UK

Privacy Policy

Our contact details

Name: Paynetics UK Ltd (hereinafter referred to as “Paynetics UK”, “we”, “us” and “our”) is regulated as an e-money institution (ref: 942777) licenced under the Financial Conduct Authority (“FCA”) and organized under the laws of England and Wales, with company number 12481335,

Address: registered address 1st Floor, 18 Devonshire Row, London EC2M 4RH

Phone Number: +44(0)330 223 6848

Date of adoption: 1 November 2023

The type of personal information we collect

We currently collect and process the following information:

  • IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use, logs of your use of our platform, and history of the associated services with our platform;
  • Email address
  • Nationality, gender and date of birth
  • Profile pictures
  • Financial information;
  • Image of passport and passport details;
  • Enquiry data;
  • Information contained in or relating to any communications with us.

How we get the personal information and why we have it

Most of the personal information we process is provided to us directly by you for one of the following reasons:

  • We may process your data about your use of our website and services;
  • We may process your data for the purposes of operating our website,
    providing our services, ensuring the security of our website and services,
    maintaining back-ups of our databases and communicating with you;
  • We may process your data for the purposes of enabling and monitoring your use of our website and services;
  • We may process your data in order to provide to you our card issuance and payment services (according to our Terms and Conditions: https://www.paynetics.digital/uk-acquiring-terms-conditions/ );
  • We may process your data to send you information and marketing material about our services;

We collect information about you when we receive it from other users, third- parties, and affiliates, such as:

  • When you connect your account to third-party services or sign in using a third-party partner (Google ads);
  • From publicly-available sources;
  • From advertisers about your experiences or interactions with their
    offerings;
  • When we obtain information from third-parties or other companies,
    such as those that use our services. This may include your activity on other sites and apps as well as information those third-parties provide to you or us.

We may share this information with:

  • We may disclose your personal data to any member of our group of companies (this means our affiliates and subsidiaries) insofar as reasonably necessary for the purposes, and on the legal bases, set out in this policy.
    We disclose your data to Paynetics AD, based in Sofia, Bulgaria. Paynetics AD is a licensed e-money institution, operating under the laws of the Republic of Bulgaria. Paynetics AD has developed, owns, operates and maintains a proprietary electronic online system (the “Paynetics System”) for the issuance and storage of electronic money, maintaining payment accounts, the association of the card accounts with International Service Provider Account Numbers (IBANs) and sort codes to support the efficient receipt and transmission of funds through its system, and the execution of payment transactions and related thereto collection and exchange of data. For more information about Paynetics’ AD Services and the way they protect your data, please view their privacy and security policy here: https://www.paynetics.digital/privacy- and-security-policy/.
  • We may disclose specific personal data, requested for identification and verification purposes to our authorized suppliers or subcontractors as reasonably necessary for specify purposes.
  • We may disclose your personal data to our professional advisers insofar as reasonably necessary for the purposes for managing risks, obtaining professional advice, or the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-
    court procedure.
  • We will share your data if we are required to do so by law – for example,
    by court order, or to prevent fraud or other crime.
  • We may disclose your data to one or more of our co-partners, identified
    on our website for the purpose of enabling them to contact you so that they can offer, market and sell to you relevant services having the same purpose as the services Paynetics UK offers. Each such co-partner will act as a data controller in relation to the usage and enquiry data that we supply to it; and upon contacting you, each such co-partner will ask you to give your consent to its privacy policy.
  • In addition to the specific disclosures of personal data set out in this policy, we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. We may also disclose your personal data where such disclosure is necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out- of-court procedure.

We require all third parties to respect the security of your personal data and treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes – we only permit them to process your personal data for specified purposes and in accordance with our instructions.

International transfers

We do not transfer your personal data outside the European Economic Area (EEA).

Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for processing this information are:

(a) Your consent. You are able to remove your consent at any time.

(b) We have a contractual obligation.

(c) We have a legal obligation.

(d) We have a legitimate interest.

How we store your personal information

We take the security of your personal data seriously and use reasonable electronic, personnel and physical measures to protect it from loss, theft, alteration or misuse. However, please be advised that even the best security measures cannot fully eliminate all risks.

We are dedicated to protecting all information on the website as is necessary. However, you are responsible for maintaining the confidentiality of your personal authentication information by keeping your password to our website private. You should change your password immediately if you believe someone has gained unauthorized access to it or your account. If you lose control of your account, you should notify us immediately at: dpo@paynetics.digital.

We have data retention policies and procedures in place, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal data.

Personal data that we process for any purpose(s) shall not be kept for longer than is necessary for that purpose or those purposes.

We will retain your personal data as follows:

All personal data will be retained for a period of 6 years plus the current year following termination of our mutual Service contract.

As an exception of the Service contract, transaction data will be kept up to a maximum of thirteen months to allow for resolution of potential disputes and payment queries.

All personal data will not be further processed in a manner incompatible with the purpose or purposes for which the information was originally collected.

Paynetics UK will take appropriate security measures against unauthorized access to, or unauthorized alteration, disclosure or destruction of, the data, and against all other unlawful forms of processing.

Once the purpose for which the personal data was obtained has ceased and the personal data is no longer required, Paynetics UK will delete or dispose of it in a secure manner.

Notwithstanding the other provisions of this Section, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subjects.

Your data protection rights

Under data protection law, you have rights including:

Your right of access – You have the right to ask us for copies of your personal information.

Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.

Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.

Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.

Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us at dpo@paynetics.digital if you wish to make a request.

How to complain

If you have any concerns about our use of your personal information, you can make a complaint to us at dpo@paynetics.digital or +44(0)330 223 6848

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Helpline number: 0303 123 1113

ICO website: https://www.ico.org.uk