Last updated on November 1, 2023
PayXtoday takes care of your personal data and does everything possible to protect it. This Privacy Notice is written to help you understand what your personal data is collected, stored and used, and what happens to it when you use our website at https://payxtoday.com (“Website”).
Pay your attention! The UK leaves the EU by December 31, 2020. Until that time, the whole data processing process will be handled as it goes. After leaving the EU, the UK will become a third country pending a decision on the adequacy of jurisdiction. We will continue to be GDPR compliant and comply with the data processing and transmission requirements, taking into account the GDPR requirements for third countries that are not recognized as an adequate jurisdiction.
In this Privacy Notice, we answer the following questions:
We are PayXtoday Limited, company number 11654625, with a registered address at 37th floor, One Canada Square, Canary Wharf, London, E14 5AA, United Kingdom. In relation to your personal data, we are the controller and processor at the same time. We are the controller of your personal data of our clients and users, which means that we determine what, for what purpose, and how your personal data will be processed.
If you have any questions, you can contact us by sending an email to [email protected] You can also send us a letter at PayXtoday Limited, 41th floor, One Canada Square, Canary Wharf, London, E76 5AA, United Kingdom.
2. What is the Privacy Notice covered by?
This Privacy Notice applies to our website and our services. Our websites are https://payxtoday.com and PayXtoday.
3. What data do we collect and why?
The data we process is divided into two categories: technical information and data that is provided to us by a user, consumer, and client.
Technical information.When you visit our website, some data is collected automatically. We need technical data to operate, maintain, and improve our website. This includes data such as an IP address, UTM parameters, geolocation, device type, browser type, cookies, and data about your interaction with the website - session ID.
The session ID includes your interaction with the website, the name of the website from which you went to our website, the functions you use, the pages viewed on our website, the way you use our website, and the actions you take if such actions are present.
Data provided by the client.To perform a contract, we need the following data: full name, date of birth, email, passport details (tax number, address), gender, phone number, position, company name, payment information (bank details, bank card details), and merchant ID credentials.
Data provided by the consumer.While processing personal data of end users, PayXtoday acts as a processor. For detailed information on the processing of your personal data, please contact your controller. As a processor, we may process the following data: name, surname, geolocation, address, device hash, email, phone number, tax number, payment information including but not limited to bank ID, bank details, payment card details, electronic wallet ID.
Data provided by the user.For full interaction with our website, we may collect your name, phone number, email, and company name. Once again, briefly about what personal data we collect:
| Type of data | Description of data | Legal basis | Reasons of processing |
|---|---|---|---|
| Data provided by a client | Full name, gender, date of birth, email, phone number, passport details, position, company name, payment information, merchant ID credentials | Performance of a contract | Registering an account; Providing a service; Customer support |
| Data provided by a client | Position, company name | Legitimate interest | Analytics; Statistics |
| Data provided by a client | Full name, date of birth, email, phone number | Consent | Marketing |
| Data provided by a consumer | Name, surname, geolocation, address, device hash, email, phone number, tax number, payment information, bank ID | Performance of the contract | Registering an account; Providing a service; Customer support |
| Data provided by a consumer | Device hash, payment information | Legitimate interest | Security; Analytics; Statistics |
| Data provided by a consumer | Full name, contact details | Consent | Marketing |
| Data provided by a consumer | Name, surname, payment information | Legal obligation | Compliance with the legal obligation |
| Data provided by a user | Full name, phone number, email, and company name | Performance of the contract | Performance of the contract; Providing a service |
| Data provided by a user | Name, phone number, email | Consent | Marketing |
| Data provided by a client | Full name, payment information | Legal obligation | Compliance with legal obligations |
| Automatically collected data | Technical information, Cookies | Legitimate interest | Website operation; Analytics; Statistics |
Pay your attention. We knowingly do not process the personal data of users under the age of 13 without consent from the legal representative(s). If you are such a user, or you are the legal representative of the user, please let us know by email at [email protected]
4. How long do we keep your data?
We store personal data in the following categories:
- Client data. We store personal client data for the duration of the service and 36 months after completion.
- Consumer data. We store personal consumer data for the duration of the service and 24 months after completion.
- User data. We store users' personal data for 36 months.
However, you can exercise your right to delete your data. In this case, your data will be deleted from our servers within 30 days of your request.
5. Do we share data with third parties?
We use your personal data to perform a contract and facilitate communication between us and the client,
consumer, and user. We may transfer your data under the following conditions:
- Consent: We transfer your personal data based on your explicit consent.
- Compliance with the law: We will disclose your personal data to third parties when
necessary:
- To comply with government requests, court orders, or applicable laws;
- To prevent unlawful use of our website or violations of the Terms of Use of our website and services;
- To protect against claims from third parties;
- To assist in preventing or investigating fraud.
- Transfer to third parties: We may transfer your personal data to third parties for processing on our behalf, subject to technical and organizational measures to protect your personal data. This includes companies, consultants, and contractors hired to provide specific services for us. We will seek your consent unless the data transfer is part of a contract.
6. Do we do data transfer outside the European Economic Area?
The General Data Protection Regulation (the “GDPR”) applies to a transfer of personal data from the
EEA to the UK. For now, the transfer is allowed without extra specifications. Based on the fact that the
UK is leaving the European Union, the transfer will be based on appropriate safeguards until the
decision about adequate jurisdiction. In this case, “a transfer of personal data” will have the same
meaning as in the GDPR.
All data is now stored on servers in Germany and the UK. When transferring data, we use the necessary
protective measures such as encryption and security protocols.
7. Do we use cookies?
We use the cookies necessary for the functioning of the website. Using cookies, we receive the technical
information specified in clause 3 and our Cookie Policy.
If you want to disable cookies, then you can find instructions for managing your browser settings at
these links:
- Internet Explorer
- Firefox
- Safari
- Microsoft Edge
- Google Chrome
- Opera
- Vivaldi
8. What rights do I have regarding my data?
You, as subjects of personal data, have the following rights:
- The right to access information: You can request an explanation of the processing of your personal data.
- The right to portability: You can request all the data that you provided to us, as well as request to transfer data to another controller.
- The right to restrict processing: You may partially or completely prohibit us from processing your personal data.
- The right to file complaints: If your request was not satisfied, you can file a complaint with the regulatory body. Contact us at the ICO.
- The right to be forgotten: You can send us a request to delete your personal data from our systems.
To exercise your rights, write us an email at [email protected].
9. How do we update Privacy Notice?
This privacy policy and the relationships falling under its effect are regulated by the GDPR. Existing
laws and requirements for the processing of personal data are subject to change. In this case, we will
publish a new version of the Privacy Notice on our website. After the UK finishes the exit from the
European Union, we will continue to comply with the requirements of the GDPR, and will also make every
effort to comply with the legislation of the UK as soon as possible if there would be changes. If
significant material changes are made that affect your privacy and confidentiality, we will notify you
by email or display information on the website and ask for your consent.
10. California privacy rights
We make these disclosures to those visiting our websites who reside in California which supersede and
replace any conflicting disclosures found elsewhere on our websites as well as reflect your privacy
rights granted by the California Consumer Privacy Act (CCPA).
- Opt-out of disclosure for direct marketing purposes: California laws allow its residents to learn the identities of entities that received their personal data for marketing purposes and the categories of information disclosed. You may request such information by contacting us via email at [email protected]. Please be aware that this opt-out does not prohibit our disclosure of personal data for any purpose other than direct marketing. The data we process and share may include your name, address, email address, and telephone number.
- Automatic gathering of information: We collect data that you provide to us online and through the websites of unaffiliated third parties.
- Automatic gathering of information by third parties: When you visit our websites, third parties can collect personal data about your online activities over time and across different websites pertaining to your visit to or use of our and other websites.
11. Do-not-track requests.
California residents visiting our websites may request that we do not automatically gather and track
information pertaining to their online browsing movements across the Internet. Such requests are
typically made through web browser settings that control signals or other mechanisms that provide
consumers the ability to exercise choice regarding the collection of personal data about an individual
consumer's online activities over time and across third-party websites or online services. We currently
do not have the ability to honor these requests. We may modify this Notice as our abilities change.
12. California residents’ data protection rights.
The CCPA has extended California
residents’ data protection rights. However, we have already guaranteed all these rights and described
them precisely in this Notice as well as a means of rights exercising. Please refer below to
investigate.
- Right to be informed: Please find a list of personal data we collect about you and your activity, sources and business purposes of personal data collection, and third parties we may share your personal data with in Sections 3 to 6 of the Notice.
- Your Right of access, Data portability, and Right to delete: These rights are described in Section 7 of the Notice.
You can exercise these rights any time by contacting us via email at [email protected]
Notice, the CCPA envisages some specific requirements related to the exercising of these data protection rights. Considering them we may:
- Respond to your request: We will respond to your request within forty-five (45) days of receiving it.
- Provide personal data: We will provide you with the personal data we collected about you no more than twice in a 12-month period. This includes categories and specific pieces of collected personal data, business purposes and sources of collection, and categories of third parties with whom personal data is shared.
- Verification of identity: We will not provide you with personal data if we cannot verify your identity. You must provide us with sufficient information to verify that you are the person about whom we collected personal data. However, we consider requests made through your Account to be sufficiently verified.
- Transmission of personal data: We will not transmit your personal data to another entity.
We want to draw your special attention that PayXtoday does not sell, rent, or trade your personal data to anyone.
Non-discrimination right. We definitely will not discriminate (including, by denying Services, charging different prices for Services, providing different quality of Services) against you for exercising any of your CCPA data protection rights.