Scope and Consent
Collection of Personal Information
Information collected from buyers: We work with third party authentication providers like Google and Facebook which hold the information like email and password. We only have access to the information you approve when you first sign-in, which is basic profile information and your email. We also do not collect any financial information like credit card number or bank account. We record the purchases you made and the amounts paid. This information is used in case you wish to ask for a refund.
Information collected from sellers: In addition to information collected for any account, like basic Google or Facebook profile and email, content providers that sell or allow subscription-based access to their content using Paydemic must indicate their legal name and contact information before selling any content, goods or services.
Information we collect automatically: When you use Paydemic, we collect information sent to us by your computer, mobile phone or other access device. The information sent to us includes, but is not limited to, the following: data about the pages you access, computer IP address, device type, geo-location information, computer and connection information, statistics on page views, traffic to and from the sites, referral URL, standard web log data and other information.
Information you provide to us: We may collect and store any information you provide us when you use Paydemic, including when you add information on a web form, or when you otherwise correspond with us regarding Paydemic.
How do we use your personal data, and what is our legal basis for doing so?
These are the legal bases we have for holding and processing your personal data:
• Contract: To enter into or perform a contract with you
• Legitimate Interest: For our (or third parties’) legitimate interests, as long as they aren’t overridden by your interests and rights
• Consent: Your consent
• Explicit consent: Your explicit consent, where Special Categories of Personal Data are concerned
• Obligation: To comply with our legal obligations
And here is how we use your personal data, and our relevant legal basis (Our basis) for doing so:
If you register with us, you provide us with Identity and Contact Data. That Identity and Contact Data may be supplemented over time with other information. We use this information to maintain your registration with Paydemic and administer our relationship with you. Our basis: Consent and Legitimate Interest (to remind you of matters relating to your account with us).
If you provide us with Payment Data, we will use your Identity and Contact Data, Payment Data and the related Transaction Data, to process your transaction and receive the relevant payment. Our basis: Contract and Legitimate Interest (to receive payment of sums owed to us). Note that we do not store your complete Payment Data – this is held by payment service providers.
We will only use your personal data for the above purposes, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. We may process your personal data without your knowledge or consent where this is required or permitted by law.
Whom will we share your personal data with?
We will share your personal data with various third parties, but always for the uses referred to above. These third parties are businesses (and in some cases charities) of the following types:
• payment services providers
• mailing and delivery services
• publishers from whom you purchased goods or services through our platform
• messaging services providers
• identity verification processes
We may also share your personal data with others where to do so is mandated by applicable law. If we transfer your personal data outside the European Economic Area (EEA) to a country that does not provide a similar level of legal protection to that provided by the European Union data protection laws, we put in place legally appropriate safeguards to require the protection of your personal data. You can request details of those safeguards by contacting us.
If we sell our business or assets, your personal data may be provided to the prospective purchaser’s advisers with appropriate legal protections and will be passed to the new owners of the business.
When you access our website or use Paydemic, we (including companies we work with) may place small data files on your computer or other device. These data files may be cookies, pixel tags, “Flash cookies,” or other local storage provided by your browser or associated applications (collectively “Cookies”). We use these technologies to recognise you as a customer; customise Paydemic content; measure promotional effectiveness; help ensure that your account security is not compromised; mitigate risk and prevent fraud; and to promote trust and safety.
You are free to decline our Cookies if your browser or browser add-on permits, unless our Cookies are required to prevent fraud or ensure the security of websites we control. However, declining our Cookies may interfere with your use of our website.
How do we keep your personal data secure?
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
How long will we keep your personal data for?
We keep your personal data for as long as is necessary:
• to address relevant legal, tax or accounting requirements, including potential claims by and against us.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure of that data, the purposes for which we process it, whether we can achieve those purposes through other means, as well as legal, taxation and accounting requirements.
You can request more details of how we apply these criteria by contacting us.
When the need to keep your personal data ends, we either delete or anonymise it.
How to request erasure of your personal data?
You may ask us to delete your personal data where there is no good reason for us continuing to process it. In order to do that please contact us by sending an email at firstname.lastname@example.org . We’ll erase your data after verifying the validity of your request.
Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
How You Can Contact Us about Privacy Questions?
Last updated Oct 20, 2021