Your privacy protection is important to us. Generally, we provide services to businesses – legal entities. Legal entities are not subject to personal data protection; however, individuals who are engaged in such business are. We’re providing this Privacy Notice (“Notice”) in order to explain our practices regarding the collection, use and disclosure of information that we process in the course of our business. By accessing our website and utilising our services, you acknowledge and consent to the collection, processing, and storage of your personal data as described in this Notice.
Please read the Notice carefully before using our website and creating account with us. If you do not agree with all or any of the terms of the Notice, please do not use our website and do not provide us with your personal data.
We may revise this Notice from time to time. The most recent version of this Notice can always be found on our website.
1. Definitions
Customer – legal entity that opens an account with PaySaxas.
Personal data / personal information – means any information relating to an identified or identifiable individual.
Services – services of PaySaxas related to payment services, exchange of fiat money for crypto/digital currency, as well as exchange of cryptocurrencies for fiat money or other cryptocurrencies.
Website – PaySaxas’ website www.paysaxas.com.
2. About Us
We or PaySaxas, are PaySaxas Financial Solutions Corporation, Paysaxas UAB, and other our affiliated entities. We provide our Services through our Website.
We collect your personal data in order to provide our Services and to provide you with best user experience and customer support.
3. How to contact PaySaxas?
Questions, comments and requests regarding this Privacy Policy are welcomed and should be addressed to:
Email: privaсy@paysaxas.com
Mailing address for users within European Union: A. Goštauto g. 8-345, LT-01108, Vilnius, Lithuania
Mailing address for users outside European Union: 422 Richards street Unit 170 Vancouver, BC, Canada V6B 2Z4
PaySaxas’ data protection officer (DPO) can be reached via this email address: dpo_privacy@paysaxas.com.
We are committed to addressing your inquiries and assisting you with resolving any questions or exercising your rights regarding your personal data. Upon receiving your request, we will make every effort to respond and provide assistance within 30 days.
4. On what basis to you use my personal data?
We use your personal data on the following bases:
- To provide our Service
We process your personal data for the purpose of providing you with access to our Services, processing payments, and ensuring proper functioning of our Services. - Due to legal obligations
In certain circumstances, we may be required to process your personal data to comply with applicable laws, regulations, or legal obligations imposed on us. - Due to legitimate interest
We may process your personal data based on our legitimate interests, such as ensuring the security and protection of our systems and Services, preventing fraud, conducting internal audits, and improving the quality of our Services. - Due to the public interest
In some cases, we may process your personal data when it is necessary for tasks carried out in the public interest or in the exercise of official authority vested in us. - Your consent
In situations where we rely on your consent to process your personal data, we will obtain your explicit consent before proceeding with such processing.
5. Is it necessary to provide my personal information?
There’s no obligation for you to share your personal information with us. However, we cannot provide some of our Services until such information is shared.
6. What type of personal data do you collect?
In order to provide proper Services to the Customer, we need to collect information about individuals who will (1) represent the Customer when interacting with us or (2) provide us with instructions regarding actions in the Customer’s account. We collect the following types of personal data.
Directly collected information (D)
This refers to the information which you directly provide to us (e.g. by filling the web-site forms, corresponding with us, contacting us for any reason).
Indirectly collected information (I)
This kind of information relates to you but you do not provide it directly (e.g. an IP address).
Automatically generated information (A)
This type of information is generated automatically by the system. Though such information isn’t provided by yourself it relates to you and is considered to be personal data. It has 2 subtypes:
- static A (SA) – this information doesn’t usually change once it’s created (e.g. your internal id); and
- dynamic A (DA) – this subtype changes accordingly to the actions performed by you.
We use these abbreviations below to address different types of personal information: D, I, SA, and DA
7. What information do you collect, when, and why?
There are several points in the “Paysaxas-You” relationship at which personal information is collected:
Sign Up (Registration) – Step 1
When you first sings up the following information is requested or assigned:
No | Personal Data | Type | Purpose |
---|---|---|---|
1. | Full Name | D | To identify you |
2. | Phone number | D | Used for notifications and security confirmations |
3. | Email address | D | Used for notifications and alerts, security confirmations, serves as a login |
4. | Information about your employer or the company you represent | D | This information is necessary for us to identify the company you are representing. |
5. | IP address and browser | I | To identify you, Anti-Money Laundering and Counter Terrorism Financing procedures / requirements, fulfilment of our contractual obligations under User Agreement, Compliance with regulatory requirements, protection of your account from fraudulent actions of the third persons. In case if you hide your IP address or provide us with one that doesn’t reflect your actual location we will not be liable for displaying information irrelevant to you, and we wave any liability connected herewith. We will reply only on information provided by you at your own discretion and at your own responsibility |
6. | Language | I | To communicate with your on yours language |
7. | Internal id | SA | To identify you in the system |
8. | Date of the registration | SA | Used for statistics |
9. | Verification indicator | DA | For internal use |
10. | Status | DA | System status indicating the level of involvement |
11. | Inviter’s first/last name | SA | (if any) Used for referral structure |
12. | Call recordings | D | (in case of yours agreement) Used for Services control |
Sign up (Registration) – Step 2
When the Customer would like to receive our Services they need to pass KYC/AML verification under AML Policy. We need to verify our Customer for providing our Services as our Services couldn’t be anonymous. During the verification Customer is requested to provide the following data about its ultimate beneficial owners, senior management and executive staff:
No | Personal Data | Type |
---|---|---|
1. | First name | D |
2. | Last name | D |
3. | Date of birth | D |
4. | ID/Passport data | D |
5. | ID/Passport scans or photo | D |
6. | Address | D |
7. | Residence confirmation | D |
8. | Citizenship | D |
9. | Host country | D |
10. | Host city | D |
Additional information
Ongoing collection of information
No | Personal Data | Type | Purpose |
---|---|---|---|
1. | Transaction history | DA | For fulfillment of our contractual obligations and statistics. Anti-Money Laundering and Counter Terrorism Financing procedures/requirements. |
2. | Information from our questionnaires about your satisfaction, how did you hear about us | D | For our Services and offers improving. |
3. | Records of correspondence | D | For fulfilment of our contractual obligations, e.g. deal with your requests, provide information in case of difference of opinions, settlement of disputes. |
4. | Computer and connection information such as browser type, version, and time zone setting, browser plug-in types and versions | I | To improve our Services and offers. |
5. | Data from mobile devices (e.g., location) | I | In order to show you documentation relevant to your jurisdiction and in the language of the regions that you are active in. You can hide it from us, if you don’t know how to disable your device’s location Services, we recommend you contact your mobile service carrier or your device manufacturer. |
This information is laid out to give you an idea about use of fundamental collected information. In case PaySaxas will use new types of information we will update this Notice with new types of records and purposes for which the Platform process these data.
Children`s personal data
Our Services are not intended for users under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18 without proper parental consent, we will take steps to delete that information as soon as possible. If you believe that we may have collected information about a child, please contact us immediately.
However, in certain cases, we may collect personal information about individuals above the age of 16 if it is necessary to provide our Services (e.g., if they are shareholders of the company and we require information for KYC/AML procedures).
If you are a parent or guardian and believe that we may have information about your child, please contact us immediately. We take such concerns seriously and will promptly address any issues related to the privacy of minors.
8. Why do you use personal data?
We may use your personal information for the following purposes:
Providing our Services
We use your personal data to deliver and maintain the Services you request from us. This includes processing transactions, managing your account, and providing customer support.
Legal basis: to provide our service, legal obligations, legitimate interests
Contacting you
We may use your personal data to communicate with you regarding service-related updates, notifications, and inquiries. This may include responding to your inquiries or addressing any concerns you may have.
Legal basis: to provide our service, legal obligations, legitimate interests
Providing you with news, special offers, and general information
We may use your personal data to send you newsletters, promotional offers, and general information about our Services and events we offer. You have the option to opt out of receiving such communications at any time.
Legal basis: legitimate interests, your consent (if required by law)
Ensuring the security of your account
We may use your personal data to enhance the security and protection of your account and our Services. This may include verifying your identity, detecting and preventing fraudulent activities, and safeguarding against unauthorized access.
Legal basis: legitimate interests, legal obligations
Compliance with legal obligations, enforcing our rights and other legal issues.
We may process your personal data to comply with legal obligations, such as tax reporting, fraud prevention, and regulatory reporting requirements. In certain situations, we may need to process your personal data to protect our rights and interests in legal proceedings, including initiating or defending against legal claims, investigations, or disputes.
Legal basis: legitimate interests, legal obligations, public interest
Market research
We may use your personal data for market research purposes. This may include analyzing user needs and opinions on topics such as performance. Your data will be anonymized for these purposes unless you provide explicit consent.
Legal basis: legitimate interests, your consent (if required by law)
Business transfers or restructuring
We may use your personal data in the event of a business transfer or restructuring, such as a merger, acquisition, or sale of assets, we may use your personal information in connection with the transfer or restructuring of our business. We will ensure that any such transfer is done in accordance with applicable privacy laws and regulations.
Legal basis: legitimate interests, legal obligations.
9. Cookies
We use cookies to enhance your website using experience. Find out more about our Cookie Policy at paysaxas.com/cookie-policy.
10. Can you disclose my personal data to anyone?
Prior to using of Services the Customers shall accept the User Agreement, this Privacy Notice, as well as pass verification.
We hereby inform you that the collected information may be lawfully disclosed to third parties such as:
Our associated companies
We may share personal data with our associated companies for the purpose of providing proper Services by companies within our group.
Government institutions
We may disclose personal data to governmental authorities if required by law. Personal data may be transferred to central and local authorities within the EU, Canada, or other jurisdictions as mandated by law.
Service providers
We may share personal data with service providers we engage with. These may include agents, IT support, other financial companies, accounting firms, and others.
In particular, we may share your personal data with the following companies:
KYC/AML service provider, Sumsub Inc. (a legal entity duly incorporated in Delaware with File Number 6366081 and registered office at 8 The Green, Suite 8293, Dover, DE, 19901, USA.) together with its affiliates and subsidiaries, which is required for the proper provision of our Services.
Cryptocurrency exchange, where your virtual assets (cryptocurrency) are stored, in accordance with the User Agreement, Payward Inc. together with its affiliates and subsidiaries. By using our Services, you also agree to their privacy notice.
Other businesses
We may share your personal data with trusted business partners who help us enhance and improve our Services. This may include business advisors, persons who refer you to us, market researchers, and others. These partners are required to protect your personal data and use it solely for the purposes we have defined.
PaySaxas is obliged to disclose your personal information in following cases:
- in response to lawful requests by public authorities, including to meet legitimate national security or law enforcement requirements;
- to protect, establish, or exercise our legal rights or defend against legal claims, including to collect a debt; to comply with a subpoena, court order, legal process, or other legal requirement;
- or when we believe in good faith that such disclosure is necessary to comply with the law, prevent imminent physical harm or financial loss, or investigate, prevent, or take action regarding illegal activities, suspected fraud, threats to our property, or violations of PaySaxas User Agreement and AML/KYC Policy;
- to third parties in case of: merger, restructuring, joint venture, assignment, sale part of the business or the whole business.
11. Where PaySaxas stores personal data?
We store all the data in data-centers in EEA. These entities are the data processors who indirectly process our yours personal data by our request. Note, that the nature of this processing is narrowed down to the server infrastructure maintenance and does not include any first-hand processing of the personal data. We neither disclose such information to these entities nor give them any permission to access it.
We care about the protection of yours personal data and use appropriate data protection measures, such as:
- high level of organizational information security system;
- professional software with high level of cyber protection;
- high level of the equipment protection;
- employees have a limited access to your personal data in accordance with their professional responsibilities.
As part of our operations, we may need to transfer your data to non EU jurisdictions, including Ukraine, where a significant portion of our support team is located. We want to assure you that we strictly adhere to all legal requirements when transferring personal data outside the EU. We may transfer your Personal Data outside EU only in following cases:
- if the country of recipient provides the adequate level of personal data protection as determined by the European Commision;
- If we implement appropriate safeguards to protect your rights as a data subject; and
- if specific exemptions apply in certain situations, for example, in cases where there is a public interest, compliance with legal requirements, or the transfer is necessary for the establishment, exercise, or defense of legal claims.
We cooperate only with reputable and reliable partners.
We may also store your data in systems that help us collect information about errors you report (such as https://docs.bugsnag.com and similar tools). These partners act as processors, with no access to your personal data, as the data is stored in encrypted form.
12. How long do you store the personal data?
We store personal data as long as it’s needed to provide our Services, or until you withdraw yours consent to further processing of the personal data. In any case, for full compliance with statutory obligations, the personal data shall be retained from five to eight years, depending on the type of the data (subject to regulatory extension of the storage timeline), after the cession of service provision.
13. What rights related to personal data processing do I have?
You are entitled to perform a range of operations with regard to yours personal data.
A Obtain confirmation about how we use your personal data
You have the right to obtain information about how we collect, process, and use your personal data. This notice aims to provide you with a clear understanding of how we process and collect your personal data.
B Access personal data
If personal data concerning you is processed by us, you have the right to access such data. We can provide you with a copy of your personal data in a structured, machine-readable format. We do not charge a fee for providing a copy of your personal data in an electronic format.
However, in certain cases, we may refuse to fulfill the request. Specifically, if the data is part of a criminal or other judicial proceeding, or cannot be disclosed for other lawful reasons.
C Demand additional information
You have the right to demand the following additional information concerning yours personal data:
- the purposes of the processing;
- the categories of personal data concerned;
- the recipient(s) or category(s) of recipient to whom the personal data have been or will be disclosed; and
- the criteria determining the period for which the personal data will be stored.
D Request rectification
You have the right to obtain the rectification of inaccurate personal data concerning you (this includes to have incomplete personal data completed) from the Paysaxas without any undue delay.
E Right to Object or Restrict Processing
You have the right to object to or restrict the processing of your personal data under certain circumstances. For example, you may exercise this right when the processing is conducted for direct marketing purposes or when you believe that a legitimate interest is not applicable to the specific situation.
F Be Forgotten
You have the right to withdraw yours previously given consent and have the personal information erased from our system.
However, it doesn’t mean that your data will be erased immediately it will still be stored at our facility in order to comply with numerous statutory obligations according to the anti-money laundering and counter-terrorist financing regulation and regimes, under which we are required to store any collected information for a minimum period of five years from the closure of Customer`s account, for the purposes of the prevention, detection, analysis and investigation of money laundering or funding of terrorism activities. After this period has elapsed, your personal data will be deleted from our records.
G Not to be subject to a decision based solely on automated processing
You have the right he right to object and the right not to be subject to a decision based solely on automated processing. We don`t make any decisions about you based solely on automated processing.
H Right to withdrawn your consent or permission
You have the right to withdraw your consent or permission for the processing of your personal data at any time. If you previously provided consent for a specific purpose or granted permission for us to process your personal data, you can revoke that consent or permission by contacting us.
It is important to be aware that there may be situations where we are legally entitled or obliged to continue processing your personal data despite the withdrawal of consent or permission. In such cases, we will inform you about the reasons for continued processing and any applicable legal basis.
Exercising Your Rights
If you want to exercise your rights regarding personal data, please contact us. However, please note that we can only fulfil user rights requests in cases where we act as controllers of personal data. We act as controllers for personal data of ultimate beneficial owners of business Customers or Customer`s Representative.
Regarding Customer`s employee personal data or personal data of other individuals provided to us under section 4.4 of the User Agreement, the controllers are the Customers. If you fall under this category, to exercise your rights, please contact the person who granted you access to the Customer’s Account.
Non-discrimination
We are committed to ensuring equal treatment and non-discrimination for all individuals exercising their rights. We value the privacy and strive to provide our Services without prejudice or bias.
We will not discriminate against anyone based on their decision to exercise their rights, including the right to refuse the provision of information that is not necessary for the use of our Services. Regardless of your choices or preferences, we will not deny you access to our Services, impose penalties, offer inflated rates, respond with delays, or employ any other direct or indirect methods of discrimination
If you believe that you have experienced any form of discrimination or have concerns regarding our privacy practices, please contact us immediately. We take such matters seriously and will promptly address any issues related to discrimination.
14. Non-sale of personal data to third parties
We assure you that we do not, under any circumstances, sell your personal information to third parties.
15. What should I do if I believe you are not complying with data privacy requirements?
In addition to contacting us, you have the option to file a complaint with your local data protection authority (e.g. the Office of the Privacy Commissioner of Canada if you are in Canada or the State Data Protection Inspectorate if you in Lithuania).
16. Fraud and Fishing
We want to emphasise that we do not make unsolicited phone calls or offer technical support through social media platforms for a fee. Our technical support is exclusively provided through our website or via email at support@paysaxas.com, and it is always free of charge. If you believe that you have been a victim of any form of fraud, phishing, or scams related to our Services, please contact us immediately. We take such matters seriously and will take appropriate actions to address the issue promptly.
17. Privacy notice to potential Customers
If you are not a Customer`s employee or representative but merely a representative or employee of potential Customer of Paysaxas, then only the rules of this section apply to you.
We collect and use your personal data in order to provide sales support Services. We collect the following information:
- your first and last name;
- your work email and work phone number;
- information about your position in your company and the company itself; and
- records of our communication (including phone conversations if you have given consent for it).
We may collect this data directly from you or obtain it from other sources. If we collect this data from other sources, we always ensure the legality of collecting this information. We may only disclose your personal data to suppliers who provide us with IT Services or other companies within the PaySaxas group when there is a lawful reason to do so. We will retain your personal data only for as long as it is necessary for sales support purposes.
If we have collected data about you under this section, you have all the rights provided in the sections 13-15 of this policy. If you wish to exercise any of these rights, please contact our Data Protection Officer by email: dpo_privacy@paysaxas.com.
18. How are my personal data collected and used if I have an account as an individual Customer?
In rare cases, according to our User Agreement, we may allow individuals to open their own accounts. In such cases, we will provide you with our privacy policy on personal data processing regarding individual`s account on an individual basis.
19. What ways of communications do you use?
Throughout our cooperation you shall receive information messages (through email, phone, push-notifications, messages in account) from us if you agree to receive them with it or in case these messages are necessary and important form using our Services.
At any time, you may unsubscribe from e-mail communication by using the opt-out link included in newsletter/marketing emails or messages or by sending your request at dpo_privacy@paysaxas.com.