Privacy Policy

Introduction

Veytor Ltd ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our payment processing services and visit our website. We are the data controller for the purposes of applicable data protection laws, including the General Data Protection Regulation (GDPR).

Data Collection

We collect personal data that you provide directly to us and information that is automatically collected when you use our services. The data we collect includes:

• Personal Information: Name, email address, phone number, postal address, and business information
• Financial Information: Payment card details, bank account information, and transaction data (processed securely and in compliance with PCI DSS)
• Technical Information: IP address, browser type, device information, and website usage data
• Communication Data: Records of correspondence and support interactions
• Business Information: Company details, business type, and compliance documentation

How We Use Your Information

We use your personal data for legitimate business purposes and based on lawful grounds under GDPR. How we use your information includes:

• Service Provision: Processing payments, managing your account, and delivering our services
• Legal Compliance: Meeting regulatory requirements, preventing fraud, and conducting due diligence
• Customer Support: Responding to inquiries, providing technical assistance, and resolving issues
• Business Operations: Risk management, analytics, and improving our services
• Marketing: Sending relevant communications about our services (with your consent where required)

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use, please refer to our Cookie Policy.

Data Sharing and Disclosure

We may share your personal data with trusted third parties in the following circumstances:

• Service Providers: Third-party processors who assist with payment processing, fraud prevention, and technical services
• Regulatory Authorities: When required by law or to comply with legal obligations
• Business Transfers: In connection with mergers, acquisitions, or asset sales
• Consent: When you have given explicit consent for specific sharing purposes

Data Retention

We retain personal data for as long as necessary to fulfil the purposes outlined in this policy and to comply with legal requirements. Transaction data is typically retained for seven years in accordance with financial regulations. Personal data provided through website forms is retained for three years unless you request earlier deletion. We regularly review our retention periods and securely delete data that is no longer required.

Your Rights

Under GDPR and applicable data protection laws, you have the following rights regarding your personal data:

• Right of Access: Request copies of your personal data
• Right to Rectification: Correct inaccurate or incomplete information
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests or for marketing purposes
• Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time

Data Security

We implement robust security measures to protect your personal data, including encryption, access controls, and regular security assessments. Our systems are PCI DSS Level 1 certified and comply with industry best practices. We conduct regular security training for our staff and maintain incident response procedures to address any potential data breaches promptly.

International Transfers

As an Irish company operating within the European Union, we primarily process data within the EEA. When we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions, to protect your personal data in accordance with GDPR requirements.

Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without appropriate consent, we will take steps to delete such information promptly.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting the updated policy on our website and updating the "last modified" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.

Contact Information

If you have questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding data protection matters, please reach out to us:

Regulatory Authority

You have the right to lodge a complaint with the Irish Data Protection Commission if you believe we have not handled your personal data in accordance with applicable laws. You can contact them at www.dataprotection.ie or by phone at +353 761 104 800.