PayDot operates a web-application on the website https://paydot.eu/ that enables individuals to instruct their account-holding bank to make payments without using a debit or credit card, in each case in accordance with PayDot's Terms & Conditions and the Terms of Use for the web-application ("Web-App").
With this privacy policy, PayDot OÜ, registered in the Commercial Register of Estonia under register number 17417069, Marati tänav 5/2, 11712, Tallinn, Estonia, info@paydot.eu ("PayDot", "we", or "us") informs you which personal data we process (i) when you visit our website, (ii) when you contact us, (iii) when you, as our client, use our services, and (iv) when you, as an end user, make or intend to make a payment through our Web-App to one of our clients.
Personal data is any information relating to an identified or identifiable natural person. This includes, for example, the name, address, e-mail address, or International Bank Account Number ("IBAN") of a person.
1.1.When you visit this website, your IP address is collected, recorded and stored. Beyond that, we do not process any personal data, but only technical data such as the name of your internet service provider, the website you visited before accessing our website, the pages you visit on our website, and the date and time of your visit.
1.2.Our website uses cookies. Cookies are small text files that are stored on your device via your browser. We use cookies to make our website more user-friendly. Some cookies may remain stored on your device until you delete them. They allow us to recognize your browser on your next visit. If you object to this, you can configure your browser to notify you when cookies are set and allow them on a case-by-case basis. If cookies are disabled, the functionality of our website may be limited.
1.3.Purpose of data processing: Your information will be processed in order to compile usage statistics, to carry out an analysis of our website, to detect, investigate and prevent attacks on it and to make the website more user-friendly.
2.1.If you contact us by e-mail, telephone or via the contact form, we will process the personal data that you provide to us. If you contact us by e-mail, we will process your name, e-mail address and the content of the message, including any attachments. The unsolicited transmission of personal data is deemed as explicit consent that we may process your personal data for the processing and settlement of your matter.
2.2.Purpose of data processing: Your personal data will be stored and processed by us for the purpose of processing your request.
3.1.If you would like to receive payments from your customers using our Web-App and enter into a corresponding agreement with us, we collect your name, address, phone number, e-mail address, and the bank account details for the account into which your customer's payments shall be made, such as IBAN and/or BIC.
3.2.Purpose of data processing: Your personal data will be stored and processed by us for the purpose of the performance of a contract with you.
4.1.If you are an end user of our Web-App and are making or intending to make a payment to one of our clients, your IP address is collected, recorded and stored. Beyond that, we do not process any personal data of the payer.
4.2.Purpose of data processing: Your personal data will be stored and processed by us for the purpose of fraud prevention (and similar criminal offences) and ensuring our services aren't exploited.
5.1.The legal basis for data processing is the following provisions of the General Data Protection Regulation ("GDPR"): Article 6 para 1 lit a (consent), Article 6 para 1 lit b (necessary for the performance of a contract), Article 6 para 1 lit c (fulfilment of a legal obligation to which we are subject), Article 6 para 1 lit f (overriding legitimate interest, which consists in achieving the above-mentioned purposes).
6.1.In order to fulfil our contract with you (payee) or to allow you to make a payment via our Web-App (payer), it may be necessary to forward your data to third parties (e.g. external service providers such as the financial interface provider Plaid B.V., registered in the Netherlands with the Dutch Chamber of Commerce under number 74716603, Muiderstraat 1, 1011 PZ, Amsterdam, Netherlands, etc.). Your data will be forwarded exclusively on the basis of the GDPR, in particular for the fulfilment of our contract with you, or on the basis of your prior consent.
6.2.Some of the above-mentioned recipients of your personal data are located outside your country or process your personal data there. The level of data protection in other countries may not correspond to that of the European Union. Subject to explicit consent or contractual necessity, we process or have the data processed only in third countries with a recognized level of data protection or on the basis of special guarantees, such as contractual obligations through standard contractual clauses of the EU Commission in accordance with Articles 44-49 GDPR.
7.1.We take the necessary technical and organizational steps to protect your personal data from unauthorized, unlawful or accidental access by unauthorized persons, data manipulation, loss or destruction. The security measures are continuously improved in line with technological developments.
7.2.We cannot rule out the possibility that personal data may be viewed or used by other individuals as a result of data transmission errors beyond our control or unauthorized access by third parties (such as hackers). We assume no liability for such misuse, unless it was caused by our negligence.
8.1.We will only store your data for as long as it is needed to fulfil the above-mentioned processing purposes, due to statutory retention periods or to defend against any liability claims.
8.2.If you are an end user of our Web-App and are making or intending to make a payment to one of our clients (see section 4), we will store your IP address for a maximum of 30 days, unless a longer storage period is necessary for the purposes of legitimate interests, such as fraud prevention or legal proceedings in connection with unauthorized or improper use of the Web-App.
9.1.Under certain conditions, you have the following rights to the processing of your personal data: (i) right of access, (ii) right to rectification or (iii) deletion of your personal data if it is incorrect or processed contrary to the provisions of data protection law, (iv) right to restriction, (v) right to data portability, (vi) right to object, (vii) right to withdraw consent given. If you believe that the processing of your data violates data protection law or that your data protection rights have otherwise been violated, you also have the (viii) right to complain to the Data Protection Inspectorate of the Republic of Estonia.
9.2.You have the right to obtain confirmation as to whether we are processing personal data concerning you. To do so, please email your request for information to info@paydot.eu and include a copy of an official photo ID as proof of your identity.
9.3.We are legally obliged to correct or delete incorrect or unlawfully processed data as soon as we become aware of the inaccuracy of data or the inadmissibility of its processing. If you believe that your personal data is being processed incorrectly or contrary to the applicable data protection regulations, please also send your reasoned written request by e-mail to info@paydot.eu.
9.4.You can object to the use of your data for the aforementioned purposes at any time with effect for the future and revoke previously given consent with effect for the future. You have the right to object at any time to the processing of personal data concerning you for the purpose of direct marketing, which we may carry out on the basis of an overriding legitimate interest. Please send your objection by e-mail to info@paydot.eu.
9.5.You have the right to request the restriction of the processing of your personal data if one of the legal grounds for restriction applies. Please send your request by e-mail to info@paydot.eu.
9.6.You have the right to receive your personal data, which we process automatically on the basis of your consent or on the basis of a contract with you, in a structured, commonly used and machine-readable format. You can also transmit this data to a third party to whom the personal data has been provided. In addition, you have the right to have me transmit this data directly to a third party disclosed by you, as far as technically possible. Please send your request by e-mail to info@paydot.eu.
10.1.For information, suggestions and complaints regarding the processing of your personal data, you can contact us at any time:
PayDot OÜ Commercial Register of Estonia register number 17417069 Marati tänav 5/2, 11712, Tallinn, Estonia info@paydot.eu