Privacy Policy

Privacy Policy for SimplyPayMe Ltd

15 February 2022

We have made revisions to our Privacy Policy in response to EU Global Data Protection Regulations (“EU GDPR”). By continuing to use our services, you agree to the new Privacy Policy.

Table of Contents

  1. Applicability of the Privacy Policy
  2. Personal Data: Type and Purpose of Collected Data
  3. Disclosure of The Collected Data
  4. Data Deletion and Retain Period
  5. Data Security and Limitation
  6. Data Protection Officer
  7. User’s Rights
  8. Changes to This Privacy Policy
  9. Cookie Notice
  10. Contact Information

1. Applicability of the Privacy Policy

Your privacy is very important to us and we have put in place measures to ensure that any personal information we obtain from you is processed in accordance with the EU’s General Data Protection Regulation (GDPR) which takes effect on 25 May 2018. The GDPR promotes fairness and transparency for all individuals in respect of their personal data.   

Where the words “SimplyPayMe  App”, “we”, “us” or “our” are used in this document, they are all references to SimplyPayMe Ltd.

This privacy policy applies to all data we process, and by using SimplyPayMe App Ltd you consent to our collection and use of such data. If you would like to get in touch about anything in this policy or about your personal data, then please contact our Data Protection Officer at: dpo@simplypayme.com

2. Personal Data: Type and Purpose of Collected Data

Type of Collected Data:

As a Data Controller we collect a variety of data in order to deliver our services.

Personal Data means any information relating to an identified or identifiable natural person. We collect, process, or use the following personal data, if you provide it to us:

  • first name
  • last name
  • phone number
  • address (personal and business)
  • date of birth
  • gender (as specified in latest ID documents)
  • business name
  • business type (e.g. sole trader, limited company)
  • industry
  • company web-site
  • company email

We relay additional information to our Payment Providers for them to undertake a Know Your Customer (KYC) assessment but this information will never be stored with SimplyPayMe App

  • photo ID
  • proof of address (utility bill or bank statement issued within past 3 months)
  • bank account name
  • bank sort code
  • bank account number

We may also use other data that you have provided while contacting us, especially using the contact, download, or signup forms on our app or website, data that you have sent to us through an online survey, support ticket, or job application.

We also collect data sent by your web browser, e.g., information about your browser, your IP address, and your operating system. For marketing purposes and to improve our websites and services.

Please note that our products are not directed to children under the age of thirteen and we do not knowingly collect personal information from children under the age of thirteen.

Purpose of the Data Collection:

We collect and processes your personal data in order to:

  • provide you with the services that you seek from our app and website;
  • improve our website and services;
  • ensure the security of our websites.

In particular, we use this data to:

  • set up user account
  • verify your details are correct
  • provide account access
  • provide SimplyPayMe app and web-site services, directly and with support of third parties (see article 3.2 Third Parties below)

If you call or send us an enquiry or details via email or another method, we will use your details to respond to any request or comment you have and request feed-back.

For delivering important system, account, product and regulatory related information to the user we will apply legitimate interest arguments. Beyond these purposes, we process your data only if you have granted express consent for its stated purposes (e.g. to send occasional direct marketing like newsletters etc.).

When you visit our websites, our system automatically collects information about your visit, such as your browser type, your IP address, and the referring website. This collection may be done in conjunction with our vendors and other third parties (see article 3.2 Third Parties below). We may receive from them general demographic or usage data of our site visitors.

We do not use automatically collected information to identify you personally without collecting additional consent. Such information is typically collected using web cookies, web or email pixels (also known as beacons), embedded hyperlinks, and similar tools. Popular browsers can generally be set to disable or delete individual cookies. See below for the types of cookies we use and their respective purposes (article 9 Cookies below).

3. Disclosure of The Collected Data

Mandatory Data Disclosure:

We may disclose your personal information if required by law, regulation, or other legal subpoena or warrant.

We may also disclose your personal information to a regulatory or law enforcement agency if we believe it to be necessary to protect the rights, property, or personal safety of its customers or any third party.

Third Parties Recipients:

We do not sell or rent your personal information to third-parties. We do not share your personal information, except as provided in this Privacy Policy. We use third-party data processors to process personal data on our behalf. Such service providers support us in processing payments, hosting and operating the websites, marketing, analytics, improving the websites, and sending email newsletters. In all such circumstances, we will use reasonable efforts to ensure the minimum personal information is shared and the parties with which the data is shared are subject to an agreement that obliges them to process your personal information on our instruction and with appropriate confidentiality and security measures.

Where you are using the system to make payments, we may share your information with the party you wish to receive funds, and any partner organisation which is facilitating the transaction.

Where you are using the system to receive payments, we may share your information with each person wishing to make payments to you, and any partner organisation which are facilitating the transaction.

We share personal data with the following third parties:

  • Acquirers (Card processing)
  • Payments Gateway (Acquirer Connectivity)
  • Couchbase (Database)
  • Linode (Servers)
  • Amazon Web Services (Cloud Computing services)
  • MailChimp (Email management)
  • Zendesk (Customer service management)
  • Mixpanel (Mobile and web analytics)
  • Google Apps for Business (e.g. Google Analytics, Google Tag Manager)
  • Pipedrive (Customer relationship management)
  • Yesware (Email tracking)
  • Branch.io (Deep linking and analytics)
  • Olark (User chat line)
  • SMS Broadcast (Text messages to users)
  • Loqate (Verification that address, email address, phone number and bank details are valid entries when user signs up to the app to reduce mistaken or fraudulent entries)

International Operations and Transfers Out of the EEA:

Please note that when you use our products, your data may be sent to the United States and possibly other countries. We store data about our visitors on servers located in London, and we may also store this data on servers and equipment in other countries.

We may transfer personal data to a country outside of the European Economic Area (EEA), for example if a third party we share data with has servers located outside of the EEA. If this is the case, we will obtain your consent or otherwise ensure that the transfer is legal (e.g. US companies adhering to EU-US Privacy Shield) and your data is secure by following the EU guidelines.

We employ appropriate mechanisms for cross-border transfers of personal data, as required by applicable local law. We comply with the EU’s General Data Protection Regulation (GDPR) which takes effect on 25 May 2018

Corporate Events

In the event that we sell or buy any business or assets, in which case, we may disclose your personal data to the prospective buyer or seller of such business or assets.

If SimplyPayMe App Ltd or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.

4. Data Deletion and Retain Period

You can delete your online account at any time. This will erase any personal information in your account that we have about you. And it will mean any data about how you’ve used the online account will be made anonymous.

Deleting your online account won’t delete any data you’ve shared with us for reasons that aren’t connected with your online account.

If you wish us to erase your data which is unconnected with your online account, please contact us as described below and we will deal with your request as necessary under applicable law.

You can stop receiving promotional email messages from us by following the opt-out or unsubscribe instructions provided in any such message you receive.

We will retain Personal Data for the period necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

5. Data Security and Limitation

We keep your data secure: by following internal policies of best practice and training for staff; by encrypting personal data; by using Secure Socket Layer (SSL) technology when information is submitted to us online; and using servers compliant with GDPR.

We implement commercially reasonable technical and organisational measures to protect your personal data against abuse and loss. We store such data in secure environments. While we use all reasonable efforts to protect your personal information, we cannot guarantee the absolute security of your data submitted through our app and websites.

Please note that our websites may also include social media features which are provided by third-party social media platforms. Where data is collected this way, its processing is governed by the privacy policy of the respective social media platforms. Our content may link to third party websites to provide relevant references.

We are not responsible for such external content, which may contain separate privacy policies and data processing disclosures.

In the unlikely event of a criminal breach of our security we will inform the relevant regulatory body within 72 hours and, if your personal data were involved in the breach, we shall also inform you.

Please note that no user shall have any claim for innocent or negligent misrepresentation based upon any statement in this Privacy Policy.

6. Data Protection Officer

To communicate with our Data Protection Officer, please contact our Data Protection Officer at: dpo@simplypayme.com. Please note that we are the Controller of customer data.

To communicate with the Data Protection Authority covering us with its jurisdiction, please contact The Information Commissioner’s Office at https://ico.org.uk.

7. User’s Rights

Information Request

Upon request, our Data Protection Officer will provide you with information as to whether and what personal data we store in relation to you. Should your personal data be incorrect, you may have it rectified.

In particular, you have:

  • the right to be informed about the collection and use of your personal data;
  • the right of access to your personal data and any supplementary information;  
  • the right to block or of suppressing the processing of your personal data;
  • the right to move, copy or transfer your personal data from one IT environment to another;
  • the right to object to processing of your personal data in certain circumstances;
  • rights related to automated decision-making (i.e. where no humans are involved) and profiling (i.e. where certain personal data is processed to evaluate an individual).

Consent Revocation and Deletion Request

Where you have provided consent for our processing of your personal data, you may withdraw that consent at any time by contacting us as described below.

You may also revoke your consent to use your personal data in the future, in whole or in parts, or request deletion of your personal data.

Subject to any exemptions provided by law, you may have the right to request access to Information, as well as to seek to update, delete or correct this Information

We will cease processing your personal data as soon as reasonably practicable following our receipt of your withdrawal.

Right to Complaint

If you consider that we have processed personal data in violation of applicable law, please contact us as described below.

If you consider that we have processed personal data in violation of applicable law and failed to remedy such violation to your reasonable satisfaction, you may also lodge a complaint with a supervisory authority (see article 6.2 above).

Rights of European Union Citizens

If you are a resident of the European Economic Area and believe we do not maintain your Personal Data within the scope of the General Data Protection Regulation (GDPR), you may direct questions or complaints to our lead supervisory authority (see article 6.2 above).

Communication on Data Rights

A Data Request form is available to action any User Data rights and should be requested from the Data Protection Officer via dpo@ simplypayme.com

8. Changes to This Privacy Policy

We may change our Website Privacy Notice if we consider it is appropriate to do so. If we make changes, we will post the changes to this page.

If we make changes that materially alter your privacy rights, we will provide additional notice, such as via email.

If you disagree with the changes to any new Privacy Policy, you should deactivate your account. Please contact our Data Protection Officer at: dpo@simplypayme.com if you wish to request the removal of your Personal Data.

9. Cookie Notice

When you visit our website or our app, we and our service providers acting on our behalf automatically collect certain data using tracking technologies like cookies. This notice describes what tracking technologies we use and what we use them for.

A cookie is a piece of data contained in a very small text file that is stored in your browser or elsewhere on your hard drive. Cookies allow us to identify your device as you navigate through our publicly-accessible website. We also use them to recognize return visitors to our site.

We use both session and persistent cookies. Session cookies are cookies that disappear from your computer or browser when you turn off your computer. Persistent cookies stay on your computer even after you’ve turned it off.

You can turn off your web browser’s ability to accept cookies. But, if you do that, certain parts of our products may not work for you.

We do not use automatically collected information to identify you personally without collecting additional consent. Such information is typically collected using web cookies, web or email pixels (also known as beacons), embedded hyperlinks, and similar tools.

Popular browsers can generally be set to disable or delete individual cookies. See Browser help section or visit About Cookies web-site for guidance.

Required Cookies are those which enable the navigation and basic functionality of the websites, e.g., access to protected areas of the websites.

Functional Cookies are those which allow us to analyse your website usage and your selections on the website (e.g. your login name, language, or region), so we can save these settings and offer you a more personalised experience.

Advertising Cookies: allow us to better assess the effectiveness of our content marketing and advertising efforts. These cookies are provided by our third-party partners to analyse and track site visit and signups stemming from advertising.

We do not share your personal information (such as name or email) to third party providers outside of site visit data collected directly by such Advertising Cookies, though your site visit data may be linked with other personal information collected elsewhere by such third-party providers. Such external data processing is governed by the privacy policies of these third-party providers.

The list of cookie types that we may use along with their description is as follow:

  1.  
  • SimplyPayMe App Ltd (Required Cookies). Our website stores various cookies that are required for the navigation and usage of the websites. Opt-out: You can configure your browser to disable these Required Cookies. This may reduce site functionality.
  • Google Analytics (Functional Cookies). Our website uses Google Analytics, a web analysis service of Google, Inc. (“Google”). Learn more from their Terms of Service and Privacy Policy.
    Opt-out: Download the browser plugin “Google Analytics Opt-out Browser Add-on”.
  • Google Tag Manager (Functional Cookies). Our website uses Google Tag Manager, a web-site tag management service of Google, Inc. (“Google”). Learn more from their Terms of Service and Privacy Policy.
  • Optimizely (Functional Cookies). Our web-site use Optimizely for optimizing digital products, commerce and marketing campaigns. Opt-out: https://www.optimizely.com/legal/opt-out/
  • Olark (Functional Cookies). Our web-site use Olark for providing a live chat support line for customers. See Privacy Policy (https://www.olark.com/privacy-policy)
  • Branch.io (Functional Cookies). Our web-site use Branch.io for assessing marketing effectiveness for mobile downloads and for tracking sign ups as part of our referral programme. Opt-out: https://app.link/optout
  • Mixpanel (Functional Cookies). Our web-site use Mixpanel for providing information on how our users interact with the web-site. Opt-out: Contact our data protection officer to request a specific opt-out of tracking.
  • Facebook (Advertising Cookies). Our web-site use Facebook to track behaviour from people clicking on social media advertisements to map out attribution for associated advertisements. Opt-out: For Facebook and others http://www.youronlinechoices.com/uk/your-ad-choices
  • Google AdWords (Advertising Cookies). Our website uses Google AdWords Conversion Tracking cookie to measure and optimize the performance and user experience related to our ads in Google Search or selected Google Display Network sites. Learn more about Google’s privacy policy on their web-site,
    Opt-out: Visiting Google’s Ads Settings.
  • Google Remarketing (Advertising Cookies). These technologies enables that users who have visited our web-sites can be re-addressed through targeted advertising on other web-sites of the Google Partner Network. Learn more about Google’s privacy policy on their web-site,
    Opt-out: Visiting https://www.google.co.uk/settings/ads/onweb and choose the function “Disable interest-based ads on Google”
  • WebToffee GDPR Cookie Consent Plug-in (Functional Cookies). This plug-in (https://www.webtoffee.com/product/gdpr-cookie-consent/) allows users to accept the SimplyPayMe App web-site Cookies or go to Settings and review the Cookies and reject where necessary.

The SimplyPayMe App web-site has a Cookie pop-up screen which will allow the visitor to either Accept Cookies or go to Settings and explicitly opt-out of Cookies, in compliance with GDPR. Users should be aware that we record the IP address and cookie consents for our compliance records.

10. Contact Information

We are SimplyPayMe App Ltd, a limited liability company registered in England and Wales with company registration number (06205886)

Our address is 85 Great Portland Street, London, W1W 7LT, England.

You can contact our Data Protection Officer by emailing: dpo@sIMPLYPAYME.Com