PAYED IN LIMITED – PRIVACY POLICY

1. Introduction

This Privacy Policy explains how Payed In Limited (“we”, “us”, or “our”) collects, uses, and protects personal data when you interact with our business, website, or services.

We provide consultancy and facilitation services relating to:

• Merchant services and payment processing solutions

• Card payment systems (POS, online, and virtual terminals)

• Payment gateway and acquiring services

• Business transaction optimisation and advisory services

• Onboarding and account management for payment providers

This policy applies to:

• Visitors to our website

• Individuals who contact us

• Business customers and prospective clients

• Individuals whose data is provided in connection with merchant/payment services

We are committed to processing personal data in accordance with applicable data protection laws, including the UK GDPR and the Data Protection Act 2018.

2. Who We Are

Payed In Limited is the data controller responsible for your personal data.

Contact Details:
Email: info@payedin.co.uk
Address: Reedham House, 31 King Street West, Manchester, Greater Manchester, England, M3 2PJ

3. Types of Personal Data We Collect

We may collect and process the following:

Identity Data
Name, job title, company name, directors or authorised signatories

Contact Data
Email address, telephone number, business address

Business & Merchant Data
Company details, trading history, merchant account information, transaction volumes, payment processing data, supplier/acquirer information

Financial Data
Bank account details, payment information, transaction data, billing information (processed securely and only where necessary)

Compliance & Verification Data
Information required for identity verification, AML and KYC checks

Communication Data
Emails, call recordings (where applicable), call notes, correspondence

Technical Data
IP address, browser type, usage data

Marketing Data
Preferences relating to marketing communications

4. How We Collect Your Data

Direct Interactions

• Phone, email, or website enquiries

• Client onboarding

• Submission of business and compliance documents

Third Parties

• Payment processors and acquiring banks

• Merchant service providers

• Credit reference and identity verification agencies

• Business partners, introducers, affiliates

Automated Technologies

• Website analytics and cookies (where applicable)

5. How We Use Your Personal Data

We use your data to:

• Provide and facilitate payment services

• Assess suitability for payment solutions

• Complete onboarding with providers and acquirers

• Manage merchant accounts and relationships

• Communicate and respond to enquiries

• Liaise with third-party providers and banks

• Process transactions and support service delivery

• Comply with AML, KYC, and regulatory obligations

• Improve our services and operations

6. Legal Basis for Processing

We rely on:

• Contractual necessity – to deliver services

• Legitimate interests – to manage relationships and improve services

• Legal obligations – AML, fraud prevention, regulations

• Consent – where required (e.g. marketing)

7. Sharing Your Data

We do not sell personal data.

We may share data with:

• Acquiring banks and payment processors

• Merchant service and gateway providers

• Identity verification and credit agencies

• IT systems, CRM platforms, hosting providers

• Professional advisers (legal, financial, compliance)

• Regulators and authorities where required

All third parties must process data securely and lawfully.

8. International Transfers

Where data is transferred outside the UK, we ensure safeguards such as:

• International Data Transfer Agreements (IDTAs)

• UK-recognised adequacy decisions

9. Data Security

We implement appropriate safeguards including:

• Restricted data access

• Secure systems and encryption

• Secure financial data transmission

• Staff confidentiality and compliance training

10. Data Retention

We retain data only as necessary:

• Enquiry data: up to 12 months – 6 years (where applicable)

• Client/merchant data: duration of relationship + up to 6 years

• Financial/compliance data: as required by law

Data is securely deleted or anonymised when no longer needed.

11. Your Rights

You have the right to:

• Access your data

• Correct inaccurate data

• Request deletion

• Object to processing

• Restrict processing

• Request data portability

• Withdraw consent (where applicable)

To exercise your rights:
info@payedin.co.uk

12. Complaints

If you are unhappy with how we handle your data, please contact us first.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO).

13. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on request or via our website.

14. Third-Party Services

Our services involve third-party providers (including payment processors, acquiring banks, software providers, and financial institutions). These operate under their own privacy policies, and we are not responsible for their practices.

15. Fraud Prevention, Credit Checks & PCI-DSS Compliance

Fraud Prevention
Our acquiring partners may process personal and transactional data to detect and prevent fraud and financial crime.

PCI-DSS Compliance
Payment card data is handled by our partners in accordance with PCI-DSS standards. We do not store full cardholder data unless required and securely managed.

Credit & Due Diligence Checks
Partners may carry out credit checks, identity verification, and due diligence on businesses and directors.

We may process this information to:

• Assess service suitability

• Manage business relationships

• Meet legal and regulatory obligations

Data Sharing
Relevant data may be shared with acquiring partners, who act as independent data controllers.

16. Acknowledgement

By using our services, you confirm that you have read and understood this Privacy Policy.