All Collections
GDPR Requirements
GDPR Requirements
User Data
Rita Stemberga avatar
Written by Rita Stemberga
Updated over a week ago

Anti-Money Laundering/Counter Terrorism Financing (AML/CTF)

For international AML/CTF and financial services regulatory reasons, we are required to maintain certain information related to payments and beneficiaries for up to 5 years. This is a standard requirement for all payment firms and financial institutions.

AML/CTF supersedes GDPR, CCPA and other “right to be forgotten” privacy requests, for certain data points.

Otherwise, for example, someone could misuse a payment system or financial account to transfer or receive funds for the purpose of terrorist financing or money laundering.
If their data has been deleted under a privacy request, the issuing company would not be able to provide the details of an account and its activity to a government body (e.g. FBI, CIA, Interpol, OFAC, etc) if a case was created (in line with the Terms of Service, Privacy Policy, and DPA we have in place with our customers).

How can I delete user information?
To delete user information from your Trolley account you should Archive the recipient.

What does disable recipient mean?
Disabling a recipient will keep them in your list of recipients but you will not be able to make payments to them.

Did this answer your question?