We use cookies to enhance your user experience. By clicking any link on our site you’re giving your consent for us to set cookies.

More info
logo blue logo white heart
  • Products

    Accept payments

    Payments

    Gain full control of all your transactions

    Checkout

    Ready-made solution for higher conversion

    Make payouts

    Payouts

    Handle payouts automatically and manually

    Batch payouts

    Fast payouts to thousands of recipients

    Be smart

    Routing & Cascading

    Embrace digitalisation to the fullest extent

    Currency conversion

    Save on fees and earn on fluctuations

    Control

    Merchant management

    Holistic tool for storefronts management

    Reconciliations

    Reconcile without efforts

    Analytics

    Access intelligence on the go

    Manage

    Dashboard

    A single place to manage all processes

    Platform

    Security & Compliance

    The highest standards of security

    Solutions

    White label payment provider

    Your own-branded payment platform

    White label payment gateway

    Brandable payment processing for merchants

    White label for ISO/MSP

    The all-in solution to set up own PSP

    E-commerce

    Solutions to scale up & lower costs

    iGaming

    iGaming payment solutions

    Forex

    All-inclusive Forex payment solution

    Open FinTech

    Fintech services communication

    PayAtlas

    Global catalogue of PSPs

  • Developers
    Documentation
    API references
    Status page
    Sandbox
    SDKs
  • Integrations
    Payment providers Payment methods
  • Company
    About us Team Brand assets Roadmap Media Stand with Ukraine heart
    Contact us Careers Blog Guides Glossary

    Download

    free guides by Corefy

  • Pricing
English
  • Русский
  • Українська
  • Français
  • Español
  • Deutsch
  • English
Get started
Privacy Notice
  • Website Terms of Use
  • List of Data Subprocessors
  • Privacy Notice
  • Cookie Policy

Privacy Notice

Last updated on November 1, 2020

Corefy takes care of your personal data and does everything possible to protect it. This Privacy Notice is written to help you understand what your personal data is collected, stored and used, and what happens to it when you use our website at corefy.com (“Website”).

Pay your attention! UK leaves the EU by 31 December 2020. Till that time, the whole data processing process will be handled as it goes. After leaving the EU, the UK will become a third country pending a decision on the adequacy of jurisdiction. We will continue to be GDPR compliant and comply with the data processing and transmission requirements, taking into account the GDPR requirements for third countries that are not recognised as an adequate jurisdiction.

In this Privacy Notice we answer the following questions:

  1. 1) Who are we?
  2. 2) What is the Privacy Notice covered by?
  3. 3) What data do we collect and why?
  4. 4) How long do we keep your data?
  5. 5) Do we share data with third parties?
  6. 6) Do we do data transfer outside the European Economic Zone?
  7. 7) Do we use cookies?
  8. 8) What rights do I have regarding my data?
  9. 9) How do we update Privacy Notice?
  10. 10) California privacy rights.
  11. 11) Do-not-track requests.
  12. 12) California residents data protection rights.

1. Who are we?

We are PayCore.io Limited, company number 11654625, with a registered address at 37th floor, One Canada Square, Canary Wharf, London, E14 5AA, United Kingdom.
In relation to your personal data, we are the controller and processor at the same time. We are the controller of your personal data of our clients and users, which means that we determine what, for what purpose and how your personal data will be processed.

If you have any questions, you can contact us by sending an email to [email protected]. You can also send us a letter at PayCore.io  Limited, 37th floor, One Canada Square, Canary Wharf, London, E14 5AA, United Kingdom.

2. What is the Privacy Notice covered by?

This Privacy Notice applies to our website and our services. Our websites are corefy.com and PayCore.io  .

3. What data do we collect and why?

The data we process is divided into two categories: technical information and data that is provided to us by a user, consumer and client.

Technical information. When you visit our website, some data is collected automatically. We need technical data to operate, maintain, and improve our website. This includes data such as an IP address, UTM parameters, geolocation, device type, browser type, cookies, and data about your interaction with the website - session ID.

The session ID includes your interaction with the website, the name of the website from which you went to our website, the functions you use, the pages viewed on our website, the way you use our website, and the actions you take if such actions are present.

Data provided by the client. To perform a contract, we need the following data: full name, date of birth, email, passport details (tax number, address), gender, phone number, position, company name, payment information (bank details, bank card details), and merchant ID credentials.

Data provided by the consumer. While processing personal data of end users, Corefy acts as a processor. For detailed information on the processing of your personal data, please contact your controller. As a processor, we may process the following data: name, surname, geolocation, address, device hash, email, phone number, tax number, payment information incl. but not limited to bank ID, bank details, payment card details, electronic wallet ID.

Data provided by the user. For full interaction with our website, we may collect your name, phone number, email, and company name.
Once again, briefly about what personal data we collect:

Type of data Description of data Legal basis Reasons of processing
Data provided by a client Full name, gender, date of birth, email, phone number, passport details, position, company name, payment information, merchant ID credentials Performance of a contract Registering an account;
Providing a service;
Customer support
Data provided by a client Position, company name Legitimate interest Analytics;
Statistics
Data provided by a client Full name, date of birth, email, phone number Consent Marketing
Data provided by a consumer Name, surname, geolocation, address, device hash, email, phone number, tax number, payment information, bank ID. Performance of the contract Registering an account;
Providing a service;
Customer support
Data provided by a consumer Device hash, payment information Legitimate interest Security; Analytics;
Statistics
Data provided by a consumer Full name, contact details Consent Marketing
Data provided by a consumer Name, surname, payment information Legal obligation Compliance with the legal obligation
Data provided by a user Full name, phone number, email, and company name Performance of the contract Performance of the contract;
Providing a service
Data provided by a user Name, phone number, email Consent Marketing
Data provided by a client Full name, payment information Legal obligation Compliance with legal obligations
Automatically collected data Technical information
Cookies
Legitimate interest website operation;
Analytics;
Statistics

Pay your attention. We knowingly do not process the personal data of users under the age of 13 without consent from the legal representative(s). If you are such a user, or you are the legal representative of the user, please let us know by email at [email protected].

4. How long do we keep your data?

We store personal data in the following categories:

Client data. We store personal client data for the duration of the service and 36 months after completion.

Consumer data. We store personal consumer data for the duration of the service and 24 months after completion.

User data. We store users' personal data for 36 months.

However, you can exercise your right to delete your data. In this case, your data will be deleted from our servers within 30 days of your request.

5. Do we share data with third parties?

We use your personal data to perform a contract and for communication between us and the client, between us and the consumer, and between us and the user. We transfer your data on the following grounds:

Consent. We transfer your personal data based on your explicit consent.

Compliance with the law. We will disclose your personal data to third parties to the extent that it is necessary:

  • to comply with a government request, court order, or applicable law;
  • to prevent unlawful use of our website or violation of the Terms of Use of our website and our services;
  • to protect against claims of third parties;
  • to help prevent or investigate fraud.

Transfer to third parties: We transfer your personal data to third parties on the basis of public offer for processing on our behalf, subject to technical and organizational measures to protect your personal data. We may transfer your data to certain companies, consultants, and contractors hired to provide certain services on our behalf.
We will ask for your consent unless the transfer of data is part of a contract.

6. Do we do data transfer outside the European Economic Area?

The General Data Protection Regulation (the “GDPR”) applies to a transfer of personal data from the EEA to the UK. For now, the transfer is allowed without extra specifications. Based on fact that the UK is leaving the European Union, and the transfer will be based on appropriate safeguards until the decision about adequate jurisdiction. In this case, “a transfer of personal data” will have the same meaning as it in the GDPR.

All data is now stored on servers in Germany and the UK. When transferring data, we use the necessary protective measures such as encryption and security protocols.

7. Do we use cookies?

We use the cookies necessary for the functioning of the website. Using cookies, we receive the technical information specified in clause 3 and our Cookie Policy.
If you want to disable cookies, then you can find instructions for managing your browser settings at these links:

  • Internet Explorer
  • Firefox
  • Safari
  • Microsoft Edge
  • Google Chrome
  • Opera
  • Vivaldi

8. What rights do I have regarding my data?

You, as subjects of personal data, have the following rights:

  • The right to access information. You can request an explanation of the processing of your personal data.
  • The right to portability. You can request all the data that you provided to us, as well as request to transfer data to another controller.
  • The right to restrict processing. You may partially or completely prohibit us from processing your personal data.
  • The right to file complaints. If your request was not satisfied, you can file a complaint to the regulatory body, the ICO via live chat service ico.org.uk/livechat or ico.org.uk/global/contact-us  .
  • Right to be forgotten. You can send us a request to delete your personal data from our systems.

To exercise your rights, write us an email at [email protected]. If your request was not satisfied, you can file a complaint to the regulatory body, the ICO via live chat service ico.org.uk/livechat or ico.org.uk/global/contact-us  .

9. How do we update Privacy Notice?

This privacy policy and the relationships falling under its effect are regulated by the GDPR. Existing laws and requirements for the processing of personal data are subject to change. In this case, we will publish a new version of the Privacy Notice on our website. After the UK will finish the exit from the European Union, we will continue to comply with the requirements of the GDPR, and will also make every effort to comply with the legislation of the UK as soon as possible if there would be changes. If significant material changes are made that affect your privacy and confidentiality, we will notify you by email or display information on the website and ask for your consent.

10. California privacy rights

We make these disclosures to those visiting our websites who reside in California which supersede and replace any conflicting disclosures found elsewhere on our websites as well as reflect your privacy rights granted by the California Consumer Privacy Act (CCPA).

Opt-out of disclosure for direct marketing purposes. The California laws allow its residents to learn the identities of entities that received their personal data for marketing purposes and the categories of information disclosed. You may request such information by contacting us by email at [email protected].

Please be aware that this opt-out does not prohibit our disclosure of personal data for any purpose other than direct marketing. The data we process and share may include your name, address, email address, and telephone number.

Automatic gathering of information. We collect data that you provide to us online, and through websites of unaffiliated third parties.

Automatic gathering of information by third parties. When you visit our websites, third parties can collect personal data about your online activities over time and across different websites pertaining to your visit to or use of our and other websites.

11. Do-not-track requests.

California residents visiting our websites may request that we do not automatically gather and track information pertaining to their online browsing movements across the Internet. Such requests are typically made through web browser settings that control signals or other mechanisms that provide consumers the ability to exercise choice regarding the collection of personal data about an individual consumer's online activities over time and across third-party websites or online services. We currently do not have the ability to honour these requests. We may modify this Notice as our abilities change.

12. California residents’ data protection rights.

The CCPA has extended California residents’ data protection rights. However, we have already guaranteed all these rights and described them precisely in this Notice as well as a means of rights exercising. Please refer below to investigate.

Right to be informed. Please find a list of personal data we collect about you and your activity, sources and business purposes of personal data collection, and third parties we may share your personal data within Section 3 - 6 of the Notice.

Your Right of access, Data portability, and Right to delete are prescribed by Section 7 of the Notice.

You can exercise these rights any time by contacting us via email at [email protected].

Notice, the CCPA envisages some specific requirements related to the exercising of these data protection rights. Considering them we may:

  • respond to your request within forty-five (45) days of receiving the request;
  • provide you with personal data we collected about you no more than twice in a 12-months period (categories and specific pieces of collected personal data, business purpose and sources of collection, categories of third parties personal data is shared with);
  • NOT provide you with personal data if we cannot verify your identity. You shall provide us with sufficient information allowing us to verify you as the person about whom we collected personal data. However, we do consider requests made through your Account sufficiently verified.
  • NOT transmit your personal data to another entity.

Also, please be aware that we are allowed to maintain personal data after deletion request is received as permitted by the CCPA (for instance, for the purposes of detection of security incidents, repair errors, comply with legal obligations, transaction completion).

We want to draw your special attention that Corefy does not sell, rent, or trade your personal data to anyone.

Non-discrimination right. We definitely will not discriminate (including, by denying Services, charging different prices for Services, providing different quality of Services) against you for exercising any of your CCPA data protection rights.

logo white

Corefy is a universal feature-rich payment orchestration platform for online businesses and payment institutions. We integrate payment providers and acquirers all around the world to bring a unified communication, control, and management interface.

Products

  • Payments
  • Checkout
  • Payouts
  • Batch payouts
  • Routing & Cascading
  • Currency conversion
  • Merchant management
  • Reconciliations
  • Analytics
  • Dashboard
  • Security & Compliance
  • White label payment provider

Company

  • About us
  • Team
  • Roadmap
  • Brand assets
  • Contacts
  • CareersWe`re hiring!
  • Blog
  • Guides
  • Glossary
  • Pricing

Developers

  • Documentation
  • API references
  • Status page
  • Sandbox
  • SDKs

Integrations

  • Payment providers
  • Payment methods
en
English
  • Русский
  • Українська
  • Français
  • Español
  • Deutsch
  • English
regions
Choose region
  • United States
  • United Kingdom
  • Australia
  • Canada
  • Philippines
  • France
  • Germany
  • Spain
  • Malaysia
  • Singapore
  • Ukraine
  • Latvia
  • Lithuania
  • Malta
  • Bulgaria
  • Netherlands
  • Estonia
  • Hong Kong
  • Taiwan
  • New Zealand
  • Cyprus
  • Not selected

Get in touch

+44 20 3608 5914

Help & Support

  • Support
  • Request a demo
visa
We're a part of Visa Third Party Agent (TPA) program.
mastercard MRP registration program
We're a part of Mastercard Registration Program (MRP).
pci dss payments security certificate
Having successfully passed the independent audit and assessment, we received the certificate of PCI DSS version 3.2.1 compliance.
gdpr data protection privacy
When processing our clients' data, we strictly adhere to the data protection principles of the General Data Protection Regulation (GDPR). We believe that the protection of our clients' and their end-users' data is fundamental to our mission — helping build a better internet.
amazon aws amazon web services
Our payment platform runs entirely on Amazon Web Services (AWS), a secure cloud services platform that offers computing power, database storage, and other functionality helping us scale and grow.
cloudflare security CDN
Cloudflare helps us mitigate DDoS attacks of all forms and sizes and enhances the security of our platform.
google google  pay gpay
Corefy is Google Pay's certified participating processor.
applepay Apple Pay
We’ve implemented the Apple Pay token decrypt service.

© Corefy, .

  • DPA
  • Privacy Notice
  • Terms
  • Cookie Settings

Designed by Goodface