CelerisPay B.V. provides online payment gateway platform via the company Website (the “site”), our platform and its related services (collectively, the “Service(s)”). The services are operated by CelerisPay B.V. (the “company”, “we”, “us”, “CelerisPay”) for users of the Service (“you”).
The fundamental principles of CelerisPay regarding privacy:
- We don’t ask you for personal information unless absolutely necessary.
- We don’t store personal information unless required for the on- going operation of one of our services.
- We don’t share your personal information with anyone except to comply with the law.
- We aim to make it as simple as possible for you to control what information you share with us.
Non-Personally Identifying Information
We collect non-personal information − data in a form that does not permit direct association with any specific individual. We may collect, use, transfer, and disclose non-personal information for any purpose. The following are some examples of non-personal information that we collect:
We may collect information such as language, location, browser type, referral source, length of visit and the time zone where CelerisPay services are used or accessed.
We also may collect information regarding customer activities on our website, through our payment gateway and from our other products and services.
This information is aggregated and used to provide more useful products to our customers by helping us understand which parts of our website, devices, and services are of most interest. CelerisPay may also display this information publicly or provide it to others. However, CelerisPay does not disclose personally-identifying information.
If you send us a support request (for example via a support email or via one of our feedback mechanisms), we reserve the right to publish the non- personally identifiable parts of it in order to help us clarify or respond to your request or to help us support other users.
If we do combine non-personal information with personal information the combined information will be treated as personal information for as long as it remains combined.
Personally Identifying Information
CelerisPay also collects personally identifying information – data in a form that permits direct association with any specific individual. This type of information is required to perform payment processing services and helps us provide better support for all of our users. We have two types of personally identifying information:
- Information you provide us: This is the information you provide us when you use our services, make a transaction via our platform, and when you communicate with us through email, our site, portal, telephone or any other electronic means.
- Information we get from your use of our product: We use various technologies to collect and store information when you use a CelerisPay product or service, and this may include sending one or more cookies or anonymous identifiers to your device. Such information may include you or your customer’s personal and non-personal data:
- Name including first name and family name
- Contact information (email, phone, billing address, shipping address etc.)
- Card Payment Details (Card number, Card holder name, Card Expiry date, CVC details)
- Bank and/or issuer details.
- Transaction related information such as items purchased, the value, the time.
- Information regarding the incoming requests to our platform such as user-agent, origin, IP address etc.
We strictly do not store any sensitive data relating to your health, ethnicity, religious or political beliefs.
Legal Basis Personal Information of Merchant’s Customers and Website Vis. The information we collect in relation to the Services is information necessary in order to perform the contract that is between you and the merchant (for the purchase of goods/services)if you are a merchant’s customer or for the maintenance of our website if you are a visitor. On this basis CelerisPay is considered to be undertaking lawful processing as set forth under applicable data protection laws (the General Data Protection Regulation).
We only process your personal data for legitimate business reasons as specified below:
- Website: to present the website and its contents to you and improve the website;
- Services: To provide the Services to merchants and to carry out our obligations arising out of the agreements with such merchants and to process and complete purchase requests and other transactions;
- Disputes: To resolve any disputes between merchants and you, such as refund requests or chargebacks;
- Risk Management: To manage risk, or to detect, prevent, or remediate fraud or other potentially prohibited or illegal activities and to investigate and prevent fraudulent transactions, unauthorized access to the Service, and other illegal activities;
- Customer Support: To allow CelerisPay’s merchants to provide customer service and fulfill their obligations to you.
- Requests: to comply with legal proceedings and or requests from government/ supervisory bodies and/or payment schemes (SEPA, Visa, Mastercard) – depending upon your chosen payment method and the governing scheme of such payment method).
Legal Basis Personal Information of Merchants. The information we collect in relation to the Services is information necessary in order to ensure our alliances are able to comply with applicable anti-money laundering regulations and to perform the contract that is between you and us (for payment processing services). On this basis CelerisPay is considered to be undertaking lawful processing as set forth under applicable data protection laws (the General Data Protection Regulation).
We only process your personal data for legitimate business reasons as specified below:
- Administration: When you open a merchant account with us we are legally obliged to collect personal data that verifies your identity and to assess whether we can accept your company as a customer. We need your contact information to be able to contact you.
- Services: To contact you and provide you with information, products or services that you request from CelerisPay and to send updates, news, promotions and/or newsletters regarding the Service or to sell the Service;
- Feedback: We may store the feedback you provide us about our services or and share this within our team to make improvements to our services or website. We might also store notes on our interactions with us to customize products and services for you.
- Data Security: We are duty bound to safeguard your personal data against threats such as fraud, laundering and other criminal usage of your data. We may use your information to protect you from fraudulent activities.
- Portal: To provide you access to our portal which will provide access to for instance transaction reports and refunds processing.
- Reporting: From time to time, we may use your personal information to anticipate and resolve problems with any services provided to you and to comply with legal and/or regulatory requirements and other statutory requirements.
- Risk Management: to manage risk, or to detect, prevent, or remediate fraud or other potentially prohibited or illegal activities.
- Illegal Use: to investigate and prevent fraudulent transactions, unauthorized access to the Service, and other illegal activities.
- Requests: to comply with legal proceedings and or requests from government/ supervisory bodies and/or credit card associations/ payment schemes (SEPA, Visa, Mastercard) – depending upon the governing scheme of such payment method chosen by your customers).
- Alliances: To submit applications or provide information to our alliances as set forth under our agreement with you.
What are ‘cookies’?
Cookies are text files that are stored by the web browser on your computer or mobile device. They allow websites to store things like user preferences. You can think of cookies as providing a ‘memory’ for the website so that it can recognize you when you come back and respond appropriately.
What type of cookies do we use?
The cookies we use fall into 2 main categories. These categories are described below:
These cookies are necessary to help you access and move around our site and use all its features. Without these cookies, our website would not work properly and you would not be able to use certain features.
Managing your cookie settings
You can manage cookies through the settings of your web browser. You can have the browser notify you when you receive a new cookie, delete individual cookies or delete all cookies. Please note that, if you choose to delete cookies from our website, your access to some functionality and areas of our website may be degraded or restricted.
Protecting Personally Identifying Information
CelerisPay discloses potentially personally-identifying and personally- identifying information to those of its employees, contractors and affiliated organizations that (i) need to know that information in order to process it on CelerisPay’s behalf, for example a bank requires your details, and (ii) that have agreed not to disclose it to others.
CelerisPay will not rent or sell potentially personally-identifying and personally-identifying information to anyone.
CelerisPay takes all measures reasonably necessary to protect against the unauthorized access, use, alteration or destruction of potentially personally-identifying and personally-identifying information.
All CelerisPay employees engaged in the processing of Personal Data are informed of the confidential nature of the data, have received appropriate training on their responsibilities and have executed written confidentiality agreements.
Disclosure of Personal Information to Third Parties
If CelerisPay, or substantially all of its assets, were acquired, or in the event that CelerisPay goes out of business or enters bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur and that any acquirer of CelerisPay may continue to use your personal information as set forth in this policy.
Other than to its alliances (payment method issuers, acquirers, banks etc), employees, contractors and affiliated organizations (which includes Newgen Payment Gateway Private Limited and Connfido B.V as affiliated operators of the platforms), as described above, CelerisPay discloses potentially personally-identifying and personally-identifying information only in response to a subpoena, court order or other governmental request, or when CelerisPay believes in good faith that disclosure is reasonably necessary to protect the property or rights of CelerisPay, third parties or the public at large.
Third-Party Privacy Policies
The data shared by CelerisPay with third parties is strictly limited to the particular task we need the third party to perform. CelerisPay services may contain links to third-party websites, products, and services. Our services may also use or offer products or services from third parties − for example, a third-party CelerisPay app. Information collected by third parties, which may include such things as location data or contact details, is governed by their privacy practices. We encourage you to learn about the privacy practices of those third parties.
Updating Your Personal Information
You can help ensure that your contact information and preferences are accurate, complete, and up to date by logging in to your account. For other personal information, we make good faith efforts to provide you with access so you can request that we correct the data if it is inaccurate or delete the data if CelerisPay is not required to retain it by law or for legitimate business purposes. We may decline to process requests that are unreasonably repetitive, require disproportionate technical effort, jeopardize the privacy of others, are extremely impractical, or for which access is not otherwise required by local law. Access, correction, or deletion requests can be made through email@example.com.
We respect your rights as a customer and ensure we uphold all of these while processing of your personal data.
- Right to Access Information: You have the right to ask us for all your personal data that we have stored.
- Right to Rectification: If you find any of your personal data we have stored is incorrect, you have the right to ask us to rectify it. In case we have shared the relevant data with a third party, we will duly notify the third party.
- Right to object to processing: You have the right to object to CelerisPay using your data, including for legitimate business reasons. We will consider your objection and make available alternative methods for processing wherever possible without unduly burdening you.
- Right to object to automated decisions: Our systems may sometimes make automated decisions based on your personal information with your consent if this is necessary to fulfil our contract with you. You have the right to object to such automated decisions and ask for an actual person to make the decision.
- Right to Restrict Processing: You have the right to ask us to restrict using your personal data if you believe that we are processing your data illegally, or if you have objected to our legitimate use of your data for fulfilling our business requirements.
- Right to Data Portability: You have the right to ask us to port your personal data to another service provider. This applies to the personal data we process with your consent, on the basis of a contract with you or by automated means.
- Right to Erasure: You have the right to ask us to erase your data if we are no longer in need of the data or you withdraw your consent to our legitimate use for our business requirements. This is also applicable in scenarios where CelerisPay is unlawfully processing your data and/or the European Union or a member state of the European Union requires CelerisPay to erase your personal data.
- Right to Complain: You have the right to complain to CelerisPay if you feel your personal data is not being treated in the correct manner. You may also contact the data protection authority in your country.
In cases where we are unable to process your request, we will let you know within a reasonable timeframe why we denied it if it is permitted legally. If you want to exercise your rights or submit a complaint, please contact us at firstname.lastname@example.org.
Besides any other remedies given by you under law, you will have the right to redress and to lodge a complaint with the data protection authorities in your country or in the Netherlands, if you feel that CelerisPay’s processing of your personal information infringes applicable data protection laws. Please visit the website of the data protection authorities in your country (or for the Netherlands go here: https://autoriteitpersoonsgegevens.nl/nl/zelf-doen/gebruik-uw-privacyrechten/klacht-indienen-bij-de-ap) to obtain more information on how the complaint procedures work.