This is the Privacy Policy of Paylists LTD, a company registered in England and Wales under company number 14081565 and describes our practices concerning the information we receive or collect when you visit our website and/or our Paylists software which are located at paylists.com, paylists.co.uk or paylistsapp.co.uk.
We are committed to protecting any data that we collect concerning you and processing it only in ways which comply with the Data Protection Act 1998 (and any replacement legislation) (“the DPA”, for short) and the European Union’s General Data Protection Regulation (“the GDPR”).
Through this Privacy Statement, Paylists (“Paylists”, “we”, “our”, “us”) informs you about the way in which Paylists processes personal data from your business, customers, vendors, and users, registered or unregistered.
At Paylists, we value your privacy. If you have any questions regarding our use of your personal data, you can reach out to us via [email protected].
What is Paylists?
Paylists is cloud software that enables businesses and vendors to send payment requests to their customers. The software enables a conversation between businesses using emails and SMS. The software also enables the attachment of documents to be sent between businesses.
Paylists LTD enables the execution of payments between businesses using the services of Crezco which is authorised and regulated by the UK Financial Conduct Authority as an Authorised Payment Institution – Firm Reference Number: 925173. This service is optional, but we will share your information with Crezco, in case you do use it.
Debit and Credit cards sensitive data
Although Paylists allows payments to be made between businesses through a third-party services, which includes entering Debit or Credit card information, Paylists does not save or keep this information but only transfers it to the payment provider for the payment process.
Information Commissioner Office
Paylists LTD is registered with the UK information commissioner office (ICO) ico.org.uk under Reference: ZB593551.
What personal data does Paylists process?
Paylists processes your personal data because you use Paylists’ services and/or because you provide personal data to Paylists. Paylists distinguishes between users who are registered and users who receive payment requests, but are not registered.
Registered user
If you have registered Paylists software, the following personal data may be processed (also depending on your acceptance of cookies):
Unregistered user
If you are not registered with the Paylists websites, but you respond to a payment request, the following personal data may be processed (also depending on your acceptance of cookies):
Business
Each registered user must create his own business or businesses to create and send payment requests. Please note that in principle, we process data about your business. Business information is not considered personal data. However, if you act as a sole trader, (some of) your business information may be qualified as personal data. Therefore, the data listed below is personal data:
Customers
Each registered user must create his own customers to send them payment requests. The following business data is processed:
We distinguish between a private customer whose data is managed by you and is not exposed to other businesses in Paylists and business customers. Paylists is a network of businesses and so is your business. After you have created your business and your email has been verified, your business can be used as a vendor or customer of another business. When you create a business customer, if it exists and is verified in the Paylists network then we create a link between you and the business customer. The data is shown to you, but you cannot update it. If your business customer has not yet been created in Paylists, then that data is managed by you and is only visible to you. Please note that if this customer is registered to Paylists and performs verification, then he takes ownership of the customer profile you created, and from this stage his data is managed only by him.
Vendors
To plan payments to vendors you need them to be defined in the Paylists software. If the vendor is registered, you can select them and access their business data. If the vendor is not registered you can create their profile, and their data will be visible only to you. The following business data is processed:
Paylists is a network of businesses and so is your business. After you have created your business and your email has been verified, your business can be used as a vendor or customer of another business. When you create a business vendor, if they already exist and are verified in the Paylists network then we create a link between you and the business vendor. Their data is shown to you, and you cannot update the details. If your business vendor has not yet been created in Paylists, then their data is managed by you and is only visible to you. Please note that if this vendor is registered to Paylists and performs verification, then they take ownership of the vendor profile you created, and from this stage their data is managed only by them.
Does Paylists process sensitive personal data?
Paylists software, services and products are not aimed at activities that require special categories of personal data to be processed. Paylists therefore requests that you do not provide any such information. Furthermore, Paylists has no intentions at all of collecting personal data about Paylists users who are minors, even if they have permission from their parents or guardians. Unfortunately, Paylists cannot check whether a Paylists user is a minor and therefore Paylists advises parents or guardians to be involved in their children’s online activities in order to prevent minors’ data from being processed by Paylists.
We emphasize that our Services are not directed to children under 13 years of
age, and we do not knowingly collect information from children under 13. If we
become aware that a child under 13 has provided us with Personal
Information, we will prohibit and block such use and will make all efforts to
promptly delete any Personal Data stored with us regarding such child.
Where does Paylists collect and use your personal data for?
If you use Paylists software, your personal data is processed for the following purposes:
Paylists processes personal data for the purposes listed above based on your consent to use the Paylists software. If Paylists wants to process your personal data for other purposes than described above, Paylists will only do so when we obtain your consent or when we have legitimate interests, if legally required. You can withdraw your consent at any time without giving reasons, or object to the processing of your personal data when we do so based on legitimate interest. Please note that withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent. You can withdraw your consent by sending your request to withdraw your consent to [email protected].
How long does Paylists keep your personal data?
Paylists will not retain your personal data longer than the mandatory statutory period or, if such a mandatory statutory period does not apply, no longer than is strictly necessary for the realisation of the purposes for which your personal data was obtained.
Please be aware that your personal information may be stored on backup tapes and locations, third-party servers, and residual information may be retained after we have ordered them to delete it. We are under no obligation to store such information indefinitely and disclaim any liability arising out of, or related to, the destruction of such information.
How does Paylists secure your personal data?
The protection of your personal data is very important to Paylists. Paylists has therefore taken technical security measures to protect your data and to comply with applicable laws and regulations.
If you believe you’ve found a security issue in our product or service, please notify us as soon as possible by emailing us at [email protected].
However, we cannot guarantee the security of any information disclosed online, including the possibility that another person or organization may monitor, intercept, or obtain your information other than from us. By using our website, you accept the security implications of providing information over the internet and agree not to hold us responsible for any harm arising from those risks, unless we have been proven to be negligent. Any transmission of personal information over the internet is at your own risk.
Does Paylists share your personal data with third parties?
Paylists shares your personal data with third parties if this is necessary to provide our products and services. Paylists may use relevant third parties as listed below. Please not that Paylists Privacy Policy does not apply to those third-party websites, services, or applications. These third-party services are governed by their own privacy policies. Paylists is not responsible for the privacy policies and practices of these third parties. If you do not want your data to be used by us or selected third parties, you can notify us at any time if you do not wish your data to be used in this way. Please note that we may not be able to provide you with our services and you may need to stop using the Paylists software.
A list of third parties that process data for Paylists, can be found here. We recommend reviewing this list regularly, since third parties can be added or removed from the list.
Third parties | Purpose |
Firebase | Server infrastructure |
Google cloud platform | Cloud computing services |
Twilio | Communications services |
Crezco | Payment facilitator |
Advertising (cookies) | |
Advertising (cookies) | |
Advertising (cookies) |
Cross-border data transfers
When providing our services, if we need your personal data to be processed by third parties outside the European Economic Area (EEA) or in a third country (a country without an adequate level of protection as indicated by the European Commission), Paylists ensures that the correct contract will conclude regarding data processing, and an appropriate transfer mechanism will be in place, such as EU Standard Contract Clauses. In this way Paylists ensures that your personal data is always secured at least at the same level and that the confidentiality of your personal data is guaranteed.
Legal Compliance.
We may disclose or allow government and law enforcement officials access to certain Personal Information, in response to a subpoena, search warrant, or court order (or similar requirement), or in compliance with applicable laws and regulations. Such disclosure or access may occur if we have a good faith belief that we are legally compelled to do so, or that disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing.
Does Paylists use cookies?
Paylists uses functional, analytical, and marketing cookies. A cookie is a small text file that is stored in the browser of your device such as a computer, tablet, or smartphone when you first visit Paylists’s websites. On the one hand, Paylists uses cookies with a purely technical functionality. These cookies ensure that the website works properly and, for example, remember your preferred settings, so that Paylists can optimize the websites. On the other hand, Paylists uses cookies that keep track of your browsing behaviour so that Paylists can offer you tailor-made content and advertisements.
What rights do you have?
You have the right to access, correct, erase, restrict, transfer, or object to the personal data that Paylists processes, unless Paylists cannot execute these rights based on a legal obligation or whenever exceptions apply.
You can send your request to exercise your privacy rights to [email protected]. Paylists prefers to establish that this request originates from you and that you are who you say you are. If we are not capable of verifying it is you directly, Paylists may ask you to send a copy of your identification (i.e., a passport or identity card). Please make sure that in this copy your passport photo, MRZ (machine readable zone, the strip with numbers at the bottom of the passport), passport number and citizen service number (BSN) have been redacted to protect your privacy. Paylists will then respond to your request as soon as possible, but in any case, within 2 months.
How can you contact Paylists?
If you have any questions regarding our use of your personal data, you can contact us via [email protected].
If you believe that Paylists has used your personal data unlawfully or if you are not satisfied with Paylists’s response to your question or request, you have the right to file a complaint with the relevant Data Protection Authority.
Updates to this Policy
We reserve the right to update our Privacy Policy at any time. We will take reasonable steps to draw your attention to any changes in our Policy. We suggest that you read this document from time to time to ensure that it still meets with your approval. Should you disagree with any changes made, you may withdraw your consent at any time, and you can stop using Paylists software if without your personal data we can no longer provide our services.
Let us help you take control of your payment flow and get your payments faster.
Paylists LTD is a company registered in England and Wales under company number 14081565, registered with the Information Commissioner Office (ICO) under reference: ZB593551.
Paylists LTD is PCI DSS compliant.
Paylists LTD executes open banking payments using Crezco which is authorised and regulated by the UK Financial Conduct Authority as an Authorised Payment Institution – Firm Reference Number: 925173.
20-22 WENLOCK ROAD, London N1 7GU
England