-
General
This privacy notice sets out how Praxis Tech Ltd a company incorporated and existing under the laws of the Republic of Cyprus with registration number HE 410576 (“Praxis” or “we” or “us” or “our” or “Company”) processes data, whether on individuals (including personal data in respect of individuals who are clients, intermediaries or other third parties that the Company interacts with, or any individual who is connected to those parties) or otherwise. Where the data held are on individuals, this document also sets out the rights of those individuals in respect of that personal data.
“You” in this Privacy Policy may refer to a visitor of our website (the “Visitor”), who intends to use or already uses, directly or indirectly, our products or services including inter alia any shareholders, beneficial owners, principals, directors, staff members, merchants and customers of merchants accessing our website available at www.praxis.tech (the “Website”).
This privacy notice has been prepared in accordance with the provisions of the EU General Data Protection Regulation (“GDPR”). Any questions relating to this Privacy Notice or requests in respect of personal data should be directed to our Data Protection Officer (DPO) at dpo@praxis.tech .
-
Who We Are
The Company offers inter alia a payment orchestration platform, processing management software and other services, gathers and processes your personal information in accordance with this privacy notice and in compliance with GDPR and laws. This notice provides you with the necessary information regarding your rights and our obligations, and explains how, why and when we process your personal data.
-
Information That We Collect
We collect the following information:-
-
Information and documentation that You as a Visitor, provide by filling in the Application form or the Contact Us form available at the Website. Such information may include Your name, surname, e-mail address, telephone number, website and other information which You provide;
-
Information and documentation that You as a client provide to us in order to conclude an agreement. Such information may include, but is not limited to, Your name, date of birth, home, work or other physical address, country, telephone number, e-mail address, company name, company number, current position, passport or ID data, utility bill and/or proof of address, corporate documents of the company, payment account number, business bank statement, information regarding the beneficial ownership in other companies;
-
A record of correspondence / communication and/or the telephone call in the event You contact us. Such record may include Your name, surname, e-mail address, telephone number, name of Your company and other personal data You may disclose to us during such communication;
-
Where You as a client have been granted access to the client portal – details of Your visits, including, but not limited to, location data, weblogs, other communication data and the resources that are accessed by You;
-
Where You as a client use the cashier in order to initiate a transaction and/or the Visitor initiates a transfer of funds to You – Your personal data, including, but not limited to, name, surname, e-mail address, telephone number, details of Your payment instrument, including, but not limited to, card number, card expiry date, CVC/CVV code, credit/financial institution and/or issuer details and information relating to the purchased products or services, including the location and time of the transaction;
-
Information about You as a client or as a merchant, which we receive from other sources, including, but not limited to, our business partners, service providers and subcontractors. Such information may include the data provided by the card organisations, payment service providers, credit reference agencies and other third parties, as well as publicly available information.
-
-
Failure to provide personal data.
Where we need to comply with our legal obligations under laws and regulations or under the terms of a contract and you fail to provide any requested personal data, Praxis may not be able to accept you as a customer or continue our business relationship and will inform you in this regard.
-
Other data:
We may also collect non-personal information about You, which does not identify You as a specific individual. Such non-personal information that we may collect includes:
-
Browser and device data, for instance, IP address, operating system and browser type. This is statistical data about the Website users’ browsing actions and patterns and does not identify any individual;
-
Cookie data, such as time spent on the Website, pages visited, language preferences, and other anonymous traffic data;
-
Company data, such as a company’s name, product and service offerings, jurisdiction.
-
-
How long we keep your information for
-
How long we keep your information will depend on the purpose for which we use it and so may vary. We will only retain your information for as long as is necessary for the purposes set out in this Privacy Policy and as is necessary to comply with our legal obligations. We do not keep more information than we need for the particular purpose.
-
Where we have provided you with a product or service, we will keep an archived record of your personal data for a period of up to 6 years after termination (unless a longer period is prescribed by law) for the purposes of responding to legal disputes and legal or regulatory enquiries or investigations only, but will not use this data for any other purpose.
-
If you ask us to stop sending direct marketing communications to you (see section 8, below), we will keep the minimum amount of information necessary (such as your name and email address) to ensure that we are able to adhere to your request. We also routinely seek to minimise the amount of personal data we hold where any marketing contact is deemed inactive. We deem a contact to be inactive if we have not been able to identify any engagement (e.g. through opening an email or visiting our website) for a period of 12 months or if an email is not delivered due to a hard bounce. In such circumstances we will anonymise all relevant data for aggregation purposes, with the exception of an email address.
-
-
How We Use Personal Data
-
We use Your personal data in order to provide our services/products to You, in the capacity of a Merchant, and to respectively conclude contracts and carry out our contractual obligations. In this regard, we rely on a contract entered into by You and Praxis as the valid ground for the processing of Your personal data.
-
We use Your personal data to enable You, in the capacity of a Customer, to make use of our services/products which we provide to the Merchant. In this regard, we rely on the legitimate interests pursued by us.
-
We are also required by law to constantly carry out various activities for the prevention of fraud, money laundering and terrorism financing, as well as for compliance with other legal obligations. In this regard, we rely on the necessity to comply with legal obligations as the valid ground for the processing of Your personal data.
-
In addition, we process personal data in order to carry out various marketing activities and in this regard, we rely on Your consent as the valid ground for the processing of Your personal data.
-
Examples of how we may use Your personal data include:
- to verify Your identity for legal and/or compliance purposes;
- in order to start the onboarding process, including the review and approval of the Compliance team based on the internal policies of Praxis;
- to provide You with information, products or services requested from us;
- to provide You with information, which we feel may interest You, provided that You have consented to be contacted for such purposes;
- to notify You about changes to our products or services;
- to process transactions/payments;
- to ensure that content from the Website is presented in the most effective manner and to keep our Website safe and secure;
- to allow You to use interactive features of our Website;
- to administer our Website;
- to conduct monitoring against any possible fraud, money laundering, terrorism financing or crime risks;
- to respond to Your inquiries and provide customer support;
- to conduct market research and carry out marketing activities.
-
-
Your Rights when we process your personal data for marketing purposes
-
You have the right to decide whether we can process your personal data for general marketing purposes. We will ask for your consent in advance if we intend to use your personal data for marketing purposes or if we intend to disclose your personal data to any third party for such purposes. You can withdraw a consent given for the use of your personal data for marketing purposes at any time.
-
Besides, we may use your personal data for direct marketing purposes (e.g. to inform you about our products or services similar to those you have purchased from us) based on our legitimate interests. You can ask us to stop using your personal data for direct marketing purposes at any time.
-
You are also able at any time to withdraw any consent to receive marketing communications that you have given to us. You can do this by contacting us at hello@praxis.tech or by writing to us at:
Praxis Tech Ltd, 38 Andrea Kariolou, 2nd Floor, Agios Athanasios, Limassol, 4102, Cyprus.
Please provide us with your full name, address and other contact details to enable us to find your records. Sometimes we may also need to contact you further to ask you for additional information so that we can comply with your request.
-
-
Your other rights
When we process your personal data under this Privacy Notice, you have the right to require us to:
-
provide you with further details on the use we make of your information;
-
provide you with a copy of your personal data that we hold;
-
update any inaccuracies in the personal data we hold;
-
delete any personal data that we no longer have a lawful ground to use;
-
where processing is based on consent, withdraw your consent so that we stop that particular processing;
-
object to any processing based on the legitimate interests ground unless our reasons for undertaking that processing outweigh any prejudice to your data protection rights;
-
restrict how we use your information whilst a complaint is being investigated;.
-
not be subject to profiling or decisions based on automated decisions that could result in adverse effects; and
-
transfer your personal data to a legitimate party of your choice, if possible, in a readily usable format.
If you believe that we hold any incomplete or inaccurate data about you, you have the right to ask us to correct and/or complete the information and we will strive to do so as quickly as possible; unless there is a valid reason for not doing so, at which point you will be notified.
You also have the right to request erasure of your personal data or to restrict processing (where applicable) in accordance with the data protection laws; as well as to object to any direct marketing from us. Where applicable, you have the right to data portability of your information and the right to be informed about any automated decision-making we may use. If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the request; this is to ensure that your data is protected and kept secure.
-
-
How do We exchange Your data
To effectively run Our Service, We must partner with third parties and, therefore, We may exchange Your data with:
-
Payment account providers ("Partners");
-
Third parties and service You choose to Use in connection with the services;
-
Our trusted data aggregation Partners;
-
Potentially, other third parties, if we have to do so to fulfil our legal obligations.
-
-
Security: How We Protect & Store Personal Information
The security of your personal information is important to Us. We take legal, technical and organizational measures that it considers necessary in order to maintain the confidentiality and security of your personal information, with due regard to the applicable obligations and exceptions under the legislation in force.
Praxis regularly reviews its policies regarding the collection, storage and processing of your personal information, including physical security measures, to prevent alteration, loss, query, use or fraudulent or unauthorized access of your personal information.
Praxis has put in place procedures to deal with personal information breach and will notify you and any applicable regulator or authority of a breach where we are legally required to do so.
-
Cookie policy
Please refer to our cookie policy which is available at our Website. We will not share Your cookies with third parties, without Your authorisation.
-
Changes To the Privacy Policy
We may change or update this Privacy Policy. Any changes we may make to this Privacy Policy in the future will be posted on the Website and any such changes will be effective starting from the date when we post the revised Privacy Policy.
We may provide You with notifications regarding the changes in the Privacy Policy by posting them on our Website.
-
Contact
Questions, comments and requests regarding this Privacy Policy should be addressed to dpo@praxis.tech . Alternatively, you can write to us at: PRAXIS TECH LTD, 38 Andrea Kariolou, 2nd Floor, Agios Athanasios, Limassol, 4102, Cyprus.