Pay Assist Logo

Privacy Policy

Effective Date: 12 May 2026

Pay Assist

Website: pay-assist.io

1. INTRODUCTION

Pay Assist ("Pay Assist", "we", "us", or "our"), Gibraltar Company No. 123970, respects your privacy and is committed to complying with its obligations under applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This Privacy Policy explains how we collect, use, share, and safeguard personal data collected through our website and in connection with the services we provide to acquirers, payment facilitators, independent sales organisations (ISOs), and independent software vendors (ISVs).

Please also review our Cookie Policy for further details on how we use cookies and similar technologies.

2. SCOPE OF POLICY

This Privacy Policy applies to:

  • Visitors and users of our website pay-assist.io;
  • Individuals who contact us via web forms, email, or telephone;
  • Prospective clients or job applicants who interact with us;
  • Personnel at payment businesses that use or evaluate the Pay Assist platform.

It does not apply to merchant or cardholder data processed on behalf of our clients through the Pay Assist platform. That data is processed under separate data processing agreements with each client.

3. WHAT IS PERSONAL DATA?

"Personal Data" refers to any data relating to a living individual who can be identified directly from that data or indirectly in conjunction with other information. This may include:

  • Full names, postal or email addresses, and telephone numbers;
  • IP addresses, browser identifiers, or location data;
  • Employment or professional details;
  • Any information that, alone or combined with other data, could identify a specific individual.

4. HOW IS YOUR PERSONAL DATA COLLECTED?

We collect limited personal data from individuals who engage with us directly. The types of personal data we collect may include:

  • Identity Data, such as your name, job title, or role within your organisation.
  • Contact Data, including your business email address, phone number, and correspondence address.
  • Technical Data, such as your IP address, browser type, and usage patterns when visiting our website.
  • Communications Data, including messages submitted via our website forms or email.
  • Recruitment Data, such as CVs and other information provided when applying for a position with us.

5. LEGAL BASIS FOR PROCESSING

Under the UK GDPR, we rely on the following lawful bases:

  • Consent – where you have provided clear and informed consent.
  • Contractual necessity – where processing is necessary to enter into or perform a contract with you.
  • Legitimate interests – where processing is necessary for our legitimate business purposes.
  • Legal obligation – where processing is necessary to comply with applicable legal or regulatory requirements.

6. USE OF YOUR PERSONAL DATA

We use your personal data solely for legitimate, clearly defined purposes. This includes responding to your enquiries, providing information about our services, and offering customer support. We do not use your data for profiling or automated decision-making without your clear and informed consent.

7. DATA SHARING AND DISCLOSURE

We only share personal data where necessary and with trusted third parties. These may include:

  • IT service providers, supporting our website and email infrastructure;
  • Law enforcement or regulatory bodies, where legally required;
  • Legal, financial, or insurance professionals, for compliance or advisory purposes;
  • Website analytics providers, for improving user experience.

We do not sell, rent, or trade your personal data with any third parties for marketing or commercial purposes.

8. INTERNATIONAL DATA TRANSFERS

Where personal data is transferred outside the UK, we implement appropriate safeguards including Standard Contractual Clauses (SCCs) approved by the Information Commissioner's Office (ICO) where applicable.

9. DATA SECURITY

We implement technical and organisational measures to protect your personal data, including SSL/TLS encryption, role-based access controls, and regular security assessments. While we maintain high standards of security, no method of electronic transmission is entirely foolproof.

10. DATA RETENTION

We retain personal data only for as long as necessary:

  • General enquiries and contact forms — retained for up to 12 months;
  • Job applications — retained for up to 12 months unless hired;
  • Business and contractual records — retained for 6 to 7 years to comply with financial regulations.

11. YOUR PRIVACY RIGHTS

Under UK GDPR, you have the right to:

  • Access your personal data;
  • Correct or erase your data;
  • Restrict or object to processing;
  • Data portability;
  • Withdraw consent at any time;
  • File a complaint with the Information Commissioner's Office (ICO).

We respond to verified rights requests within 1 month in accordance with UK GDPR.

12. COOKIES

Our website uses cookies and similar technologies. For full details, please refer to our Cookie Policy.

13. THIRD-PARTY LINKS

Our website may contain links to third-party websites not operated by Pay Assist. Pay Assist accepts no responsibility for how third-party websites handle your information.

14. CHILDREN'S POLICY

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

15. CONTACT US

If you have any questions about how we handle your personal data, please contact us at:

Email: legal@pay-assist.io

Address: Pay Assist, 2 Neptune House, Marina Bay, Gibraltar GX11 1AA

16. CHANGES TO THIS POLICY

We reserve the right to update this Privacy Policy from time to time. If we make material changes, we will notify you via a prominent notice on the website prior to the change becoming effective.