Communication of information between Switzerland and the EU: The free flow of data is made possible by the “adequacy decision” granted by the EU to Switzerland.
Links on the PAYMILL website
Some sections of our website contain links to the websites of third parties. These pages are subject to their own privacy policies. PAYMILL is not responsible for their operation, including data handling. Users who send information to or via such third-party sites, should check the privacy policies of these sites before they share information with them.
It is hereby clarified that these privacy policies do not represent any framework agreement within the meaning of the EU Payment Services Directive (2007/64/EC) and its transposition laws in the European Union and the EEA. Our services are available in accordance with the legal data protection provisions, which are regulated in the German Federal Data Protection Act (BDSG), German Telemedia Act (TMG) and the German Unfair Competition Act (UWG).
2. Data Collection, Processing and Use
The German Federal Data Protection Act (BDSG) stipulates that the use of personal data is allowed only if the BDSG itself or other legal provision allows or requires it, or if you have consented to it as an interested party. The BDSG allows the use of data if this is necessary in the context of the purpose of a contractual or quasi-contractual relationship of trust. In addition, according to the BDSG the use of data is also allowed insofar as it is necessary to protect the legitimate interests of PAYMILL GmbH, and if there is no reason to believe that you have an overriding legitimate interest in the exclusion of such processing or use.
PAYMILL GmbH will only collect your personal data if you voluntarily share it with us, for example via our website, by email, or by telephone. In order to use our service you need to enter your last name, first name, address, telephone number, and email address. To accept payments with PAYMILL, you must also specify your bank account information. We additionally require more information about yourself and your company if you want to use our service in its entirety. For tests only a valid email address and a password are required.
Under some circumstances we will also ask you certain security questions (e.g. regarding your place of birth or mother’s maiden name). We need this information to process transactions, assign new passwords, to carry out checks in protecting you from credit card and bank account fraud if you have forgotten your current password, and to connect you with the administration of your account or of our services.
If you are transferring or receiving sums of money exceeding the amounts stipulated by anti-money laundering regulations, we may require more information about you or your company in order to meet the legal requirements.
If you use our service, in relation to the transaction we will request to store your information, including the amount of the transaction, type of transaction (sale, selling a service) and email address, address of the customer, IP address, token and customer telephone number. We collect the IP address and other information about your computer, or the device that you use to access your user account, in order to monitor your account in relation to unauthorized access.
Information about you from third parties
To protect against potential fraud, with the help of payment processors and/or credit agencies we check the information you have provided in the list that is within the section “Use and disclosure of information” (see below). In the course of this verification we will receive personally identifiable information about you via these services.
If you owe money to PAYMILL, we are authorized to perform a review of your credit rating, within the legal limits, by obtaining additional information about you from the credit agency. At its sole discretion, PAYMILL also reserves the right, after conducting its own test, to periodically retrieve from a credit agency a business or customer credit report for each account, examine it, and to close accounts based on the information obtained during the credit check process.
If we cannot verify the information you have provided, or if we need additional information regarding your company, we will ask you to send additional information by fax, scan, or post (such as disclosure of all shareholders, excerpt from the commercial register not older than 3 months, credit card statement, or other information that places you in connection with the appropriate address), or we will perform a postal identity check. PAYMILL reserves the right under some circumstances to make an onsite visit to your company.
Correspondence with customer service
3. Use and disclosure of information
You agree that we may use and store your personal information for the following purposes:
- Providing the services and customer services you have requested
- Resolving conflicts, collection of fees, troubleshooting problems
- Prevention of potentially illegal or prohibited activities
- Adjustment, review and improvement of our services
- Comparison of information for determining accuracy and validation using third parties
Disclosure of customer information via dealers
Disclosure of data to third parties
PAYMILL does not sell or rent any personal information to third parties for their marketing purposes. Disclosure takes place solely for the purposes described in this policy. You expressly agree, and indicate to PAYMILL, that the following measures will be taken:
- Disclosure due to credit card regulations or because of a criminal or civil process. In this table, the phrase ‘All account information’ includes: name, address, email address, telephone number, IP address, account number, account type, details of funding instruments associated with the account, details of payment transactions, details of commercial transactions, customer information and reports, account settings, customer data that we have received in the course of the legal obligation to identify our customers, and customer correspondence. With regard to the section “Purpose”, all third party providers, with the exception of the authorities and group corporations, are obliged to conform to their contractual obligations over and against PAYMILL, as listed at the end of this table. The authorities are obliged to fulfil their own regulatory objectives and provisions.
- Disclosure of information to your agent or legal representative (such as the holder of power of attorney granted by you or a guardian appointed for you).
- Disclosure of aggregate statistics to our business partners or PR partners. For example, we disclose that a certain percentage of our members lives in Munich. This summarized information is fully anonymous and does not contain any personal information.
Our contact with dealers
We generally communicate with our dealers via email or phone to provide requested services: in the processing of customer complaints, to reply to customer inquiries, to inform you that in our view your user account is being used for an unauthorized purpose, in order to confirm information concerning your person, to confirm your business or banking transactions, for the collection of receivables, to conduct customer surveys, or to investigate suspicious transactions.
We use your email address or postal address to confirm your user account, to send you notifications about e.g. the entrance or the debiting of payments via PAYMILL (including referral bonus payment, as described below), to inform you about important changes to our products and services, and to send you notices and other legally prescribed announcements. In general members cannot choose what messages they will receive. The messages are mainly sent for informational purposes and not for advertising purposes.
In connection with independent audits of our financial statements and transactions, auditors may contact some of our customers to confirm the correctness of our documents. The auditors may use any personal data for secondary purposes.
4. Data Security
PAYMILL applies the highest standards for data security in the management of customer information. We utilize computer protection mechanisms, such as firewalls and data encryption, there are physical access controls to our buildings and files, and we provide access to personal information only to those employees who need it to carry out their activities (need-to-know basis).
Once you have entered and saved your personal information on our website or in your account, and have logged in, from this point forward communication will be encrypted. We will connect you with our secure server, so that the data cannot be read by any other person. On the basis of 128 bit SSL encryption technology, we encrypt your data and transmit it in safe mode. This standard meets the highest standards, and is used for example by banks. The use of SSL is recommended by the German Federal Office for Security in Information Technology.
For your own security, we recommend using the latest version of your browser and an up-to-date virus scanner. You can recognize when encryption is switched on by the activated lock icon at the bottom of the browser status bar, or directly above the comparison engine. We protect our server and your data with the latest security software and firewalls, which should prevent any unauthorized access attempt from the outset.
The security of your account also depends on how well you protect your password. Do not share your password with anyone. You will never be asked by a PAYMILL employee to specify your password. Therefore, consider emails or other messages in which you are asked for your password to be unauthorized and suspicious, and forward them to [email protected].
If you nevertheless give your password to someone else for a particular reason, this person will gain access to your user account and your personal information, and you will be responsible for all activities carried out using your password. If you believe that someone else has access to your password, change it immediately by logging in to your account at www.paymill.de, and make the change in the profile settings, and notify us immediately as described above.
5. Accessing and Changing your Personal Information
You can check the personal data you have provided at any time, and may change this data for your PAYMILL account only via a written statement. You may also only close your account only via a written statement.
If you cancel your account, your details will not be used for other purposes, sold, or given to third parties, unless we are legally obliged to do.
6. Protection of Customer Data
PAYMILL is a service that is only successful due to trust in our company, in our customers and vice versa. Thus the protection of your personal data is a very important and special concern for us.
Basic principle: trustworthy handling of your data
PAYMILL handles the data you provide carefully and conscientiously. Collection, processing, and use of your data only proceeds in the context of the legal provisions, or in the case of your explicit consent. Your personal data and the personal data of others that you provide us with, will not be sold, rented, or disclosed to third parties for other commercial reasons, such as for marketing purposes.
Personal data consists of individual details about your personal or factual circumstances. Insofar as personal data regarding a person or transaction is transmitted to PAYMILL, it will only be used for processing contracts paid via PAYMILL.
Technical, organisational data protection
Our own standard is that our measures are always above the industry standard (‘best practice’). To this end we require that anyone who may come in contact with your personal data, commit to maintaining data confidentiality. These obligations also remain in force after termination of activities with PAYMILL GmbH.
7. Your Rights
On your express request, which can be directed to us as desired by letter (PAYMILL GmbH, St.-Cajetan-Str. 43, 81669 Munich), fax (+49 (0) 89 189 045 - 109), or email ([email protected]), we will give you information about data stored that pertains to your person. If it is incorrect, we will of course immediately arrange the necessary corrections. If you would like to make use of your right to data deletion/blockage, we will perform the deletion/blockage in accordance with applicable law. Only data that we are required to store by law is excluded from this. Data that must be stored will be blocked in accordance with § 35, paragraph 2, sentence 2, no. 3, in connection with paragraph 3, no. 1 of BDSG.
8. Cookies, Website Tracking
PAYMILL uses Google Analytics, an Internet analysis service provided by Google Inc. (‘Google’), to evaluate and support online marketing measures. Google Analytics uses so-called ‘cookies’, which are text files placed on your computer for helping to analyse how you use the website. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. This website uses IP anonymization. Your IP address will be shortened by Google mainly within Member States of the European Union, or in other States party to the Agreement on the European Economic Area.
You can also prevent Google from collecting the data generated by the cookie related to your use of the website (including your IP address), as well as prevent the processing of this data by Google, by downloading and installing the browser plug-in available here.
For evaluation, and to support online marketing measures, PAYMILL uses pixels, or transparent GIF files. These GIF files are provided by our ad management partners. These files can detect a unique cookie on your Internet browser, with which we can determine what advertisements the user brings to our website. The cookie was introduced by us or by another advertising customer. The information, collected and shared with cookies, Spotlight, or Floodlight technology, is anonymous and not personally identifiable. It contains neither your name nor your address, phone number, or email address.
You can prevent the installation of cookies by adjusting your Internet application (browser). To do this, you must turn off the storage of cookies in your Internet browser. For more information, please consult your Internet browser’s user instructions.
If you have questions regarding the collection, processing or use of your personal data, the correction, blocking or deletion of data, as well as the revocation of granted consent, please contact: [email protected]