Privacy Policy

New Version of 2000Charge Privacy Policy valid from 25 May 2018.

2000Charge is committed to protect and respect your privacy in compliance with EU General Data Protection Regulation (GDPR) 2016/679. ”You” means you as a customer, a potential customer, our customer’s employee or other relevant person such as our customer’s authorized representative, director or beneficial owner as well as our customer’s customer when using our services. This Privacy Policy explains how 2000Charge collects and uses your personal data. It also describes your rights towards 2000Charge and how to exercise them.

2000Charge processes individuals’ personal data for a number of reasons. 2000Charge processes your personal data in the capacity of the data controller. This Privacy Policy explains the following:

- What personal data we collect
- How we may use your personal data and the lawful basis for doing so
- Who we may disclose your personal data to
- How we protect your personal data
- Your GDPR rights
- Cookies
- How long we keep your personal data
- Changes to this Privacy Policy

What personal data we collect

In order to provide our payment processing services we need to process your personal data as described below. In the course of our business we collect personal data in a variety of ways. We collect personal data directly from data subjects, via data subject’s usage of our service and through our customers (i.e.,Merchants). You may directly or indirectly give us information about yourself in a variety of ways, such as when you place an order on a merchant’s site, choose to pay with one of 2000Charge payment methods, contact us, use our Merchant Portal or any other service of ours where you submit personal data.

- Personal and contact information: name, date of birth, national identification number, government identification numbers such as: driver’s license, state identification, passport, social security or tax identification number, address, e-mail address, mobile and land line telephone number, title, billing and shipping address. We are under legal obligation to collect documentation of such information, for example in the form of copies of your passport or driver’s license.

- Payment information: bank account number, invoice information, credit and debit card data

- Historical information: your purchase and payment acceptance history

- Financial information: your income, turnover, negative payment remarks, type of agreement, transactional data

- Information on goods/services: details about the items you purchase

- Information related to legal requirements: country of taxation or foreign tax payer reference, customer due diligence and anti - money laundering requirements

- Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platformm

- Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service numberr

- Geo-Location Information, some devices allow applications to access real-time location based information (for example GPS). Our applications may collect such information from your device at any time while you download or use our services. We may use this information to optimize your experience

Special categories of data

2000Charge does not collect or process any special categories of personal data.

Personal data we may collect from third parties

We may collect your personal data from third party services either publicly available or engaged by us to verify you against sanction lists (EU, UN sanction lists or OFAC lists) and registers held by tax authorities, company registration agencies and other commercial or non commercial information providers on beneficial owners and politically exposed persons. We also collect information from remitters, shops, banks, payment service providers and others. Our legal basis for collecting, processing and sharing such information about you with third party services as explained in this paragraph is fulfilling our legal obligations, such as preventing, detecting and investigating money laundering, terrorist financing and fraud prevention.

How we may use your personal data and the lawful basis for doing so

We use your personal data for a variety of reasons and based on different legal basis.

Collecting personal data based on consent

We may use your personal data to send you marketing communication which you requested. These may include information about our products and services, events, activities and promotions of our associated partners’ products or services. This communication is subscription based and requires your consent.

The collection of personal data is based on a consent from, the data subject will be done by using “Consent Forms” that will store documentation related to the consent given by the individual. Individual consent will always be stored and documented in our system. If you have given consent to processing of your personal data you can always withdraw the consent.

Collecting personal data based on contractual necessity

We use your personal data for fulfilling our contractual obligations towards you. It is impossible for us to perform our service to you without collecting and processing your personal data (contractual necessity as legal basis). Examples of contractual necessity as legal basis for your personal data collection and processing are: opening an account with us, processing and/or initiating payment transactions using our services, receiving settlements from us, invoicing, etc.

Collecting personal data based on legal obligations

As a payment service processor we are under legal obligation to process your personal data as part of our KYC requirements, preventing, detecting and investigating money laundering, terrorist financing and fraud prevention, sanction screening, reporting to tax authority, police authorities, supervisory authorities, payment service requirements.

We may also send you information about the products and services that you have purchased from us.

Replies to a “Contact me” or other web forms you have completed on our website.

Follow up on incoming requests (customer support, emails, chats or phone calls).

Notify you of every disruption to our services (system messages).

We also have a legitimate interest to use profiling when monitoring transactions in order to detect fraudulent transactions.

Who we may disclose your personal data to

We do not share, sell, rent or trade your personal data with any third parties without your consent, except from what is described below:

Merchants

We may share with the merchant at which you made your purchase the personal data necessary for the merchant’s performance, support and administration of your order, including disputes. The personal data shared with the merchant will be subject to the merchant's privacy policies and practices.

Third party service providers

We may pass your personal data on to our suppliers, acquirers, payment service providers, banks, clearing and settlement mechanisms and other business partners if necessary for providing our service to you. Before sharing your personal data, we will always ensure that we respect relevant financial industry secret obligation.

For example, if you have asked us to transfer funds, we need to disclose certain information to fulfill such transfer.

Authorities

We disclose personal data to authorities to the extent we are under statutory obligation to do so. Such authorities may include tax authorities, police authorities, AML authorities, law enforcement authorities and supervisory authorities in relevant countries.

Sub-contractors (processors and sub- processors)

We may use sub-contractors (data processor) to process personal data on our behalf, we are responsible for making sure they commit themselves to adhere to this Privacy Policy and applicable data protection legislation (GDPR) by signing the Data Processing Agreement.

Third country transfer

We may transfer personal data to organizations outside the EU/EEA area. If the sub-contractor (data processor) processes personal data outside the EU/EEA area, such processing is done in accordance with the EU Standard Contractual Clauses for transfer to third countries.

How we protect your personal data

2000Charge has taken a number of steps in order to provide an extremely secure service. We use appropriate technical, organizational and administrative security measures to protect any information we hold from loss, misuse, unauthorized access, disclosure, alteration and destruction.

The information is encrypted using secure socket layer technology (SSL) and is stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

Where we have provided you (or where you have chosen) a password or access code which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share any passwords with anyone, you authorize 2000Charge to act upon instructions and information from any person that enters your user id or password.

Please note that once you leave our website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy.

Your GDPR rights

You have the following rights in regards to your personal data:

Right of Access

You have the right to request a copy of your personal data we hold about you. In the most of the cases this information is already presented to you in your online services from us. Your right to access may, however, be restricted by legislation and protection of other person’s privacy rights.

Right to Rectification

You have the right to request from us to correct your personal data if inaccurate, incomplete or out of date.

Right to be Forgotten

You have the right to request that your personal data is deleted when it is no longer necessary for us to retain such data. Please note that due to the financial sector legislation we are in many cases under statutory obligation to retain personal data on you not only during the customer relationship but also for many more years after. For more details please see Section 7. How long we keep your personal data.

Right to Restriction of Processing

If you contest the correctness of the data which we have registered about you or lawfulness of processing, or if you have objected to the processing of the data in accordance with your right to object, you may request us to restrict the processing of this data to storing purposes only. The processing will only be restricted to storing until the correctness of the data can be established, or it can be checked whether our legitimate interests overwrite your interests. If you are not entitled to deletion of the data which we have registered about you, you may instead request that we restrict the processing of this data to storing purposes only. If the processing of the data which we have registered about you is solely necessary to assert a legal claim, you may also demand that other processing of this data be restricted to storing purposes only. We may process your data for other purposes if this is necessary to assert a legal claim or if you have granted your consent to this.

Right to Object

You can always object to the processing of your personal data for direct marketing band profiling in concern to such marketing.

Right to Data Portability

You have the right to receive the personal data that you provided to us in a machine-readable format. This right applies to personal data processed only by automated means and on the consent or fulfilling a contract basis. Where secure and technically feasible the data can also be transmitted to another data controller by us.

Right to Complain to Supervising Authority

If you are not satisfied with the way in which we process your personal data you may in the first instance contact us at privacy@2000charge.com. If you remain dissatisfied then you have the right to apply directly to your national supervisory authority for a decision. To find your national supervisory body please go to http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm

Right to Withdraw your Consent to e-marketing

In the case you want to withdraw your consent from e-marketing, please make use of the link to manage your subscription included in our communication. Please note that you may still receive system messages and notifications about your account activities.

Your request to exercise your rights as listed above will be assessed given the circumstances in an individual case. Please bare in mind that we may also retain and use your personal data as necessary to comply with legal requirements, resolve disputes and or enforce our agreements.

Any query about your Privacy Rights should be sent to privacy@2000charge.com.

Cookies

We collect, process and analyze data regarding the use of our webpages. This includes standard information from your web browser, such as browser type and browser language, your Internet Protocol (“IP”) address, the actions you take on our websites, such as the webpages viewed and links clicked. We use cookies and similar technologies to deliver our services to you, provide a secure online environment, to manage marketing and provide a better online experience and to make our website content more relevant to you.

If used alone, cookies do not personally identify you.

You can set or amend your web browser controls to accept or reject cookies. If you choose to reject cookies, you may still use our sites and some services, however your access to some functions and or website areas might be restricted.

How long we keep your personal data

Your data will be kept as long as it is necessary for the purposes for which the data was collected and processed or as long as it is required by law.

Please note that we are under legal obligation to retain your data for the following statutory retention period

- Preventing, detecting and investigating money laundering, terrorist financing and fraud - minimum of five years after termination of contractual relationship

- Bookkeeping regulation - up to ten years

- Payment services requirement - five years

- Agreement performance details - up to ten years after termination of customer relationship to defend against possible claims

This statutory retention period list is not complete and is given as an example only.

Changes to this Privacy Policy

We may change the Privacy Policy from time to time, we will not diminish your rights under this Privacy Policy. We kindly ask you to review our Privacy Policy from time to time, however if the changes we make are significant, we will provide you with prominent notice.

Ready to increase your revenue with multiple payment options?

There are a lot more payments options customers from all over the world
feel more comfortable to use and trust much more than credit cards.

Get Started