Privacy policy

What the lawyers told us to share with you

Privacy policy
Terms and conditions
Licenses

Paycury LLC Privacy Policy

Effective Date: 2nd of September, 2024

This Privacy Policy outlines how Paycury LLC ("Paycury," "we," "our," or "us") collects, uses, and protects personal data when you ("Client" or "you") engage with our services. Paycury LLC takes the privacy of its site visitors, users and customers very seriously and as such ensures that their personal information and confidential information are securely stored in a way that adheres to the applicable laws.

1. Data We Collect

Paycury collects both personal and non-personal data from Clients. Personal data includes names, contact details such as email addresses, phone numbers, and messaging app contacts, business and corporate addresses, identification documents for directors, shareholders, and ultimate beneficial owners (UBOs), corporate incorporation documents, and, where necessary, financial information. Non-personal data, including IP addresses and website usage data, is also collected. This data may be gathered through tools such as Google Analytics.

Data is collected during the account registration process, through payment transactions, and when interacting with our website or platform. We may also collect non-personal data through the use of cookies and similar tracking technologies, as described in Section 6 of this Policy.

2. Purpose of Data Collection

The personal data we collect is used for several specific purposes. Primarily, it enables us to provide our payment processing services, including the issuance of IBANs and facilitating foreign exchange transactions. We also collect and process personal data to comply with legal obligations, including but not limited to anti-money laundering (AML), counter-terrorism financing (CTF), and know-your-customer (KYC) requirements. Additionally, we may use personal data for marketing purposes, including the provision of targeted communications or special offers, though Clients may opt out of such communications if they wish. Paycury does not sell personal data to third parties for marketing purposes.

3. Data Sharing

Paycury shares personal data with third parties only when necessary for the provision of our services or when required by law. This includes sharing data with third-party payment processors and partners who assist in facilitating payments, including the issuance of IBANs and foreign exchange services. For identity verification and compliance with KYC/AML obligations, we share data with Sumsub (Sum & Substance Ltd), a recognized compliance provider. Furthermore, data may be shared with regulatory authorities when we are legally obligated to do so, or when such authorities request it as part of investigations or compliance reviews.

Paycury may transfer personal data internationally, including to and from the European Union and other jurisdictions, as required for the provision of services and to meet regulatory obligations.

4. Data Storage and Security

Basic client data is stored on servers managed by our partners, primarily Webflow, which uses data centers based in the United States and on Amazon Web Services (AWS) servers located globally. Sensitive and protected data, such as identification documents, are stored exclusively on servers within the European Union, specifically in Germany, the Czech Republic, and/or Slovakia. Access to this data is restricted to authorized personnel, including managers and compliance officers, and is protected by industry-standard access control mechanisms.

We retain personal data in compliance with legal and regulatory requirements. Data is retained for as long as necessary to meet our legal obligations, including those related to KYC/AML and CTF regulations. Where applicable, Clients may request the deletion of their data, though such requests may be denied where the retention of data is required by law.

5. Client Rights

Clients have the right to request access to their personal data, as well as to seek rectification or deletion of their data where applicable. Requests can be made via email to team@paycury.com. While Paycury endeavors to comply with all data access and rectification requests, we may retain certain data in cases where deletion would conflict with our legal and regulatory obligations.

6. Cookies and Tracking

Although Paycury does not directly collect cookies for its own purposes, cookies and similar tracking technologies may be employed by our website hosting provider, Webflow, and analytics tools such as Google Analytics. These technologies may collect information regarding how Clients interact with our website and services. This information is used to improve user experience and platform functionality.

Clients can manage their cookie preferences by adjusting their browser settings or using third-party tools designed to block or limit cookies.

7. Third-Party Services

In providing our services, Paycury uses third-party providers for compliance, marketing, and hosting purposes. Identification data is processed by Sumsub (Sum & Substance Ltd), which has obtained the necessary SOC and ISO certifications to ensure compliance with applicable data protection standards. Other third-party services used by Paycury may handle non-personal data, such as marketing and analytics information.

We take steps to ensure that all third-party service providers comply with relevant data protection laws and that they implement adequate security measures to protect the personal data they process on our behalf.

8. Compliance with Data Protection Laws

Paycury complies with the General Data Protection Regulation (GDPR) for Clients based in the European Union, European Economic Area, and the United Kingdom. Clients have the right to access, rectify, and delete their data in accordance with these regulations. Paycury’s legal officers oversee data compliance activities, ensuring that all data management practices meet the highest standards of regulatory compliance. As Paycury does not serve clients in the United States, it is not subject to the California Consumer Privacy Act (CCPA) or other U.S. federal privacy regulations.

9. International Transfers

Paycury may transfer personal data across borders to facilitate service provision and ensure regulatory compliance. When personal data is transferred outside the European Economic Area (EEA), including to the United States, Paycury ensures that appropriate safeguards, such as Standard Contractual Clauses (SCCs), are in place to protect the data and comply with GDPR requirements.

10. Children’s Data

Paycury does not offer services to minors, nor does it knowingly collect personal data from individuals under the age of 18. If it is discovered that data from a minor has been inadvertently collected, Paycury will take immediate steps to delete the information.