Privacy statement

Last Revision Date: September 25, 2023

This is the Privacy Policy of Paylists LTD, a company registered in England and Wales under company number 14081565 and describes our practices concerning the information we receive or collect when you visit our website and/or us our Paylists software which both located at paylists.com or paylists.co.uk.

We are committed to protecting any data that we collect concerning you and processing it only in ways which comply with the Data Protection Act 1998 (and any replacement legislation) (“the DPA”, for short) and the European Union’s General Data Protection Regulation (“the GDPR”).

Through this Privacy Statement, Paylists (“Paylists”, “we”, “our”, “us”) informs you about the way in which Paylists processes personal data of business, customers, vendors, and users, registered or unregistered.

At Paylists, we value your privacy. If you have any questions regarding our use of your personal data, you can reach out to us via [email protected]

What is Paylists?

Paylists is a software on cloud which enable business, vendors to send payment request to their customers. The software enables a conversation between business using emails and SMS. The software also enables to attach documents and send them between business.

Paylists LTD enable execute payment between business using services from Access Paysuite Ltd which is authorised and regulated as a Payment Institution by the Financial Conduct Authority – Firm Reference Number: 730815

Debit and Credit cards sensitive data

Although Paylists allows payments to be made between businesses through the Access PaySuite LTD services which includes entering Debit or Credit card information, Paylists does not save or keep this information but only transfers it to Access PaySuite LTD for the payment process.

Information Commissioner Office

Paylists LTD Registered with the UK information commissioner office (ICO) ico.org.uk under Reference: ZB593551

What personal data does Paylists process?

Paylists processes your personal data because you use Paylists services and/or because you provide personal data to Paylists yourself. Paylists distinguish between user how are registered and users who receive payment request but not registered.

Registered user

If you registered to Paylists software, the following personal data may be processed (also depending on your acceptance of cookies). the following personal data are processed:

Your registration data:

First and last name,
Email,
Phone number.

Your details about your activities on our websites.
Your IP address.
Your location data.
Your internet browser and device type.

Unregistered user

If you are not registered to Paylists websites, but you are response to payment request, the following personal data may be processed (also depending on your acceptance of cookies). the following personal data are processed:

Your details about your activities on our websites.
Your IP address.
Your location data.
Your internet browser and device type.

Business

Each registered user must create his own business or businesses to create and send payment requests. Please note that in principle, we process data about your business. Business information is not considered personal data. However, if you act as a sole trader, (some of) your business information may be qualified as personal data. Therefore, the data listed below is personal data:

Your business name.
Business email
Business phone number
Business fax number
Business address.
Your written correspondence via chat or email or SMS.
In some cases, information about the product or service that you have purchased from your customers.

Customers

Each registered user must create his own customers to create and send them payment requests. The following business data are processed:

Customer name.
Customer email
Customer phone number
Customer fax number
Customer address.

Please note that your customer may or may not registered to paylists. In case your customer registered and create his own business then all customer data will manage by customer, and you can only define him as a customer, but you cannot update his details. In case your customer is not registered then you can update his data which be visible only for you.

Vendors

To plan your payments to vendors you need them to be define in paylists software. In case vendor registered you can choose him and get his business data. In case vendor not registered you can create him, and his date will be visible only for you. The following business data are processed:

Vendor name.
Vendor email
Vendor phone number
Vendor fax number
Vendor address.

Does Paylists process sensitive personal data?

Paylists software, services and products are not aimed at activities that require special categories of personal data to be processed. Paylists therefore requests that you do not provide any of such information. Furthermore, Paylists has no intentions at all of collecting personal data about paylists users who are minors, even if they have permission from their parents or guardians. Unfortunately, Paylists cannot check whether a paylist user is a minor and therefore Paylists advises parents or guardians to be involved in their children’s online activities in order to prevent minors’ data from being processed by Paylists.

We emphasize that our Services are not directed to children under 13 years of age, and we do not knowingly collect information from children under 13. If we become aware that a child under 13 has provided us with Personal Information, we will prohibit and block such use and will make all efforts to promptly delete any Personal Data stored with us regarding such child.

Where does Paylists collect and use your personal data for?

If you use Paylists software, your personal data are processed for the following purposes:

To create payment requests.
To enable conversation with your customers and vendors.
To perform analyses for statistical and scientific purposes.
To provide support (such as via e-mail and phone)
To record evidence (if necessary).
To register to Access PaySuite LTD payment services.

Paylists processes personal data for the purposes listed above based on your consent to use paylists software. If Paylists wants to process your personal data for other purposes than described above, Paylists will only do so when we obtain your consent or when we have legitimate interests, if legally required. You can withdraw your consent at any time without giving reasons, or object to the processing of your personal data when we do so based on legitimate interest. Please note that withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent. You can withdraw your consent by send your request to withdraw your consent to [email protected]

How long does Paylists keep your personal data?

Paylists will not retain your personal data longer than the mandatory statutory period or, if such a mandatory statutory period does not apply, no longer than is strictly necessary for the realisation of the purposes for which your personal data were obtained.

Please be aware that your personal information may be stored on backup tapes and locations, third-party servers, and residual information may be retained after we ordered them do delete it. We are under no obligation to store such information indefinitely and disclaim any liability arising out of, or related to, the destruction of such information.

How does Paylists secure your personal data?

The protection of your personal data is very important to Paylists. Paylists has therefore taken technical security measures to protect your data and to comply with applicable laws and regulations.

If you believe you’ve found a security issue in our product or service, please notify us as soon as possible by emailing us at [email protected].

Do not share information about the security problem with others until the problem is resolved.
Provide information about how and when the vulnerability or malfunction occurs. Clearly describe how this problem can be reproduced and provide information about the method used and the time of investigation.
Be responsible with the knowledge about the security problem. Do not perform any actions beyond those necessary to demonstrate the security problem. Do not abuse the vulnerability and do not keep confidential data obtained through the vulnerability in the system.
Leave your contact details (e-mail address or telephone number) if you want, so that Paylists can contact you about the assessment and progress of the vulnerability solution.

However, we cannot guarantee the security of any information disclosed online, including the possibility that another person or organization may monitor, intercept, or obtain your information other than from us. By using our website, you accept the security implications of providing information over the internet and agree not to hold us responsible for any harm arising from those risks, unless we have been proved to be negligent. Any transmission of personal information over the internet is at your own risk.

Does Paylists share your personal data with third parties?

Paylists shares your personal data with third parties if this is necessary to provide our products and services. Paylists may use relevant third parties as list below. Please not that Paylists Privacy Policy does not apply to those third-party websites, services, or applications. These third-party services are governed by their own privacy policies. Paylists is not responsible for the privacy policies and practices of these third parties. If you do not want your data to be used by us or selected third parties, you can notify us at any time if you do not wish your data to be used in this way. Please note that we may not be able to provide you our services and you may need to stop using Paylists software.

A list of third parties that process data for Paylists, can be found here. We recommend reviewing this list regularly, since third parties can be added or removed from the list.

Third parties	Purpose
Firebase https://firebase.google.com/	Server infrastructure
Google cloud platform https://cloud.google.com/	Cloud computing services
Twilio https://www.twilio.com/	Communications services
Access PaySuite LTD https://www.accesspaysuite.com/	Payment facilitator
LinkedIn https://www.linkedin.com/	Advertising (cookies)
Google https://www.google.com/	Advertising (cookies)
Facebook https://www.facebook.com/	Advertising (cookies)

Cross-border data transfers

When providing our services, if we need that your personal data be processed by third parties outside the European Economic Area (EEA). in a third country (a country without an adequate level of protection as indicated by the European Commission), Paylists ensures that the correct contract will conclude regarding data processing, and an appropriate transfer mechanism will be in place, such as EU Standard Contract Clauses. In this way Paylists ensures that your personal data is always secured at least the same level and that the confidentiality of your personal data is guaranteed.

Legal Compliance.

We may disclose or allow government and law enforcement officials access to certain Personal Information, in response to a subpoena, search warrant, or court order (or similar requirement), or in compliance with applicable laws and regulations. Such disclosure or access may occur if we have a good faith belief that we are legally compelled to do so, or that disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing.

Does Paylists use cookies?

Paylists uses functional, analytical, and marketing cookies. A cookie is a small text file that is stored in the browser of your device such as a computer, tablet, or smartphone when you first visit Paylists’s websites. On the one hand, Paylists uses cookies with a purely technical functionality. These cookies ensure that the website works properly and, for example, remembers your preferred settings, so that Paylists can optimize the websites. On the other hand, Paylists uses cookies that keep track of your browsing behaviour so that Paylists can offer you tailor-made content and advertisements.

What rights do you have?

You have the right to access, correct, erase, restrict, transfer, or object to the personal data that Paylists processes, unless Paylists cannot execute these rights based on a legal obligation or whenever exceptions apply

You can send your request to exercise your privacy rights to [email protected] . Paylists prefers to establish that this request originates from you and that you are who you say you are. If we are not capable of verifying it, is you directly, Paylists may ask you to send a copy of your identification (i.e., a passport or identity card). Please make sure that in this copy your passport photo, MRZ (machine readable zone, the strip with numbers at the bottom of the passport), passport number and citizen service number (BSN) have been redacted to protect your privacy. Paylists will then respond to your request as soon as possible, but in any case, within 2 months.

How can you contact Paylists?

If you have any questions regarding our use of your personal data, you can contact us via [email protected]

If you believe that Paylists has used your personal data unlawfully or if you are not satisfied with Paylists’s response to your question or request, you have the right to file a complaint with the relevant Data Protection Authority. For contact details of all EU & UK Data Protection Authorities, click the link edpo.com.

Updates to this Policy

We reserve the right to update our Privacy Policy at any time. We will take reasonable steps to draw your attention to any changes in our Policy. We suggest that you read this document from time to time to ensure that it still meets with your approval. Should you disagree with any changes made, you may withdraw your consent at any time, and you can stop using Paylists software if without your personal data we can no longer provide our services.