain (1) what data we collect about you, (2) how we use your data, (3) how long we hold your data, (4) what and with whom we share it with, (5) how to control your privacy options, (6) what are your rights, and (7) other privacy information.

Your Consent

By visiting our website and using our services or products, you are accepting and consenting to the practices described in this Privacy Notice. If you do not agree to the use of your personal data as set out in this Privacy Notice, please do not use any of our products or services. You may opt-out by contacting us at the email address listed at the bottom of this notice.

What Data We Collect About You

To support our products and services, resolve inquiries and improve customer experience, Swift and our Service Providers may collect Personal Data which may include the following, as applicable:

Full name, personal or business contact information including physical mailing address, email address and telephone number;

Online data, IP address, device and operating system.

Prepaid Card Information (Card number, transactions, account balances, transaction history).

Date of Birth.

Tax identification number.

Other data with your consent or as allowed or required by applicable law.

How We Use Your Data

We collect data about you to operate and to support our services and products only. We may use your data to:

Send administrative material to you, such as changes to our terms, conditions, and policies.

To provide payment services and customer service.

To provide technical support.

Send alerts that you signed up for.

Identify areas where our products and services can be enhanced.

To comply with legal, regulatory, insurance, audit and security requirements including checking your identity against money laundering, terrorist financing or similar watch lists established or enforced by the U.S. or other government regulators;

Monitor for fraud and mitigate risk.

Otherwise with your consent or as allowed or required by law.

How Long We Hold Your Data

We may hold personal data as long as needed or relevant for the practices described in this Privacy Notice or as otherwise applicable by law. Actual hold periods differ depending on the type of services and products. The principles we use to determine the holding periods include the following:

Personal data needed to provide our services and products as described in this Privacy Notice;

Personal data needed for auditing purposes;

Personal data needed to troubleshoot problems or to assist with investigations;

Personal data needed to enforce our policies;

Personal data needed to comply with legal requirements.

Regulations require financial institutions to obtain, verify, and record information that identifies each person for whom we open or have established an account. With respect to such records, Swift generally holds those records for a minimum of seven years.

What and with whom we share

We may share your data:

With organizations and partners that help us operate our business by providing services such as card manufacturing, payment processing, website hosting, data analysis, information technology, customer service, email delivery, auditing and other similar services.

With financial institutions that issue, acquire or process transactions.

With partners and other vendors that perform services on our behalf, such as network services support, including data processing services, customer service, call center services, information technology services, internal audit, management, or administrative purposes.

For fraud prevention Service Providers and partners used to authenticate cardholders and to authorize card transactions.

To comply with the law or other legal responsibilities such as responding to subpoenas, including laws and other legal duties outside your country of residence.

To answer requests from government authorities including authorities outside your country of residence.

To protect our rights, business operations and possessions, or that of our users, employees and partners.

To investigate, stop, or take action concerning possible or suspected illegal activities, fraud, or violations of our terms and conditions.

How to Control Your Privacy Options

You can update your account profile online or by email. We maintain electronic records of your personal data for the purposes described in this Privacy Notice. You will be able to access and edit your personal data on the website listed on the back of the card. Otherwise, you may contact us at the e-mail address listed at the bottom of this notice. Your right to access, correct or delete your personal data indicated in our records is subject to applicable law including our right to retain documentation of our compliance with applicable legal requirements and technology limitations. We may take reasonable steps to confirm your identity before giving access or making modifications to your personal data.

If we receive data from other sources, we may direct you to contact those sources. Please note that we are not responsible for permitting you to review, or for updating or deleting personal data that you provide to those sources or any other third-party.

When you provide us with your personal data it is only used for the purposes of providing products and services as described in this Privacy Notice. You have the option to opt-out of certain uses and disclosures of your personal data as outlined in this notice. If you would like to opt-out of these uses or disclosures of your personal data you may contact us at the email address listed at the bottom of this notice.

We Use Browser Information

We may use cookies, browser data, and location information, to uniquely recognize your computer or device and the pages you see on our website. We use tracking tools:

To identify new or past users;

To save your password if you are registered on our Website;

To enhance our Website and troubleshoot issues.

To investigate, stop, or take action concerning possible or suspected illegal activities, fraud, or violations of our terms and conditions.

You can adjust cookies and tracking tools on our Website. Your web browser may give you the ability to adjust cookies. How you do so depend on the type of cookie. Certain web browsers can be set to clear past and reject future cookies. If you block cookies on your browser, certain features of our website may not work. Additionally, if you limit or delete cookies, not all of the tracking activities we have defined here will stop. The choices you make are both browser and device specific.

What Are Your Rights Under EU Privacy Law

We adhere to applicable data protection laws in the European Union ("E.U."), when relevant and appropriate, including the General Data Protection Regulation (“GDPR”). If you are located in the E.U., this means that:

You have the right to request access, rectify or delete your personal data;

You have the right to object, transfer or restrict the processing of your personal data;

You have the right to object to automated processing, including profiling;

You have the right to send a complaint to the regulating authority.

These rights are subject to legal restrictions, as enforced by the applicable E.U. privacy law.

Other Privacy Information

We process your personal data, on specific legal grounds. We do so with your consent and/or as needed to deliver our services and products, fulfill our contractual and legal responsibilities or other legitimate interests as defined in this Privacy Notice.

We protect your personal data. We implement security policies, processes and technical security solutions to protect the personal data. These actions contain various network safeguards, logging and alerting. In order to perform certain obligations, our authorized employees and Service Providers will need access to your data.

Data storage and transfers. We store data in the United States. If you reside outside of the U.S, you understand and consent that we transfer personal data to the United States. Our products and services and associated practices comply with privacy provisions as set forth by the US government as well as the EU-US Privacy Shield Framework as set forth by the US Department of Commerce and GDPR as set forth by the E.U. When we transfer your personal data to Service Providers or third-parties as outlined in this Privacy Notice, we rely on contractual clauses to administer the transfer of that data and uphold those entities to protecting the data as described in this Privacy Notice.

Our Services are not intended for children. Our Services are meant for adults and are not for children. We do not intentionally collect personal data from children under 13 without authorization from a parent or legal guardian. If you think your child under 13 has sent us data, you can contact us at

Our Services may link to third-party services that we do not manage. If you click a link to a third-party website, you will be taken to sites that we do not control. This Privacy Notice does not apply to the privacy practices of those websites. Read the privacy notice of those websites. We are not liable for these third-party practices.

This Privacy Notice may be updated at any time. We may change our Privacy Notice from time to time. We may inform you of any changes to our Privacy Notice as required by law. Please check the Website periodically for updates. This Privacy Notice was last modified on 04/2018.

To contact us, if you have additional questions, concerns or wish to file a complaint regarding your personal data, you may e-mail our Data Protection Officer at We are committed to resolving any questions you may have however if you feel your complaint is not satisfactorily addressed, you have the right to file a complaint with the Supervisory Authority, in the Member State of your habitual residence, place of work or where the alleged infringement happened.

Swift Prepaid Solutions Inc. (Swift) complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. Swift Prepaid Solutions Inc. has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit The Federal Trade Commission (FTC) has jurisdiction over Swift’s compliance with the Privacy Shield.


Swift Prepaid Solutions collects personal data from Cardholders when they register with our website, log-in to their account, request information or otherwise communicate with us. Cardholders have the option to log into their accounts online and request service via web support; we will collect information that they choose to provide to us through these websites. The personal data that we collect may vary based on the Cardholders interaction with our website and the type of request. In general, Swift collects the following types of personal data from its Cardholders: contact information, including, a contact person's name, work or personal email address, work or personal mailing address, work or personal telephone number, as well as prepaid card information. When Cardholders use our services online, we will collect their IP address and browser type to provide better troubleshooting assistance and determine geographic location. The information that we collect from Cardholders is used for customer service purposes only. These services may include managing transactions, disputes, replacement cards, renewals, other operations related to providing services and products to the Cardholder. Swift uses personal data that it collects directly from its Cardholders and from its partners indirectly in its role as a program manager for the following business purposes: maintaining and supporting its products/services, delivering and providing the requested products/services, and complying with its commitments related to providing customer support and satisfying governmental reporting.


Swift Prepaid Solutions discloses personal data only to third parties who reasonably need to know such data only for the scope of the physical card creation and transaction processing, not for other purposes. Such recipients must agree to abide by confidentiality obligations. Swift may provide personal data to third parties that act as agents, consultants, and contractors to perform tasks on behalf of and under our instructions. For example, Swift may store such personal data in the facilities operated by third parties. Such third parties must agree to use such personal data only for the purposes for which they have been engaged by Swift and they must agree to provide adequate protections for the personal data that are no less protective than those set out in this policy. We do not share personal data with third parties outside of these agents and if that were to change in the future, we would notify Cardholders on how to opt-out of having their personal information shared. Please be aware that Swift may be required to disclose a Cardholders personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. Swift is liable for appropriate onward transfers of personal data to third parties.


Cardholders have the right to access and know what personal data about them is collected. Cardholders may review their own personal data and correct, erase, or block any data that is incorrect, as permitted by applicable law. Upon reasonable request and as required by the Privacy Shield principles, Swift allows Cardholders access to their personal data, in order to correct or amend such data where inaccurate. Cardholders may revise their personal data by logging into their online account profile or by contacting Swift by email. In making modifications to their personal data, Cardholders must provide only truthful, complete, and accurate information. To request deletion of personal data, limit or forbid sharing of personal data, Cardholders should submit their requests via email at Swift will respond in a timely manner to all reasonable email requests to view, modify, or delete personal data.


In compliance with the EU-US Privacy Shield Principles, Swift Prepaid Solutions Inc. commits to resolve complaints about your privacy and our collection or use of your personal information. European Union individuals with inquiries or complaints regarding this privacy policy should first contact Swift Prepaid Solutions at:


Swift Prepaid Solutions Inc. has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit for more information and to file a complaint. Please note that if your complaint is not resolved through these channels, under limited circumstances, a binding arbitration option may be available before a Privacy Shield Panel.

This policy explains when and why we collect personal information about you, how we use it, the conditions under which we may disclose it to others and how we keep it secure.

TPL is committed to safeguarding the privacy of your information. By “your data”, "your personal data”, and “your information” we mean any personal data about you which you or third parties provide to us.

We may change this Policy from time to time so please check this page regularly to ensure that you’re happy with any changes.

Who are we?

Transact Payments Limited (“TPL”, “we”, “our” or “us”) is the issuer of your card and is the Data Controller for the personal data which you provide to us in relation to the card. TPL is an e-money institution, authorised and regulated by the Gibraltar Financial Services Commission. Our registered office address is 6.20 World Trade Center, 6 Bayside Road, Gibraltar, GX11 1AA and our registered company number is 108217.

How do we collect your personal data?

We collect information from you when you apply online or via a mobile application for a payments card which is issued by us. We also collect information when you use your card to make transactions. We also obtain information from third parties (such as employers, joint account holders, credit reference agencies and fraud prevention agencies) who may check your personal data against any information listed on an Electoral Register and/or other databases.

On what legal basis do we process your personal data?


Your provision of your personal data and our processing of that data is necessary for each of us to carry out our obligations under the contract (known as the Cardholder Agreement or Cardholder Terms & Conditions or similar) which we enter into when you sign up for our payment services. At times, the processing may be necessary so that we can take certain steps, at your request, prior to entering into that contract, such as verifying your details or eligibility for the payment services. If you fail to provide the personal data which we request, we cannot enter into a contract to provide payment services to you or will take steps to terminate any contract which we have entered into with you.


We may also process your personal data to comply with our legal or regulatory obligations.

Legitimate Interests

On occasion we may have a legitimate interest or those of a third party to process your personal data.

What type of personal data is collected from you?

When you apply for a card, we, or our partners on our behalf, collect the following information from you: full name, physical mailing address, date of birth, email address, telephone number, tax identification number and online data such as IP address, device and operating system.

When you use your card to make transactions, we store that transactional information. This includes the date, amount, currency, card number, account balances and name of the merchant or supplier (for example a supermarket or retailer). We also collect information relating to the payments which are made to/from your account.

How is your personal data used?

We use your personal data to:

set up your account, including processing your application for a card, creating your account, verifying your identity and printing your card.

maintain and administer your account, including processing your financial payments, processing the correspondence between us, monitoring your account for fraud and providing a secure internet environment for the transmission of our services.

Who do we share your information with?

We pass your information to our third party service providers, agents, subcontractors, program managers and other associated organisations for the purposes of completing tasks, managing your account and providing services to you on our behalf, as detailed above. When we use third party service providers, we have a contract in place that requires them to keep your information secure and confidential.

We pass your information to the following categories of entity:

companies and organisations that assist us in processing transactions you make (including but not limited to payment processing service providers) and in providing services that you have requested;

companies and organisations that run and manage the card program;

identity verification agencies to undertake required verification, regulatory and fraud prevention checks;

payment card manufacturers;

information security services organisations, web application hosting providers, network backup service providers and software/platform developers;

document destruction providers;

anyone to whom we lawfully transfer or may transfer our rights and duties under this agreement;

any third party as a result of any restructure, sale or acquisition of TPL or any associated entity, provided that any recipient uses your information for the same purposes as it was originally supplied to us and/or used by us.

regulatory and law enforcement authorities, whether they are outside or inside of the EEA, where the law requires us to do so.

Sending personal data overseas

To deliver services to you, it is sometimes necessary for us to share your personal information outside the European Economic Area (EEA), e.g.:

with service providers located outside the EEA;

if you are based outside the EEA;

where there is an international dimension to the services we are providing to you.

These transfers are subject to special rules under European and Gibraltar data protection law.

These non-EEA countries do not have the same data protection laws as Gibraltar and EEA. We will, however, ensure the transfer complies with data protection law and all personal information will be secure. We will send your data to countries where the European Commission has made an adequacy decision, meaning that it has ruled that the legislative framework in the country provides an adequate level of data protection for your personal information. You can find out more about this here.

Where we send your data to a country where the European Commission has not made an adequacy decision, our standard practice is to use standard data protection contract clauses that have been approved by the European Commission. To obtain a copy of those clauses, please go to the European Commission’s website:

If you would like further information please contact our Data Protection Officer.

How long do we store your personal data?

We will store your information for a period of 7 years after our business relationship ends in order that we can comply with our obligations under applicable legislation such as anti-money laundering and anti-fraud regulations. If any changes to applicable legislation require us to retain your data for a longer period of time, we shall retain it for that period. We will not retain your data for longer than is necessary.

Your rights regarding your personal data?

You have certain rights regarding the personal data which we process:

You may request a copy of some or all of it.

You may ask us to rectify any data which we hold which you believe to be inaccurate.

You may ask us to erase your personal data.

You may ask us to restrict the processing of your personal data.

You may object to the processing of your personal data.

You may ask for the right to data portability.

If you would like us to carry out any of the above, please email the Data Protection Officer at

How is your information protected?

We implement security policies and technical measures in order to secure your personal data and take steps to protect it from unauthorised access, use or disclosure.

While we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.


We hope that our Data Protection Officer can resolve any query or concern you may raise about our use of your personal information.

The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in Gibraltar is the Gibraltar Regulatory Authority. Their contact details are as follows:

Gibraltar Regulatory Authority,

2nd floor, Eurotowers 4, 1 Europort Road, Gibraltar.

(+350) 20074636   (+350) 20072166

Other websites

Our website may contain links to other websites. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.

Changes to our Privacy Policy

We keep our Privacy Policy under review and we regularly update it to keep up with business demands and privacy regulation. We will inform you about any such changes. This Privacy Policy was last updated on 25th May 2018.

How to contact us

If you have any questions about our Privacy Policy or the personal information which we hold about you or, please send an email to our Data Protection Officer at

version: 1.0


Global Thinking

  • Swift’s Core Values Strengthen Your Business

    Swift is more than our innovative products, platforms and solutions. We’re also a rapidly growing fintech company made up of individuals devoted to making Swift a constant disruptor in corporate-funded payments. We’re strong together for the

Powerful Innovations

Influential Discoveries

Prepaid Cards Can Lower Blood Pressure

Recent research from the world of health and wellness champions the use of incentives to motivate individuals. In a study conducted by Higi, a leading health company, 159,000 participants with hypertension were challenged to reduce their blood pressure. Prepaid cards were used as the incentive to change lifestyle and engage in healthier behaviors.

Get The News ASAP

This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.