Privacy Policy.

Your privacy is very important to CROSS SWITCH MALTA TECHNOLOGIES LTD (Cross Switch). To better protect your privacy, Cross Switch provides this Policy explaining its undertaking to protect your personal information.

Please read this Policy before using our website. Your continued use of this website, our platforms and our services indicates that you have both read and agree to the terms of this Privacy Policy. Unfortunately, you cannot use this website, our platforms and our services if you do not accept this Policy.

Personal Information will be understood in accordance with the definition provided in the Protection of Personal Information Act 4 of 2013 (“the Act”) and in accordance with the definition of Personal Data in Article 4 (1) of the General Data Protection Regulation GDPR (EU) 2016/679. Cross Switch also subscribes to the principles for electronically collecting Personal information outlined in the Act, and the further legislation referred to therein. We endeavour to ensure the quality, accuracy and confidentiality of Personal Information in our possession.

In adopting this Privacy Policy, we wish to balance our legitimate business interests and your reasonable expectation of privacy. Accordingly, we will take all reasonable steps to prevent unauthorised access to, or disclosure of your Personal Information.


Cross Switch may use and disclose your personal information in the following manner:

  1. by the use of your email address and/or mobile phone number to contact you from time to time relating to promotions and offers, to send you notifications and for security reasons;
  2. to aggregate statistics and data about the use of Cross Switch and/or to customise the Cross Switch’s content, layout and services;
  3. by the aggregation of your personal information with other people’s personal information to create and disseminate, as Cross Switch considers appropriate, as aggregated data without specific identification or your unique personal data;
  4. to verify your identity in accordance with Know Your Customer (KYC), Anti-Money Laundering (AML) and sanctions screening requirements.

You may at any time, via written notice to Cross Switch, require that we do not disclose your personal information in the manner contemplated above, in which case Cross Switch will not do so, but Cross Switch may, on the basis of operational requirements, preclude your use of our services.

We will not collect, use or disclose sensitive information (such as information about racial or ethnic origins or political or religious beliefs, where relevant) except with your specific consent or in the circumstances permitted by law.

By agreeing to the terms contained in this Privacy Policy, you consent to the use of your Personal Information in relation to:

  • The provision and performance of the services;
  • Informing you of changes made to our website, services and platforms;
  • Responding to any queries or requests you may have;
  • Developing a more direct and substantial relationship with you for the purposes described in this clause;
  • For security, administrative and legal purposes; and
  • The creation and development of market data profiles which may provide insight into market norms, practices and trends to help us improve our offering to you. Such information will be compiled and retained in aggregated form, but shall not be used in any way which may comprise the identity of a user.
  • Marketing of our services and other related offerings to you;
  • Understanding general user trends and patterns so that we can develop and support existing and ongoing marketing strategies.

Although absolute security cannot be guaranteed on the internet, Cross Switch places great importance on the security of your Personal Information, and has in place technical and organisational security measures to protect your Personal Information against accidental or intentional manipulation, loss, misuse, destruction or against unauthorised disclosure or access to the information we process online.

We will continue to maintain and improve these security measures over time in line with legal and technological developments in order to protect any unauthorised access to your Personal Information.

We store your Personal Information directly, or alternatively, store your Personal Information on, and transfer your Personal Information to, a central database. If the location of the central database is located in a country that does not have substantially similar laws which provide for the protection of Personal Information, we will take the necessary steps to ensure that your Personal Information is adequately protected in that jurisdiction by means of ensuring that standard data protection clauses are enforced.

Your information will not be stored for longer than is necessary for the purposes described in these Terms or as required by applicable legislation or law.

The Personal Information Cross Switch collects from Clients shall only be accessed by Cross Switch employees, representatives and consultants on a need-to-know basis, and subject to reasonable confidentiality obligations binding such persons.

We constantly review our systems and data to ensure the best possible service to our users. We do not accept any users, or representatives of users, under the age of majority in your relevant territory or who otherwise do not have the relevant capacity to be bound by this Privacy Policy, unless you are a user who is a minor or is otherwise incapable of being bound by this Privacy Policy, and you warrant that you have obtained the consent of your legal guardian / or you are the legal guardian providing such consent to this Privacy Policy.

We will not sell, share, or rent your Personal Information to any third party without your consent or use your e-mail address for unsolicited mail. Any emails sent by Cross Switch will only be in connection with the provision of our Services. In order to effectively render our Services to you, we share your information, where necessary, with website analytics services, identity verification and KYC/FICA partners, and/or other regulatory authorities as required by law, as well as other service providers required to render our Services to you.

The Personal Information provided by you is necessary in order that Cross Switch may provide the requisite Services to you, and failure to provide such Personal Information may render Cross Switch unable to provide such Services.

Log Files

As with all websites and online platforms, when you visit Cross-Switch.com we may collect information, such as your IP address, the name of your ISP (Internet Service Provider), your browser, the website from which you visit us, the pages on our website that you visit and in what sequence, the date and length of your visit, and other information concerning your computer’s operating system, language settings, and broad demographic information. This information is aggregated and anonymous data and does not identify you specifically.

However, you acknowledge that this data may be able to be used to identify you if it is aggregated with other Personal Information that you supply to us. In this regard, however, and as recorded, only with a Client’s consent and subject strictly to the terms of this Privacy Policy will an Client’s information be transferred and/or shared, and currently same is only being used within Cross Switch on a need-to-know basis. Any individually identifiable information related to this data will never be used in any way different to that stated above, without your explicit consent.


Cross Switch and our website analytics partners use cookies. A cookie is a small piece of information stored on your computer or smart phone by the web browser. The two types of cookies used on the Website are described below:

  • “Session cookies”: These are used to maintain a so-called ‘session state’ and only lasts for the duration of your use of the Website. A session cookie expires when you close your browser, or if you have not visited the server for a certain period of time. Session cookies are required for the Platform to function optimally, but are not used in any way to identify you personally.
  • “Permanent cookies”: These cookies permanently store a unique code on your computer or smart device hard drive in order to identify you as an individual user. No Personal Information is stored in permanent cookies. You can view permanent cookies by looking in the cookies directory of your browser installation. You may delete or reject permanent cookies, but this may affect the availability and/or functionality of the services of the Website to you. These permanent cookies are not required for the website to work, but may enhance your browsing experience.
Links from Cross Switch
  • Cross Switch, and the services available through the website, may contain links to other third party websites, including (without limitation) social media platforms and payment gateways (“Third Party Websites”).  If you select a link to any Third Party Website, you may be subject to such Third Party Website’s terms and conditions and/or other policies, which are not under the control, nor responsibility, of Cross Switch.
  • Hyperlinks to Third Party Websites are provided “as is”, and Cross Switch does not necessarily agree with, edit or sponsor the content on Third Party Websites.
  • Cross Switch does not monitor or review the content of any Third Party Website. Opinions expressed or material appearing on such websites are not necessarily shared or endorsed by us and we should not be regarded as the publisher of such opinions or material. As such, we are not responsible for the content of such Third Party Websites.
  • Cross Switch does not accept any responsibility for any loss or damage in whatever manner, howsoever caused, resulting from your disclosure to third parties of personal information.

AML & ATF Policy.

Regulatory Requirements

CROSS SWITCH MALTA TECHNOLOGIES LTD. (CROSS SWITCH) Anti-Money Laundering policy complies with all the statutory and regulatory requirements for money laundering control and combating of terror financing as stated in the following statues and their corresponding Regulations, Exemptions and Guidance notes:

  • Prevention of Organised Crime Act, 121 of 1998 (“POCA”)
  • Financial Intelligence Centre Act, 38 of 2001 (“FICA”); and
  • Protection of Constitutional Democracy Against Terrorist and Related Activities Act 33 of 2004 (“POCDATARA”)

The contents of this policy are the minimum requirements based on applicable legal and regulatory requirements and apply to all employees of the entity including temporary and/or contract workers. These requirements are intended to prevent CROSS SWITCH, our employees and clients from being misused for money laundering, terrorist financing or other financial crime. This Policy establishes the general framework for the fight against money laundering and financing of terrorism.

Policy Statement

CROSS SWITCH recognises and accepts responsibility for compliance with the money laundering control requirements contained in the relevant statutes, regulations thereto, supervisory requirements and the internal rules (collectively referred to as “regulatory requirements”).

CROSS SWITCH supports the developing national and international commitment to combat money laundering. To this end, all staff members are required to prevent CROSS SWITCH from being exploited by criminals for the purposes of money laundering activity. As an accountable institution, CROSS SWITCH will have to comply and adhere to certain stringent requirements, which include:

  • identification of all clients and knowing who they are dealing with;
  • verification of client’s information;
  • record keeping of all this information and documentation; and
  • reporting of knowledge or suspicions as required.
Client Identification and Verification

Client identification and verification is important in establishing an effective money laundering control system. CROSS SWITCH’S procedures are designed to comply with the regulatory requirements and to obtain information from clients that will provide appropriate knowledge of them. All new and existing clients must be identified and verified before a business relationship may be established or a single transaction concluded, as required in CROSS SWITCH’S internal rules.

  • Identification: All clients must be adequately identified. CROSS SWITCH staff must know who the client is and where they can be found and contacted.
  • Verification Client identification must be verified against either the original or true certified copy of the documents requested to open the account.
Record Keeping Obligations

The money laundering control records that are required in terms of the regulatory requirements must be kept safe from loss, damage and theft, as specified in the internal rules. Records pertaining to the following need to be recorded and stored:

  • The concluding of a transaction with a client whether the transaction is a single transaction or concluded in the course of the business relationship.
  • Establishment of a business relationship.
Reporting Obligations

All staff must satisfy any legal obligation to report knowledge or suspicions relating to the proceeds of unlawful activities or money laundering in the required format and within the time frames required. Where a suspicious activity report has been filed or otherwise reported to the relevant authorities, staff must not notify any person of any matters relating thereto i.e. besides the Money Laundering Control Officer or specifically authorised CROSS SWITCH officials. All reports submitted remain confidential and each staff member is protected.

Internal Rules

The internal rules of CROSS SWITCH have been documented and made freely available to all employees. CROSS SWITCH follows a risk-based approach to its verification and identification procedures and will take reasonable steps to verify the particulars of a client. The internal rules detail the manner in which these records are to be kept and for what time period. The internal rules document the steps to be taken when determining whether a transaction is reportable and instances where suspicions should be raised. In view of the importance of the requirements referred to above, it is essential that all staff must comply with all requirements contained in the internal rules.

Sponsor of Policy and Approval

This policy is sponsored by the CEO and is approved by the Board of Directors.


The Board of Directors is ultimately responsible for money laundering control compliance. CROSS SWITCH’S executive and management is delegated the responsibility to ensure that all CROSS SWITCH’S activities comply with regulatory requirements. The primary responsibility of the Money Laundering Control Officer it to assist management to discharge this responsibility, however all staff members are responsible for conducting business in accordance with regulatory requirements and CROSS SWITCH’S internal rules.

Disciplinary Action

Any breach of the money laundering control regulatory requirements will be seen in a very serious light. Staff members that do not comply with the CROSS SWITCH’S money laundering control policy or its internal rules will be subject to disciplinary action.


    CROSS SWITCH is required to identify Politically Exposed Persons “PEPS”. PEPS is the term used for an individual who is or has been in the past entrusted with prominent public functions in a particular country. CROSS SWITCH has implemented risk management systems to determine whether a potential client is a PEP.

    CROSS SWITCH has to ensure that client documentation for verification and identification purposes is updated as a minimum, every 5 years.

    Client particulars are confirmed with independent forms of verification.

    FATF 40 Recommendations Audit/Compliance Review

    CROSS SWITCH applies standards and policies applicable in accordance to FATF’s 40 Recommendations and is fully committed to maintaining high levels of integrity, professionalism and ethical behaviour.  Special attention is given to recommendation V11 and ensuring that the full originator’s information is included in all payments made.

    CROSS SWITCH has established a compliance review function that tests the adequacy of compliance and is audited yearly by independent external auditors.

    Special verification procedures are required when setting up business relationships with institutions from countries not applying the FATF rules.

    Records pertaining to the conclusion of a single transaction and establishment of a business relationship are safely stored and kept for a period of at least five years from the date of concluding a single transaction and the termination date of the business relationship.  As documented in our internal policy, parameters have been put into place to ensure that suspicious customers are identified. Payments made and received are carefully monitored by all staff and then reported to CROSS SWITCH’S money laundering control officer who in turn reports any suspicious activity.

    Please contact us for more information

    2 + 14 =

    Compliant, trusted


    payment solutions.