Rastpay knows that privacy is crucial. We respect its value and pledge only to collect and use personal data following current legislation.
The purpose of this document is to inform you about our role and responsibilities in collecting, processing, and storing your data.
According to the Regulation (EU) 2016/679 of the European Parliament and of the European Council of 27 April 2016 on the protection of natural persons concerning the personal data processing and its free movement, and repealing Directive 95/46/EC (General Data Protection Regulation) (the "GDPR"), personal data is any information relating to an identified or identifiable natural person. An identifiable natural person can be identified by referencing a name, an identification number, location data, etc.
Rastpay obtains personal data from various sources. You may be:
This Privacy Policy applies to services provided directly and exclusively by Rastpay.
Therefore, third parties websites, products, and services (such as merchants selling their products and services) are subject to their privacy policies. If you are the cardholder and Rastpay has processed your transaction, the relevant merchant should explain how your personal data will be processed and stored.
Rastpay acts both as a data controller and a data processor. The GDPR defines the data controller as an entity that, alone or jointly with others, determines the purposes and means of collecting, processing, and storing personal data. The data processor is an entity that processes personal data on behalf of or under the controller's instructions.
TRastpay is a data controller when it determines the purposes and means of the processing and a data processor when it is directed by the merchant to process payments.
Please thoroughly get acquainted with the Privacy Policy to know your data protection rights, its execution, and ways of its protection.
Rastpay collects different types of personal data from various sources.
It happens once a visitor:
When Rastpay collects visitors' personal data, it is collected for specific, explicit, and legitimate purposes. Rastpay only collects adequate, relevant data and is limited to what is necessary for us to fulfill those purposes. Suppose Rastpay intends to use your data for any new, not previously identified purposes. In that case, you will be notified of those new purposes before that intended use. The personal data we collect, use, and store depends on your relationship with Rastpay or the merchant.
When you browse Rastpay website, we process your IP address, Google Analytics ID, and location data, including which pages you visited, the time and length of your visit, and your language preferences.
Rastpay uses this data to:
Rastpay collects this data using cookies and similar techniques, including tags/beacons and javascript with the visitors' prior consent.
Rastpay keeps your data for as long as we reasonably need it for the above purposes. We use plugins from social media networks. Suppose you would like more information about their data processing. In that case, this can be found in the respective privacy policies on the websites of these social media networks.
When you submit your contact information to Rastpay, we may get in contact with you. We collect your contact information complying with current legislation. Please review this Privacy Policy to learn more, including your right to stop our use of your data for marketing purposes. We do not share it with third parties. We use your data for a legitimate interest in undertaking marketing activities to offer you products or services depending on your preferences. Rastpay keeps clients' data for a reasonable period.
When contacting Rastpay regarding queries or complaints, you must fill in a respective application form. The same procedure is applied to those who plan to become merchants.
Suppose you entered into a process of the merchant processing agreement with Rastpay. In that case, we will need to confirm your identity following the KYC procedure and ask you to provide specific documents to comply with the due diligence procedures. Rastpay will ask you to provide your identification document and bank account information extracted from the commercial register. We may also collect information from third parties for mentioned purposes.
Rastpay collects data about the use of our products and services and access to our platform, including login details. We may use third-party identification and verification services to assist us in verifying the identity. Rastpay communicates that it will keep the information concerning business relationships until eight years after the end of the merchant’s business relationships with us.
Rastpay processes your data to comply with the current legal requirements. It provides top-notch service according to the agreements with the customers and specific payment schemes, analyzes, and protects Rastpay from possible risks and threads. We keep the received data to perform the transaction following the applicable laws for up to 8 years after the conclusion of the relevant transaction to meet our fiscal.
Suppose we need to keep any information longer for our legitimate interest of protecting our legal rights. In that case, we will keep the information required for this purpose until the relevant claim is finally settled.
Rastpay reserves the right to transfer received client data in case of a company reorganization, merger, or sale. Suppose we need to keep any information longer for our legitimate interest of protecting our legal rights. In that case, we will keep the information required for this purpose until the relevant claim is finally settled.
Rastpay uses personal data to enter into business relationships with prospective merchants and to perform the contractual obligations under the signed agreements.
Following current legislation, Rastpay collects and stores your personal data to comply with anti-money laundering requirements or other potentially risky activities.
If you consent to collect and process your personal data, you permit to do it in a secure, established way.
When applying to use Rastpay services or to become our partner, you must submit an application providing your data to pass the KYC.
Rastpay legal basis:
Rastpay uses personal data to conduct risk analysis and prevent fraud. We verify clients' identities to protect against fraud and confirm their eligibility for service provision.
We may share your personal data with third parties to perform our legal obligations in some specific cases. For example, following the requirements of the fraud prevention agencies, providing information within legal claims, or helping detect or prevent crime.
Effective marketing performance and communication require:
Where applicable laws require, Rastpay will ask for consent to receive the information mentioned above. You may unsubscribe or change marketing communications preferences in the merchant Data Account.
You can request Rastpay to confirm whether your personal data is being processed, copied, or stored and for what purposes.
You request Rastpay to provide information about the way we process your data. Rastpay is a transparent platform acting in strict compliance with Privacy Policy requirements. In case of questions about personal data usage, send a request to the e-mail.
You can request Rastpay to correct wrong or incomplete information. Rastpay reserves the right to verify its accuracy. When we no longer have a lawful ground to use data, you have a right to withdraw data collecting, processing, and storage consent.
You can ask us to transfer your personal data to another company. Suppose Rastpay has technological instruments to perform it and doesn't contradict applicable laws and regulations. In that case, we will provide your personal data in a structured, commonly used, and machine-readable format.
You can challenge Rastpays' automated decision if it produces legal effects for you. You can ask us to conduct a human review instead of an automated decision.
Suppose you believe that your right to personal data protection has been violated. In that case, you should complain to your national supervisory data protection authority.
To exercise any of your rights in the previous section, send us an e-mail to [email protected] .
Rastpay doesn't charge a fee for these actions. However, in some specific cases, we reserve the right to charge a reasonable price considering the administrative costs of providing the information or communication, taking action requested; or refusing to act on the request.
Rastpay may share your personal data within our affiliated and subsidiary companies to provide improved service.
Rastpay reserves the right to notice that we may share your personal data with service providers and our business partners to provide you with certain services and perform contracts we enter into with you or them. On a contractual basis, we authorize such service providers to use or disclose the personal data only to perform services on behalf of Rastpay and to comply with legal requirements. Therefore, service providers must protect the personal data they process on our behalf. Suppose we transfer your data to service providers outside the EEA. In that case, it will be performed following the regulatory enactments in the EU in the area of data protection.
Rastpay reserves the right to disclose clients' personal data to the authorities, law enforcement agencies and agencies, or other public institutions under certain circumstances. For example, we may provide your data to a government authority under anti-money laundering and counter-terrorist financing legislation.
Rastpay retains personal data based on business needs and local legal requirements. For example, to provide you with the services you requested through our Website, complying with regulatory requirements regarding data retention. So, if we use your personal data for more than one purpose, we will retain it until the purpose with the latest period expires. When personal data is no longer needed, we anonymize or securely destroy it.
Rastpay may transfer clients' personal data outside the EU and EEA under certain circumstances. We ensure that the transfer of personal data outside the EEA is based on a relevant and coherent decision of the European Commission or appropriate safeguards as required by applicable laws or regulations. In cases without the European Commission approving the adequate level of data protection in certain countries, we may adopt appropriate safeguards, including the use of standard data protection clauses approved by the European Commission. Where the basis of a transfer is appropriate or suitable safeguards, we are responsible for ensuring the merchant can access proper precautions.
If you sign an Agreement on the provision of services with Rastpay, and if it complies with the applicable laws, Rastpay assumes that you want us to contact you by e-mail for marketing and other purposes. Where applicable laws require, we will ask for prior consent to receive marketing information. You may unsubscribe or adjust your preferences on our platform at any time. Rastpay will not sell or share your information with organizations outside affiliated and subsidiary companies for their marketing purposes without your consent.
In case of any doubt, query, or complaints about Rastpay Privacy Policy, contact us by sending a written request to the legal address or by sending an e-mail to [email protected] indicating the full name, request details, or contact Rastpay via customer support.