Contact us

Privacy Policy

Effective Date: May 2025

This Privacy Policy describes in comprehensive detail how a-payment ("a-payment", "we", "our", or "us") collects, uses, stores, discloses, and safeguards personal and business data in connection with access to and use of the website https://a-payment.pro (the "Site") and any services, applications, software, integrations, or technologies (collectively, the "Services"). This document applies to all users who engage with the Services, including legal entities, business representatives, and individual users acting on behalf of an organization ("you" or "User").

By continuing to access or use the Site or Services, you acknowledge and confirm that you have read and understood this Privacy Policy in full and that you consent to the processing of your data in accordance herewith.

1. Legal Framework

1.1. The data practices of a-payment are governed by the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the ePrivacy Directive (Directive 2002/58/EC), and applicable local laws in the jurisdiction in which the data subject or data controller is located.

1.2. a-payment acts as a data controller when determining the purposes and means of processing personal data and may also act as a data processor in certain cases, pursuant to written contractual instructions.

2. Data Categories Collected

2.1. We may collect and process the following categories of personal and business data:

  • Identification data: full name, business name, tax identification number, national identification numbers, registration numbers.
  • Contact information: physical address, phone number, email address, country of residence.
  • Verification documents: identity cards, passports, proof of address, business registration certificates, AML/KYC forms.
  • Payment and transaction data: bank account details, IBAN, payment reference numbers, payment volume, transaction records.
  • Technical data: IP address, browser type, device identifiers, cookies, time zone settings, operating system.
  • Usage data: interactions with the Site, access logs, clickstream data, user agent metadata, support tickets.
  • Communications data: messages, inquiries, and feedback exchanged with our support or compliance teams.

3. Purposes and Lawful Bases of Processing

3.1. Data is collected and processed strictly for legitimate and lawful purposes, including:

  • To provide, operate, and administer the Services (Article 6(1)(b) GDPR);
  • To comply with regulatory obligations, such as Anti-Money Laundering (AML), Counter-Terrorist Financing (CTF), Know-Your-Customer (KYC), and taxation laws (Article 6(1)(c) GDPR);
  • For fraud detection, cybersecurity monitoring, audit, and risk prevention (Article 6(1)(f) GDPR);
  • To improve functionality and user experience of the Site (Article 6(1)(f) GDPR);
  • Based on your explicit consent for purposes such as marketing or third-party analytics (Article 6(1)(a) GDPR).

3.2. We do not subject Users to automated decision-making or profiling that produces legal or similarly significant effects, unless required under applicable law or authorized by you.

4. Data Retention

4.1. We retain personal data only for as long as necessary to fulfil the stated purposes or for as long as required under applicable legal or regulatory retention periods, including:

  • AML and financial records: up to 5 or more years from termination of the business relationship;
  • Contracts and support communications: for the duration of the contract plus any applicable statute of limitations;
  • Website analytics data: usually retained in anonymized or aggregated format, or for a period not exceeding 2 years.

5. Data Security

5.1. We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risks, including:

  • Data encryption in transit and at rest;
  • Role-based access control and credential management;
  • Network firewalls, intrusion detection, and anti-DDoS infrastructure;
  • Internal policies for data minimization and access segregation;
  • Mandatory confidentiality agreements for personnel and contractors.

6. Sharing of Data

6.1. We may share personal data only where strictly necessary, on a lawful basis, and with:

  • Regulatory authorities, courts, or law enforcement in compliance with applicable legal obligations;
  • Financial institutions, banking partners, and payment processors to fulfil contractual services;
  • Verified service providers or subcontractors under strict data processing agreements;
  • Internal group companies, solely for internal compliance or administrative purposes.

6.2. We do not sell or rent personal data to third parties under any circumstances.

7. International Transfers

7.1. In the event that personal data is transferred outside the European Economic Area (EEA), we ensure such transfers are protected by:

  • Adequacy decisions of the European Commission;
  • Standard Contractual Clauses (SCCs);
  • Binding Corporate Rules (BCRs) or other safeguards recognized under GDPR.

8. Your Rights

8.1. You have the following rights under data protection legislation:

  • Right to access: to obtain confirmation of whether we process your data and receive a copy thereof;
  • Right to rectification: to correct inaccurate or incomplete data;
  • Right to erasure ("right to be forgotten"): under certain conditions, to have your data deleted;
  • Right to restriction: to temporarily stop processing in specific circumstances;
  • Right to portability: to receive your data in a structured, machine-readable format and transfer it to another controller;
  • Right to object: to processing carried out on grounds of legitimate interest or for direct marketing;
  • Right to lodge a complaint with a supervisory authority.

8.2. To exercise any of these rights, please contact us at the details provided below.

9. Cookies and Tracking Technologies

9.1. The Site uses cookies and similar technologies to improve user experience, gather analytics, and personalize services. These may include:

  • Strictly necessary cookies for session management;
  • Functional cookies for storing preferences;
  • Performance cookies for usage metrics;
  • Targeting cookies for advertising and remarketing.

9.2. You may manage your cookie preferences via your browser settings or opt-out of specific categories where legally required.

10. Policy Amendments

10.1. This Privacy Policy may be updated or modified at any time. We will notify you of significant changes through the Site or via contact details provided.

10.2. Continued use of the Services after changes become effective shall constitute your acceptance of the amended policy.

11. Contact Information

If you have any questions, requests, or concerns regarding this Privacy Policy or your personal data, you may contact:

Data Protection Officer – Legal & Compliance Department
a-payment
Email: [email protected]