1. The Notice
This Privacy Information explains how we use your personal data: how it is collected, how it is held, and how it is processed. It also explains your rights under the law relating to your personal data.
Netopayment acknowledges the significance of your privacy and recognizes your concern regarding the utilization of your personal data. We highly regard and prioritize the privacy of our partners and the users of Netopayment websites. We assure you that we will gather and utilize personal data solely as outlined here, adhering to our responsibilities and your rights as mandated by the law.
2. Personal Data
The General Data Protection Regulation (GDPR) defines personal data as "any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier". This definition encompasses personal information as defined by data protection laws in Canada (PIPEDA) and the United States.
In simpler terms, personal data refers to any information related to you that allows for your identification. It includes obvious details like your name and contact information, as well as less apparent information such as identification numbers, electronic location data, and other online identifiers.
The specific personal data we utilize is outlined in Part 4 below.
3. Your Rights
We are committed to respecting and upholding the following rights granted to you under the GDPR:
The right to be informed: You have the right to be fully informed about how we collect and use your personal data. This Privacy Notice aims to provide you with all the necessary information. However, if you have any further questions or require more details, please don't hesitate to contact us using the information provided in Part 9.
The right to access: You have the right to access the personal data we hold about you. Part 8 provides instructions on how to exercise this right.
The right to rectification: If any of the personal data we hold about you is inaccurate or incomplete, you have the right to have it corrected. For more information, please reach out to us using the contact details in Part 9.
The right to erasure: You have the right to request the deletion or disposal of any personal data we hold about you. To find out more about this right, please contact us using the information provided in Part 9.
The right to restriction of processing: You have the right to restrict or prevent the processing of your personal data.
The right to object: You can object to the use of your personal data for specific purposes or in certain circumstances.
The right to data portability: If you have provided us with personal data directly, and we are processing it with your consent or for the performance of a contract, and if that data is being processed using automated means, you can request a copy of that personal data to use with another service or business in many cases.
Rights related to automated decision-making and profiling: Part 6 explains how we utilize your personal data, including any automated decision-making and/or profiling.
If you require additional information regarding the use of your personal data or wish to exercise the aforementioned rights, please reach out to us using the contact details provided in Part 9.
You can also obtain further information about your rights from the Information Commissioner's Office, your local Citizens Advice Bureau, or a similar service provider.
If you have any concerns or complaints about how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office.
4. Collected Personal Data
We may collect some or all of the following personal data (this may vary according to your relationship with us:
Name;
Date of birth;
Gender;
Address;
Email address;
Telephone number;
Business name;
Job title;
Profession;
Payment information;
Information about your preferences and interests;
5. Use of Personal Data
In accordance with the GDPR, we are obliged to have a valid legal basis for the usage of personal data. This may be due to the necessity of the data for fulfilling a contract with you, your consent to our utilization of your personal data, or because it aligns with our legitimate business interests. Your personal data may be used for the following purposes:
Account management: We use your personal data to provide and manage your account effectively.
Service provision: In order to enter into a contractual agreement with you, we require your personal details to supply our services to you.
Personalization: We personalize and tailor our services to cater to your specific needs.
Communication: We engage in communication with you, which may involve responding to your emails or phone calls.
Information delivery: If you have opted in, we may supply you with information via email. You have the option to unsubscribe or opt out at any time by clicking on the provided link.
Marketing purposes: With your consent or as permitted by law, we may use your personal data for marketing purposes. This may include contacting you via email, telephone, or text message to share information, news, and offers related to our products and services. We are committed to ensuring that you do not receive any unlawful marketing or spam. We always strive to protect your rights, fulfill our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, and provide you with the opportunity to opt out.
We never sell your personal data to third-parties.
6. Information Collected Through Tracking
NetoPayment collects information from its NetoPayment audience in an aggregated form. This data is used to gather demographic insights about the entire audience, with the aim of enhancing service for customers and merchants and conducting statistical analysis on the collective characteristics and behavior of users. By utilizing this information, NetoPayment can understand overall demographics and interests of patrons in various areas of its domain, enabling them to make informed decisions on resource allocation. Additionally, NetoPayment uses the aggregated data to inform sponsors about the number of visitors who have viewed and interacted with their advertisements.
7. Storing the Personal Data
We will retain your personal data only for as long as it is necessary, considering the original purpose(s) for which it was collected. The specific periods for which your personal data will be kept are outlined below. In cases where there is no fixed duration, relevant factors will be taken into account to determine the appropriate retention period. For further details, please reach out to the Data Protection Officer (DPO).
We may retain or transfer your personal data globally, which includes countries outside of the European Economic Area (EEA). The EEA comprises EU member states, along with Norway, Iceland, and Liechtenstein. While some countries may not have data protection laws as robust as those you are accustomed to, we will implement additional measures to guarantee that your personal data is handled with the same level of safety and security as it would be within Canada, the USA, and Europe.
For Users in the European Union:
When we share your data with external third parties, as explained in detail in Part 7, who are located outside the European Economic Area (EEA), we implement the following safeguards for such transfers:
We only transfer your personal data to countries that have been assessed by the European Commission as having an adequate level of personal data protection. You can find more information on this from the European Commission.
We utilize specific contracts with external third parties that have been approved by the European Commission for the transfer of personal data to countries outside the EEA. These contracts ensure that the same level of personal data protection as stipulated by the GDPR is maintained. Additional information on these contracts can be obtained from the European Commission.
Please refer to Part 9 for the provided contact details if you require further information about the specific data protection mechanisms employed by us when transferring your personal data to a third country.
We place great importance on the security of your personal data. To protect your data, we take commercially reasonable precautions such as employing security software, implementing physical security measures, and adhering to strict policy guidelines to safeguard the privacy of our users' personal information. We are committed to continuously enhancing our security measures as new technology becomes available. We work diligently to ensure the security of online purchases for customers and protect the sensitive information of merchants by utilizing authentication technology (certificates) and encryption technology (SSL). All personal information, including credit card details and/or social security numbers, transmitted over the Internet to and from NetoPayment websites is encrypted using secure server software.
8. Disclosing the Personal Data
We may disclose your personal data to other companies within our group for purposes such as service performance, anti-money laundering and anti-terrorism efforts, and security. This includes our subsidiaries.
On occasion, we may engage third-party companies to provide products or services on our behalf. These could involve payment processing, delivery, or marketing. In such cases, these third parties may need access to some or all of the personal data we hold. The list of our sub-processors can be obtained by requesting it from your Partner Dashboard.
When your personal data is shared with third parties as described above, we will take necessary measures to ensure that it is handled securely, in accordance with your rights, our obligations, and the legal obligations of the third party, as explained in Part 8.
If there is a need to transfer personal data outside of the European Economic Area (EEA), we will implement appropriate safeguards to ensure that your personal data receives the same level of security and protection as it would within the UK and under the GDPR, as detailed in Part 8.
In certain limited circumstances, we may have a legal obligation to disclose specific personal data, including yours, when involved in legal proceedings, complying with legal obligations, court orders, or government authority instructions.
9. Access to the Personal Data
If you wish to inquire about the personal data we have concerning you, you have the right to request details and obtain a copy of the information we hold (if any). This is referred to as a "Personal Data Request."
To initiate a personal data request, please submit a written request to the email at info@netopayent.com. We will endeavor to respond to your personal data request within 20 days, but in any case, no later than one month from the receipt of your request. Our aim is to provide a comprehensive response, including a copy of your personal data, within this timeframe. However, if your request is complex or requires further identification, it may take up to three months from the date of receipt. We will keep you informed of any progress regarding your request.
10. Changes to this Privacy Notice
We reserve the right to modify this Privacy Notice periodically. This may become necessary due to changes in the law or alterations to our business operations that impact personal data protection.
Any updates or revisions will be accessible on our website.