Privacy Policy

Website: www.ipay.global
Company: IPAY Global Holdings B.V.
Contact: privacy@ipay.global

1. Who we are#

IPAY provides last-mile payment and release infrastructure for merchants, carriers, payment service providers and consumers. IPAY enables payment-on-arrival, payment-on-pickup, locker release, customs/duties payment coordination, return flows and related reporting.

IPAY does not hold consumer funds. Payments are processed by licensed payment service providers or other authorised payment partners. IPAY coordinates payment status, release authorisation, order status, notifications, audit trails and reporting.

Depending on the situation, IPAY may act as:

• a data controller for its own website, business contacts, account registrations, security logs and platform administration; and/or
• a data processor or sub-processor when processing order, delivery, release and payment-status data on behalf of a merchant, carrier or payment partner.

2. Personal data we may process#

Website visitors#

• IP address
• Cookie preferences
• Browser and device information
• Pages visited
• Contact form information

Merchants, carriers, PSPs and other business partners#

• Name
• Company name
• Business email address
• Phone number
• Job title
• Contract and onboarding information
• Support and communication history
• API, portal and security logs

Consumers using an IPAY payment or release flow#

Depending on the merchant, carrier and payment flow, we may process:

• Name, email address, phone number
• Delivery address or pickup location
• Order reference, IPAY reference
• Payment status, delivery status, carrier tracking status, release status, return status
• Limited payment-related metadata received from the payment provider
• Timestamps and audit trail information

IPAY does not intentionally collect full card numbers, CVV codes or online banking credentials.

3. Why we process personal data#

• To operate the IPAY platform
• To create and manage IPAY payment-on-arrival orders
• To send payment requests, reminders and delivery-related notifications
• To confirm whether an order has been paid
• To authorise parcel release after confirmed payment
• To support pickup, locker, delivery and return flows
• To provide merchant, carrier and PSP dashboards
• To maintain audit trails and prevent fraud
• To provide customer support
• To manage contracts, onboarding and partner relationships
• To comply with legal, tax, accounting and security obligations
• To improve our website and services

4. Legal bases#

Where IPAY acts as controller, we rely on one or more of the following legal bases:

• Performance of a contract
• Legitimate interests (platform security, fraud prevention, operational reporting, business communication)
• Compliance with legal obligations
• Consent (for example for certain cookies or optional marketing communication)

Where IPAY acts as processor, the relevant merchant, carrier, PSP or business partner determines the legal basis for processing.

5. Payment information#

Payments are processed by external payment service providers. IPAY receives payment-status information needed to update the order and release process. IPAY does not store full payment card details or online banking login credentials.

The payment provider may process personal data under its own privacy policy. Consumers should review the privacy information of the relevant payment provider when completing a payment.

6. Sharing personal data#

We may share personal data with:

• Merchants
• Carriers and delivery partners
• Payment service providers
• Software and hosting providers
• CRM, support and communication providers
• Analytics providers, where permitted
• Professional advisers
• Authorities, where legally required

We only share personal data where necessary for the relevant purpose.

7. International transfers#

IPAY may work with partners and service providers in Europe, Asia and other regions. Where personal data is transferred outside the European Economic Area, we will use appropriate safeguards where required, such as contractual protections, adequacy decisions or other legally recognised transfer mechanisms.

8. Retention#

We keep personal data only for as long as necessary for the purposes described in this Privacy Policy. Retention periods may vary depending on the type of data, legal obligations, accounting requirements, fraud prevention needs and contractual obligations.

Typical retention examples:

• Website cookie preferences: according to the cookie settings and applicable law
• Support communication: as long as needed to handle the request and maintain business records
• Order and audit trail data: as long as required for operational, contractual, legal, accounting and fraud-prevention purposes

9. Security#

We apply technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, alteration or disclosure. These measures may include access controls, logging, encryption, role-based permissions, secure hosting, audit trails and monitoring.

10. Your rights#

Depending on applicable law, you may have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion
• Restrict processing
• Object to processing
• Request data portability
• Withdraw consent where processing is based on consent
• Lodge a complaint with a data protection authority

To exercise your rights, contact us at privacy@ipay.global.

11. Cookies#

We use cookies and similar technologies. Some cookies are necessary for the website to work. Other cookies, such as analytics or marketing cookies, are only used where consent is required and has been given.

More information is available in our Cookie Policy.

12. Changes to this Privacy Policy#

We may update this Privacy Policy from time to time. The latest version will always be available on our website.

13. Contact#