Privacy Notice

PAYCORE.IO LIMITED (“we”) welcomes you. We take care of your personal data and do everything possible to protect it. This Privacy Policy is written to help you understand what your personal data is collected, stored and used, and what happens to it when you use our website at (“Website”).

In this Privacy Policy we answer the following questions:

  1. Who are we?
  2. What is this Privacy Policy applicable to?
  3. About you
  4. What data do we collect and why?
  5. How long do we keep your data?
  6. Do we share data with third parties?
  7. Can data transfer outside the European Economic Zone occur?
  8. Do we use cookies?
  9. Data protection
  10. What right do I have regarding my data?
  11. Do-not-track requests
  12. Do not sell my personal information
  13. How do we update this Privacy Policy?

1. Who are we?

We are Limited, a legal entity incorporated under the laws of England and Wales. company number 11654625, with a registered address at 25 Cabot Square, Office 11.01, 11th Floor, London, England, E14 4QZ.

In relation to your personal data, we are the controller and processor at the same time. We are the controller of your personal data of our clients and users, which means that we determine what, for what purpose and how your personal data will be processed.

If you have any questions, you can contact us by sending an email to You can also send us a letter at Limited, 25 Cabot Square, Office 11.01, 11th Floor, London, England, E14 4QZ, United Kingdom.

2. What is the Privacy Policy applicable to?

This Privacy Policy applies to our Website and our services.

3. About you

When you visit the Website, you become our user (“User”).

We divide the Users into categories so you can easily find details about the processing of your personal data. Pay attention that you can fall into several categories depending on your actions.

  • Expert - user who applies for the PayAtlas Expert Program;
  • Merchant – user who applies for the Merchant Application.

4. What data do we collect and why?

Sources of data

We receive your data when you visit the Website and interact with it, depending on your actions on the Website.

You can change your personal data by exercising your right to rectification or by the Website functionality. Please note that the same lawful basis and storage terms apply to the changed data.

We may also receive data from third parties. It depends on your settings and the features you use.

Legal bases for processing

To process your personal data, we rely on the following legal bases:

  • performance of the contract — for the processing of personal data necessary for the negotiating on, conclusion, and performance of a contract with you;
  • legitimate interest — for the processing necessary for the development of our services, taking into consideration your interests, rights, and expectations;
  • legal obligation — for the processing as required by applicable laws or if requested by a law enforcement agency, court, supervisory authority, or another state-authorised public body;
  • consent — for additional specific purposes.
User’s data.

When you visit our Website, some data is collected automatically. We need cookies to operate, support, and improve the Website’s functionality.

Data Description Reasons for processing Legal basis
Necessary cookies Information that is necessary for the operation of the Website Improving your experience of using the Website Performance of the contract
Marketing cookies Marketing information used to match relevant advertising to you Marketing Consent
Statistics cookies Statistical data used to understand how you interact with the Website Improvement of the Website and analysis of the statistic for other purposes Consent
Stored during the expiry period provided in our Cookie Policy.

So, briefly about what personal data we collect:

Category of User Description of data Legal basis Reasons of processing
Expert Business name, description, company headquarters, website URL, legal name, service provider type, payment features, merchant terms, corporate email, full name Performance of a contract Providing a service
Merchant Full name, business name, phone number, website URL, industry of operations, payment method, target countries, country of incorporation, transaction volume, PSP providers, MDR. Performance of a contract Providing a service

Pay your attention. We knowingly do not process the personal data of users under the age of 16 without consent from the legal representative(s). If you are such a user, or you are the legal representative of the user, please let us know by email at

Data received from third parties.

We may receive some personal data from third parties.

The amount of data collected, the purposes, and the legal basis for processing is determined by the respective privacy documents of these third parties.

5. How long do we keep your data?

We store personal data in the following categories:

Expert and Merchant data. We store personal client data for the duration of the service and 36 months after completion.

User data. We store users' personal data for 36 months after collection. Data collected on the legal basis of consent is stored until you withdraw your consent.

6. Do we share data with third parties?

We can share your personal data with third parties without any harm to you and in full compliance with applicable law. In addition, we have implemented organisational and technical measures to ensure the security of personal data during data transfer to third-party.

  • Analytics tools. We use analytics tools to understand and promote our business.
  • Payment services. We use payment services to process your payments and other transactions.
  • Social networks. We use various social networks to spread information about our activities.
  • Messengers. We use messengers to communicate with you in ways that are convenient for you.
  • Data storage services. We use various cloud services that allow us to securely store data on remote servers.
  • Contractors, services providers on Website. We cooperate with service providers and contractors to provide you with their services, operate, develop and improve the features and functionality of the Website / App, fulfill your support requests, complete payment transactions, etс.
  • Providers of the services our team use. We use CRM systems, messengers, and other services in our organisation to provide you with our services.
  • State authorities, courts, law enforcement agencies, etc. We may be obliged to transfer some of your data to tax authorities, courts, law enforcement agencies, and other governmental bodies: to comply with a government request, court order, or applicable law; to prevent unlawful use of the Website / App; to protect against claims of third parties; to help prevent or investigate fraud.

7. Can data transfer outside the European Economic Area occur?

Personal data may only be transferred outside of the European Economic Area in compliance with the terms and conditions for such transfers laid down in Chapter V of the General Data Protection Regulation.

All data is now stored on servers in Germany and the UK.

We may share personal data with the recipients in other countries, including non-EEA ones, ensuring that your data is protected and processed in accordance with the General Data Protection Regulation.

To share the data outside the EEA, we rely on the adequacy decision by the European Commission or the Data Privacy Framework participation of the recipient.

If the recipient does not participate in the Data Privacy Framework and its country is not deemed to provide an adequate level of protection for your personal data, we adopt Standard Contractual Clauses based on legislation assessments for data protection during transfer and storage.

8. Do we use cookies?

We use the cookies necessary for the functioning of the Website. Using cookies, we receive the technical information specified in clause 3 and our Cookie Policy.

Please review our Cookie Policy to understand what cookies are, how we use them, the types of cookies we use i.e, the information we collect using cookies and how that information is used and how to control the cookie preferences.

If you want to disable cookies, then you can find instructions for managing your browser settings at these links:

9. Data protection

We apply a variety of security measures appropriate to the possible risks.

Category of User
Staff training Internal policies and instructions
Non-disclosure agreements (NDA) Transfer protection
Physical measures
Video monitoring Signalling
Limited access to premises Round the clock security
Technical measures
Two-factor authentication Backups
Firewalls Encryption technologies

10. What rights do I have regarding my data?

You, as a data subject (individual), have the right to interact with your data directly or through a request to us. This section describes these rights and how you can exercise them depending on your residency.

European Economic Area and United Kingdom residents
  • The right to access information. You can request an explanation of the processing of your personal data.
  • The right to rectification. You can change the data if it is inaccurate or incomplete.
  • The right to portability. You can request all the data that you provided to us, as well as request to transfer data to another controller.
  • The right to restrict processing. You may partially or completely prohibit us from processing your personal data.
  • The right to object. You may object to the processing of your personal data.
  • The right to file complaints. If your request was not satisfied, you can file a complaint to the regulatory body, the ICO via
  • Right to be forgotten. You can send us a request to delete your personal data from our systems.
  • To exercise your rights, write us an email at If your request was not satisfied, you can file a complaint to the regulatory body. For the UK - the ICO via, for EEA - to your local Data Protection Authority. You can find it by the link

11. Do-not-track requests

California residents visiting our websites may request that we do not automatically gather and track information pertaining to their online browsing movements across the Internet. Such requests are typically made through web browser settings that control signals or other mechanisms that provide consumers the ability to exercise choice regarding the collection of personal data about an individual consumer's online activities over time and across third-party websites or online services. We currently do not have the ability to honour these requests. We may modify this Privacy Policy as our abilities change.

12. Do not sell my personal information

California residents have the right under the California Consumer Privacy Act (“CCPA”) to opt out of the “sale” of their personal information by a company governed by CCPA.

We do not sell your personal information to anyone nor use your data as a business model.

However, we support CCPA by allowing California residents to opt out of any future sale of their personal information. If you would like to record your preference that we will not sell your data in the future, please contact us.

13. How do we update this Privacy Policy?

This Privacy Policy and the relationships falling under its effect are regulated by the UK GDPR and applicable domestic laws. Existing laws and requirements for the processing of personal data are subject to change. In this case, we will publish a new version of the Privacy Policy on our Website. If significant material changes are made that affect your privacy and confidentiality, we will notify you by email or display information on the website and ask for your consent.