General Data Privacy Notice
Legal framework for protecting your personal data
This data privacy notice is written to comply with the European Union General Data Protection Regulation (GDPR). GDPR gives control to citizens and residents over their personal data.
- Name: PleasePay Ltd
- Phone: we only communicate via telegram channel or linkedIn as we are an internet-based company and have no formal physical presence. You can find ways to get in touch with us in the footer of the landing page
- Email: email@example.com
- Address: 6 Montrose Place, London, SW1X 7DU ( this is purely a registered address of the company )
Data Protection Officer
- Name: Feodor Kouznetsov
- Phone: I only use telegram chat, you can connect via our telegram group, the link to it can be found in the footer of our landing page
- Email: firstname.lastname@example.org
- Address: 6 Montrose Place, London, SW1X 7DU ( this is purely a registered address of the officer )
Data Controller’s Lines of Business
PleasePay Ltd is the data controller for the PleasePay document and payment management system.
How data is used
PleasePay may process personal information as part of its business providing the PleasePay document and payment management system. Personal data use may include: document processing, account management, payments, receipts, document processing, finance, marketing, service renewals, risk management and employment.
Pleasepay collects and uses your Personal Data to operate the Website and deliver the services. Pleasepay will send one welcome email following registration/invitation to all NEW users, asking them for a consent . If consent it not given, pleasepay will delete all data within the given timeframe mentioned in the consent email. We will also periodically send service updates to registered users and news about new features. Once your consent is given, other users of pleasepay platform/software, will be able to identify you, by typing your email address in the “add customer, add recipient” sections of the software. It is used only to make that intuitive and easy to use experience of the pleasepay platform/software.
Pleasepay may also use your Personal Data to inform you of other products or services available from Pleasepay and its affiliates, where you have consented to be contacted for such purposes. Pleasepay may also contact you via surveys to conduct research about your opinion of current services or of potential new services that may be offered, although you do not have to respond to such surveys.
Personal data profile categories processed
PleasePay maintains personal data for:
- PleasePay users (e-mail address, name, home or work address or telephone number billing and credit card anonymous demographic information IP address, browser type, domain names, access times and referring website addresses)
- Advisers, consultants and other professional experts
- Business associates, other professional bodies, advisers
- Business contacts
- Complainants and enquirers
- Employers and employees of other organisations
- Relatives, guardians
- Suppliers and services providers
Automated decision making
Pleasepay keeps track of the websites and pages our customers visit within the Website, to determine what website services are the most popular. This data is used to deliver customised content and advertising within the Website to customers whose behaviour indicates that they are interested in a particular subject area.
The legal bases we use for lawful processing
For PleasePay to conduct business and fulfil its legal, regulatory and contractual obligations, it needs to perform legitimate and fundamental processing. These are:
- Establishing contracts
- Maintaining contracts
- Provision of all contracted services
- Invoicing, remittance, payments, collections
- Non-promotional communications
- Marketing and other promotional communications
- Risk management contract review
- Response to Subject Access Requests
- Performance measurement
- IT support services
- Business Continuity Planning
- Legal and regulatory obligations
- Responding to enquiries, requests and complaints
- Employment processing
The categories of people who will access or receive the data
PleasePay sometimes needs to share the personal information it processes with individuals themselves and with other organisations. Below is a description of the types of organisations with which PleasePay may need to share some of the personal information it processes.
- Business associates, other professional bodies, advisers
- Central / local government
- Complainants, enquirers
- Courts and tribunals
- Credit reference, debt collection and tracing agencies
- Current, past and prospective employers
- Data processors
- Debt collection and tracing agencies
- Employment and recruitment agencies
- Family, associates and representatives of the person whose personal data we are processing
- Financial organisations and advisers
- Healthcare professionals, social and welfare organisations
- Law enforcement and prosecuting authorities
- Ombudsman and regulatory authorities
- Pension schemes
- Police forces
- Private investigators
- Professional advisers
- Share Administrators
- Suppliers and services providers
- Trade associations, professional bodies, employer associations
Pleasepay will disclose or share your personal information, without notice, only if required to do so by law or in the good faith belief that such action is necessary to: (a) comply with any legal requirements or comply with legal process served on the Website; (b) protect and defend the rights or property of Pleasepay; and, (c) act under exigent circumstances to protect the personal safety of users of the Website, or the general public.
Pleasepay may disclose your Personal Data to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
The countries where data will be stored, processed and transferred
Your personal data collected by PleasePay may be stored and processed in the United Kingdom or any other country in which PleasePay or associated third parties maintain facilities.
Should PleasePay need to transfer your personal data within or outside the EEA, PleasePay will take all reasonable measures to safeguard the transfer of your personal data to third parties in a manner that complies with the GDPR.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
How long the data will be retained
Retention of specific records may be necessary for one or more of the following reasons:
- To fulfil statutory or other regulatory requirements.
- To evidence events/agreements in case of disputes.
- To meet our operational needs.
- To meet any historical purposes.
Personal data that is collected and subsequently never used for any business purpose will be reviewed and may be destroyed at PleasePay’s discretion.
What happens if the data isn’t collected
Your personal data is required for communication and setting up a contractual agreement to provide products and services. Without this data PleasePay will not be able to communicate with you or enter into a contractual agreement with you. This includes both business and employment contracts.
PleasePay needs personal data to:
- enable consensual bilateral communications;
- engage in pre-contractual activities;
- honour contractual obligations; and
- enable it to employ people.
Without this data, PleasePay will not be able to perform these four primary activities.
The right to withdraw consent
In situations where PleasePay requests and receives your consent to perform processing, we are also obliged to stop such processing if you decide to withdraw your consent. Withdrawing consent is as straightforward as giving consent. Withdrawing consent cannot be back-dated so it has no effect on processing already performed during the period of consent. Consent withdrawal is equal to account deletion.
The right to access, change, delete, restrict, object, request a copy
You have rights regarding the personal data we store on your behalf. These are:
- access to a copy of your personal data;
- object to processing that you object to;
- stop receiving direct marketing material;
- object to decisions being taken by automated means;
- have inaccurate personal data rectified, blocked, erased or destroyed;
- lodge a complaint with the Information Commissioner’s Office;
- claim compensation for damages caused by a breach of the GDPR.
Should you ever wish to exercise any of these rights, please contact the Data Protection Officer.
The right to complain to the regulator
You have the right to lodge a complaint with the Information Commissioner’s Office if you think that your personal data has been inappropriately used.
Data security & integrity
The PleasePay website secures your Personal Data from unauthorised access, use or disclosure. The Website secures the Personal Data you provide on computer servers in a controlled, secure environment, protected from unauthorised access, use or disclosure. When personal information (such as a credit card number) is transmitted to other websites, it is protected using encryption, such as HTTPS.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
We do our best to protect your data by using encryption. However, when generating an invoice your data might be present in memory of our servers in an encrypted form until you have given your consent and have SET a PASSWORD as requested in the consent email in order to ENCRYPT with ZERO-KNOWLEDGE. We do make sure our servers do not store RAM on file-system though. Your data might shortly be present in our databases in an encrypted form but not using zero-knowledge since we need to be able to decrypt it to generate an invoice so that email request is not lost. We do not store email copies on our relay servers. Please also note that if you opt to send your invoice via email we cannot guarantee data protection when email is being sent over the Internet; nor can we guarantee data protection on the email servers where your customers have email accounts since it is beyond our control. Finally, data at rest in our databases is stored in encrypted form by means of asymmetric encryption using zero-knowledge policy, i.e. only you can access the data by means of your password, which we cannot restore or reset on demand even in emergency cases. So, please make sure you set a meaningful password hint which we also encrypt using zero-knowledge policy.
Children under thirteen
Changes to this statement
Pleasepay will occasionally update this Statement of Privacy to reflect company and customer feedback. Pleasepay encourages you to periodically review this Statement to be informed of how Pleasepay is protecting your information.
The Website uses «cookies» to help you personalise your online experience. A cookie is a text file that is placed on your hard drive by a web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you.
One of the primary purposes of cookies is to provide a convenience feature to save you time. The purpose of a cookie is to tell the server that you have returned to a specific page. For example, if you personalise the Website pages, or register with the Website site or services, a cookie helps the Website to recall your specific information on subsequent visits. This simplifies the process of recording your personal information, such as billing addresses, shipping addresses, and so on. When you return to the same the Website, the information you previously provided can be retrieved, so you can easily use the the Website features that you customised.
We may use any of the following cookies:
Strictly necessary cookies. These are cookies that are required for the operation of the Website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around the Website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
Functionality cookies. These are used to recognise you when you return to the Website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
Targeting cookies. These cookies record your visit to the Website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to access all or parts of our site or to fully experience the interactive features of the Pleasepay services or websites you visit.
“Customer” means a prospective, current or former customer of Pleasepay. The term shall also include any individual agent, employee, representative, customer or client of Pleasepay where Pleasepay has obtained his or her Personal Data from such Customer as part of its business relationship with the Customer.
“Data Subject” means an identified or identifiable natural living person about whom Personal Data is being processed.
“Employee” means an employee (whether temporary, permanent, part-time or contract) of Pleasepay. An employee may be a resident of a country within the European Economic area.
“Europe” or “European” refers to a country in the European Economic Area.
“Personal Data” is defined by the GDPR.
“Sensitive Data” is defined by the GDPR.
“Third Party” means any individual or entity that is neither Pleasepay nor a Pleasepay employee, agent, contractor or representative.