Date of the document: 25 May 2018.
"PaynetEasy Technologies Limited" (hereinafter - the "Controller") and individuals
(hereinafter - the "Data subject") after the filling them of the feedback form on the
Controller’s website: https:// payneteasy.com/ (hereinafter – the "Website").
- The Policy applies to the personal data that the Controller receives about the Data Subject
during their use of the Website and the acquisition of Controller services.
- An exhaustive list of personal data about the Data subject (hereinafter – «the personal
data») collected and used by the Controller is provided in the Article 2 of the Policy.
- The current version of the Policy is available on the Website:
- THE PERSONAL DATA COLLECTED AND USED BY THE CONTROLLER
- Categories of personal data collected and used:
- Name, patronymic and surname;
- Email address;
- Mobile number;
- The personal data is provided by the Data subject independently during their filling of the
feedback form on the Website.
- The Policy is only applicable to data collection was carried out during the interaction of
the Data subject with the user interface posted on the Website. The Controller does not
control and is not responsible for the third party’s websites to which the Data subject can
click following links available on the Controller’s website. The Controller is not
responsible for the information which can be collected or requested or to other actions of
the Data subject on the websites of third parties
- The Controller does not check reliability of the personal data about the name, patronymic
and surname and different information provided by the Data subject. At the same time the
Controller assumes that the Data subject provides reliable and sufficient information about
himself and keeps this information up to date.
- THE PURPOSE FOR THE PROCESSING OF PERSONAL DATA
- The Controller collects and uses the personal data for the following purposes:
- providing feedback to the Data subject, including sending notifications, requests and
information related to the Website, as well as request management from the Data subject;
- rendering services for the Data subject;
- concluding the agreement for the provision of services between the Controller and Data
subject, performance of the agreement;
- improving the quality of services provided to the Data subject, ease of use, carrying out
statistical and other studies based on anonymous data;
- informing about new offers, advertising and promotional material (marketing) by
electronic communications like emails.
- In the processing of the personal data, the Controller is guided by Regulation (EU)
2016/679 of the European Parliament and of the Council of 27April 2016 (GDPR).
Processing of the personal data is based on the following principles:
- lawfulness, fairness and transparency;
- purpose limitation;
- data minimisation;
- storage limitation;
- integrity and confidentiality
- STORAGE PERIOD
- The personal data is used by the Controller within one year
- The Controller erase the personal data after the above described storage period or when the
Data subject requests us to erase the personal data.
- LEGITIMATE GROUNDS FOR PROCESSING
- The Controller process the personal data to pursue his legitimate interest to run, maintain
and develop his business
- The Controller process the personal data to comply with his legal obligations.
- RIGHTS OF THE DATA SUBJECT
- The Data subject have the right to:
- receive confirmation of the existence of the personal data, access their content and obtain
a copy, including the right to lodge a complaint with a supervisory authority (right of
- update, change and/or correct the personal data (right of rectification);
- request the personal data erasure or restriction of the data processing in the cases envisaged
by the Regulation, including where the data have been processed in violation of the law or
if storage is not necessary for the purposes for which the data were collected or otherwise
processed (right to erasure and right to restriction);
- object at any time to the processing of the personal data (right to object);
- withdraw the Data subject consent, where given, at any time and without prejudice to the
lawfulness of the processing based on the consent given prior to withdrawal (right of
withdrawal of consent);
- receive a copy of the data provided by the Data subject in a structured, commonly used and
machine-readable format and request that such data be submitted to another data controller
if technically feasible (right to data portability).
- The Data subject can exercise the Data subject’s rights at any time by writing a letter to
subject line. A letter should include the following information:
- name, patronymic and surname;
- email address;
- mobile number;
- the Data subject’s relationship and/or interactions with the Controller (as applicable);
- the specifics of the information the Data subject would like the Controller to provide or the
Data subject want the Controller to take action upon.
- The Controller may request additional information necessary to confirm Data subject’s
- OBLIGATIONS OF THE CONTROLLER
- The Controller undertakes:
- demonstrate that the processing it performs or has performed are compliant with the
Regulation (the principle of accountability);
- ensure that, in the planning phase of processing activities and implementation phase of any
new service, data protection principles and appropriate safeguards are addressed/
implemented (data protection “by design” and “by default”);
- keep a detailed record of processing operations which can be made available to the
supervisory authority at all times, and cooperate with it;
- set up technical and organizational measures to ensure the security of the processing, such
as pseudonymization and data encryption;
- notify the competent supervisory authority of any breach likely to endanger individuals’
rights and freedoms without undue delay;
- provide information to the Data subject relating to processing to the personal data upon
Data subject’s request within two weeks.
- PROTECTION OF THE PERSONAL DATA
- The Controller takes necessary and sufficient organizational and technical measures to
protect the personal data from unauthorized or accidental access, destruction, modification,
blocking, copying, distribution, as well as from other illegal actions of third parties with
- The Controller has the right to make changes to the Policy. When changes are made, the
date of the last update shall be indicated in the latest version. The new version of the Policy
comes into force from the date of its renewal and placement on the company's website,
unless otherwise provided by the new version of the Policy.
- Continued use of the Website by the Data subject after any amendments to the Policy means
the Data subject’s consent to such amendments and / or additions. The Data subject agrees
to regularly view the content of the Policy to ensure awareness with its amendments.
- CONTACT DETAILS OF THE CONTROLLER AND DATA PROTECTION OFFICER
- The Controller is: «PaynetEasy Technologies Limited» with registered office in Suite 5 39
Irish Town GX11 1AA, Gibraltar, Registration number 116094.
- The Data Protection Officer (hereinafter – the «DPO») is Dan Sushkevich. He is
responsible for monitoring the Controller compliance with the GDPR, for informing and
advising the Controller business of its obligations in relation to the processing of personal
data. The DPO can be contacted at the following email address: [email protected].
Pdf version of this document: pne_privacy_policy_eng.pdf