Home
> Privacy Policy

Privacy Policy Information

Privacy Policy

Privacy Policy

Paytrium Digital Holding Limited

Version 5.1   |   Last updated: 11.06.2026

 

Paytrium Digital Holding Limited (we, us or our) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose and protect personal data about individuals who visit or use our website at paytrium.digital and any related subdomains (the Site), and individuals we otherwise deal with in the course of our business, and it explains your rights in relation to your personal data.

For the purposes of applicable data protection law, the controller of your personal data is Paytrium Digital Holding Limited, a company incorporated in England and Wales under company number 16118367, whose registered office is at 85 Great Portland Street, First Floor, London, England, W1W 7LT. In these terms, the Paytrium group means Paytrium Digital Holding Limited together with its subsidiaries and group companies from time to time.

This Privacy Policy is framed primarily by reference to the data protection law of the United Kingdom, namely the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, together with the Privacy and Electronic Communications Regulations. Where it applies to you, it is also intended to comply with the European Union General Data Protection Regulation (EU GDPR). Sections 13 and 14 below contain additional information for residents of the United States and for individuals in Brazil and other countries in Latin America.

1.  Scope of this policy and who we are

This Privacy Policy applies to personal data we process about visitors to and users of the Site, individuals who contact us or whom we contact, our business contacts, clients, suppliers, partners and investors and their personnel, individuals whose data we receive in the course of the activities of the Paytrium group, and individuals who apply to work with us.

Please read this Privacy Policy together with our Website Terms and Conditions and any other notices we may provide on specific occasions when we are collecting or processing personal data, so that you are fully aware of how and why we are using your data.

2.  The personal data we collect

We may collect, use, store and transfer different kinds of personal data about you, which we have grouped together as follows:

  1. Identity Data, such as your name, title, job title and the name of your employer or organisation.
  2. Contact Data, such as your email address, telephone number, and postal or business address.
  3. Business and Professional Data, such as your role, sector, business interests and other information relevant to a potential or actual business relationship.
  4. Communications Data, such as the content of your enquiries, messages, feedback and correspondence with us, and records of our interactions with you.
  5. Marketing and Preferences Data, such as your preferences in receiving communications from us and your communication preferences.
  6. Technical Data, such as your internet protocol (IP) address, browser type and version, time zone setting and approximate location, operating system and platform, and other technology on the devices you use to access the Site.
  7. Usage Data, such as information about how you use the Site, including pages viewed, links clicked, and navigation paths.
  8. Cookie Data, being data collected through cookies and similar technologies, as described in section 5.
  9. Recruitment Data, where you apply for a role with us, such as the information in your application, curriculum vitae, employment and education history, and references.

We do not intend to collect any special categories of personal data about you through the Site (such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, or data concerning sex life or sexual orientation), nor any data relating to criminal convictions and offences. Please do not provide such data to us unless we have specifically requested it and explained the basis on which we will process it.

3.  How we collect your personal data

We collect personal data about you in the following ways:

  1. Directly from you. You may give us personal data when you contact us by email, telephone or post, complete a form on the Site, correspond with us, request information, meet us at an event, or otherwise interact with us.
  2. Automatically. As you interact with the Site, we may automatically collect Technical Data and Usage Data about your equipment and browsing actions and patterns, using cookies, server logs and similar technologies. See section 5.
  3. From third parties and public sources. We may receive personal data about you from analytics providers, hosting and IT service providers, social media platforms, business partners and other members of the Paytrium group, recruiters, and publicly available sources and registers, such as company registries and professional networking sites.

4.  How and why we use your personal data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data where we need to perform, or take steps to enter into, a contract with you or your organisation, where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests, where we need to comply with a legal or regulatory obligation, or where you have given consent. The table below sets out the main purposes for which we use personal data and the legal bases we rely on. More than one legal basis may apply to a particular purpose.

Purpose

Types of data

Legal basis

Responding to your enquiries and requests and communicating with you

Identity, Contact, Communications

Legitimate interests (responding to and managing enquiries directed to us); taking steps to enter into a contract where relevant

Managing our relationships with business contacts, clients, suppliers, partners and investors

Identity, Contact, Business and Professional, Communications

Performance of a contract; legitimate interests (operating and managing our business and the group); legal obligation where applicable

Operating, maintaining and securing the Site and our systems

Technical, Usage

Legitimate interests (administering and securing our Site and systems, and preventing fraud and misuse); legal obligation (information security)

Analysing use of the Site and improving the Site and our communications

Technical, Usage, Cookie

Consent (for non-essential cookies and analytics); legitimate interests (understanding and improving how the Site is used)

Sending marketing and corporate communications about the Paytrium group

Identity, Contact, Marketing and Preferences

Consent; legitimate interests (promoting the group to business contacts), subject to your right to object

Considering and processing job applications

Identity, Contact, Recruitment

Taking steps to enter into a contract; legitimate interests (assessing suitability); consent where relevant

Complying with legal, regulatory and tax obligations and responding to authorities

Any relevant data

Legal obligation; legitimate interests (cooperating with regulators, courts and authorities)

Establishing, exercising or defending legal claims and protecting our rights

Any relevant data

Legitimate interests (protecting our legal position and that of the group); legal obligation

Carrying out and facilitating corporate transactions, such as reorganisations, financing, mergers, acquisitions and disposals

Any relevant data

Legitimate interests (carrying out and facilitating corporate transactions involving the group)

 

Where we rely on legitimate interests, we have considered whether those interests are overridden by your interests and rights, and you may ask us for more information about that assessment. Where we rely on consent, you may withdraw your consent at any time by contacting us, although this will not affect the lawfulness of any processing carried out before you withdraw your consent.

5.  Cookies and similar technologies

The Site uses cookies and similar technologies to distinguish you from other users, to operate the Site, and to help us improve it. A cookie is a small file of letters and numbers that is stored on your browser or the hard drive of your device when you visit a website.

We use the following categories of cookies and similar technologies:

  1. Strictly necessary cookies. These are required for the operation of the Site and its core functionality and security. They do not require your consent.
  2. Performance and analytics cookies. These allow us to recognise and count the number of visitors and to see how visitors move around the Site, so that we can improve it.
  3. Functionality cookies. These are used to recognise you when you return to the Site and to remember your preferences.
  4. Targeting cookies. These record your visit to the Site and the pages you have visited, and may be used to make our communications more relevant to your interests.

We will only place non-essential cookies on your device with your consent, which you may give or refuse, and later change, through the cookie banner or cookie settings on the Site. You can also set your browser to refuse some or all cookies, or to alert you when websites set or access cookies, but if you do so, some parts of the Site may not function properly. This reflects the requirements of the Privacy and Electronic Communications Regulations in the United Kingdom and equivalent ePrivacy rules in the European Union.

6.  Marketing communications

We may send you marketing and corporate communications about the Paytrium group where you have asked to receive them, where you have given consent, or where we are otherwise permitted to do so. You can ask us to stop sending you marketing communications at any time by using the unsubscribe link in any email, or by contacting us using the details in section 18. If you opt out of marketing communications, we may still send you service or relationship communications that are necessary for our dealings with you.

7.  Who we share your personal data with

We may share your personal data with the following categories of recipient:

  1. other members of the Paytrium group, where this is necessary for the purposes described in this Privacy Policy;
  2. service providers and processors who provide hosting, IT, website, analytics, email, communications, security, administrative and professional services to us (including legal, accounting, audit and consulting advisers), and who process personal data on our instructions under written contracts;
  3. regulators, courts, law enforcement, government and tax authorities, and other third parties, where we are required to do so by law, regulation or legal process, or where it is necessary to protect our rights or the rights of others;
  4. parties to a corporate transaction, and their advisers, such as a prospective buyer, investor, lender or other counterparty, and their successors, in connection with a reorganisation, financing, merger, acquisition or disposal involving the group;
  5. other parties where you have given consent or otherwise at your direction.

We require all processors that handle your personal data to respect its security and to treat it in accordance with the law. We do not allow our processors to use your personal data for their own purposes, and we only permit them to process your personal data for specified purposes and in accordance with our instructions.

8.  International transfers of personal data

The Paytrium group operates internationally, and some of our service providers and group companies may be located outside the United Kingdom and the European Economic Area (EEA), including in countries whose data protection laws may differ from, and may not provide the same level of protection as, those of the United Kingdom or the EEA.

Where we transfer your personal data outside the United Kingdom or the EEA, we put in place appropriate safeguards to protect it, which may include one or more of the following: transfers to a country that the United Kingdom or the European Union has decided provides an adequate level of protection; the use of the United Kingdom International Data Transfer Agreement, or the International Data Transfer Addendum to the European Commission Standard Contractual Clauses; the use of the European Commission Standard Contractual Clauses; or another lawful transfer mechanism. You may request further information about the safeguards we apply, and a copy of the relevant mechanism, by contacting us using the details in section 18.

9.  Data security

We have put in place appropriate technical and organisational measures designed to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. We limit access to your personal data to those who have a business need to access it. No transmission of information over the internet or method of storage is completely secure, however, and we cannot guarantee the absolute security of your personal data. Where we are legally required to do so, we will notify you and the relevant supervisory authority of a personal data breach.

10.  How long we keep your personal data

We will keep your personal data only for as long as is necessary for the purposes for which it was collected, including to satisfy any legal, accounting, tax, regulatory or reporting requirements, and to establish, exercise or defend legal claims. To determine the appropriate retention period, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process it and whether we can achieve those purposes by other means, and applicable legal requirements. When personal data is no longer required, we will delete or anonymise it.

11.  Your rights

Under data protection law, and subject to certain conditions and exemptions, you have the following rights in relation to your personal data:

  1. Access. The right to request a copy of the personal data we hold about you and certain information about how we process it.
  2. Rectification. The right to request that we correct inaccurate personal data and complete incomplete personal data.
  3. Erasure. The right to request that we delete your personal data in certain circumstances.
  4. Restriction. The right to request that we restrict the processing of your personal data in certain circumstances.
  5. Portability. The right to receive certain personal data in a structured, commonly used and machine-readable format, and to have it transmitted to another controller where technically feasible.
  6. Objection. The right to object to our processing of your personal data where we rely on legitimate interests, and the right to object at any time to processing of your personal data for direct marketing purposes.
  7. Withdrawal of consent. Where we rely on your consent, the right to withdraw that consent at any time, without affecting the lawfulness of processing before withdrawal.
  8. Automated decisions. Rights in relation to automated decision-making, as described in section 12.

You may exercise these rights by contacting us using the details in section 18. We may need to request specific information from you to help us confirm your identity. We will respond to your request within the period required by applicable law, which is normally one month, although we may extend this period for complex or numerous requests. You will not usually have to pay a fee, although we may charge a reasonable fee, or refuse to comply, where a request is manifestly unfounded, excessive or repetitive, to the extent permitted by law.

12.  Automated decision-making

We do not make decisions that produce legal effects concerning you, or that similarly significantly affect you, based solely on automated processing of your personal data. If this changes, we will update this Privacy Policy and, where required, obtain your consent or provide you with information about the logic involved and the significance and consequences of such processing.

13.  Information for residents of the United States

This section provides additional information for residents of the United States, and in particular for residents of California under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (together, the CCPA), to the extent it applies to our processing of your personal information.

Subject to the conditions and exceptions in the CCPA, California residents have the following rights in respect of their personal information:

  1. the right to know what personal information we collect, use, disclose and, if applicable, sell or share, and to request access to that information;
  2. the right to request deletion of personal information we have collected from you;
  3. the right to request correction of inaccurate personal information;
  4. the right to opt out of the sale or sharing of personal information;
  5. the right to limit the use and disclosure of sensitive personal information; and
  6. the right not to receive discriminatory treatment for exercising any of these rights.

The categories of personal information we collect are described in section 2 and correspond to CCPA categories such as identifiers, internet or other electronic network activity information, and professional or employment-related information. We collect personal information for the business and commercial purposes described in section 4, and we disclose personal information to the categories of recipient described in section 7 for those purposes. We do not sell your personal information, and we do not share your personal information for cross-context behavioural advertising.

You may exercise your CCPA rights by contacting us using the details in section 18. We will verify your request, which may require us to ask you for additional information. You may use an authorised agent to submit a request on your behalf, in which case we may require proof of authorisation. Residents of other states in the United States that have enacted comprehensive privacy laws, including Virginia, Colorado, Connecticut, Utah and Texas, among others, may have similar rights in respect of their personal information, and we will honour the rights that apply to you under the applicable law of your state.

14.  Information for individuals in Brazil and other countries in Latin America

This section provides additional information for individuals located in Brazil, whose personal data may be subject to the Brazilian General Data Protection Law (Lei Geral de Protecao de Dados, or LGPD), and for individuals located in other countries in Latin America.

Where the LGPD applies, we process personal data on the legal bases it provides, which may include your consent, compliance with a legal or regulatory obligation, the legitimate interests of the controller or a third party, the regular exercise of rights in judicial, administrative or arbitration proceedings, and other bases permitted by the LGPD. Subject to its conditions, individuals in Brazil have the following rights in relation to their personal data:

  1. confirmation of the existence of processing and access to their personal data;
  2. correction of incomplete, inaccurate or out-of-date data;
  3. anonymisation, blocking or deletion of data that is unnecessary or excessive, or that is processed in a manner that does not comply with the LGPD;
  4. portability of data to another service or product provider;
  5. deletion of personal data processed on the basis of consent, subject to certain exceptions;
  6. information about the public and private entities with which we have shared data;
  7. information about the possibility of refusing consent and the consequences of doing so; and
  8. withdrawal of consent.

The supervisory authority in Brazil is the National Data Protection Authority (Autoridade Nacional de Protecao de Dados, or ANPD). For other countries in Latin America, including Argentina, Chile, Colombia, Mexico and Peru, local data protection laws may apply to the processing of your personal data and may give you rights in respect of it. We will comply with the data protection law applicable to you and will honour the rights that apply to you under that law.

15.  Children

The Site is intended for a business and professional audience and is not directed at children. We do not knowingly collect personal data from children under the age of 16. If you believe that a child has provided us with personal data, please contact us using the details in section 18, and we will take appropriate steps to delete it.

16.  Third party links

The Site may contain links to third party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third party websites and are not responsible for their privacy practices. When you leave the Site, we encourage you to read the privacy policy of every website you visit.

17.  Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The date at the top of this policy shows when it was last updated. Where appropriate, we will notify you of material changes by an appropriate method, for example by a notice on the Site. Your continued use of the Site after any change takes effect indicates your awareness of the revised policy.

18.  How to contact us and how to complain

If you have any questions about this Privacy Policy, or if you wish to exercise any of your rights, please contact us by writing to Paytrium Digital Holding Limited at 85 Great Portland Street, First Floor, London, England, W1W 7LT, or by email as available on our website.

If you are in the United Kingdom and you are not satisfied with how we have handled your personal data or any privacy enquiry, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the United Kingdom supervisory authority for data protection, at ico.org.uk. If you are in the European Economic Area, you have the right to complain to the data protection authority in the country in which you live or work. If you are in Brazil, you may contact the ANPD. We would, however, appreciate the opportunity to address your concerns before you approach a supervisory authority, so please consider contacting us first.

Mantente a la vanguardia.

Suscríbete para recibir análisis de expertos.

Puedes darte de baja en cualquier momento usando el enlace en el pie de nuestros correos. Ver
nuestra Política de Privacidad .