IconPay OÜ (“IconPay”, “we”, “our” or “us”) are committed to protecting and respecting your privacy. This is the privacy policy (“Privacy Policy”) that governs how we use personal data that we collect, receive and store about individuals in connection with the use of: The website/portal features and services provided to you when you visit our websites, portals or our payment panels our clients may use on their websites. When you apply to use and/or use our products and services. Your use of software including mobile and desktop applications provided by IconPay; and Email, other electronic messages including SMS, telephone, web chat, website/portal and other communications between you and IconPay. Together these are all referred to in this policy as “Services”.
This Privacy Policy is part of our Terms of Service and explains our practices and the choices you can make about the way your personal data is collected and used in connection with the Services. By using our Services, you agree to the terms of this Privacy Policy and to our collection, processing and sharing of personal data for the purposes set forth herein. If you do not agree to this Privacy Policy, please do not access or otherwise use our Services.
This Privacy Policy explains our data practices and the choices you can make about the way your personal data is collected and used in connection with our Services. In this Privacy Policy, personal information or personal data means any information or data that may be used, either alone or in combination with other data, to personally identify an individual, including a person's name, personal profile, e-mail address, physical address or other contact information.
We strongly urge you to read this Privacy Policy carefully to understand our policies and practices regarding your personal data and how we will treat it. If you do not agree to this Privacy Policy, please discontinue and avoid using our Services.
By visiting https://iconpay.com (“Website”) and/or using our Services, you are accepting and consenting to the practices described in this Privacy Policy.
We receive, collect and use the information listed below as it is necessary for the adequate performance of the contract between you and us, to provide you the Services, to support our legitimate interests in better understanding, securing and improving our Services and overall performance, and to allow us to comply with our legal and contractual obligations.
We receive and collect personal information from you when you provide us your name and e-mail address during signup, when you contact us or when you make a purchase and provide your billing information. When we communicate using email or other communications medium like phone.
We receive and collect personal information from your browser or mobile device about your use of the Services. We use “cookies”, technical identifiers and other tracking technologies in order to provide and enhance our Services. We also collect limited data regarding your location and device or the service you are using, such as your mobile device id or browser preferences.
We receive and collect personal information from other sources, such as, business partners, financial institutions, merchants, subcontractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers and fraud prevention agencies.
We receive, collect and use the information listed below as it is necessary for the adequate performance of the contract between you and us, to provide you the Services, to support our legitimate interests in better understanding, securing and improving our Services and overall performance, and to allow us to comply with our legal and contractual obligations.
We collect the following information:
Information you give us: We receive and store any information including personal and financial information you provide to us including when you (or your business): enquire of or make an application for our Services; register to use and/or use any our Services; upload and/or store information with us using our Services; and when you communicate with us through email, SMS, a website or portal, or the telephone or other electronic means. Such information may include your or your customer’s:
Name including first name and family name, date of birth, email address, billing address, username, password, address, nationality and country of residence.
Card primary account number, card expiry date, bank and/or issuer details.
Information relating to any items purchased, including the location of the purchase, the value, the time and description of the item that is given in relation to such purchase.
Any other information that you or your customer provide.
Information we collect about you: We receive and store certain information whenever you interact with us; for example by way of “cookies” or similar technology. We also obtain certain information when your web browser accesses our Services and other content provided by or on behalf of us on other web sites, or when clicking on emails including:
The Internet protocol (IP) address used to connect your computer or device to the Internet, your login information, browser type and version, browser plug-in types and versions, operating system platform
For more information please refer to our Cookies Policy or see the separate Cookies section below:
Applications: If you download or use mobile or desk top applications provided by us, we may receive information about your location and your device or the service you are using (including where a payment transaction takes place). Our mobile and desktop apps may collect such information from your mobile device or your computer at any time while you download or use our apps. Where required, we will always seek to notify you if it is our intent to collect real-time location information and, also where required, obtain your consent unless otherwise permitted by law. We may use such information for regulatory purposes, our own due diligence checks, to better understand transaction patterns and to optimize your experience.
Email and Other Communications: We may receive information about you and your use of our Services when we communicate with each other, including when you open email, messages from us and from the use of electronic identifiers (sometimes known as ‘device fingerprints’), for example, Internet Protocol addresses or telephone numbers.
Information from Other Sources: We may share or receive information about you with or from other sources and add it to our account information, including when you use any of the other websites we operate or other services we provide. We are also working closely with third parties (including, for example, business partners, financial institutions, merchants, subcontractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers and fraud prevention agencies) and may receive information about you from them or provide such information to them.
We use your personal information to provide and improve our Services, to send you marketing or advertisement communications, to contact you in connection with the Services, to identify and authenticate your access to the Services, to send you updates and news regarding the Services and our products, to respond to a “Contact Us” request, to send you service and administrative e-mails and messages, and to inform you about changes or important Services related notices.
Your information (as above) will include information about you (and / or your business) and your transactions. If you give us information, including sensitive personal data, about yourself or other people, you agree (and confirm that the person the information is about has agreed) that we can use this information in the way set out in this policy.
We may use and share your information with our subsidiaries or affiliated companies, business partners, financial institutions, employees, professional advisors, sub-contractors, fraud prevention agencies and third party service providers to help us and them:
To provide our Services to you and your business including fulfilling our obligations to you or to financial or other institutions in connection with the Services we provide to you (and / or your business).
To improve and develop our business, including without limitation to optimize our websites/portals, products and services.
To provide you with the information, products and services you have requested or we think may be of interest to you.
To manage and enforce our rights, terms of use or any other contracts with you (and/or your business) for the provision of our Services.
To identify and authenticate your access to non-public parts of our Services.
To send you service and administrative e-mails and messages, including to inform you about important changes or developments in our Services, to provide you with important Services related notices, such as security notices, to notify about your transaction and to respond to a "Contact Us" or administrative request (for example, to change your password). These e-mails and messages are considered an integral part of the Service and you may not opt-out of them.
o send you information we believe you would find interesting including marketing and promotional materials; by post, email, telephone, SMS text or other means, including electronic means. You can object to marketing at any time, as explained below.
To identify and monitor for fraud, we and other organizations may access and use information recorded by fraud-prevention agencies.
To assist in the course of any investigation by us, other financial organizations or other third parties into any suspected criminal activity.
To obtain your views on our goods, services and our website/s.
To develop and test products and services.
To comply with local and national laws, including card scheme rules and requests from law enforcement and regulatory authorities; and.
In respect of marketing, market research and similar activities, we may use your personal data for such purposes whether or not you are accepted as or continue to receive Services. If you no longer wish to receive marketing or promotional information from us, please let us know via the Contact Us section.
We transfer your personal information or share it with our subsidiaries or affiliated companies for the purpose of storing or processing such data on our behalf, with credit and financial institution alternative payment schemes and any other financial institutions who may process payments, with third-party service providers who complement and assist us with our business operations and to facilitate our Service (like billing, support, payment processing, fraud prevention agencies or other services), with our business partners and affiliates so they can contact you in order to offer or promote our Service, and with whoever you specifically ask us to share it with.
We may share your personal data with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries. We may share your information with selected third parties including:
Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you, or any services that we provide to you.
Credit and Financial Institutions (where allowed under any Terms of Use or other contract): including the credit institution where you (or your business) maintains its bank account and the card schemes governing the issue and use of credit, debit, charge, purchase or other payment cards, alternative payment schemes and any other financial institutions who may process payments and who are not operating under IconPay’s control nor for whom whose actions or omissions IconPay has liability.
Service providers and partners some of which are situated outside of the EEA, but only to assist us with our business operations and to provide our Services to you and other users. Such service providers include hosting and server co-location services, communications and content delivery networks (CDNs), data and cyber security services, DDoS prevention services, billing and payment processing services, domain name registrars, fraud detection and prevention services, web analytics, e-mail distribution and monitoring services, session recording and remote access services, performance measurement data optimization and marketing services, content providers, e-mail, voicemails, support and customer relation management systems (CRM), and our legal and financial advisors. This means that your data may be transferred to other countries. We will typically engage only with such third-party service providers and partners that post a privacy policy governing their processing of personal data.
We may disclose your personal information to third parties:
Where we are required or permitted to do so by law: we may be required by law to pass information about you to regulatory authorities and law enforcement bodies worldwide, or we may otherwise determine that it is appropriate or necessary to do so. Such disclosures may also include requests from governmental or public authorities, or with commercial organizations with whom you may have had dealings and whom are seeking to mitigate fraud risk, or for the purposes of litigation or legal process, national security or where we deem it in the national or public interest or otherwise lawful to do so.
Business transfers: IconPay may buy or sell business units or affiliates. In such circumstances, we may transfer customer information as a business asset. Without limiting the foregoing, if our business enters into a joint venture with or is sold to or merged with another business entity, your information may be disclosed to our new business partners or owners; and.
With your permission: Your information may also be used for other purposes for which you give your specific permission, or when required by law or where permitted under the terms of the relevant data protection legislation. Except where permitted as stated, IconPay does not sell, rent, share or otherwise disclose personal data about its customers to third parties for commercial purposes.
The data that you provide us is sent via a secure link (HTTPS) and sensitive data stored is encrypted using standard encryption technology in computer servers with limited access and in controlled facilities. We follow generally accepted industry standards to protect personal data, however no method of transmission over the Internet or method of electronic storage is 100% secure.
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA“). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. By submitting your personal data, you agree to this transfer, storing or processing of data about you for the purpose of this policy. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy. The data that you provide us is sent via a secure link (HTTPS) and sensitive data stored is encrypted using standard encryption technology in computer servers with limited access and in controlled facilities. We store your personal data for at least for the duration of any customer relationship we have with you, or as otherwise required by law (normally up to a maximum of 7 years for legal and tax reasons).
All information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. We will never contact you and ask for your password.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website or/and the Services; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
All our employees and data processors, who have access to, and are associated with the processing of personal data, are obliged to respect the confidentiality of your personal data.
The Website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
You can exercise your rights at any time by contacting our support team at support@iconpay.com or our Data Protection Officer at legal@iconpay.com. We also offer you the following mechanism to exercise your rights.
Data Subject Rights: To the extent that you wish to exercise your rights under applicable law (e.g. the EU GDPR) to request access to and rectification or erasure of your personal data held with iconpay.com, or to restrict or object to such personal data's processing, or to port such personal data - please contact our support team at support@iconpay.com or our DPO at legal@iconpay.com.
Opting Out: If you would prefer to no longer receive marketing-related messages from us, or if you would prefer that we not share personal data about you with any of our business partners, you may opt-out of receiving messages from us or from our future sharing of information about you by following the “unsubscribe” instructions in the latest such message you have received. We will endeavor to comply with your request as soon as reasonably practicable. Please keep in mind that if you opt-out of receiving promotional messages from this Website, we will continue to send you transactional messages and important account-related information regarding this Website or Services offered through this Website.
Choice: At all times, you may choose whether or not to provide or disclose personal data. If you choose not to provide personal data which is mandatory in order to fully use our Services, you may still visit parts of our Website and Services which are available to the general public, but you will not be able to access certain options, programs, and services that require authentication or involve our interaction with you.
IconPay will only process your personal data where we have lawful authority to do so. In general, IconPay will either process:
On the basis of your consent, including where consent is requested ‘as a condition of business’ (for example, where it is necessary to carry out a credit search prior to opening an account).
Where necessary for the performance of any contract we have with you.
Where IconPay has a legitimate interest to process data, subject to such processing not overriding your own rights and freedoms in objecting to such processing.
Where required by law or similar rule (for example, money laundering or other anti-financial crime checks).
Our Website uses cookies to distinguish you from other users of the Website. This helps us to provide you with a good experience when you browse the Website and also allows us to improve the Website. For more information about cookies, including how to see what cookies have been set and how to manage, block and delete them, see our Cookies Policy
We reserve the right to change this Privacy Policy at any time at our discretion. Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.
If you use the Website or the Services after we have published such changes, you will be agreeing to be bound by those changes. If you do not agree to be bound by this policy at any time, you should not use our Website and Services.
We are not responsible nor will be liable to you in any way for events beyond our direct control. Because of the complex and constantly changing nature of our technology and business, we cannot guarantee nor do we represent that our performance will be error free, and to the maximum extent permitted by law we will not be liable for any direct, indirect, incidental, consequential or punitive damages or other loss suffered by you and relating to the use or release of your personal data.
If you have any comments or questions regarding our Privacy Policy or if you have any concerns regarding your Privacy, you can contact our support team at support@iconpay.com or our Data Protection Officer at legal@iconpay.com. If you are a GDPR-protected individual, you also have the right to lodge a complaint with an EU supervisory authority.