GDPR

Overview

At FlexPay, the privacy and security of your Customer Data is our top priority. GDPR applies not only to EU-based businesses, but also to any business that controls or processes data of EU citizens. At FlexPay, our entire organization is hard at work ensuring that our own practices are GDPR-compliant. But equally important to us is helping you, our customer and partners, understand what the GDPR means for your businesses and build compliant processes of your own.
Section Explanation
Individual in charge of GDPR Charles Weiss, VP Engineering
EU/UK Representative Available upon request by emailing [email protected]
Data Protection Officer Charles Weiss, VP Engineering
Purpose of Processing Create individualized strategies to reduce friction for each declined payment, solving for the hundreds of reasons a payment authorization request can be denied. For more details, see FlexPay’s Privacy Notice – How We Process Personal Data.
Lawful Basis of Processing and Consent

Under Article 6 of GDPR (Art. 6 GDPR – Lawfulness of processing – General Data Protection Regulation (GDPR)), it falls under:

Consent: Via Terms of Service – Subscription Agreement and Opt-in of Terms and Conditions. Removal of consent will be done on request or via the FlexPay Web App.

Contract: Via Terms of Service – Subscription Agreement with customers which gives FlexPay permission to manage their Personal Data for the purpose of helping them reduce friction in payments.

Legitimate Interest: It is in the legitimate interest of customers to share Personal Data with FlexPay for the purpose of FlexPay delivering its Services and helping them reduce payment friction.

For more information, see the FlexPay Privacy Notice (https://flexpay.io/privacy-policy/) – “Supplemental Information for the EEA, and the U.K.” section.

Withdrawal of consent (or opt out) For End Users, withdrawal of consent or opting out after initial consent/opt-in will be able available via the webapp (https://client.flexpay.io). For website visitors, opting out can be done by emailing [email protected]
Cookie Notice FlexPay’s Cookie Policy
Data Subject Access Request (“DSAR”) FlexPay’s DSAR form
Deletion Policy Deletion of Customer Data upon termination, cancelation or expiration of the agreement. Data Deletion on the website (flexpay.io) for visitors can be done by contacting [email protected]
Data Access / Modification / Portability End Users can Access, Modify and Download their data directly from the Web App. Visitors can request a copy or update of their data by emailing [email protected]
Data Protection Info FlexPay deploys and maintains a secure architecture following industry best practices in security attested to in our Trust Center covering security, confidentiality, availability, and processing integrity. Further information contained in FlexPay’s Terms of Service – Subscription Agreement and Data Processing Addendum, and made available upon request.
Notification of Breach FlexPay’s breach notification process is outlined within its Terms of Service – Subscription Agreement, Data Processing Addendum and Incident Response Policy, and made available upon request.
Responsible Disclosure FlexPay’s Responsible Disclosure Policy
Data Processing Addendum Data Processing Addendum