Privacy policy

This Privacy Policy (“Policy”) establishes the terms under which A-Pay.one (“A-Pay”, “we”, “our”, or “us”) collects, processes, stores, transfers, and discloses personal and business-related data (“Data”) in connection with the use of the A-Pay.one website, platform interfaces, APIs, and related services (collectively, the “Platform”) by any user, client, or authorized representative (“User”, “you”, or “your”). By engaging with the Platform in any capacity, you explicitly consent to the practices outlined herein and acknowledge your responsibilities under applicable law.

1. Scope of Data Processing. This Policy applies to all Data collected through the Platform or in connection with your interactions with A-Pay, including Data provided during registration, account management, transactions, communications, or in compliance with regulatory requirements. Data collected may include, but is not limited to, identifiers such as names, contact details, login credentials, business information, authentication records, transactional data including payment history, billing addresses, IP addresses, browser and device specifications, usage logs, system diagnostics, and documentation required for compliance with legal frameworks including anti-money laundering (AML) and know-your-customer (KYC) protocols.

2. Lawful Basis and Purpose of Processing. A-Pay processes Data on the following legal bases. Processing necessary for the performance of contractual obligations including service delivery, account management, transaction processing, and support services. Processing necessary to comply with legal and regulatory obligations including but not limited to AML, KYC, fraud prevention, financial reporting, and regulatory inspections. Processing undertaken for legitimate business interests including service enhancement, security assurance, system diagnostics, performance analytics, customer relationship management, and dispute resolution, provided such interests are not overridden by the rights and freedoms of the User. Processing based on explicit User consent, where required by law, for activities such as direct marketing communications, participation in surveys, or acceptance of cookies and tracking technologies.

3. Data Retention and Archiving. A-Pay retains Data only for as long as necessary to fulfill the purposes for which it was collected, to comply with legal, regulatory, and contractual obligations, to resolve disputes, and to enforce our agreements. Retention periods vary depending on the category of Data, the nature of the processing, and applicable legal requirements. Upon expiration of the applicable retention period, Data is securely deleted or anonymized.

4. Data Security Measures. A-Pay implements a comprehensive suite of technical and organizational security controls designed to ensure the confidentiality, integrity, and availability of Data. Security measures include, but are not limited to, encryption protocols for data at rest and in transit, secure server and network configurations, role-based access controls, multi-factor authentication, data loss prevention mechanisms, regular vulnerability assessments, security audits, and incident response planning. Users acknowledge that while A-Pay undertakes reasonable measures to protect Data, no system is completely immune to risks, and Users must implement their own security practices when interacting with the Platform.

5. Data Sharing and Third-Party Disclosures. A-Pay may disclose Data to trusted third-party processors and service providers engaged to support operational and compliance functions, including payment processors, identity verification services, cloud storage providers, legal advisors, and analytics partners. These third parties are contractually obligated to process Data solely on our instructions and in compliance with applicable data protection laws and confidentiality requirements. A-Pay may also disclose Data to competent authorities, regulators, courts, or law enforcement agencies when required by law, legal process, or to protect the rights, safety, or integrity of A-Pay, its Users, or the public.

6. International Data Transfers. In circumstances where Data must be transferred outside the European Economic Area (EEA), A-Pay ensures that such transfers are subject to appropriate safeguards to maintain the protection of personal data. These safeguards may include the implementation of Standard Contractual Clauses approved by the European Commission, reliance on adequacy decisions, or the use of binding corporate rules. Users acknowledge and consent to such cross-border transfers where necessary for the performance of the services or compliance with legal obligations.

7. User Rights and Data Subject Requests. Subject to applicable data protection laws, Users have the right to request access to their Data, to rectify inaccurate or incomplete Data, to request erasure of Data where no longer necessary or lawful, to restrict or object to processing under certain circumstances, to obtain a portable copy of their Data, and to withdraw consent where processing is based on consent. Users also have the right to lodge a complaint with the competent data protection authority. Requests to exercise these rights must be submitted in writing to the contact address provided herein and accompanied by sufficient information to verify identity and scope of request.

8. Cookies and Tracking Technologies. The Platform utilizes cookies and similar tracking technologies to enhance User experience, facilitate functionality, and collect usage analytics. Cookies may include essential cookies for operational purposes, performance cookies for analytics, and marketing cookies for targeted content. Users may manage cookie preferences through their browser settings or via cookie consent banners provided by the Platform. Detailed information regarding the categories of cookies used, their purpose, and management options is available in our Cookie Policy.

9. Children’s Data. The Platform is intended solely for use by legal entities and professionals. A-Pay does not knowingly collect or process personal data of individuals under the age of eighteen (18). If it is discovered that such data has been collected inadvertently, A-Pay will take steps to delete the data without undue delay.

10. Automated Decision-Making and Profiling. A-Pay may utilize automated systems and profiling techniques for purposes such as transaction risk assessment, fraud detection, and compliance screening. Users have the right to request human intervention, to express their point of view, and to contest decisions made solely on automated processing, subject to applicable legal provisions.

11. Updates to this Policy. A-Pay reserves the right to amend, update, or replace this Policy at any time to reflect changes in legal, regulatory, or operational requirements. Updated versions of the Policy shall be published on the Platform and become effective immediately upon posting. Continued use of the Platform following publication constitutes acceptance of the revised Policy.

12. Notices and Contact Information. All notices, inquiries, or requests related to this Policy should be directed to the following contact. Email: [email protected]. Users are responsible for ensuring that contact information provided to A-Pay remains current and accurate.

13. Governing Law and Jurisdiction. This Policy shall be governed by and construed in accordance with the laws of the European Union and the Member State in which A-Pay maintains its principal place of business. Any disputes arising from or related to this Policy shall be submitted to the exclusive jurisdiction of the competent courts of that Member State.

14. Language. This Policy is drafted and executed in English. Any translations provided are for convenience only. In the event of inconsistencies, the English version shall prevail.

15. Entire Agreement. This Policy, together with any referenced guidelines, policies, and terms, constitutes the entire understanding between the User and A-Pay regarding the processing of Data and supersedes any prior agreements, communications, or representations related to the subject matter herein.

Effective Date. May 30, 2025