Privacy Policy

UNIPaaS Privacy Policy Date: 24 May 2020

The website located at unipaas.com and in unipaas.co.uk (“Website”) and any of our applications are operated by UNIPaaS Financial Services Limited, a company registered under the laws of England and Wales (company no. 12314440), with its registered office at 64 New Cavendish Street, London, England, W1G 8TB (“UNIPaaS, “we”, “us”, “our”).

At UNIPaaS we understand that your privacy is very important and we are committed to safeguarding the privacy of all our visitors.

Our Privacy Policy, which is set out below, explains how we will look after the information, including personal data, that we collect from you or that you provide to us and what we will do with it. Nothing in this Privacy Policy limits your legal rights in relation to your personal data.

When you visit the Website or use any of our applications or provide information to us via the Website or any of our applications, you are accepting and consenting to our processing of your information in accordance with this Privacy Policy, our Cookie Policy, our Terms of Use and any other contract we may have with you including, without limitation, a Merchant Services Agreement or a Payments Gateway Services Agreement. If you do not agree to the terms set out in these terms and policies, you must cease to use the Website or any of our applications immediately.

Please read each of the following sections carefully to understand our views and practices regarding your personal data.

Please contact us if you have any questions about this Privacy Policy or the information we hold about you.

By email: support@unipaas.com

Online payment transactions involve transfer of data across international borders, as well backing up of data at our secured data centers in the EU. This means that data may be transferred, processed and stored outside the EU, the European Economic Area (EEA) and Switzerland. By submitting your data directly or through a third party such as a merchant you are agreeing to such transfer, processing and storage.

When using UNIPaaS’ services, technologies, functions, web site or applications, the terms of this policy will apply.

UNIPaaS acts as a technology provider supplying secure online and mobile digital payment gateway and processing services to businesses known as merchants for the purpose of selling their goods and services to their customers.

The personal information collected by UNIPaaS

The personal information collected by UNIPaaS depends on how you are using our services. Individuals typically interface with UNIPaaS in one of the following ways:

Site Visitor: If you are visiting our website for details about our products and services, you may be asked to enter your personal details on an online form to receive more information. Cookies may be used to track site usage to assist in product development or monitor behavior for marketing purposes. Visitors from the EU/EEA may initially be asked to expressly consent to cookie usage. 

Merchant: you may be a business customer that has consented to UNIPaaS’ terms of service under a merchant or other formal agreement. To set up a merchant account you will need to provide personal details, business data, and identifying documentation.

Shopper: You may be a business or consumer using UNIPaaS’ secure online payment technologies to complete the purchase of goods and services from a merchant that has selected UNIPaaS as its payments solution. Your own choice of payment method will usually determine what personal data is passed to UNIPaaS to enable your payment transaction to take place. It could be name, address and credit/debit card details, electronic bank transfer information, or pay-wallet credentials if using a service such as PayPal.

While such secure transactions may be completed in just a few seconds they are often complicated by the fact that live anti-fraud checks need to be conducted. Data also has to be passed to the relevant payment processors; banks, payment card and payment account services may need to be notified; legal tax invoices generated, and transaction confirmations delivered. Some or all of these steps may all involve the transfer and sharing of personal data down a chain of service providers, as well as the use of tracking cookies.

The Information UNIPaaS Collects

The types of personal information we may obtain or you may choose to provide include:

  • Contact information (such as name, postal address, email address, phone number)
  • Business contact information, job function, title, department, name and size of organisation
  • Username and password
  • Payment account data
  • Content provided (includes social media submissions – comments, articles, ratings)
  • Mobile and device unique identifiers
  • Geo-location data
  • Business records and identification documents
  • IP address, browser type, operating system
  • Other information (such as tracking behavior, cookie preferences, language preferences, age, date of birth, gender and family status), time stamps, device details

Some of this information may be collected automatically by using technologies such as cookies and web beacons, when you interact with advertisements, mobile applications, sales pages, website pages and other digital applications. Often shoppers will provide information themselves when interacting with merchants to purchase goods and services.

Use of Information Collected

The information is collected to perform the following functions:

  • Check applications for use of UNIPaaS services, perform account underwriting and KYC reviews, protect against and prevent customer and transaction fraud, unauthorised transactions, claims, manage risk exposure, conduct periodic risk reviews, and credit checks
  • Process payment transactions (including authorisation, clearance, invoicing, tax calculation, currency exchange, shipping, delivery, processing refunds, chargebacks, provision of customer support, and dispute resolution processes)
  • Communicate with you, respond to inquiries and send service notices, issue notices about functions and services you are registered to use including significant developments about the website and/or eCommerce services. (Users cannot normally op-out of this kind of email communication without cancelling the relevant service).
  • When UNIPaaS acts as payment service provider, merchant and/or reseller for product suppliers, we may need to share relevant customer information with the specific merchant/product supplier involved in the transaction in order for them to fulfill the transaction. Such information is supplied on the condition that it will not be used for spamming or direct marketing by another party. Occasionally such product suppliers may sell, transfer or assign their business to new owners and in such circumstances data records may be accessible to the new owners subject to such parties satisfying the underwriting requirements of UNIPaaS and assuming the ongoing responsibility for the proper protection of such data by committing to relevant contractual provisions
  • Evaluate business, product development, improve services, perform marketing activities, run billing, invoicing, and account reconciliation functions
  • Compliance with legislation, regulations, legal requirements and law enforcement measures, orders and subpoenas from judicial and governmental authorities, enforcement and defense of contractual and legal rights and claims, generation of reserves, guarantees and sureties
  • Perform data analysis and generation of aggregated data reports based on anonymised information for benefit of UNIPaaS, Merchants, processing partners, regulators and customers, auditing practices, conducting business intelligence, and performance reporting
  • Compliance with internal policies, card industry and payment scheme requirements, Payment Card Industry (PCI) assessment and validation
  • Provide you with content, data and advertising tailored to your individual interests, enabling you to access UNIPaaS services
  • Review employment and business development applications
  • Consensual storage of shopper payment information for subsequent or recurring transactions
  • Track and identify sales referred by merchants’ sales affiliates and marketplace sellers

We may also use information in other ways for which we provide specific notice of at the time of collection.

Bases for processing personal data

We will only collect and use your personal information in accordance with data protection legislation. Our legal basis for processing your personal information are as follows:

  • Consent – Where necessary we may collect and process your personal information if you have given your consent for us to do so, for example, we will only send you certain marketing emails and process any sensitive information about you if we have your consent.
  • Legitimate Interests – We collect and use your personal information for our legitimate business purposes of communicating with you and to help with your enquiries and fulfilling your requests for services. We have completed a comprehensive assessment and implemented measures to ensure our interests do not affect your right to privacy.
  • Performance of a contract by us – We collect and use your personal information for the purpose of performance of contracts by us.
  • Compliance with a legal obligation – We collect and use your personal information for the purpose of compliance legal obligations that are applicable and bind us.
How and Where Information is Stored

UNIPaaS maintains administrative, technical and physical safeguards designed to protect the personal information provided or collected against accidental, unlawful or unauthorised destruction, loss, alteration, access, disclosure or misuse. Data is also routinely backed up at secure locations in Europe in accordance with standard industry practice. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any further questions about privacy or security, or have reason to believe your data security has been compromised please contact us immediately by sending an email to: support@unipaas.com

The international nature of UNIPaaS’ services means that personal data may be transferred beyond your national borders when you use UNIPaaS’ services or purchase from or sell to persons or entities outside your country. By using such services you are deemed to understand and accept that data may be subject to cross-border transfers.

How long data is retained

UNIPaaS stores personal information for as long as necessary to fulfill the purpose for which the personal information was collected and as required or authorised by law. We take measures to delete or permanently de-identify personal information as required by law or if no longer required for the purpose for which it was collected. Certain data relating to transaction records particularly billing and invoice information may be required to be safeguarded for significant periods of time in accordance with standard tax and accounting practices, or to enable the refund and chargeback requests to be processed on behalf of shoppers.

Sharing of Personal Information

UNIPaaS does not sell or otherwise disclose personal information we collect about you except as disclosed in this Privacy Policy or as may be disclosed to you at the time information is collected.

UNIPaaS may share personal information collected with its subsidiaries and other UNIPaaS entities that process payment transactions as well as relevant merchants, fraud prevention services, card and payment services, and payment processors/acquirers.

UNIPaaS may share certain information with service providers who provide or perform services on behalf of UNIPaaS. We authorise such services providers to use or disclose such information only as necessary to perform services on our behalf or to comply with legal requirements. Such entities are required by contract to safeguard the privacy and security of personal information processed on our behalf. We may also share personal information with other parties with your express consent.

Personal data used with respect to payment transactions involving individuals of the EU/EEA often needs to be passed to other parties as part of the transaction process. Transfers of data may be through APIs, email, and other formats, and may be bi-directional. UNIPaaS takes steps to ensure that such parties are committed to compliance with applicable data law including the GDPR and that any additional Data Processors or Sub-Processors used are retained under a contractual duty of compliance and are able to respond to data subject access requests. In certain situations, UNIPaaS and its subsidiaries might be deemed to be acting on the instruction of other transaction services or together with such parties, in which case UNIPaaS shall itself be obligated to act in a manner compliant with applicable data law.

 Certain Merchants might use checkout and other systems as part of the payment transaction process that might be integrated with UNIPaaS. Accordingly personal information that you provide to such services either directly or through your selected Merchant might be passed to UNIPaaS.  UNIPaaS treats such personal information in accordance with this Privacy Policy, however other entities might have their own policies and these should be thoroughly checked by you.

UNIPaaS may use third-party service providers, for example to provide you with support when using our site and including the use of live chat software. When you sign up for our services we will share your personal information only as necessary for the third party to provide that service. Personal information collected relating to marketing and Merchant underwriting functions may be stored and processed on secure compliant cloud-based services provided by third parties to UNIPaaS. Such service providers are contractually required by UNIPaaS to act in compliance with relevant data law.

Merger, sale and/or transfer of corporate assets or reorganisation

UNIPaaS may transfer information as part of any corporate merger, sale, acquisition, transfer or assets or reorganisation without notice. Such transfer will be on the basis of the continuation of all privacy rights set out in this document. You will be notified via email and/or a prominent notice on our website of any change in UNIPaaS ownership or uses of your personal information, as well as any choices you may have regarding your personal information.

Compliance with court orders & law enforcement agencies

UNIPaaS may be required to disclose personal information without notification in response to a lawful request by public authorities, including to meet national security requirements, or in order to comply with a legal requirement, legislation, regulation, court order or subpoena, or when we believe in good faith that disclosure is necessary to protect our rights, prevent harm of financial loss, protect your safety or the safety of others or investigate fraud or cooperate with law enforcement or government agencies, or in connection with an investigation of suspected or actual fraudulent or illegal activity.

EU/EEA Data Privacy Law

With respect to data protection legislation in the European Economic Area, including the GDPR, UNIPaaS acts as ‘Data Processor’ concerning shopper information of EU/EEA-based persons that is transmitted to UNIPaaS either through a merchant or directly in order to process a purchase transaction.

When UNIPaaS sets up an account for a merchant we are required to conduct to various payment security, anti-money laundering, credit and KYC checks. When managing such personal data with respect to EEA-based individuals UNIPaaS acts as a ‘Data Controller’.

Privacy matters concerning UNIPaaS should be directed to through email at: support@unipass.com

EU/EEA-based users will be asked to expressly consent to provision of personal information or initial setting of cookies when visiting UNIPaaS web properties so that there is a clear legal basis for processing such data. In other cases personal information will be processed legally by virtue of the performance of the contractual obligations relating to a merchant and/or shopper, UNIPaaS’ legitimate interest, or the defense or preservation of UNIPaaS’ legal rights.

Individual users from the EU/EEA or other regions with laws governing data collection and use, should note that you are agreeing to the transfer of your personal information to the jurisdictions in which UNIPaaS may operate. By providing your personal information with respect to a transaction or express consent mechanism, you consent to any transfer and processing in accordance with this Policy.

EU/EEA Data Subject Rights

Individuals from the EU/EEA may have the right to exercise additional data subject rights under data privacy laws including the following:

The right to request information about the purpose of the processing; the categories of personal data concerned; who else outside UNIPaaS might have received the data from UNIPaaS; what the source of the information was (if you did not provide it directly to UNIPaaS); and how long it will be stored.

You have a right to correct the record of your personal data maintained by UNIPaaS if it is inaccurate. You may also request that we cease using your data for direct marketing purposes.

Right of erasure: this is a right to erasure of personal information that we hold about you if it is no longer necessary in relation to the purpose for which it was originally collected. Please note that UNIPaaS may need to retain certain data to complete transactions, perform refunds, maintain underwriting records or comply with legal obligations, tax and accounting requirements, etc.

Right to restrict processing of your personal information in certain circumstances, for example where such data is inaccurate or unlawfully held.

Right to data portability: this right is available in certain circumstances to receive your personal information in a structured, commonly used format and to have such data transferred to another service.

In order to exercise any of these rights please contact us through email at: support@unipaas.com

Where you have provided consent to passing of personal information or cookie information to UNIPaaS through an online consent form, you have the right to withdraw such consent, usually through a similar method as the original consent was given.

You may also have the right to complain to an EU/EEA data protection authority about our collection and use of your personal information.

Payment data

Personal payment information such as credit card numbers, bank account information, name, email address and phone number are routinely collected and passed on to authorised payment processors, banks, acquirers, and credit card companies in order to make payments sanctioned by UNIPaaS customers. Such information is handled through industry standard secure protocols and where appropriate in accordance with relevant Payment Card Industry (PCI) compliance standards. Such data may also be passed when making payment through mobile devices.

Payment data may also be encrypted and securely stored by UNIPaaS and appropriate merchants and product suppliers in accordance with PCI standards. When expressly directed and approved by a customer it may be used to generate recurring or new transactions as requested by such customer. Transaction details may also be passed to relevant taxation authorities in respect of sales taxes, VAT, GST, withholding tax, and other relevant taxes and duties.

Minors

UNIPaaS does not actively market to children and we never knowingly ask a child under 13 to divulge personal information. Services and Information available to registered users on this site are NOT INTENDED FOR USE BY ANY PERSON UNDER THE AGE OF 18.

Please note that if it comes to our attention through reliable means that a registered user is under 18, we will cancel that user’s account. Online payment transaction forms are not provided for use in any event by persons under 18 years of age.

Changes in this policy & notification

UNIPaaS reserves the right to change this policy as and when it sees fit. If our policy on information collection or uses changes, we will advise you by posting a dated copy here and you are advised to visit this page regularly to check for updates. If you are a registered UNIPaaS merchant then you will also be advised via email. If we make any material changes we will notify you by email (sent to the email address specified in your account) or by means of a notice on this site prior to the change becoming effective.

Opt out process

You have the option not to be added to mailing lists operated by UNIPaaS or a merchant/product supplier. In the case of opt out, such decision will be relayed to the relevant product supplier. To exercise your opt out rights, please send an email to support@unipaas.com requesting that your personal information be deleted from any mailing lists operated by UNIPaaS or your product supplier. UNIPaaS will act on your request and inform your merchant/product supplier of your request in order to fully respect your decision. You may also follow the unsubscribe instructions located at the bottom of the emails you receive.

Cookie Policy and Tracking Technologies

Please click here to review our Cookie Policy  and learn about our use of tracking technologies.

Let's Get In touch

We will be pleased to keep you up to date about our service. Just send us a short message and we will contact you as soon as possible.

Create your account​