Contact us

Privacy Policy

This privacy policy covers the responsibilities of A-Pay.

By visiting this website a-payment.pro and by contacting A-Pay as well as by entering into a service agreement with A-Pay, you confirm that you have read this privacy policy and understood the content. You agree with this policy and you give your consent to collect your personal data as specified in this privacy policy and to use this personal data for the purpose as described within this privacy policy.

You’re aware that you can make use of your rights as displayed within this privacy policy at all times.

A-Pay (A-pay) is a corporate entity registered in Cyprus, offering innovative payment services into various international destinations for international clients.

A-Pay owns and operates the internet domain a-payment.pro.

Our Commitment to You

At A-Pay, we treat all individual visitors that enter our corporate website a-payment.pro , as well as all private individuals that represent our corporate clients and all our private individual clients as Data subjects. A-Pay fulfils the role of the Data Controller with regards to all personal data, which relates to all individual visitors that enter our corporate website, as well as to all individual persons that represent our corporate clients (i.e. representative/s, local management and Universal Beneficial Owner/s).

A-Pay has appointed a Data Protection Officer (DPO). This DPO remains independent within our corporate structure and has a direct connection to the top-level management at A-Pay By submission of electronic correspondence to [email protected], you can get in touch with our DPO and submit your request with regards to your personal information.

We understand the importance of maintaining the confidentiality and privacy of your personal information and data. By entrusting us with your information and data, we would like to assure you of our commitment to keep such information private. We have taken measurable steps to protect the confidentiality, security and integrity of your information and data.

What Data do we at A-Pay collect?

A-Pay collects personal information from the chat function on our corporate website, a-payment.pro , by the IT infrastructure of our corporate website provided by our website’s server host, via the use of our contact form in the ‘contact us’ section of our corporate website by individual visitors of our website and during the course of rendering our services to our clients. This information collected include, but is not limited to the following data:

From corporate clients:

  • Certificate of incorporation
  • Certificate of shareholders
  • Certificate of registered address
  • Resolution of Directors
  • Certificate of Incumbency
  • Certificate of good standing
  • Memorandum and Articles of Association
  • Audited financial statements
  • Copies of Licenses granted to the corporate entity
  • Information on corporate bank account numbers
  • Set of contact data of corporate entity
  • Set of contact data of employees and / or local management and / or Universal beneficial Owner

From individuals representing a corporate client:

  • Copy of Passport
  • Copy of ID card
  • Proof of physical address of an individual
  • Information and documents related to an individual’s profession and /or employment
  • Criminal record of an individual
  • Documents on the financial status of an individual (e.g. non-bankruptcy certificate)
  • Professional certificates of an individual’s professional background
  • Documents regarding the educational background of an individual
  • Documents related to the origin of wealth of an individual
  • Contact telephone number(s) related to an individual
  • Electronic mail address related to an individual

What is you personal data used for?

Log Data, which is collected via our IT infrastructure for our corporate website, a-payment.pro , and which includes the IP (Internet Protocol) address and geographical location, as well as the internet access service provider of an individual visitor, information of the type of computer or telecommunication device used to enter our corporate website, information on the data accessed, the duration and frequency of sessions and the page visit history is used for internal statistical purpose only and neither retained, nor disclosed to any third party.

Contact data, including an individual’s name, surname, electronic mail address and any other personal information communicated to A-Pay via our chat function on our corporate website, as well as via the contact form in the ‘contact-us’-section of our corporate website, is used only for establishing a proper communication channel with the specific data subject. This data is stored and retained in accordance with the applicable legislation and neither disclosed to any third party, nor accessible to any unauthorized personnel or third party.

All data collected by A-Pay, which relate to our prospective and / or existing client (including individuals as well as representative/s, UBO/s and / or local management of corporate clients) is used for rendering our services to our clients.

Personal data related to a specific individual data subject is used to send commercial and non-commercial notifications of A-Pay to that data subject.

How is your personal data stored and/or retained?

A-Pay will only use, store, process and handle the client’s Personal Information and Data.

This means we retain hard copies of personal data related to individual persons (individual visitors of our corporate website, private clients and/or representative/s or UBO/s of corporate clients) in protected storage facilities, to which unauthorized persons do not have any access.

We retain electronic soft copies of personal data related to individual persons (individual visitors of our corporate website, private clients and/or representative/s or UBO/s of corporate clients) in protected and encrypted IT facilities, free from unauthorized access.

All communication in which individuals share their personal data with A-Pay, the communication channel is protected by a SSL secure log protocol technology.

In line with the provisions and requirements of the Data Protection Regulation, you remain the following rights to your personal data:

  • You remain the right to review all personal information, which is related to you and which was / is collected during your visit of our corporate website and during the use and processing as described in this privacy policy at any time and to check the accuracy of personal data, which is related to you individually.
  • You remain the right to have done corrections, rectifications and refreshments to your personal data.
  • You remain the right to have your personal data deleted partly or completely.
  • You remain the right to obtain information on the use and purpose to process your personal data.
  • You remain the right to limit the purpose for processing and use of your personal data. However, this may have an effect on the accessibility of our regulated financial services rendered to you. You can refer to our DPO and / or our Compliance Department for further clarifications on this.
  • You remain the right to opt-out from commercial and non-commercial newsletters and notifications from A-Pay by notification to our DPO accordingly.
  • You remain the right to have all personal data, which is related to you and which is or had been collected during your visit and use of our corporate website and during your correspondence with A-Pay, being transferred to another Data Controller nominated by you.
  • You remain the right to withdraw your previously given explicit consent with regards to the collection, use and processing of your personal data at any time by contacting our Data Protection Officer by electronic mail services to [email protected].

You can submit your request to make use of the above rights to your personal data by contacting our Data Protection Officer (DPO) through electronic mail services to [email protected]

Disclosures

We will not without your consent disclose to third parties any individually identifying information, such as names, postal and e-mail addresses, telephone numbers, or other, which you have provided to A-Pay.

The rendering of our services to our company’s prospective and / or existing clients requires the disclosure of personal data related to our prospective and / or existing clients to third parties. These third parties are external service providers, which are legally and economically independent from A-Pay and have third party agreements in place with A-Pay, whereas all of our subcontractors and / or external service partners are bound to our standard on Data Protection. Prior to processing personal data related to our clients, A-Pay will inform the specific client about that use and asks for the explicit consent of that person accordingly.

Please refer to our Data Protection Officer (DPO) in case you have questions on this or in case you want to make use of your rights related to your personal data as described in this privacy policy.

We may also disclose your personal information to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Site Terms and Conditions. Furthermore, your personal data is permitted to be disclosed to public bodies only in cases where the disclosure concerns matters of national and/or international security, the prevention or investigation of criminal activities, law enforcements, where a public interest is given, a juridical proceeding against the person, to which the personal data is related is pending or had been initiated or completed before and/or the personal security of the individual to which the personal data is related.

A-Pay will communicate the specific purpose for processing of your personal data to you prior to its use as described in this privacy policy. If you feel your personal data has been infringed by A-Pay, please get in touch with our DPO at [email protected].

Cookie Policy

Our corporate website a-payment.pro is using cookies. A cookie is a text file in the format .txt, which the host server of our corporate website sends to the browser application that an individual visitor of our corporate website is using when entering our corporate website. It is stored locally on the hard drive of the computer or telecommunication device used by the individual visitor of our corporate website when entering our corporate website. The data written into this file includes information on the IP address (Internet Protocol), the internet access service provider, the duration and frequency of a page visit sessions within our corporate website, data which was viewed or downloaded, the type of computer or telecommunication device used by the individual visitor of our corporate website as well as the geographical location of the individual visitor of our corporate website.

The data collected is read out from the cookie file by and retained on the website server / host in electronic form. The purpose for collecting this data is to identify a specific individual visitor after entering our corporate website. This data related to the individual visitor of our corporate website may be used by A-Pay for internal statistical and analytical purpose only.

By entering our corporate website a-payment.pro, we have asked you to submit your explicit consent to the cookie policy in electronic form. You can deactivate the use of cookie files by effecting the modifications in the system settings of the browser application you use for entering our corporate website. Please refer to the help documents and / or technical support for the browser application used for the entering of our corporate website accordingly. By selecting to empty the cache folder of your browser application and by deleting the browser history, cookie files can be deleted completely or partly.

AML policy

1. GENERAL PROVISIONS

This policy is written to express A-Pay (hereinafter referred to as "the Company") commitment to comply with prevailing anti-money laundering (“AML”) and counter-terrorism financing (“CTF”) obligations under the requirements contained in the Proceeds of Crime (Money Laundering) and Terrorist Financing Act (PCMLTFA) and associated Regulations, as well as the requirements of other laws and regulations related to the Company’s operations. To this end, the Company has implemented and maintains an effective and up-to-date program, including policies for customer identification, record-keeping, ongoing monitoring, and regulatory report filings.

The Company ensures compliance with this policy, which is designed to establish a robust AML/CTF program to ensure that:

  • the Company complies with the Legislation;
  • the Company only enters into business relationships with those whose identities, activities, and funds may reasonably be established to be legitimate;
  • the Company staff are trained to recognize and react appropriately to unusual ML and TF activity and understand their obligations to report activity and transactions/attempted transactions; and
  • appropriate records are retained.

This policy formalizes roles and responsibilities across the organization with respect to these requirements with a view to helping the Company reduce legal, regulatory, financial, and reputational risk. It is designed to ensure that all applicable regulatory requirements are met, and as such, it is imperative that all employees and management consistently adhere to the contents herein.

The current version of the AML Policy is always available on the website https://a-payment.pro.
Customers are required to read the AML Policy before accepting the Terms of Use, published on the website https://a-payment.pro.
The Customer's acceptance of the Terms of Use of the System, as well as the actions taken to authorize access to the service, undergo verification, and conduct transactions, signify the Customer's agreement with all provisions of the current version of this AML Policy.

2. APPOINTMENT OF A DESIGNATED COMPLIANCE OFFICER

The Company has appointed a Compliance Officer who is responsible for the implementation and maintenance of the Program and is provided with unfettered access to all pertinent information and records throughout the business. The Company must maintain the appointment of a Compliance Officer at all times. If a vacancy in this position occurs, the Company ensures that a new Compliance Officer is appointed immediately. It is the responsibility of Senior Management to maintain the appointment of a Compliance Officer.

The Compliance Officer is responsible for the collection, analysis, and investigation of information on any suspicious activities and the training of the Company’s employees pertaining to the relevant procedures. The Compliance Officer shall determine the procedures and rules for carrying out Customers’ identification, reviewing and monitoring unusual transactions, and technical features of the Company’s implementation of this AML Policy. Additionally, they are responsible for assessing the adequacy of system resources, including those required to identify and report suspicious and attempted suspicious transactions, ensuring that customer due diligence (“CDD”) and enhanced due diligence (“EDD”) is conducted, and ensuring that reportable transactions are reported to FINTRAC within the mandated timeframe.

3. KNOW YOUR CUSTOMER OBLIGATIONS

The Company recognizes the importance of implementing effective know your customer (“KYC”) controls and procedures to identify its customers, develop customer profiles, and understand expected transactions to mitigate legal, financial, and reputational risks. This section outlines the policies and procedures regarding customer identification, business relationships, ongoing monitoring, third-party determinations, and customer screening.

Depending on the Customer's risk level and whether the business relationship is existing or pending establishment, the Company will apply normal KYC/AML measures, simplified KYC/AML measures, or enhanced KYC/AML measures. Additionally, continuous KYC/AML measures may be applied to ensure ongoing monitoring of business relationships.

KYC/AML measures may include, but are not limited to, the following procedures:

  • Identifying the Customer and verifying their identity using reliable, independent sources, documents, or data, including e-identifying;
  • Assessing and obtaining information on the purpose of the business relationship;
  • Conducting ongoing KYC/AML on the Customer's business to ensure the Company’s knowledge of the Customer and its source of funds is accurate;
  • Obtaining information regarding whether the Customer is a Politically Exposed Person (“PEP”), PEP’s family member, PEP’s close associate, or a head of an international organization (“HIO”);
  • Obtaining information from any third party, such as government authorities.

To fulfill the KYC/AML obligation, the Company or any third party appointed by the Company shall have the right and obligation to:

  • Request appropriate identity documents to identify the Customer;
  • Request documents and information regarding the activities of the Customer;
  • Screen the risk profile of the Customer, select appropriate KYC/AML measures, and assess the risk of the Customer's involvement in money laundering or terrorist financing;
  • Re-identify the Customer if there are doubts regarding the accuracy of the information received during the initial identification process.

The objective of continuously applied KYC/AML measures is to ensure ongoing monitoring of Customers. Ongoing monitoring of the Business Relationship includes:

  • Keeping documents, data, or information obtained during KYC/AML measures up-to-date;
  • Paying particular attention to Customer actions leading to criminal activity or money laundering or terrorist financing;
  • Evaluating the substance and purpose of the Customer’s activities to establish possible links with money laundering or terrorist financing. This evaluation should result in an understanding of the purpose of the business relationship, the nature of the Customer’s business, the risk levels of the Customer, and, if necessary, the sources of funds.

The Company is dedicated to safeguarding Customers’ privacy rights and the confidentiality of their personal data. Personal data is collected from Customers only to the extent necessary to ensure proper service provision and compliance with applicable laws. Such personal data of Customers and former Customers may be disclosed to third parties only in limited circumstances, in accordance with applicable laws and agreements between the Company and the Customer. The Privacy Policy is available on the website https://a-payment.pro.

The Company shall diligently maintain Customers’ files at its head office, including statements, transaction reports, receipts, notes, internal correspondence, and any other documents related to the Customer in a machine-readable or electronic form for a period of 5 (five) years after:

  • The day on which the account to which they relate is closed, or the day on which the last transaction is conducted; or
  • The day on which they were created, depending on the nature of the record as defined in article 148 of the Proceeds of Crime (Money Laundering) and Terrorist Financing Regulations (PCMLFTR).

4. CLASSIFICATION AND RECLASSIFICATION OF CLIENT RISK

At the onset of a business relationship, the Company conducts and documents a risk assessment of the relationship and conducts due diligence measures consistent with the Company’s Risk Assessment, to ensure that enhanced measures are put in place for high-risk relationships.
The Company assigns a risk-rating of either low or high to each client. A classification of high risk is determined by several factors including transaction type, certain patterns of transaction activity, and client specific characteristics. Clients are automatically assessed as low risk if they are not assessed as high risk. All information collected as part of the client risk assessment, including if a client is rated high risk, becomes part of the client profile.
The Company has defined certain industries as being outside of the Company’s appetite for risk and the Company is prohibited from dealing with these clients. Any exception to these prohibitions must be reviewed and approved by the Compliance Officer or delegate.
High-risk relationships are subject to enhanced measures put in place by the Compliance Officer in order to mitigate relationship-based risk. Risk ratings are updated on an ongoing and periodic basis and are based on factors that include, but are not limited to:

  • transaction activity; and
  • characteristics, including PEP/HIO and sanctions status.

A reassessment of client risk may also be triggered by the following events:

  • becoming aware of illegal or illicit activities; or
  • submitting a report to intelligence or law enforcement agencies with respect to suspicious transactions or terrorist property.

The Company applies EDD measures when a Customer is determined to be high risk. Measures are designed to mitigate the specific risks posed by each high-risk Customer to sufficiently mitigate a customer’s risk.

5. ONGOING MONITORING OF TRANSACTIONS

The Company applies various checking and monitoring algorithms to ensure all required CDD procedures are executed in a timely manner, detect persons with limitations (such as sanctions lists and politically exposed persons screening), and conduct comprehensive automated online monitoring.

Financial data analysis comprises several major components:

  • Monitoring of sanctions lists.
  • Monitoring of user activity and the user system environment.
  • Transaction monitoring.
  • Analysis of remaining balances, exchange rate fluctuations, and other aspects.
  • Tools enhancing manual data analysis capabilities.

Transaction monitoring is systematically conducted by the Company's third-party systems in real-time and historically. This is achieved by generating alerts for transactions and transaction patterns that meet a series of rules within the system. These rules are based on a variety of attributes and related formulas associated with higher ML/TF risk as outlined in publications issued by FINTRAC and the FATF. Adjustments are made based on the Corporation’s Risk Assessment.

6. IDENTIFICATION AND DETECTION OF SUSPICIOUS ACTIVITIES

The Company has a process for reviewing transactions to identify potentially suspicious activity and takes reasonable measures to identify individuals and entities who conduct or attempt to conduct a suspicious transaction. The Company monitors the transactions for evidence of certain patterns of activity that could be indicative of suspicious activity, such as whether the transactions are consistent with the information known about the Customer or the transactions are demonstrative of known suspicious indicators. Monitoring is also conducted to determine whether a customer’s current risk rating needs to be adjusted. Any financial transaction that may be related to money laundering activities shall be considered to be suspicious activities.

Grounds for determining that a specific transaction is suspicious may be personal observations and experience of the Company’s employees, as well as information received or identified. Suspicious activity includes a transaction that any employee knows or suspects to: involve proceeds from an illegal activity; evade currency transaction reporting requirements; vary significantly from the customer’s normal transactions; a third party gained access to the customer's account or the activities are performed under instructions of a third party; or has no business or apparent lawful purpose and the Company knows of no reasonable explanation for the transaction after examining the available facts, including the background and possible purpose of the transaction.

In accordance with the applicable laws of Canada and the requirements of international organizations, the Company may, where appropriate and without the obligation of obtaining the Customer’s approval or notifying the Customer, notify regulating and/or law enforcement agencies of any suspicious transactions.

Different requirements for reporting suspicious transactions may depend on the nature and amount of a transaction.

The Company shall continuously conduct due diligence procedures pertaining to its Customers and scrutinize transactions carried out by them to ensure these transactions’ compatibility with the Company’s knowledge of its Customers, their business and, when necessary, their source of funds.

7. CIVIL AND CRIMINAL PENALTIES

Any requests from law enforcement to the Company are treated in a confidential manner and forwarded to the Compliance Officer or delegate for review and appropriate response, which includes cooperation with all judicially authorized formal information requests and orders. Upon receipt of any formal requests from law enforcement, the Compliance Officer or delegate must provide all relevant information promptly. If the risk to maintain a business relationship is found to be outside of the entity’s risk tolerance, the Company should consider divesting from the relationship.

The Customer certifies that they have read and understood this AML Policy, and that they shall operate in full compliance with the requirements and standards outlined in the AML Policy, as well as comply with all applicable laws, regulations, and other requirements governing their activities as a customer.

The Customer acknowledges that they are responsible for their actions in accordance with the effective laws discussed in this AML Policy and shall bear responsibility for failure to comply with such laws.

Government agencies and international organizations may impose strict civil and criminal sanctions against any individual who violates laws and regulations governing anti-money laundering and counter-terrorism financing obligations. Sanctions for non-compliance with applicable legislation are determined by authorized law enforcement agencies. The procedure for detecting, preventing, and imposing penalties in cases of violations of laws on money laundering and financing of terrorist organizations is carried out in accordance with the procedures established by applicable legislation.