1.1 This Privacy Notice explains how TraffikPay Limited (“TraffikPay”, “we”, “us”, “our”) collects, uses and shares personal data when you access our website and online funnels and when you engage with us regarding introductions to payment solution providers. By using the site or otherwise providing personal data, you acknowledge this Notice.
1.2 TraffikPay Limited is the controller of personal data processed under this Notice. Our registered office and contact details are published on the site. You may contact us using the details on the site for any privacy queries.
1.3 This Notice applies to business contacts at prospective and current clients, partners, payment solution providers and suppliers, and to visitors to the site. It does not apply to personal data processed by third parties who are independent controllers, including payment solution providers to whom we introduce you.
1.4 We collect personal data that you provide directly through our funnels and forms including full name, job title, business contact details, messaging handles, and information about your business model, payment requirements, processing history, geographies, volumes, pricing expectations, risk posture and compliance arrangements.
1.5 We may collect identification and verification data for screening purposes including copies or references to passports or national IDs, proof of address, and information about beneficial ownership, directors and authorised signatories. Where provided, this data relates to business principals and contacts.
1.6 We may collect technical data automatically when you visit the site, including IP address, device and browser information, pages viewed and interactions. Cookies and similar technologies may be used. Further details are provided in our cookie notice.
1.7 We may receive personal data from third parties, including referral partners, publicly available sources, corporate registries, sanctions and PEP screening databases, adverse media providers, fraud-prevention agencies and identity verification vendors.
1.8 We process personal data to assess and arrange prospective introductions to payment solution providers, to communicate with you, to evaluate suitability, to protect against fraud and financial crime, to maintain records, and to operate, secure and improve the site and our services.
1.9 Our lawful bases for processing include the pursuit of our legitimate interests in evaluating and making introductions for business clients, steps taken at your request prior to entering into a contract with us or with a payment solution provider, compliance with legal obligations applicable to us, and your consent where required for specific activities such as certain marketing communications.
1.10 Where we rely on legitimate interests, those interests include operating an introductions brokerage, matching business requirements with payment providers, preventing abuse, ensuring network and information security, maintaining accurate records and protecting our legal rights while respecting your rights and freedoms.
1.11 We may conduct due diligence and screening including sanctions, PEP and adverse media checks, fraud and credit risk signals, and verification of identity and business information. Such processing helps us and payment solution providers prevent financial crime and protect platform integrity.
1.12 We share personal data with payment solution providers, banks, acquirers, electronic money institutions, gateways and processors for the purpose of evaluating and arranging an onboarding. We also share data with screening, identity verification and KYC service providers, hosting and cloud providers, CRM and communications vendors, analytics providers, professional advisers and with group companies where relevant.
1.13 If we introduce you to a payment solution provider, that provider will process personal data as an independent controller under its own privacy notice and terms. You should review those terms carefully. We are not responsible for the provider's handling of personal data after the introduction.
1.14 We may transfer personal data to recipients outside the Isle of Man and the United Kingdom. Where we do so, we rely on an applicable adequacy decision or implement appropriate safeguards such as standard contractual clauses or the UK international data transfer addendum together with transfer risk assessments as required.
1.15 We host our service infrastructure using reputable third-party cloud providers. Server and database locations may be selected from approved regions offered by our hosting provider to optimise performance and compliance. We may host data in any of the provider's available regions, including locations closest to the primary user base for speed and reliability or in jurisdictions selected to meet regulatory and contractual requirements. Where such regions are outside the Isle of Man and the United Kingdom, appropriate transfer mechanisms are applied as set out in this Notice.
1.16 We retain personal data for as long as necessary for the purposes set out in this Notice, including to maintain accurate business records, to evidence introductions and referral arrangements, to respond to queries or disputes, and to meet legal, tax and audit requirements. Typical retention periods are up to six years from the end of our relationship, longer where legally required or where claims are reasonably contemplated.
1.17 We implement technical and organisational measures designed to protect personal data, including access controls, encryption in transit where supported, least-privilege principles, staff confidentiality obligations and supplier due diligence proportionate to the nature of the processing and risks involved.
1.18 We do not knowingly target or onboard children. The site is intended for business users only. If you believe we have collected personal data about a child, please contact us so that we can delete it where appropriate.
1.19 We do not make decisions based solely on automated processing that produce legal or similarly significant effects about you. Screening tools may generate risk indicators to support human review and decision-making.
1.20 You have rights under applicable data protection law which may include the rights of access, rectification, erasure, restriction of processing, objection to processing based on legitimate interests, data portability, and the right to withdraw consent where processing is based on consent. These rights may be subject to conditions and exemptions.
1.21 You may exercise your rights by contacting us using the details published on the site. We may need to verify your identity and the scope of your request. We aim to respond within the time limits set by law.
1.22 You have the right to lodge a complaint with the Isle of Man Information Commissioner. Contact details are available on the regulator's website. We would appreciate the opportunity to address your concerns first.
1.23 Where we collect personal data directly for marketing to business contacts, we rely on legitimate interests or consent in accordance with applicable law. You may opt out of marketing at any time by using unsubscribe options or by contacting us.
1.24 Providing certain personal data is necessary to consider an introduction to a payment solution provider. If you do not provide requested information, we may be unable to progress your enquiry or make an introduction.
1.25 We may update this Notice from time to time. Material changes will be posted on the site and will take effect upon posting unless otherwise stated. Your continued use of the site after an update constitutes acknowledgement of the revised Notice.
1.26 We may process special category data only where you voluntarily provide it or where required by law in connection with screening and compliance checks, and only where a lawful basis and a relevant condition under applicable law is satisfied. We do not seek to collect such data routinely.
1.27 We may combine information you provide with information from third-party sources to help validate your business profile and to improve accuracy for introductions and screening.
1.28 We do not sell personal data. We may disclose personal data in connection with a corporate transaction such as a reorganisation, merger or sale, in which case appropriate confidentiality and data protection safeguards will apply.
1.29 We keep records of introductions and referral attributions to ensure appropriate recognition by payment solution providers and to prevent fraud or circumvention. Such records may include contact details, dates and identifiers shared with providers for tracking purposes.
1.30 Where we rely on consent, you may withdraw consent at any time, which will not affect prior processing. Where we rely on legitimate interests, you may object, and we will assess your objection in light of our interests and your rights.
1.31 We keep a register of our key processors and sub-processors used to support the site and introductions, available on request where appropriate, subject to confidentiality constraints.
1.32 If you contact us by messaging platforms such as WhatsApp or Telegram, we will process your identifiers and message content for the purposes set out above. Those platforms are independent controllers; their own terms and privacy policies apply.
1.33 This Notice is governed by the laws of the Isle of Man. Any non-contractual obligations arising out of or in connection with it are also governed by Isle of Man law.
TraffikPay Limited