7 June 2020
Table of Contents
Your privacy is very important to us and we have put in place measures to ensure that any personal information we obtain from you is processed in accordance with the EU’s General Data Protection Regulation (GDPR) which takes effect on 25 May 2018. The GDPR promotes fairness and transparency for all individuals in respect of their personal data.
Where the words “SimplyPayMe App”, “we”, “us” or “our” are used in this document, they are all references to SimplyPayMe App Ltd.
2. Personal Data: Type and Purpose of Collected Data
Type of Collected Data:
As a Data Controller we collect a variety of data in order to deliver our services.
Personal Data means any information relating to an identified or identifiable natural person. We collect, process, or use the following personal data, if you provide it to us:
We relay additional information to our Payment Providers for them to undertake a Know Your Customer (KYC) assessment but this information will never be stored with SimplyPayMe App
We may also use other data that you have provided while contacting us, especially using the contact, download, or signup forms on our app or website, data that you have sent to us through an online survey, support ticket, or job application.
We also collect data sent by your web browser, e.g., information about your browser, your IP address, and your operating system. For marketing purposes and to improve our websites and services.
Please note that our products are not directed to children under the age of thirteen and we do not knowingly collect personal information from children under the age of thirteen.
Purpose of the Data Collection:
We collect and processes your personal data in order to:
In particular, we use this data to:
If you call or send us an enquiry or details via email or another method, we will use your details to respond to any request or comment you have and request feed-back.
For delivering important system, account, product and regulatory related information to the user we will apply legitimate interest arguments. Beyond these purposes, we process your data only if you have granted express consent for its stated purposes (e.g. to send occasional direct marketing like newsletters etc.).
When you visit our websites, our system automatically collects information about your visit, such as your browser type, your IP address, and the referring website. This collection may be done in conjunction with our vendors and other third parties (see article 3.2 Third Parties below). We may receive from them general demographic or usage data of our site visitors.
We do not use automatically collected information to identify you personally without collecting additional consent. Such information is typically collected using web cookies, web or email pixels (also known as beacons), embedded hyperlinks, and similar tools. Popular browsers can generally be set to disable or delete individual cookies. See below for the types of cookies we use and their respective purposes (article 9 Cookies below).
3. Disclosure of The Collected Data
Mandatory Data Disclosure:
We may disclose your personal information if required by law, regulation, or other legal subpoena or warrant.
We may also disclose your personal information to a regulatory or law enforcement agency if we believe it to be necessary to protect the rights, property, or personal safety of its customers or any third party.
Third Parties Recipients:
Where you are using the system to make payments, we may share your information with the party you wish to receive funds, and any partner organisation which is facilitating the transaction.
Where you are using the system to receive payments, we may share your information with each person wishing to make payments to you, and any partner organisation which are facilitating the transaction.
We share personal data with the following third parties:
International Operations and Transfers Out of the EEA:
Please note that when you use our products, your data may be sent to the United States and possibly other countries. We store data about our visitors on servers located in London, and we may also store this data on servers and equipment in other countries.
We may transfer personal data to a country outside of the European Economic Area (EEA), for example if a third party we share data with has servers located outside of the EEA. If this is the case, we will obtain your consent or otherwise ensure that the transfer is legal (e.g. US companies adhering to EU-US Privacy Shield) and your data is secure by following the EU guidelines.
We employ appropriate mechanisms for cross-border transfers of personal data, as required by applicable local law. We comply with the EU’s General Data Protection Regulation (GDPR) which takes effect on 25 May 2018
In the event that we sell or buy any business or assets, in which case, we may disclose your personal data to the prospective buyer or seller of such business or assets.
If SimplyPayMe App Ltd or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
4. Data Deletion and Retain Period
You can delete your online account at any time. This will erase any personal information in your account that we have about you. And it will mean any data about how you’ve used the online account will be made anonymous.
Deleting your online account won’t delete any data you’ve shared with us for reasons that aren’t connected with your online account.
If you wish us to erase your data which is unconnected with your online account, please contact us as described below and we will deal with your request as necessary under applicable law.
You can stop receiving promotional email messages from us by following the opt-out or unsubscribe instructions provided in any such message you receive.
5. Data Security and Limitation
We keep your data secure: by following internal policies of best practice and training for staff; by encrypting personal data; by using Secure Socket Layer (SSL) technology when information is submitted to us online; and using servers compliant with GDPR.
We implement commercially reasonable technical and organisational measures to protect your personal data against abuse and loss. We store such data in secure environments. While we use all reasonable efforts to protect your personal information, we cannot guarantee the absolute security of your data submitted through our app and websites.
We are not responsible for such external content, which may contain separate privacy policies and data processing disclosures.
In the unlikely event of a criminal breach of our security we will inform the relevant regulatory body within 72 hours and, if your personal data were involved in the breach, we shall also inform you.
6. Data Protection Officer
To communicate with our Data Protection Officer, please contact our Data Protection Officer at: firstname.lastname@example.org. Please note that we are the Controller of customer data.
To communicate with the Data Protection Authority covering us with its jurisdiction, please contact The Information Commissioner’s Office at https://ico.org.uk.
7. User’s Rights
Upon request, our Data Protection Officer will provide you with information as to whether and what personal data we store in relation to you. Should your personal data be incorrect, you may have it rectified.
In particular, you have:
Consent Revocation and Deletion Request
Where you have provided consent for our processing of your personal data, you may withdraw that consent at any time by contacting us as described below.
You may also revoke your consent to use your personal data in the future, in whole or in parts, or request deletion of your personal data.
Subject to any exemptions provided by law, you may have the right to request access to Information, as well as to seek to update, delete or correct this Information
We will cease processing your personal data as soon as reasonably practicable following our receipt of your withdrawal.
Right to Complaint
If you consider that we have processed personal data in violation of applicable law, please contact us as described below.
If you consider that we have processed personal data in violation of applicable law and failed to remedy such violation to your reasonable satisfaction, you may also lodge a complaint with a supervisory authority (see article 6.2 above).
Rights of European Union Citizens
If you are a resident of the European Economic Area and believe we do not maintain your Personal Data within the scope of the General Data Protection Regulation (GDPR), you may direct questions or complaints to our lead supervisory authority (see article 6.2 above).
Communication on Data Rights
A Data Request form is available to action any User Data rights and should be requested from the Data Protection Officer via dpo@ simplypayme.com
We may change our Website Privacy Notice if we consider it is appropriate to do so. If we make changes, we will post the changes to this page.
If we make changes that materially alter your privacy rights, we will provide additional notice, such as via email.
9. Cookie Notice
When you visit our website or our app, we and our service providers acting on our behalf automatically collect certain data using tracking technologies like cookies. This notice describes what tracking technologies we use and what we use them for.
A cookie is a piece of data contained in a very small text file that is stored in your browser or elsewhere on your hard drive. Cookies allow us to identify your device as you navigate through our publicly-accessible website. We also use them to recognize return visitors to our site.
We use both session and persistent cookies. Session cookies are cookies that disappear from your computer or browser when you turn off your computer. Persistent cookies stay on your computer even after you’ve turned it off.
You can turn off your web browser’s ability to accept cookies. But, if you do that, certain parts of our products may not work for you.
We do not use automatically collected information to identify you personally without collecting additional consent. Such information is typically collected using web cookies, web or email pixels (also known as beacons), embedded hyperlinks, and similar tools.
Popular browsers can generally be set to disable or delete individual cookies. See Browser help section or visit About Cookies web-site for guidance.
Required Cookies are those which enable the navigation and basic functionality of the websites, e.g., access to protected areas of the websites.
Functional Cookies are those which allow us to analyse your website usage and your selections on the website (e.g. your login name, language, or region), so we can save these settings and offer you a more personalised experience.
Advertising Cookies: allow us to better assess the effectiveness of our content marketing and advertising efforts. These cookies are provided by our third-party partners to analyse and track site visit and signups stemming from advertising.
We do not share your personal information (such as name or email) to third party providers outside of site visit data collected directly by such Advertising Cookies, though your site visit data may be linked with other personal information collected elsewhere by such third-party providers. Such external data processing is governed by the privacy policies of these third-party providers.
The list of cookie types that we may use along with their description is as follow:
The SimplyPayMe App web-site has a Cookie pop-up screen which will allow the visitor to either Accept Cookies or go to Settings and explicitly opt-out of Cookies, in compliance with GDPR. Users should be aware that we record the IP address and cookie consents for our compliance records.
10. Contact Information
We are SimplyPayMe App Ltd, a limited liability company registered in England and Wales with company registration number (06205886)
Our address is 85 Great Portland Street, London, W1W 7LT, England.
You can contact our Data Protection Officer by emailing: dpo@sIMPLYPAYME.Com