- aims to give you information on how Payler processes Your data,
- is instrumental in Payler personal data protection system and it is binding to every Payler's employee and subcontractor.
Payler processes Your personal data in material compliance with the following principal provisions:
- Payler respects and complies with the requirements of the UK GDPR, Data Protection Act 2018 and other national and international laws (together hereinafter referred to as "LAWS").
- We are fair and maximally transparent with You regarding Your data processing and protection.
- All the information is being provided to You in concise, transparent, intelligible and easily accessible form, using plain and clear language.
- We will not process Your data without having a legal basis and specified, explicit and legitimate purposes.
- By default, we are processing only personal data, which:
- Is necessary to achieve the current purpose;
- Is accurate and, where necessary, kept up to date.
- Upon achievement of a purpose we are either deleting Your personal data or anonymizing it, so it is impossible to identify you.
- When data is being processed for scientific or historical research purposes or statistical purposes, we are applying anonymization or additional safeguards preventing any undue impact on Your person (functional separation).
- We are performing and constantly improving organizational and technical measures ensuring Your data protection against any accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to the data.
- We are conducting staff training on a regular basis regarding data protection matters.
- We are carrying out all the necessary measures, so the relevant safeguards are included into agreements with other data controllers and processors, as well as responsibilities are clearly shared subject to the requirements of relevant laws and regulations.
- Information and communication technologies (ICT) are being used in processing Your data. We are ensuring ICT integrity, confidentiality, availability and resilience in line with relevant risk level.
What data does Payler collect about you?
We are collecting different categories of data depending on Your request of services, requirements of the laws and our legitimate interests conducting our business.
Separately from other data, there are specified category of data as cookies. We are using cookies when you are using our web based Platforms (e.g. browsing websites, applications of Payler, sending email and text messages, communicating through social media accounts). The cookies mostly relate to the necessity of providing services You have explicitly requested (e.g., to open a website or some section of it, making payments etc.) or Your authentication during the login process.
Additionally, when You are visiting our websites, we may collect certain information automatically from your device in order to provide services requested by you, ensure security and for statistical purposes; automatic collection might include Your IP address, device type, browser-type (such as Chrome, Safari, Firefox or Internet Explorer), Your operating system and carrier, as well as details of any referring website or exit pages.
Please find additional information on usage of cookies HERE.
Why do we need your data?
Depending on relationship (client, employment, partner agreement, website user etc.) Payler collects only the minimal personal data that is absolutely necessary for achieving processing purposes (e.g. conclude the employment contract, make a payment, detect fraud, prevent identity thefts, send You special offers, handle Your requests and claims, render customer support etc.).
You could find the main groups of processing purposes HERE.
Note that we may process Your personal data for more than one lawful ground depending on the specific purpose for which we are using Your data. For example, when You have closed the account (contractual obligations) we will still keep processing minimal personal data to comply with AML laws (legal obligation) or to protect/ exercise our legal claims (legitimate interests).
For the most part in rendering our services, the legal basis of processing will be our contractual obligations, Your consent or our legitimate interest. Please contact us if You need details about the specific legal ground we are relying on to process Your personal data in each case.
Who is responsible for your data protection?
The controller (also operator of website) involved in processing is liable for confidentiality, integrity and availability of Your data, as well as for the damage caused by his activities which infringe the laws and/ or Your privacy. A processor shall be liable only where it has not complied with the obligations of the laws specifically directed to processors or where it has acted outside or contrary to lawful instructions of the controller.
If Payler processes the data of the representative of a business partner or the data of its electronic payment service users, Payler shall be liable as a controller.
In case Payler processes the data of payment cards provided by the merchant, the latter will be the controller and Payler will be a processor, who is acting on behalf of the controller.
Though, Payler might also be a controller for some data of payment cards in order to comply with legal and contractual obligations (e.g. record-keeping).
When the data is collected, we will definitely either inform You on the current controller or it will arise out of the document/ web form you are filling in.
If You are providing personal data of other data subjects, You shall be solely liable for obtaining consent from them or using other legal basis for their data processing (e.g. contract, power of attorney etc.).
If you fail to provide personal data
Where Payler collects personal data to comply with laws and regulations or under the terms of a contract where You are a party of and you fail to provide Your data when requested, we may not be able to perform the contract (for example, to provide you with electronic payment services). In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.
Disclosure after collecting
Generally, we do not share Your data with third parties.
The only way Payler is doing so, when it has a legal basis and processing purpose for doing so. Disclosing Your data, we require recipients to follow laws and regulations and data protection measures when they process Your data.
Our Platforms and services may contain links to third-party websites, products and services. We may also use or offer products or services from third parties − for example, a third-party app.
Considering the state of art and costs of implementation, the nature, scope, context and purposes of processing, as well as the risks of varying likelihood and severity for Your rights and freedoms posed by the processing, Payler ensures and permanently improves security measures to protect Your data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.
To achieve the highest security level, we are performing organizational and technical measures. The most typical measures you could find HERE. Your rights
The scope of Your rights (as data subjects) is set under each current processing purpose and legal basis which will be informed to You when Payler collects / You are providing Your data to us.
In case we are a processor, the main contact for data subjects should remain data controller. In such cases we will definitely provide possible support in contacting the relevant controller. Right to be informed
Every time Payler collects Your data as the controller, we will inform You at least of the identity of the controller, the purposes of data processing and sources where to find additional information.
In the event we are collecting Your data from other controllers (processors) You will be also informed in a timely manner.
So, our communication is made in an intelligible, plain and clear way, but texts are not burdensome, we will not inform you on details you already know.
In case the processing of Your data is based on consent, You will definitely have the right to withdraw your consent at any time. Please be informed that the withdrawal of consent is not affecting the lawfulness of processing based on consent before its withdrawal.
There might also be other cases where Your rights to be informed are limited. Right of access
You are entitled to receive a confirmation from Payler as to whether or not Your data is being processed by us, and if it is, You have a right to access the relevant data. Right to rectify and add
You are entitled to obtain from Payler without undue delay the rectification of inaccurate personal data. Considering purposes of processing You are also entitled to supplement incomplete personal data. Right to erasure ("right to be forgotten")
You are entitled to obtain the erasure of Your data from Payler. In cases set by laws and regulations we shall delete Your data.
Unfortunately, since the exceptional character of exercise of such rights the laws and regulations set restrictions when Your request might be refused. Right to restriction of processing
In certain cases You are entitled to file a request to restrict Your data processing. Notwithstanding the restriction of processing, we will still be entitled to:
Right to data portability
- Store Your data;
- Process Your data in any manner, if:
- You have consented to it;
- We have to establish, exercise or defend our legal claims;
- The rights of another person shall be protected;
- There are reasons of important public interest.
You are entitled to transmit Your data, which You have provided to Payler, to another controller, where:
- the processing is based on consent or on a contract; and
- the processing is carried out by automated means.
Unfortunately, there might be cases when Your data transmission to another controller is not technically feasible. In this regard we will try to do our best in providing maximum support, so another controller receives Your data. Right to object
In case Payler processes Your data:
- in the performance of a task carried out in the public interest, or
- in the exercise of official authority vested in us, or
- for the purposes of the legitimate interests pursued by us or by a third party,
You are entitled to object to such processing, specifying in Your request the particular situation (reason for objection).
In such cases we will not process Your data unless we demonstrate compelling legitimate grounds for the processing which override Your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.
There are also other cases set by laws and regulations, when You are entitled to object, as well as the conditions under which the right to object might be exercised. Your rights regarding automated individual decision-making, including profiling
You are entitled not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning You or similarly significantly affects You, except where the decision:
- is necessary for entering into, or performance of, a contract between You and Payler as the controller; or
- is authorized by laws and regulations to which Payler is subject and which also lays down suitable measures to safeguard Your rights and freedoms and legitimate interests; or
- is based on Your explicit consent.
Right to lodge a complaint
If we are not able to resolve any dispute or claim arising from Your data processing under this Policy in an amicable way, You are entitled to lodge a complaint with UK supervisory authority.
Restrictions of your rights and principal provisions
Please, be informed that each of Your rights and some of the principal provisions set herein might be restricted due to legislative measures
, mostly to the advantage of other natural and legal persons, as well as national interests and public security.
Data transfers to third countries and international organizations
Payler might transfer Your data to a third country providing safeguards and security measures, so the level of Your data protection is not undermined. Such transfers might take place in cases, if:
How does Payler treat your requests?
- we have to perform an agreement concluded between You and Payler;
- we have to carry out pre-contractual measures in order to prepare a contract;
- if you consented to the proposed transfer;
- transfer is based on an international agreement, such as a mutual legal assistance treaty in force between the requesting third country and the UK;
- transfer is based on standard data protection clauses adopted by the relevant authority;
- other cases may be applicable (you shall be informed prior to any such transfer).
Due to the remote nature of our services, it is important for us to keep communicating through the same email (Verified Email), which was used by you to request a price quote or using our services. The Verified Email is the key communication channel for us, so we can give quick answers and not divulge your data to any malicious person. You might also submit a request through the voice call, but still we must use the Verified Email to reply, due to law requirements and in order to protect our legal claims.
In case Your requests are manifestly unfounded or excessive, Payler might refuse to act on the request explaining reasons or You might be charged a reasonable fee considering the administrative costs of providing the information or communication, or taking the action requested.
In case we have reasonable doubts concerning the identity of the natural person (also authorized representative) making the request, we may request the provision of additional information necessary to confirm the identity of such a natural person.
You are entitled to receive one copy of Your data free of charge. For any further copies we may charge a reasonable fee based on administrative costs. The right to obtain a copy shall not adversely affect the rights and freedoms of others.
In case You have any questions regarding Your data processing by Payler, please kindly contact our Data Protection Officer at firstname.lastname@example.org.
Any other questions regarding our services and current data processing shall be addressed to Payler
Amendments and effective date
In case of material changes Payler will definitely publish such amendments and amended policy on our websites and, as far as possible, notify you either by email or by pop-up windows when you are entering our websites next time.