Privacy Policy
Payment Strategy Technologies values and respects your privacy. This Policy explains what personal data we collect, how we use it, on what legal bases we process it, and what rights you have. We collect and use personal data only in ways that comply with our obligations and your rights under applicable law (including GDPR/UK GDPR, PECR, CASL, PIPEDA and, where applicable, CCPA/CPRA).
Who This Policy Applies To
This Policy applies to visitors and users of our websites, products and services (the “Services”). It does not apply to third-party websites that may be linked from our Services. Please review those third parties’ privacy policies before providing any data to them.
Personal Data We Collect
- Identity data (e.g., name, date of birth, gender).
- Contact data (e.g., address, email address, phone number).
- Professional data (e.g., brand name, position, profession).
- Transactional and payment information.
- Usage and technical data (e.g., pages viewed, device and log data).
- Preferences and interests.
- Communications with us and marketing preferences.
How We Collect Your Data
- Directly from you (for example, forms, account registration, customer support).
- Automatically, via cookies and similar technologies (see our Cookies Policy).
- From third parties (e.g., payment providers, analytics, KYC/AML vendors) and from publicly available sources, where permitted by law.
How We Use Personal Data
- Providing and managing your account and our Services.
- Entering into and fulfilling contracts with you.
- Personalizing and improving the Services.
- Communicating with you (including responding to emails or calls).
- Sending updates you have opted into (you can unsubscribe at any time).
- Marketing communications with your permission and/or where permitted by law (never unlawful marketing or spam).
- Security, fraud prevention, and compliance including AML/CFT.
- Analytics and statistics to improve our Services.
- Complying with legal obligations and responding to lawful requests.
Our Legal Bases (GDPR/UK GDPR)
- Contract – processing necessary to enter into or perform a contract with you.
- Consent – for example, sending certain marketing or placing non-essential cookies.
- Legitimate interests – for example, to secure and improve our Services (balanced against your rights).
- Legal obligation – where we must process data to comply with the law.
- Vital interests – in rare cases to protect life or physical safety.
Where we rely on consent, you may withdraw it at any time without affecting lawfulness of processing before withdrawal.
Cookies and Similar Technologies
We use cookies and similar technologies to operate and improve our Services, analyze usage and, where permitted, personalize content and marketing. For details, please see our Cookies Policy.
Marketing
With your permission and/or where permitted by law we may send you marketing about our products and services. You can opt out at any time using the unsubscribe link or by contacting us.
Automated Decision-Making and Profiling
We do not engage in solely automated decisions that produce legal or similarly significant effects without appropriate safeguards. You may request human review, express your view, or contest a decision where applicable.
Data Retention
We keep personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. We will not store your personal data longer than necessary.
How We Share Personal Data
- Within our group companies for service performance, AML/CFT and security.
- With trusted service providers acting on our instructions (e.g., payment processing, hosting, analytics, marketing).
- With authorities or third parties where required by law, to protect rights, or in the context of corporate transactions.
A list of our sub-processors is available upon request via your Partner Dashboard.
International Data Transfers
Your data may be stored or processed outside the EEA/UK. Where we transfer data internationally, we implement appropriate safeguards, such as adequacy decisions by the European Commission/UK Government or Standard Contractual Clauses, and supplementary measures where necessary.
Data Security
We use commercially reasonable administrative, technical and physical safeguards to protect personal data, including authentication and encryption (e.g., SSL). We continuously improve our security measures as technologies evolve.
Your Rights
- Right to be informed about the collection and use of your personal data.
- Right of access to your personal data.
- Right to rectification of inaccurate or incomplete data.
- Right to erasure (“right to be forgotten”).
- Right to restrict processing.
- Right to object to processing (including direct marketing).
- Right to data portability.
- Right to withdraw consent at any time.
- Right to lodge a complaint with a supervisory authority.
How to Exercise Your Rights
Submit your request in writing to the email below. If your request is manifestly unfounded or excessive (e.g., repetitive), we may charge a reasonable fee to cover administrative costs.
We will respond within 20 days and, in any case, no later than one month from receipt. For complex requests or where we must verify your identity, we may extend by up to two additional months; we will keep you informed.
Children’s Privacy
Our Services are not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us personal data, please contact us to request deletion.
Changes to This Policy
We may update this Privacy Policy from time to time (for example, due to changes in law or our business). Updates will be published on our website and apply from the date of posting.