This notice was last updated on 20th August 2024.
Repaid provides services which help businesses thrive in the digital economy. These services include payment processing and optimization, tools to manage and reduce fraud, and identity verification solutions. This notice is designed to provide you with clear information about how we use merchants and personal datas when we provide our services, so that you can continue to trust Repaid to handle your datas fairly, lawfully, and securely. We want to make sure you understand what merchants and personal datas we may collect about you when you interact with us, how we use the merchants and personal datas, and how we keep them safe. The merchants and personal datas mean datas from which you can be identified either directly (e.g. via your name) or indirectly (e.g. via your IP address).
If you have any questions about how we use your datas, you can get in touch by one of the methods set out in the Contact us section.
This is a global notice that applies to the activities of The Repaid Headquarter, which includes Repaid Ltd and all affiliated companies (“Repaid”, “Repaidhq”, “we”, “our”, or “us”). The Repaid entity which is the data controller and therefore primarily responsible for your merchants and personal datas will depend on which Repaid entity has provided you with our services in your jurisdiction.
You can scroll down to read the entire notice, or you can jump to the section you are interested in by clicking on one of the headings below:
- What merchants and personal datas do we collect?
The merchants and personal datas we collect, and the ways in which we process it depend on your relationship with us. This notice relates to the information we process about you if you are:
A Merchant Representative:
You represent the businesses and prospective businesses that we support.
Datas we collect:
Contact information: your name, job title, email address, phone number, personal or business postal address
Where we collect it:
-Where you provide it to us by enquiring about, or registering for, our services
-From certain trusted third parties, for example those with whom you may have shared your data, and companies which aggregate business contact information
Datas we collect:
Sensitive information:
Proof of address, copy of a personal identification card or passport, financial information and other information as required to validate your identity and background
Where we collect it:
-Where you provide it to us directly in the course of registering a Merchant for our services
-From certain trusted third parties, for example those with whom you may have shared your data, including companies which provide information on company directors and shareholding
A Merchant Customer:
You are an individual customer who purchases goods and services from our Merchants, applies for a card issued by Repaid, or uses our verification services. Please note that where you are a Merchant Customer you should also consult the privacy notice of the Merchant from whom you are making a purchase to understand how they may process and share your personal data.
Datas we collect:
Contact information: your name, email address, phone number, personal or business postal address
Where we collect it:
Where you make a purchase through a Merchant that uses Repaid to process payments, utilize a physical or virtual card issued by Repaid, or use our verification services
Datas we collect:
Bank account or e-wallet holder information: your payment card details and billing address
Where we collect it:
Where you make a purchase through a Merchant that uses Repaid to process payments or utilize a physical or virtual card issued by Repaid
Datas we collect:
Transaction information: information relating to a purchase, including currency, amount, and the identity of the Merchant
Where we collect it:
Where you make a purchase through a Merchant that uses Repaid to process payments or utilize a physical or virtual card issued by Repaid
Datas we collect:
Technical information: your IP address and device information (including the type of browser and operating system and version you use, unique device identifier, and mobile network information)
Where we collect it:
Where you make a purchase through a Merchant that uses Repaid to process payments, or use our verification services
Datas we collect:
Verification information: proof of address, copy of a personal identification card or passport and other information as required to validate your identity
Where we collect it:
Where you apply for a physical or virtual card issued by Repaid or use our verification services
Datas we collect:
Sensitive information: your payment card details, copies of relevant identity documents, and biometric data derived from images of you (for example, an image of your face from a face scan), copies of personal identification cards or passport and other information as required to validate your identity
Where we collect it:
Where you make a purchase through a Merchant that uses Repaid to process payments or utilize a physical or virtual card issued by Repaid
Where you upload this information while validating your identity using Repaid's identity verification services
Where you apply for a physical or virtual card issued by Repaid or use our verification services
A Website User:
You are a visitor to our website, including utilizing our sandbox environment
Datas we collect:
Technical information: IP address and device information (including the type of browser and operating system and version you use, unique device identifier and mobile network information) and your activity when using this website including information on your access times to this website (for example time zone settings and location), pages viewed, URLs clicked on and the pages you visited before and after navigating to this website
Where we collect it:
We use cookies, server logs and other technologies, such as web beacons, to collect this information. Please refer to our Cookies Notice for further information about how we use cookies and similar technologies.
Datas we collect:
Contact information: your name, email address, phone number, personal or business postal address
Where we collect it:
Where you provide it to us directly by using an enquiry or event sign up form on our website
- The purposes for which we process merchants and personal datas and our lawful basis for doing do
A Merchant Representative:
Purposes for which we process data
We use your contact information to facilitate and enable our relationship with you as a prospective, new or existing merchant. We use your contact information to send you marketing communications via email or text about relevant products and services.
We use your verification information, in order to validate your identity, fulfill our regulatory obligations, and conduct due diligence in the form of Know Your Customer (“KYC”) or Know Your Business (“KYB”) checks.
We use your contact information and verification information to comply with our legal and regulatory obligations.
We anonymize and aggregate your information and process it to ensure the security, stability, performance and development of our services.
A Merchant Customer:
Purposes for which we process data
We use your contact, cardholder, transaction, technical and verification information to process payments and otherwise provide our services to you.
We use your contact, cardholder, transaction, technical and verification information to detect and prevent fraudulent activity, financial crime and any other illegal or unauthorized use of Repaid services.
We use your contact, cardholder, transaction, technical and verification information to comply with our legal and regulatory obligations.
We use your contact, and audio visual and biometric information to validate your identity (when using Repaid’s Identity Verification Services).
We anonymize and aggregate your information and process it to ensure the security, stability, performance and development of our services.
A Website User:
Purposes for which we process data
We use your technical information to perform data analytics to improve and optimize our website, products, services, marketing, customer relationships and experiences as further described in our Cookies Notice.
We use your technical information to administer and protect our website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).
We use your contact information to respond to you where you make an enquiry on our website
- How we protect your personal datas
Repaid is committed to building a secure and trusted environment for businesses and their communities to thrive in the digital economy. Whilst we cannot guarantee your personal data will be 100% secure, we put in place appropriate measures to secure personal data from being accidentally lost, used, accessed, altered or disclosed in an unauthorized manner. We continually review the security measures we have in place to ensure they are appropriate.
When deciding how long to keep your personal data, we think about how much and what kind of personal data we have, how sensitive it is, the risk of unauthorized use or disclosure, why we are using your personal data, and if there is another way to achieve these purposes, as well as what the laws and regulations tell us. We will only retain your personal data for as long as reasonably necessary to fulfill the following purposes:
-to comply with any legal, accounting, tax and reporting requirements
-to deliver and develop our products and services securely and effectively
-to perform analysis and undertake internal research
Once the data is no longer required for these purposes, we securely erase it.
- How we share your personal datas with third parties?
In order to provide our services to you we may share your personal data with the following parties:
Members of the Repaid Headquarter: Your information may be shared with our affiliates within the Repaidhq.com, to provide you with our services.
Third party service providers: We may also use third-party service providers acting on our behalf. These service providers help us with data and cloud services, website hosting, data analysis, background and screening, application services, advertising networks, information technology and related infrastructure, customer service, communications, and auditing.
Payment partners: We may share your personal data with third parties across the payments ecosystem as necessary to securely and effectively process payments. This includes banks, card schemes, alternative payment method providers and issuers.
Law enforcement and regulators: We may share information in response to a law enforcement, government agency or regulator request where permitted to or required by law. We may also share information when we or a third party is investigating potential fraud.
We may also share your personal data with third parties in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition or any other transaction affecting all or any portion of our business, assets or stock.
Repaidhq.com does not sell personal data to third parties.
- Your choices and rights
You have rights and choices over the way your information is used by us:
Right to opt-out of direct marketing communications: This enables you to opt-out of receiving marketing communications from us. You can do this at any time by clicking on the ‘unsubscribe’ link included in any email marketing material we send to you, or by informing us by emailing [email protected].
Right to request access to your personal data: This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. In some cases, you have a right to receive a copy of this information in a reusable format and have it transmitted to another organization.
Right to request correction of the personal data we hold about you: This enables you to have any incomplete or inaccurate data we hold about you corrected.
Right to request erasure of your personal data: This enables you to ask us to delete or remove your personal data. Please note that in some cases, for example if we need to retain your data to comply with legal obligations, we may be unable to comply with such requests.
Right to object to processing of your personal data: In addition to your right to object to direct marketing communications, in certain circumstances you can object to our processing of your personal data for example when we rely on legitimate interests to process your personal data.
Request restriction of processing of your personal data: This enables you to ask us to suspend the processing of your personal data in certain scenarios.
Withdrawal of consent: You can withdraw consent at any time where we are relying on consent to process your personal data.
Right to object to automated individual decision-making and profiling: This includes the right to request human intervention where we have relied on automated decision making or profiling.
If you wish to exercise any of the rights set out above, or any additional rights noted in the Countryspecific section of this notice, please contact [email protected] You can also submit a request via an authorized representative, in which case we will confirm the representative has authority to act on your behalf before we carry out the request.
If you object to the processing of your personal data, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations. However, this could mean that we cannot provide certain products or services to you or we cannot perform the actions necessary to achieve the purposes described (see The purposes for which we process your personal data).
- Contact us & updates to this notice
If you have any questions about this notice, including any requests to exercise your legal rights, please contact us using the details set out below.
Email address: [email protected]
You can also contact or complain to your local supervisory authority, however please consider contacting us first so that we can address your question directly.