MultiSafepay is a provider of payment services and processes a large amount of data. MultiSafepay therefore attaches great importance to protecting the personal data you share with us and wants the highest possible level of protection both. MultiSafepay takes all necessary steps to ensure secure data processing.
In this privacy statement, MultiSafepay (MultiSafepay, we, us, our, our) informs you about how we process personal data of Customers, Merchants and Website Users. 

1. Definitions:

Customer: a customer of the Merchant who enters into or wishes to enter into an (online) contract with the Merchant for the purchase of goods and/or services
Merchant: a natural or legal person acting in the course of a profession and/or business (not being a customer), who enters into a Contract with MultiSafepay for the purchase of Services
Website User: a user of the website of MultiSafepay, accessible via www.multisafepay.com.  
Services: the services offered or to be offered by MultiSafepay to Merchant under a Contract via the Dashboard and/or API, including the acceptance of Payment Orders, via Payment Methods and via the MultiSafepay Account.

2. What personal data do we process from you?

MultiSafepay must comply with all laws and regulations applicable to the payment services industry, such as the Money Laundering and Terrorist Financing (Prevention) Act (Wwft). The categories of data we process may vary depending on your relationship with MultiSafepay. We may process your personal data for various reasons:
- Because you use the services of MultiSafepay;
- Because you have provided us with your personal data directly yourself; 
- Because you use the website of MultiSafepay.

You may have multiple relationships with MultiSafepay at the same time. These are described below.

Merchant
From a Merchant, data is processed that you provide to us and that we collect as part of the Know Your Customer (KYC) process. This concerns personal data, such as your name, date of birth, nationality, address, telephone number, e-mail address. In addition, other personal data may also be processed that is actively provided to MultiSafepay (e.g. in correspondence or telephone conversations). This concerns for example the e-mail address of a Merchant employee. 

Customer
Of a Customer, data are processed that you provide to us when you use our services. These are personal data, such as your name, date of birth, nationality, address, telephone number, e-mail address, etc. These data are necessary to perform our payment services, the processing of transactions. 
In addition, other personal data may also be processed that is actively provided to MultiSafepay (e.g. in correspondence or telephone conversations).

Website user
Our website uses cookies. The use of cookies is a standard Internet technology that allows us to store certain login information. Cookies do not allow natural persons to be identified, only machines. Each visitor can set his or her computer to not accept cookies. 
If you are a visitor to our website, we will process various types of information about you and your online behaviour and use cookies, unless your computer is set so that this does not take place.
By information about your online behaviour, we mean: location data, data about your activity on the website, your IP address, your internet browser, the device used, etc.
See section 7 for an overview of the cookies used. 

3. Processing of data on minors or vulnerable groups

MultiSafepay does not intend to collect or process information about minors (under 16 years of age, Article 8 of the AVG) or vulnerable groups who visit the MultiSafepay website, even if a parent and/or guardian has given their consent to visit the website. Unfortunately, MultiSafepay cannot verify the age of website visitors. Therefore, we recommend that parents and guardians closely monitor their child's online activities to prevent us from processing data from minors.
Nevertheless, if you believe that MultiSafepay has unlawfully processed sensitive personal data, please contact us at [email protected].

4. How long will your personal data be kept? 

MultiSafepay does not keep your personal data longer than the law prescribes or, if this does not apply, no longer than strictly necessary to achieve the purposes for which your personal data was collected. This concerns, for example, money laundering legislation and accounting legislation (normally 5 years and 7 years respectively). 

5. How do we secure your personal data?

MultiSafepay attaches the highest importance to the protection of your personal data. Therefore we take all appropriate measures, both technical and organizational, to prevent unauthorized access/modification, loss, unwanted transmission and improper use. 
MultiSafepay uses techniques such as firewalls, monitoring of file integrity, strong authentication, alarms and encryption. In addition, various organizational measures are taken such as employee screening, strict access procedures, employee training and procedures regarding incidents and vulnerabilities. 

If you are convinced that your data is not properly secured or is being processed unlawfully, please contact us at [email protected].

6. Sharing with third parties

Processors
MultiSafepay shares your personal data with third parties as necessary to provide our services. These third parties follow our strict instructions when processing your personal data and function as processors. Instructions, security level, data confidentiality and other conditions are laid down in processor agreements. In this way, MultiSafepay ensures the security of your personal data. 

Cross-border data transfers
MultiSafepay does not share data with third parties located outside the European Economic Area (EEA). 

7. Use of cookies on the website

The following cookies are/could be used on the MultiSafepay website:
- First-party cookies. These cookies are sent by our website to your browser.
- Third-party cookies. These cookies are sent to your browser by a domain or a page managed by another entity. Consequently, data collected through these cookies is also processed.
- Session Cookies. These are cookies that are used exclusively during a visit to our website, i.e. the data processed is ephemeral and is deleted after a short period of time.
- Permanent cookies. These are cookies that are set to process data for a longer period of time. They remain after you have stopped navigating on the Internet, closed the browser and turned off the computer. Persistent cookies process data for a longer period of time.
- Analytical cookies. These are cookies that are used only for statistical purposes. These cookies enable us to analyze the number of visitors to the website, the frequency of their visits, the device(s) used, screen sizes, etc. The use of analytical cookies allows us to create content tailored to you and improve our services and products.
- Google Analytics. We use cookies with Google Analytics to statistically analyze the MultiSafepay website.

8. How can you disable cookies?

You can always choose to disable some or all cookies. You can use the control panel of your browser to manage cookies.

9. Your rights

Based on the European Union's General Data Protection Regulation (AVG), Regulation (EU) 2016/679, you have the following rights: 
- The right to access your personal data;
- The right to correct/correct personal data;
- The right to request deletion of personal data;
- The right to restrict the use of your personal data;
- The right to transfer your data to another party;
- The right to object to the processing.
- The right to lodge a complaint.

MultiSafepay can only grant these rights if the processing of the data is not based on a legal obligation. MultiSafepay is legally obliged to retain certain personal data, which means that we cannot always delete personal data if you request it. 

If you wish to exercise any of these rights, please contact us at [email protected]. MultiSafepay will process your request as soon as possible, but in any case within 1 month. If the request is very complex, we may extend this period by 2 months. You will be informed of this within the first month.

For security reasons and to establish the legitimacy of your request or complaint, we may ask you for proof of your identity. This may be in the form of a copy of your proof of identity (e.g. passport or identity card). You can mask your passport photo, MRZ (Machine Readable Zone, strip with numbers at the bottom of the passport), passport number and Citizen Service Number (BSN) to protect your privacy. 

If you are not satisfied with a service provided by MultiSafepay or an answer given by MultiSafepay, you can file a complaint with the Dutch data protection authority, the Authority for the Protection of Personal Data. More information can be found here.

10. Data Protection Officer and contact information

MultiSafepay has appointed a Data Protection Officer (DPO). If you have any questions and/or complaints regarding your privacy, please contact our DPO. Our Data Protection Officer works for Lumen Group. The FG can be reached by phone at 030 - 889 65 75 or by email at [email protected]. In addition, the FG can also be reached via the secure website. The FG's responsibilities include independently monitoring and advising on the proper and careful handling of personal data.
If you have any questions about this privacy statement, wish to exercise any of your rights, or believe that your data is being misused, poorly secured, or incorrectly processed, please contact the FG/DPO at [email protected].

11. Amendments to the privacy statement

In order to comply with all the various laws and regulations, or for any other eligible reason, we reserve the right to amend this privacy statement from time to time.

Amsterdam, January 20, 2022