The website located at unipaas.co.uk and in unipaas.co.uk (“Website”) and any of our applications are operated by UNIPaaS Financial Services Limited, a company registered under the laws of England and Wales (company no. 12314440), with its registered office at 64 New Cavendish Street, London, England, W1G 8TB (“UNIPaaS, “we”, “us”, “our”).
At UNIPaaS we understand that your privacy is very important and we are committed to safeguarding the privacy of all our visitors.
Please read each of the following sections carefully to understand our views and practices regarding your personal data.
By email: firstname.lastname@example.org
Online payment transactions involve transfer of data across international borders, as well backing up of data at our secured data centers in the EU. This means that data may be transferred, processed and stored outside the EU, the European Economic Area (EEA) and Switzerland. By submitting your data directly or through a third party such as a merchant you are agreeing to such transfer, processing and storage.
When using UNIPaaS’ services, technologies, functions, web site or applications, the terms of this policy will apply.
UNIPaaS acts as a technology provider supplying secure online and mobile digital payment gateway and processing services to businesses known as merchants for the purpose of selling their goods and services to their customers.
The personal information collected by UNIPaaS depends on how you are using our services. Individuals typically interface with UNIPaaS in one of the following ways:
Site Visitor: If you are visiting our website for details about our products and services, you may be asked to enter your personal details on an online form to receive more information. Cookies may be used to track site usage to assist in product development or monitor behavior for marketing purposes. Visitors from the EU/EEA may initially be asked to expressly consent to cookie usage.
Merchant: you may be a business customer that has consented to UNIPaaS’ terms of service under a merchant or other formal agreement. To set up a merchant account you will need to provide personal details, business data, and identifying documentation.
Shopper: You may be a business or consumer using UNIPaaS’ secure online payment technologies to complete the purchase of goods and services from a merchant that has selected UNIPaaS as its payments solution. Your own choice of payment method will usually determine what personal data is passed to UNIPaaS to enable your payment transaction to take place. It could be name, address and credit/debit card details, electronic bank transfer information, or pay-wallet credentials if using a service such as PayPal.
While such secure transactions may be completed in just a few seconds they are often complicated by the fact that live anti-fraud checks need to be conducted. Data also has to be passed to the relevant payment processors; banks, payment card and payment account services may need to be notified; legal tax invoices generated, and transaction confirmations delivered. Some or all of these steps may all involve the transfer and sharing of personal data down a chain of service providers, as well as the use of tracking cookies.
The types of personal information we may obtain or you may choose to provide include:
Some of this information may be collected automatically by using technologies such as cookies and web beacons, when you interact with advertisements, mobile applications, sales pages, website pages and other digital applications. Often shoppers will provide information themselves when interacting with merchants to purchase goods and services.
The information is collected to perform the following functions:
We may also use information in other ways for which we provide specific notice of at the time of collection.
We will only collect and use your personal information in accordance with data protection legislation. Our legal basis for processing your personal information are as follows:
UNIPaaS maintains administrative, technical and physical safeguards designed to protect the personal information provided or collected against accidental, unlawful or unauthorised destruction, loss, alteration, access, disclosure or misuse. Data is also routinely backed up at secure locations in Europe in accordance with standard industry practice. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any further questions about privacy or security, or have reason to believe your data security has been compromised please contact us immediately by sending an email to: email@example.com
The international nature of UNIPaaS’ services means that personal data may be transferred beyond your national borders when you use UNIPaaS’ services or purchase from or sell to persons or entities outside your country. By using such services you are deemed to understand and accept that data may be subject to cross-border transfers.
UNIPaaS stores personal information for as long as necessary to fulfill the purpose for which the personal information was collected and as required or authorised by law. We take measures to delete or permanently de-identify personal information as required by law or if no longer required for the purpose for which it was collected. Certain data relating to transaction records particularly billing and invoice information may be required to be safeguarded for significant periods of time in accordance with standard tax and accounting practices, or to enable the refund and chargeback requests to be processed on behalf of shoppers.
UNIPaaS may share personal information collected with its subsidiaries and other UNIPaaS entities that process payment transactions as well as relevant merchants, fraud prevention services, card and payment services, and payment processors/acquirers.
UNIPaaS may share certain information with service providers who provide or perform services on behalf of UNIPaaS. We authorise such services providers to use or disclose such information only as necessary to perform services on our behalf or to comply with legal requirements. Such entities are required by contract to safeguard the privacy and security of personal information processed on our behalf. We may also share personal information with other parties with your express consent.
Personal data used with respect to payment transactions involving individuals of the EU/EEA often needs to be passed to other parties as part of the transaction process. Transfers of data may be through APIs, email, and other formats, and may be bi-directional. UNIPaaS takes steps to ensure that such parties are committed to compliance with applicable data law including the GDPR and that any additional Data Processors or Sub-Processors used are retained under a contractual duty of compliance and are able to respond to data subject access requests. In certain situations, UNIPaaS and its subsidiaries might be deemed to be acting on the instruction of other transaction services or together with such parties, in which case UNIPaaS shall itself be obligated to act in a manner compliant with applicable data law.
UNIPaaS may use third-party service providers, for example to provide you with support when using our site and including the use of live chat software. When you sign up for our services we will share your personal information only as necessary for the third party to provide that service. Personal information collected relating to marketing and Merchant underwriting functions may be stored and processed on secure compliant cloud-based services provided by third parties to UNIPaaS. Such service providers are contractually required by UNIPaaS to act in compliance with relevant data law.
UNIPaaS may transfer information as part of any corporate merger, sale, acquisition, transfer or assets or reorganisation without notice. Such transfer will be on the basis of the continuation of all privacy rights set out in this document. You will be notified via email and/or a prominent notice on our website of any change in UNIPaaS ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
UNIPaaS may be required to disclose personal information without notification in response to a lawful request by public authorities, including to meet national security requirements, or in order to comply with a legal requirement, legislation, regulation, court order or subpoena, or when we believe in good faith that disclosure is necessary to protect our rights, prevent harm of financial loss, protect your safety or the safety of others or investigate fraud or cooperate with law enforcement or government agencies, or in connection with an investigation of suspected or actual fraudulent or illegal activity.
With respect to data protection legislation in the European Economic Area, including the GDPR, UNIPaaS acts as ‘Data Processor’ concerning shopper information of EU/EEA-based persons that is transmitted to UNIPaaS either through a merchant or directly in order to process a purchase transaction.
When UNIPaaS sets up an account for a merchant we are required to conduct to various payment security, anti-money laundering, credit and KYC checks. When managing such personal data with respect to EEA-based individuals UNIPaaS acts as a ‘Data Controller’.
Privacy matters concerning UNIPaaS should be directed to through email at: firstname.lastname@example.org
EU/EEA-based users will be asked to expressly consent to provision of personal information or initial setting of cookies when visiting UNIPaaS web properties so that there is a clear legal basis for processing such data. In other cases personal information will be processed legally by virtue of the performance of the contractual obligations relating to a merchant and/or shopper, UNIPaaS’ legitimate interest, or the defense or preservation of UNIPaaS’ legal rights.
Individual users from the EU/EEA or other regions with laws governing data collection and use, should note that you are agreeing to the transfer of your personal information to the jurisdictions in which UNIPaaS may operate. By providing your personal information with respect to a transaction or express consent mechanism, you consent to any transfer and processing in accordance with this Policy.
Individuals from the EU/EEA may have the right to exercise additional data subject rights under data privacy laws including the following:
The right to request information about the purpose of the processing; the categories of personal data concerned; who else outside UNIPaaS might have received the data from UNIPaaS; what the source of the information was (if you did not provide it directly to UNIPaaS); and how long it will be stored.
You have a right to correct the record of your personal data maintained by UNIPaaS if it is inaccurate. You may also request that we cease using your data for direct marketing purposes.
Right of erasure: this is a right to erasure of personal information that we hold about you if it is no longer necessary in relation to the purpose for which it was originally collected. Please note that UNIPaaS may need to retain certain data to complete transactions, perform refunds, maintain underwriting records or comply with legal obligations, tax and accounting requirements, etc.
Right to restrict processing of your personal information in certain circumstances, for example where such data is inaccurate or unlawfully held.
Right to data portability: this right is available in certain circumstances to receive your personal information in a structured, commonly used format and to have such data transferred to another service.
In order to exercise any of these rights please contact us through email at: email@example.com
Where you have provided consent to passing of personal information or cookie information to UNIPaaS through an online consent form, you have the right to withdraw such consent, usually through a similar method as the original consent was given.
You may also have the right to complain to an EU/EEA data protection authority about our collection and use of your personal information.
Personal payment information such as credit card numbers, bank account information, name, email address and phone number are routinely collected and passed on to authorised payment processors, banks, acquirers, and credit card companies in order to make payments sanctioned by UNIPaaS customers. Such information is handled through industry standard secure protocols and where appropriate in accordance with relevant Payment Card Industry (PCI) compliance standards. Such data may also be passed when making payment through mobile devices.
Payment data may also be encrypted and securely stored by UNIPaaS and appropriate merchants and product suppliers in accordance with PCI standards. When expressly directed and approved by a customer it may be used to generate recurring or new transactions as requested by such customer. Transaction details may also be passed to relevant taxation authorities in respect of sales taxes, VAT, GST, withholding tax, and other relevant taxes and duties.
UNIPaaS does not actively market to children and we never knowingly ask a child under 13 to divulge personal information. Services and Information available to registered users on this site are NOT INTENDED FOR USE BY ANY PERSON UNDER THE AGE OF 18.
Please note that if it comes to our attention through reliable means that a registered user is under 18, we will cancel that user’s account. Online payment transaction forms are not provided for use in any event by persons under 18 years of age.
UNIPaaS reserves the right to change this policy as and when it sees fit. If our policy on information collection or uses changes, we will advise you by posting a dated copy here and you are advised to visit this page regularly to check for updates. If you are a registered UNIPaaS merchant then you will also be advised via email. If we make any material changes we will notify you by email (sent to the email address specified in your account) or by means of a notice on this site prior to the change becoming effective.
You have the option not to be added to mailing lists operated by UNIPaaS or a merchant/product supplier. In the case of opt out, such decision will be relayed to the relevant product supplier. To exercise your opt out rights, please send an email to firstname.lastname@example.org requesting that your personal information be deleted from any mailing lists operated by UNIPaaS or your product supplier. UNIPaaS will act on your request and inform your merchant/product supplier of your request in order to fully respect your decision. You may also follow the unsubscribe instructions located at the bottom of the emails you receive.