Privacy and Cookies Policy

Paytia Privacy Policy

Last Modified: March, 31st 2023.

We — meaning Paytia Limited, doing business as Paytia and Pay729 (also "we," "our," or "us") — prepared this Privacy Policy to help you understand our practices with respect to the collection, use, and disclosure of information we collect from you through: (i) paytia.com, pay729.net its subdomains, and any other website where Paytia’s Terms of Service are posted; (ii) Paytia’s online hosted services; and (iii) Paytia’s “software,” meaning collectively, our browser extensions; mobile applications; other downloadable apps; application programming interfaces (“APIs); and tools and documentation ((i) through (iii) collectively, our “Service” or “Paytia”).

1. What Information We Collect and How

We collect information from you when you:

• Create or register an account, or administer your account
• Input, post, or upload information, data, or other content through the Service
• Submit questions, requests, or other communications to us via various communication channels
• Contact us for customer support or technical support
• Visit any of our websites or download any of our applications
• Participate in promotions, user conferences, webinars, demonstrations, surveys, or other marketing events
• Participate in research activities
• Integrate third-party products and services with your Paytia account
• Payment card data - Personal Account Number, Expiry Date, CVV (security code)

We also collect information about you from our business partners, including referral partners and resellers, and third parties that help us with sales and marketing efforts, such as prospecting. We may also obtain publicly available business contact information.

Additional information about what we collect based on how you interact with the Service is provided below:

Cookies in use on www.paytia.com

Cookie Name	Provider	Category	Expiry	Description
hs_ab_test	paytia.com	necessary	session	Used to consistently serve visitors the same version of an A/B test page they’ve seen before
ln_or	paytia.com		1439 minutes
JSESSIONID	nr-data.net	functionality	session	JSESSIONID is a platform session cookie and is used by sites with JavaServer Pages (JSP). The cookie is used to maintain an anonymous user session by the server.
__hs_cookie_cat_pref	paytia.com	necessary	180 days
_ga_CB967ZLR99	plentyconsulting.com	necessary	400 days	Used to persist session state
lo-visits	paytia.com	necessary	400 days
_GRECAPTCHA	google.com	necessary	179 days	Google reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis.
__cf_bm	myfonts.net	necessary	30 minutes	Cloudflare's bot products identify and mitigate automated traffic to protect your site from bad bots. Cloudflare places the __cf_bm cookie on End User devices that access Customer sites that are protected by Bot Management or Bot Fight Mode. The __cf_bm cookie is necessary for the proper functioning of these bot solutions.
_fbp	paytia.com	advertisement	89 days	Facebook analytics cookie
test_cookie	doubleclick.net	functionality	14 minutes	This cookie is set by DoubleClick (which is owned by Google) to determine if the website visitor's browser supports cookies.
__cfruid	paytia.com	necessary	session	Used by the content network, Cloudflare, to identify trusted web traffic.
bscookie	linkedin.com	advertisement	364 days	Used by LinkedIn to track the use of embedded services.
bcookie	linkedin.com	advertisement	364 days	Used by LinkedIn to track the use of embedded services.
__lotl	paytia.com	analytics	179 days	URL of the visitor's original landing page, if any.
lidc	linkedin.com	advertisement	1439 minutes	Used by the social networking service, LinkedIn, for tracking the use of embedded services.
__hssc	paytia.com	analytics	30 minutes	Analytics session cookie
messagesUtk	paytia.com	functionality	179 days	Remembers the identity of the visitor using the chat widget
AnalyticsSyncHistory	linkedin.com	functionality	29 days	Used to store information about the time a sync with the lms_analytics cookie took place for users in the Designated Countries
_gid	paytia.com	analytics	1439 minutes	ID used to identify users for 24 hours after last activity
_gcl_au	paytia.com	advertisement	89 days	Used by Google AdSense for experimenting with advertisement efficiency across websites using their services.
_gat_gtag_UA_180325702_1	paytia.com	analytics	59 seconds
hubspotutk	paytia.com	analytics	180 days	Contains visitor's identity
hs-membership-csrf	paytia.com	necessary	session	Used to protect against forgery of content memberships
li_sugr	linkedin.com	analytics	90 days	Used to make a probabilistic match of a user's identity outside the Designated Countries
_ga	paytia.com	analytics

 

a. Your Content

“Content” includes all information, data, and other materials, in any form or medium, that are collected, downloaded, or otherwise received, directly or indirectly, from you (or on your behalf) by or through the Service. It also includes information you provide when connecting a third-party account, product, or service to the service. You (and anyone who can interact with your use of the service) own and control the nature of any content, subject to any applicable terms and conditions, including our Terms of Service and this Privacy Policy. Our collection, use, and disclosure practices with respect to content are distinct from those with respect to other sorts of information, as explained in Section 2.a. below.

We may upload content automatically with your authorisation from third-party services (such as from your Google Drive). See Section 1.c. below.

b. Customer Information

“Customer Information” consists of information related to your access or use of our service, the creation of accounts, or that otherwise identifies you as a customer or end user of the service. Customer information includes:

• Identifiers. This includes your name, business mailing address, email address, postal code, telephone number, and other similar identifiers.
• Customer Records. This includes username and password, payment information, company name, job title, business email address, and department.
• Commercial Information. This includes information about products or services purchased, obtained or considered.
• Internet/Network Activity Information. This includes your browsing history, log and analytics data, information about the device(s) used to access the service, domain server, search history, and information regarding your interaction with our service, as well as other usage data.
• Audio/Visual Information. This includes pictures you provide or upload in connection with our Service, and the content and audio or video recordings of phone or video calls between you and us that we record where permitted by law.
• Profession/Employment Information. This includes your current employer, title, and location.
• Other Personal Information. This includes personal information you provide to us in relation to a survey, comment, question, request, or inquiry, and information you provide when you connect a third-party account, product or service to the Service.
• Inferences. This includes inferring your location using your IP address, or using data from your use of our Service to make predictions about your preferences, characteristics, psychological trends, predispositions, behaviour, attitudes, intelligence, abilities, and aptitudes.

If you are an end user using the Service through an account created on your behalf by a Paytia customer (such as an employer, an organisation of which you are a member, or another individual), we may collect and process customer information about you on behalf of the Paytia customer with whom your use of the Service is associated.

c. Third-Party Integrations

If you create your account using a service provided by a third party, such as Google, Apple, or a single-sign-on service provided by a third party, such as Google or Microsoft, we may collect customer information about you from the third-party service (such as your username or user ID associated with that third-party service). IfIf you create your account through a third-party service, or if you grant us permission by changing the settings on your Paytia account, we may collect, and you authorise us to collect, information about your personal contacts as stored within that third-party service, which we may use to facilitate your invitation of collaborators to Paytia. By choosing to create an account using a third-party service, you also authorise us to collect the customer information necessary to authenticate your account with the third party.

Certain aspects of Paytia allow you to link or integrate third-party products and services to enable certain features and functionalities with Paytia. For example, you can connect your Google account to sign into Paytia using the information and data contained in your Google account or integrate with third-party services using Paytia extensions. If you choose to use these features or functionalities, you may be asked to create an account with a third party that provides such features or functionalities or link your existing third-party service account with Paytia (and, by doing so, agree to the privacy policy and/or terms and conditions of that third party). You may also be asked to authorise Paytia to collect information from the third party on your behalf. We will then collect information (such as your username or user ID associated with that third-party service) from you and/or that third party as necessary to enable Paytia to access your data and content stored with that third-party service. Once the authentication is complete, we have the ability to access the information you provided to us or that was otherwise collected by the third-party service in accordance with the privacy practices of that third party. We will store the information and data we collect and associate it with your Paytia account, and we will use that information and data to enable the integration of Paytia with the third-party service and to perform actions requested or initiated by you or that are reasonably necessary to carry out instructions provided by you.

d. Automatically-Collected Information

We collect information about how you use Paytia and your actions on Paytia, which can include your IP addresses, browser types, operating systems, ISPs, platform types, device types, and mobile device identifiers such as make and model, and mobile carrier. We may also use tools, including third-party tools, to collect analytics data. Some of this information is collected through the use of cookies and other tracking technologies, such as web beacons, pixels, session replay scripts, and similar technologies. Please see our Cookie Policy for more information about our use of cookies and similar tracking technologies.

2. How We Use the Information We Collect

a. Use of Content

Notwithstanding anything to the contrary in this Privacy Policy, we will not use or access your Content except: to provide, maintain, improve, or optimise use of Paytia; where you (or the organisation through which you have an account) explicitly approve access (e.g., during a customer support inquiry); in response to lawful requests by law enforcement or government authorities; in response to subpoenas, court orders, or other legal process or requests, as required by applicable law in each country or jurisdiction as determined in our discretion; where necessary (in our sole discretion) to ensure the stability and security of Paytia and our system (e.g., where we have reason to believe spec content is degrading server stability); and where necessary (in our sole discretion) to protect the rights, privacy, safety, or property of you, us, or others; or Regardless of the foregoing, you acknowledge and agree that we may retain, take possession of, delete, or deny you access to any content that we believe, in our sole discretion, violates our Terms of Service, or your use of Paytia. We also may analyse metadata content (such as the total number of records, file size, API volume, access logs, etc.).

b. Use of Other Information

We use the information we collect for a variety of purposes, and how we use it depends on what we collect and which service (or features of the service) you use. These purposes may include:

• Fulfilling our Contract with You and Providing the Services to You. This includes use for the purpose of: (i) responding to requests or inquiries from you; (ii) providing customer support or technical assistance; (iii) contacting you to provide product updates or information about products you have requested or purchased; (iv) creating, managing, or administering your information and account, including identifying you with your account or the account of a Paytia customer; and (v) auditing relating to interactions, transactions, and other compliance activities.Serviceservice and short-term, transient use, such as contextual customisation of ads.
• Marketing Our Products and Services. This includes use for the purpose of: (i) tailoring and providing you with information about Paytia products, services, and events that you may be interested in, including by email or phone, (ii) monitoring the performance of our advertisements and marketing efforts, and (iii) communicating with you about your engagement with our Service.
• Legal Obligations and Rights. This includes use for the purpose of: (i) establishing, exercising, investigating, prosecuting, or defending against legal claims; (ii) complying with laws or responding to lawful requests and legal process; (iii) protecting the rights and property of Paytia, our agents, customers, and others, including to enforce our agreements, policies, or Terms of Service; (iv) detecting, suppressing, or preventing fraud; (v) reducing credit risk and collecting debts owed to us; (vi) protecting the health and safety of Paytia, our customers, or any person; or (vii) fulfilling other requirements under applicable law.
• Participation in any Paytia partner program. This includes use for the purpose of enabling or supporting participation in any such program, which may involve the provision by Paytia partners of implementation, training, app-building, base-building, or other similar services.
• Consent. This includes use for other purposes that are clearly disclosed to you at the time you provide personal information, or with your consent.
• Aggregated or De-Identified Data. This includes use of aggregated or de-identified information for a wide variety of statistical, analytical, and Service improvement purposes. The aggregation or de-identification process prevents the information from being reassociated or identified with any one customer account, user, or individual.
• Other Purposes. This includes use for our other, legitimate business purposes, or as permitted by applicable law.

3. How We Disclose Information

We disclose information we collect for specific purposes, including:

• When you ask us to, or otherwise give your specific consent (for example, by posting Content using the Universe feature), you consent to our making that Content visible to Paytia users or website guests;
• With affiliates and subsidiaries to provide you with aspects of the Service, such as customer support;
• With vendors that help us provide you with aspects of the Service, such as data storage, hosting, customer support, and payment processing, or that help us with marketing and email campaigns, to advertise, gain insights, and perform analytics into how the service is used and how it might be improved;
• With third parties who enable certain features or functionalities of the Service that you’ve requested (for example, by installing extensions in Paytia);
• With an employer or other organisation (or employees or other Paytia users associated with such an employer or other organisation) on whose behalf you use the Service, that created an Paytia account on your behalf, or that owns, manages, or is associated with the email domain for an email address on your account;
• With the owner or collaborator of an Paytia workspace to which you have access or on which you are a collaborator as necessary to identify you to such owner or collaborator or enable you to collaborate as intended;
• With partners in any Paytia partner program, when you elect to work with one of our partners for implementation, training, app-building, codebase-building, or other similar services.
• As necessary to comply with applicable law, including governmental requests and law enforcement requests, and otherwise to protect the rights, privacy, safety, or property of you, us, or others;
• As necessary in the event of a proposed or actual reorganisation, merger, sale, joint venture, assignment, transfer, financing, or other disposition of all or any portion of our business, assets, or shares;
• With others for any legitimate business purpose that does not conflict with the statements made in this Privacy Policy.

4. Transfers of Information

We may transfer and process your personal information in countries outside of the jurisdiction where you are located for the various purposes described above. When required by law, we will ensure that we rely on an appropriate legal mechanism for the transfer, such as your consent, standard contractual clauses (or their equivalents), or adequacy decisions. You may ask us, using the contact information in Section 9 of this policy, for more information about the specific basis we use for transferring your data.

5. Retention of Information

We store your personal information for no longer than necessary for the purposes for which it was collected, including to satisfy any legal or reporting requirements and in accordance with our legal obligations and legitimate business interests. Consider the amount, nature, and sensitivity of the personal data; the potential risk of harm from unauthorised use or disclosure of your personal data; the purposes for which we process your personal data; and the applicable legal requirements when determining the appropriate retention period for personal data.

6. Managing Your Information

a. Content

You may access, correct, amend, or delete content within Paytia. You own all of the content you upload, as long as you have a legal title to it. Content you delete (including content containing personal information) may be retained in archived or backup copies in order to enable you to use certain features like revision history and base snapshots. For instructions on how to permanently delete content from your Paytia account, please contact us at privacy@paytia.com. Please note that permanent deletion of content through this process may impair or disable some features of the service (such as revision history and base snapshots) with respect to that content.

b. Credit/debit card data and bank account data

As a PCI-DSS Level 1 service provider, Paytia is  responsible for the security of cardholder data that it captures, otherwise stores, processes, or transmits on behalf of our merchant customers. Paytia architects its ‘Payment platform as a Service’ platform to ensure there is no exposure of cardholder or sensitive authentication data from the point of capture to the point it is passed to a third party payment processor or bank.

c. Other Information

We may use some of the information we collect for marketing purposes, including to send you promotional communications about new Paytia features, products, events, or other opportunities. If you wish to stop receiving these communications or to opt out of the use of your information for these purposes, please follow the opt-out instructions by clicking "Unsubscribe" (or similar opt-out language) in those communications. You may also contact us at privacy@paytia.com to opt out.

You also may have certain rights with respect to your data, depending on the jurisdiction in which you live. Please see the jurisdiction-specific sections below for a description of those rights.

7. Information from Children

Paytia is a business service and, as such, is not intended for use by children under the age of 16 (or other age as required by local law), and we do not knowingly collect personal information from children. If we learn that we have collected personal information from a child, we will take reasonable steps to delete such information from our files as soon as is practicable. If you learn that your child has provided us with personal information without your consent, you may contact us at privacy@paytia.com.

8. Changes to Privacy Policy

Any information that we collect is subject to the Privacy Policy in effect at the time such information is collected. We may, however, revise the Privacy Policy from time to time. If a revision is material, as determined solely by us, we will notify you, for example, via email. The current version will always be posted to our Privacy Policy page.

9. Contact Us

If you have any questions about our privacy practices, including this policy, you may contact us by email at privacy@paytia.com or by mail at Paytia, 37th Floor, 1 Canada Square, Canary Wharf, London, E14 5AA, UK, or 1390 Market Street, Suite 200, San Francisco, California, 94102, USA.

10. EEA, UK, Swiss-Specific Disclosures

The disclosures in this section apply solely to residents of the European Economic Area ("EEA"), Switzerland, and the United Kingdom ("UK") and describe how we collect, use, disclose, and otherwise process personal data about you. Unless otherwise expressly stated, all terms in this section have the same meaning as defined in the General Data Protection Regulation ("GDPR"). Paytia is the controller of the personal data we hold about you in connection with your use of the service.

a. Lawful Basis of Processing.

We collect and process your personal data for the purposes set forth in this Privacy Policy. Where required by law, we obtain your consent to use and process your personal data for these purposes. Otherwise, we rely on another authorised legal basis (including but not limited to the performance of a contract or a legitimate interest) to collect and process your personal data.

b. Marketing and Advertising.

From time to time, we may contact you with information about our products and services, including by sending you marketing or advertising messages and asking for your feedback on our products and services. For some marketing or advertising messages, we may use personal data we collect about you to help us determine the most relevant marketing or advertising information to share with you. You can unsubscribe at any time from our marketing or advertising emails by clicking on the unsubscribe link at the bottom of the email or by contacting us at privacy@paytia.com.

In addition, when you give us your consent, we may provide your information to third parties for targeted advertising or we may allow our advertising partners to collect data about you for that purpose using cookies or similar technologies. For more information, please see our Cookie Policy.

c. Your Privacy Rights

You have the following rights with respect to your personal data that we hold: (i) right of access; (ii) right of portability; (iii) right to rectification; (iv) right to erasure; (v) right to restriction; (vi) right to withdraw consent; and (vii) right to object.

You also have the right to lodge a complaint with your local data protection authority. Information about how to contact your local data protection authority is available here.

If you wish to exercise one of these rights, please submit a request by:

• Emailing privacy@paytia.com with the subject line "European Rights Request", or
• Filling out a Data Subject Request using this form.

Due to the confidential nature of data processing, we may ask you to provide proof of identity when exercising the above rights.

11. California-Specific Disclosures

The disclosures in this section apply solely to individual residents of the State of California and provide additional information about how we collect, use, disclose, and otherwise process personal information within the scope of the California Consumer Privacy Act of 2018, as amended, including its implementing regulations ("CCPA"). Unless otherwise expressly stated, all terms in this section have the same meaning as defined in the CCPA.

a. Sensitive Personal Information

Certain data elements we collect and use to provide the service may be deemed "sensitive personal information" under the CCPA. These include your username and password to access your account and the contents of any messages you send through our email integration feature. We do not use or disclose such sensitive personal information to “infer” characteristics as defined under the CCPA or for any purpose other than that which is necessary to provide the Service as specified in the CCPA.

b. Sales and Sharing of Personal Information (Targeted Advertising)

We use cookies and similar tracking technologies that enable certain advertising networks, social media companies, analytics services, and other third-party businesses to collect and disclose your personal information directly from your browser or device when you visit or interact with our Service or otherwise engage with us online. In some cases, we may upload personal information to certain of these partners for advertising or analytics purposes.

To opt out of these “sales” or “sharing” of personal information (as these terms are defined under the CCPA or other applicable US state privacy laws), you must:

• Submit a request using this form or email privacy@paytia.com.

Note that the above opt-out right does not apply where we have appropriately limited our partners to being our “service providers” or “processors” (as these terms are defined under the CCPA or other applicable US state privacy laws).

c. California Privacy Rights

As a California resident, you may be able to exercise the following rights in relation to the personal information we have collected about you (subject to certain legal limitations):

• The Right to Know any or all of the following information relating to your personal information we have collected and disclosed in the last 12 months, upon verification of your identity:
• The specific pieces of personal information we have collected about you;
• The categories of personal information we have collected about you;
• The categories of sources of the personal information;
• The categories of personal information that we have disclosed to third parties for a business purpose, and the categories of recipients to whom this information was disclosed;
• The categories of personal information we have sold or shared and the categories of third parties to whom the information was sold or shared; and
• The business or commercial purposes for collecting, selling, or sharing the personal information.
• The Right to Request Deletion of personal information we have collected from you, subject to certain exceptions.
• The Right to Request Correction of inaccurate personal information.
• The Right to Opt Out of Personal Information Sales or Sharing to third parties now or in the future.

You also have the right to be free of discrimination for exercising these rights. However, please note that if the exercise of these rights limits our ability to process personal information (such as in the case of a deletion request), we may no longer be able to provide you our service or engage with you in the same manner.

d. How to Exercise Your California Privacy Rights

Please see Section 11.b. above to exercise your right to opt out of personal information sales or sharing.

To exercise your rights to know, correct, or delete information, please submit a request by:

• Emailing help@paytia-sars.on.spiceworks.com with the subject line "Paytia - California Rights Request" or

 

We will need to verify your identity before processing your request. In order to verify your identity, we will generally require either the successful login to your account (if applicable) and/or the matching of the sufficient information you provide us with the information we maintain about you in our systems. Although we try to limit the personal information collected in connection with a request to know, correct, or delete, certain requests may require us to obtain additional personal information from you. In certain circumstances, we may decline a request to exercise the right to know, correct, or delete, particularly where we are unable to verify your identity or locate your information in our systems, or as permitted by law.

e. Minors Under Age 16

We do not sell or share the personal information of consumers we know to be less than 16 years of age. Please contact us at privacy@paytia.com to inform us if you, or your minor child, are under the age of 16.

f. California’s "Shine the Light" Law

In addition to the rights described above, California's "Shine the Light" law (Civil Code Section §1798.83) permits California residents who have an established business relationship with us to request certain information regarding our disclosure of certain types of personal information to third parties for their direct marketing purposes during the immediately preceding calendar year.

To make such a request, please send an email to privacy@paytia.com.

12. Disclosures to residents of Colorado, Connecticut, Virginia, and Utah

The disclosures in this section apply solely to individual residents of the states of Colorado, Connecticut, Virginia, and Utah. When these states' privacy laws go into effect in 2023, residents will have certain rights regarding their personal data. Those rights include:

• Right to Access Information. You have the right to access and obtain a copy of your personal data.
• Right to Request Deletion. You have the right to request that we delete personal data provided by or obtained about you.
• Right to Correct. You have the right to correct inaccuracies in your personal data.
• Right to Opt-Out of Targeted Advertising. You may ask us not to use or disclose your information for the purposes of targeting advertising to you based on your personal data obtained from your activity across different businesses, services, websites, etc.
• Right to Opt Out of Personal Information Sales to third parties.

To submit a request to exercise your access, deletion, or correction privacy rights, please email us at privacy@paytia.com with the subject line “Paytia - Privacy Rights Request” and let us know in which state you live, or complete this form. Please see Section 11.b. for a description of how to exercise your right to opt out of targeted advertising or sales.

Residents of Colorado, Connecticut, and Virginia may appeal a refusal to take action on a request by contacting us by email at privacy@paytia.com.

14. Canada-Specific Disclosures

If you live in Canada, you have the following rights:

• Right to Access. You can ask us to: (i) confirm that we have personal information about you, and (ii) provide you a copy of that information.
• Right to Correct. You can ask us to correct any inaccurate or incomplete personal information that we have about you.

You may submit a request by contacting us at privacy@paytia.com with the subject line “Paytia - Canadian Privacy Rights Request." Before we honour your request, we will need to verify your identity.