RAPYD GLOBAL PRIVACY POLICY - PRODUCTS

Updated: April 2026

This Privacy Policy describes our practices regarding:

  1. What Types of Personal Data Do We Collect About You?
  2. How Do We Collect Your Personal Information? 
  3. What are the Lawful Grounds that We Rely on to Process Your Personal Information?
  4. Purposes for Which Rapyd May Process your Personal Data
  5. International Data Transfers
  6. Data Retention
  7. Whom do We Disclose Your Personal Data to?
  8. Cookies and Tracking Technologies
  9. Marketing Communications
  10. Security
  11. Your Individual Rights
  12. Automated Decision Making

Please read this Privacy Policy carefully and make sure that you fully understand and agree to it. If you do not agree to this Privacy Policy, please discontinue and avoid using our Services.

You are not legally required to provide us with any Personal Data, but without it we will not be able to provide you with the full range of Services or with the best user experience when using our Services.

WHO IS RAPYD? 

The Rapyd group is made up of several local companies in several markets across the world, comprising Rapyd Financial Network (2016) Ltd. and all its subsidiaries and operating affiliates (“Rapyd”, “we”, “our” or “us” refers to the Rapyd’s company that is responsible for processing your personal data ). 

Rapyd provides a fintech-as-a-service platform for payment processing (“Platform”). The Platform allows for the integration of local payments methods into digital applications from one single API, the effective performance of cross-jurisdictional transactions, card issuing, consumer credit issuing, and other financial-related services. Our financial services are operated through Rapyd business portals (the “Portals”), available at: at https://dashboard.rapyd.net/, https://qadashboard.rapyd.net/, Rapyd mobile application, and any other website to provide our financial technology products (together with the Platform and Portals, the “Services”). 

 

HOW DOES THIS PRIVACY POLICY WORK?

The Privacy Policy applies to any individual using our Services, and it describes our practices with respect to the collection and processing of Personal Data. For the purpose of this Privacy Policy, “Personal Data” means any information that identifies, relates to, describes, is reasonably capable of being associated with, or linked, directly or indirectly, to an individual.

If you are a website visitor, a member of our Rapyd Developer Community, or a participant in our events and challenges, please refer to this Privacy Policy. 

Our local Rapyd entities enable our global operation, and the identity of the Rapyd entity who is your Data Controller, is based on the Client’s location. For more information, about your Data Controller and its specific country terms (if applicable), please click here:

While this Privacy Policy applies across the Rapyd Group, country terms are only necessary to the extent that there are specific local requirements. In such cases,  the country’s specific terms will prevail. 

 

We are strongly committed to making our practices regarding our use and processing of your Personal Data transparent and fair, and we respect your privacy as:

1. Rapyd’s Clients: In this Privacy Policy, the term “Clients” refers to Merchants and Partners, and includes their employees, directors, shareholders and ultimate beneficial owners (whenever applicable).

1.1 Merchants: you are a Merchant if you are an individual or business that collects from, disburses to or otherwise facilitates payments for your End-Users with the use of the Services.

1.2 Partners: you are a Partner if you are collaborating with Rapyd to provide, promote or enable Rapyd payment solutions for Merchants. This includes entities or individuals that integrate Rapyd payment solutions into their own platform, refer or introduce new Merchants to Rapyd, or otherwise facilitate access to Rapyd’s Services. Partners may include, but are not limited to, ISOs (Independent Sales Organisations), Payment Facilitators, Referral Partners, and Resellers.  

2. End-Users: individuals transacting with or through a Client with the use of the Services, individuals who are issued payment cards by our banking partners or individuals who are provided consumer loans.

3. Beneficiaries: individuals who receive payments, such as disbursements from End Users or Clients but are not End Users themselves. In this Privacy Policy, Beneficiaries and End Users are collectively referred to as “Users”. 

 

1. What Types of Personal Data Do We Collect About You?

This section sets the categories of Personal Data we collect. Depending on how you integrated with our Services, we may receive your Personal Data directly from you, from the Client, or from our Service Provider (as defined below):

(i) End-User Data: we collect the following Personal Data relating to End-Users:

  • Identity Information: such as first and last name, date of birth, and in some instances a photo and national identity number (such as a social security number). 
  • Contact information: such as email address, home address, phone number.
  • Financial Information: such as bank and billing account details, bank statements, payment card information.
  • Know your Customer (“KYC”) or Know your Business (“KYB”) Information: in certain circumstances, Rapyd may process a copy of an End User’s current ID (such as a national ID or passport), driver’s license, a frontal facial picture, nationality, credit history, tax information and/or a recent utility bill.
  • Transaction Information: information regarding the End-User’s transaction through the Services, and additional financial information which may be required to process or support transactions, such as credit card details, debit card details, amount of transaction, and date and time of the transaction.
  • Digital Wallet Information: such as digital wallet number and information regarding digital wallet transactions.
  • Usage Information: such as connectivity, technical and aggregated usage data and activity logs, log-in and log-out time, IP addresses, device and mobile app data (such as type, OS, device ID, app version, browser version, locale, time-zone and language settings used), session recordings and analytics, and the cookies and pixels installed or utilized on the device.
  • Any additional Personal Data that you may choose to share with us as part of your engagement with us, including when interacting with our support teams. 

(ii) Client Data: we collect the following information regarding Clients who are individuals, or information regarding the directors, shareholders and ultimate beneficial owners if the Client is a corporate entity:

  • Identity Information : such as first and last name, date of birth, and in some instances a photo and national identity number (such as a social security number).
  • Contact information: such as email address, home address, phone number. 
  • Know your Customer (“KYC”) or Know your Business (“KYB”) Information: in certain circumstances, Rapyd may process a copy of a Client’s current ID (such as a national ID or passport), driver’s license, a frontal facial picture, nationality, credit history, tax information and/or a recent utility bill.
  • Account Data: such as company name and position, account login credentials (usernames and hashed passwords), employment status, employer’s name and other relevant employment information.
  • Financial Information: such as bank and billing account details and payment card information. In some jurisdictions, credit bureau inquiries may be made to check Clients’ credit and commercial behavior as part of the assessment for using our Services. 
  • Transaction Information: information regarding the Client’s transaction with an End-User such as your digital wallet number and wallet transactions, bank and billing account details, bank statements, payment card information and any additional information which may be required to process transactions.
  • Usage Information: such as connectivity, technical and aggregated usage data and activity logs, log-in and log-out time, IP addresses, device and mobile app data (such as type, OS, device ID, app version, browser version, locale, time-zone and language settings used), session recordings and analytics, and the cookies and pixels installed or utilized on the device.
  • Any additional Personal Data that you may choose to share with us as part of your engagement with us, including when interacting with our support teams. 

(iii) Beneficiary Data: we collect the following Personal Data about Beneficiaries:

  • Identity Information: such as first and last name, date of birth, and in some instances a photo and national identity number (such as a social security number).
  • Contact information: such as email address, home address, phone number.
  • Financial Information: such as bank account details.
  • Transaction Information: information regarding the transaction made to the beneficiary through the Services. 
  • Any additional Personal Data that you may choose to share with us as part of your engagement with us, including when interacting with our support teams. 

 

2. How Do We Collect Your Personal Information?

How we collect personal information will depend on the following broader situations:

(1) If we receive or collect it directly from you

We may collect personal information directly from you in different ways through our provision of the Services. For example, you may give us your personal information when you:

  • give us your contact information so that we can contact you about our services and products;
  • conclude a contract or verify with us who you are (whether by email, phone or electronic verification);
  • provide us identification information as necessary for us to fulfil our regulatory KYC/KYB obligations;
  • are prompted to give us your contact and payment information on our web-checkout /payment pages or via other similar channels, according to the payment method available in your country; or
  • send us a support request through one of our support desks.

 

(2) If we collect personal information from third parties, or from publicly available sources

We obtain personal information through third parties or, if publicly available, where permitted under applicable law, including:

  • from our merchants, payment partners and financial institutions. For example, a merchant can offer you various ways to pay for their goods or services (credit or debit or hybrid card, electronic fund transfer (EFT), wallet, mobile money, loyalty credits) and the payment would be settled into the merchant bank account held by an authorized financial institution. In such situations, the merchants, payment partners and financial institutions are responsible for your personal information, but we may collect such personal information so that the payment transaction can take place. We encourage you to read such third parties’ privacy statements to learn more on how they process your personal information;
  • from financial institutions and fraud prevention agencies for the purposes of conducting fraud and risk assessments or analysis. For example, before we provide services, goods or finances to you (as applicable), we undertake checks for the purposes of preventing fraud and money laundering, and to verify your identity. These checks require us to collect information about you;
  • from third parties who have entered into contracts with us to assist us with our business operations;
  • from publicly available sources in accordance with applicable laws in your country.
  • From credit bureaus that provide us information about credit and commercial behavior of our Clients for assessing the use of our Services and subject to applicable laws; or
  • from parties within the Rapyd group of companies, subject to applicable laws.

3. WHAT ARE THE LAWFUL GROUNDS THAT WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?

We process Personal Data only when we have a valid legal ground to do so. Most commonly, we use your personal information where:

  • it is necessary to process your personal information in connection with the performance of a contract that we have with our Clients;
  • it is necessary for our  legitimate interests  (or the legitimate interests of a third party). We make sure that your fundamental rights are not overridden by our legitimate interests;
  • we use your personal information to comply with our legal obligations – for example, ensuring that we use your personal information to comply with anti-bribery and anti-money laundering requirements;

We may seek your explicit consent where the applicable laws require us to do so. In case an explicit consent is legally required, it will be covered in the country specific terms.

There can be additional legal grounds for processing personal information in some countries. This depends on applicable law and the products and services offered to you.

 

4 .PURPOSES FOR WHICH RAPYD MAY PROCESS YOUR PERSONAL DATA 

We use Personal Data as necessary for the performance of our Services and in reliance on the following legal bases:

Purpose Description Legal basis for processing
To facilitate, operate, and provide our Service. The types of personal information we require to provide the Services depends on the specific payment methods and legal obligations to which Rapyd is subject. Such data can generally include payment information and transaction data.
  • Legitimate Interest
  • Performance of a Contract
To comply with applicable laws and regulations, including by performing KYC/KYB inquiries, screening or other compliance checks, and to respond to valid legal process requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities. These assessments are legally required in order to authenticate and authorize your use of our Services depending on if you are a Client or an End User, and your choice of Services. The type of personal information typically required is Identity, Contact and Financial information.
  • Legal obligation
To protect against fraud or unauthorized transactions and prevent and monitor fraud across the Services. authenticating and validating payments to mitigate and protect against identity theft or fraud. To do this, some of your personal and non-personal information may be collected by Rapyd. Rapyd may use this personal information for its fraud systems and will remain there for future reference and cross-reference of information required to validate the payments.
  • Legitimate Interest
  • Legal obligation
To provide our Clients and Users with assistance and support. we may process your personal information:

  • to notify you if there is any interruption of the Services;
  • to provide you with service assistance and problem solutions or to contact or send you notifications related specifically to the Services we offer you;
  • to inform you about your products or services with us and any changes to these products or services and any associated legal documents.
  • Legitimate Interest
  • Performance of a Contract
To evaluate and develop new features, technologies, and improvements to the Service. We may collect Personal Data to research and gain insights into market trends and needs and to develop or innovate our technologies, products and services to meet such market trends and needs. We may use machine learning and artificial intelligence techniques to conduct research to gain such insights
  • Legitimate Interest
To contact our Clients with general or personalized messages and communications, as further described under Section 6 below. We may use personal information to market our products and services and to notify you about events, offers, sponsorships, marketing programmes and similar marketing campaigns.
  • Legitimate Interest
  • Consent (where required)
To authenticate the identity of Clients and End Users and to allow them access to our Services. This includes the login credentials for your account in our Portals.
  • Legitimate Interest
  • Performance of a Contract
To comply with rules imposed by payment network rules (e.g. network rules for card schemes) and to enforce our contractual rights. This includes verifying your identity and comparing your information to verify accuracy for reporting obligations under payment scheme rules and monitoring obligations.
  • Legitimate Interest
To support and enhance our data security measures, including for the purposes of preventing and mitigating malicious or fraudulent activity and security incidents or any illegal or prohibited activity. This processing is carried out to protect the security and integrity of our systems and data and to prevent and address fraud, security incidents, and other unlawful or prohibited activities.
  • Legal Obligation
  • Legitimate Interest

 

If you reside or are using the Services (i) in a territory governed by privacy laws which determine that “consent” is the only or most appropriate legal basis for processing Personal Data (in general, or specifically with respect to the types of Personal Data you choose to share via the Service), your acceptance of our terms and conditions and of this Privacy Policy will be deemed as your consent to the processing of your Personal Data for all purposes detailed in this Privacy Policy. We may also obtain express consent from you separately (e.g. for the purpose of sending direct marketing), in which case we will proceed to process your Personal Data on the basis of such express consent. If you wish to revoke such consent, please contact us by email at [email protected].

5. INTERNATIONAL DATA TRANSFERS

Given the global nature of our Services, your Personal Data may be processed either locally in the country where you reside, or in any other country where the Rapyd group or our approved third-party service providers operate, as permitted by law. Our Service Providers  are located mainly  in the United States of America (U.S.), the State of Israel, Singapore, the European Economic Area (“EEA”), Iceland, the UK, Hong Kong, Dubai, and other jurisdictions where our company operates, as necessary for the proper delivery of our Services, or as may be required by law. For data transfers from the EEA or the UK to countries which are not considered by the European Commission and the UK Secretary of State to be offering an adequate level of data protection, we and the relevant data importers have entered into Standard Contractual Clauses as approved by the European Commission and UK Information Commissioner’s Office (ICO).

Should your personal information move outside any country that restricts transfers of personal information, we use the applicable legal transfer mechanism, such as the  standard contractual clauses, consent or local transfer agreements to ensure that an adequate or a same level of protection is applied to your personal data  as the one afforded in the country of origin.

6. DATA RETENTION

We will retain your Personal Data for as long as we deem it as reasonably necessary for the purposes listed above,  in order to maintain and expand our relationship and provide you with our Services. 

The retention of personal data by Rapyd is determined by considering compliance with legal (contractual obligations or statutory requirements), accounting and compliance reporting requirements (i.e., preventing fraud, anti-money laundering and combat anti-corruption and financing of terrorism) or to protect ourselves from any potential disputes (i.e., as required by laws applicable to log-keeping, records and bookkeeping, and to have proof and evidence concerning our relationship, should any legal issues arise following your discontinuance of use), in accordance with our data retention policy. Retention periods may vary, depending on your jurisdiction.

7. WHOM DO WE DISCLOSE YOUR PERSONAL DATA TO OR SHARE IT WITH?

We may share personal information with the Rapyd Group being third parties from the group of companies to which Rapyd belongs, comprising Rapyd Financial Network (2016) Ltd. and all its subsidiaries and operating affiliates. Such sharing is made subject to our Intercompany Data Processing Agreements. We may disclose your personal information to those companies for any purpose described in this privacy policy and particularly to:

  • provide support services and technical services to these internal third parties and to receive some of these services from them;
  • contribute to the research, data analytics and studies in order to improve the products and services that Rapyd and other internal third parties respectively provide.

We may share your personal information with external third parties such as:

  • Service Providers,  we may engage selected third party companies and individuals to perform services complementary to our own, namely – hosting, data analytics, consulting, support, marketing and advertising, data and cyber security, user engagement, instant messaging, company registration and incorporation; as well as our gateways and our business, financial, compliance and legal advisors (collectively, “Service Providers”). These Service Providers may have access to your Personal Data, depending on each of their specific roles and purposes in facilitating and enhancing our Services, and may only use it for such purposes.
  • Clients: if you interact with our Clients (e.g. send them funds, buy goods or services from them), we may share your Personal Data with such Clients who are involved in your transactions. 
  • Authorized financial institutions and partners with whom we partner to jointly create and offer products and services. Depending on the type of payment chosen by the customer, payer or buyer, Rapyd will share the information with the financial institutions that validate and process each means of payment for corresponding approval, validation, and settlement. This means that your personal information may be collected for those purposes by financial issuing institutions for the means of payment, acquiring financial institutions, payment processing networks, franchises such as Visa and MasterCard;
  • Credit bureaus and credit providers to report financial information and to conduct mandated credit scoring to determine affordability, as strictly permitted by law. 

Rapyd takes all reasonable measures to ensure that every third party involved in the processing of your personal information has the required organizational and technical protections in place, including the required data processing and transfer agreements where this is necessary. When required under applicable law, we may provide you with a list of our sub-processors or suppliers upon request.

  • Legal Compliance: When required by law enforcement, government officials or fraud detection agencies.  We may disclose or allow government and law enforcement officials access to your Personal Data, in response to a subpoena, search warrant or court order (or similar requirement), or in compliance with applicable laws and regulations. Such disclosure or access may occur if we believe in good faith that we are legally compelled to do so, or that it is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing.
  • Protecting Rights and Safety: we may share your Personal Data with others if we believe in good faith that this will help protect the rights, property or personal safety of Rapyd and its partners, any of our Clients, Users, or any members of the general public.
  • Mergers and Acquisitions: should Rapyd undergo any change in control or ownership, including by means of merger, acquisition or purchase of all or part of its assets, your Personal Data may be shared with the parties involved in such event.

Rapyd may share your Personal Data in additional manners, such as pursuant to prior notification or your explicit approval, if we are legally obligated to do so, or if we have successfully rendered such data non-personal and anonymous. We may transfer, share or otherwise use non-personal data at our sole discretion and without the need for further approval.

8. COOKIES AND TRACKING TECHNOLOGIES

Our Services and some of our Service Providers utilize “cookies”, anonymous identifiers and other tracking technologies which help us provide, secure and improve our Services, personalize your experience and monitor the performance of our activities and campaigns.

A cookie is a small text file that is placed, for example, to collect data about activity on our Site. Some cookies and other similar technologies serve to recall Personal Data, such as an IP address, that was previously indicated by you.

While we do not change our practices in response to a “Do Not Track” signal in the HTTP header from a browser and recommend the use of cookies for an optimal user experience of our Services, most browsers allow you to control cookies, including whether to accept them or to remove them. You may set most browsers to notify you if you receive a cookie, or you may choose to block cookies with your browser. You can read the complete Rapyd Cookie Policy here.

We also use analytics tools such as Google Analytics. These tools help us understand your behavior on our Services, including by tracking page content, and click/touch, movements, scrolls and keystroke activities. Further information about the privacy practices of our google analytics is available at: www.google.com/policies/privacy/partners/.

Further information about your option to opt-out of google analytics services is available at: https://tools.google.com/dlpage/gaoptout.

 Please note that if you get a new computer or device, install a new browser, erase or otherwise alter your browser’s cookie file (including upgrading certain browsers), you may also clear the opt-out cookies installed once you opt-out, so an additional opt-out will be necessary to prevent additional tracking.

9. MARKETING COMMUNICATIONS

We may contact you with promotional messages (such as newsletters, special offers and sales, new product announcements, inviting you to events, etc.) or any other information we think you will find valuable. We may provide such notices through any of the contact means available to us (e.g. phone or email), through the Services, or through our marketing campaigns on any other sites.

If you do not wish to receive such promotional communications, you may notify us at any time by sending an email to [email protected], changing your communications preferences in your account, or by following the “unsubscribe”, “stop”, “opt-out” or “change email preferences”, as contained in the promotional communications you receive.

Please note that even if you unsubscribe from our marketing-mailing list, we can continue to send you service-related updates and notifications, to the extent that your contractual relationship with Rapyd remains in effect and we need to send you information related to the operation of our services

10. SECURITY: HOW WE PROTECT & STORE PERSONAL INFORMATION

The security of your personal information is important to Rapyd. Rapyd takes industry-standard physical, technical, organizational and electronic security measures that it considers necessary in order to maintain the confidentiality and security of your personal information, with due regard to the applicable obligations and exceptions under the legislation in force.

In addition, Rapyd follows the payments industry standards regarding the protection of payment card information. Each local business is regularly audited to maintain the highest level of security certification with the Payments Card Information Security Standard Council (PCI) in respect of protecting card data.

Rapyd regularly reviews its policies regarding the collection, storage and processing of your personal information, including physical security measures, to prevent alteration, loss, query, use or fraudulent or unauthorized access of your personal information.

Rapyd has put in place procedures to deal with personal information breach and will notify you and any applicable regulator or authority of a breach where we are legally required to do so.

However, please be aware that regardless of any security measures used, we cannot and do not guarantee the absolute protection and security of any Personal Data stored with us or with any third parties.

11. WHAT YOUR INDIVIDUAL RIGHTS

Depending on the jurisdiction in which you reside, you may have certain rights under relevant applicable laws regarding the collection and processing of your Personal Data. To the extent these rights apply and concern you, you can contact us and ask to exercise the following rights:

11.1. Right of access:

You may have the right to receive confirmation as to whether or not Personal Data concerning you is being processed and access your stored Personal Data.

11.2. Right of data portability:

you have the right to request us to move, copy and transfer your Personal Data easily from one IT environment to another, in a safe and secure way, without affecting its usability.

11.3. Right of rectification:

You have the right to request rectification of your Personal Data in our control in the event that you believe the Personal Data held by Rapyd is inaccurate, incomplete or outdated.

11.4. Right to deletion/erasure:

You have the right to request that Rapyd erase or delete Personal Data held about you at any time.

11.5. Right to restriction or objection to processing:

You have the right to request that Rapyd restrict or cease to conduct certain Personal Data processes at any time.

11.6. Right to withdraw your consent:

To the extent we process Personal Data on the basis of your consent, you have the right to withdraw your given consent at any time.

11.7. Right to limit use and disclosure of your sensitive Personal Data:

You have the right to request to limit the collection of your sensitive Personal Data, to that use which is necessary to perform our Services.

11.8. Right not to be subject to automated decision making:

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly effects to you.

11.9. Right to opt-out of the sale or share of Personal Data:

In the event that we sell or share your Personal Data for behavioral advertising purposes, you have the right to submit a request to opt-out of the sale or share of your Personal Data. After you opt-out, we may continue disclosing some Personal Data with our partners to help us perform business-related functions such as, but not limited to, providing the Services, ensuring that the Services is working correctly and securely, providing aggregate statistics and analytics and preventing fraud.

11.10. Right to non-discrimination:

You have the right to be free from any discrimination for exercising your rights, such as offering you different pricing or products, or by providing you with a different level or quality of services, based solely upon your request.

Please note that these rights are not absolute, and may be subject to applicable laws, our own legitimate interests and regulatory requirements or technical readability.  Please also note that the rights mentioned above may have different application, title or legal definition depending on your jurisdiction. 

If you wish to exercise your rights, you can submit your request via Rapyd Privacy Request Webform or contact us  at the following email address: [email protected]. We will consider any requests, complaints or queries and provide you with a reply in a timely manner. We take our obligations seriously and we ask that any concerns are first brought to our attention, so that we can try to resolve them. To the extent you feel unsatisfied with our response to your request to exercise your rights, you may choose to send us a request to appeal our decision. If you are unsatisfied with our response, you can lodge a complaint with the applicable data protection supervisory authority.

Please note that we may require additional information and documents, including certain Personal Data, in order to authenticate and validate your identity and to process your request. Such additional data will be then retained by us for legal purposes (e.g. as proof of the identity of the person submitting the request), in accordance with Section 2 above. If you use an authorized representative, we may request a copy of the representative’s signed permission to act, verify your identity directly, and ask that you confirm the representative’s authority.

12. AUTOMATED DECISION MAKING

According to privacy laws such as the EU & UK GDPR, Automated Decision-Making relates to a decision that has a legal impact on an individual, and that is based solely on automated means, without any meaningful human intervention.

Rapyd is required by laws to carry out KYC/KYB checks on Clients and – in some instances – End-Users when they apply to use the Services and during the performance of our agreement, to act in compliance with applicable laws and regulations and to prevent fraud, money laundering and financing terrorism. We may use third party identification, screening and verification services (including credit reporting agencies) in order to assist us to verify identity and the documents provided.

Rapyd’s verification solution allows Rapyd to carry out these checks. The solution collects Personal Data , analyzes it for authenticity and checks it against publicly available sources or against our Service Providers’ databases (such as company registration information). If everything checks out, the application will be automatically approved by the system. If the system determines that KYC/KYB checks are unsuccessful, it will reject the application and a notice will be delivered to the Client/End-User. If the application is neither fully approved nor fully denied, it will be sent for human review by Rapyd’s expert compliance team, who will make a final determination regarding the application.

For more information about how our verification solution works, please visit this page. If you think that a decision to reject your application was made in error you can contact Rapyd support at [email protected].

ADDITIONAL NOTICES

Updates and Amendments: we may update and amend this Privacy Policy from time to time by posting an amended version on our websites and Services. The amended version will be effective as of the date it is so published. To the extent  we believe any substantial changes to your Services are involved we will notify you via any of the communication means available to us or via the Portals of our Services. After such notice period, all amendments shall be deemed accepted by you.

This Privacy Policy was last changed on April, 2026. You can print or store this Privacy Policy by downloading a copy from your browser. 

Third Parties External Links: while our Services may contain links to other websites or services, we are not responsible for their privacy practices, and encourage you to pay attention when you leave our Services for the website or application of such third parties and to read the privacy policies of each and every website or service you visit. This Privacy Policy applies only to our Services.

 Our Services are not designed to attract children under the age of majority (as determined under the applicable laws where the individual resides; “Age of Majority”). Our Services are not intended for, and we do not knowingly collect Personal Data from individuals under the Age of Majority and do not wish to do so. If we learn that a person under the Age of Majority is using the Services, we will prohibit and block such use and will make all efforts to promptly delete any Personal Data stored with us with regard to such individuals. If you believe that we might have any such data, please contact us by email at [email protected].

HOW TO CONTACT US

 if you have any comments or questions about this Privacy Policy or if you have any concerns regarding your Personal Data, you can submit your request via our webforms:

 

Additional Terms for California Residents

This part of this Privacy Policy addresses the specific disclosure requirements under the California Consumer Privacy Act of 2018 (Cal. Civ. §§ 1798.100–1798.199) and the California Consumer Privacy Act Regulations by the Attorney General (collectively, “CCPA“).

The categories of Personal Information we process:

In the preceding 12 months, we have collected and disclosed the following categories of Personal Information (as this term is defined under the CCPA):

Category of Personal Information Collected Personal Information Collected To whom the data may be disclosed
A. Identifiers A real name, online identifier, Internet Protocol address, email address, and account names.
  • Rapyd subsidiaries;
  • Our Clients (as applicable);
  • Service providers;
  • Ad-network and advertising partners;
  • Law enforcement, courts, governments and regulatory agencies.
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). A name, telephone number, address, signature, social security number, passport number, driver’s license or state identification card number, bank account number, credit card number or any other financial information.
  • Rapyd subsidiaries;
  • Service providers;
  • Our Clients (as applicable);
  • Law enforcement, courts, governments and regulatory agencies.
D. Commercial Information Transaction data
  • Rapyd subsidiaries;
  • Service providers;
  • Our Clients (as applicable);
  • Law enforcement, courts, governments and regulatory agencies.
F. Internet or other electronic network activity data Browsing history, search history, and information on interactions with our websites or advertisements.
  • Rapyd subsidiaries;
  • Service providers;
  • Ad-network and advertising partners.

 
G. Geolocation data Approximate location derived from IP address.
  • Rapyd subsidiaries;
  • Service providers;
  • Ad-network and advertising partners.

 
H. Sensory data Photos
  • Rapyd subsidiaries;
  • Service providers

 
Sensitive Personal Information (as defined under the CCPA) Social security, driver’s license, state identification card or passport number, account log-in, financial account.
  • Rapyd subsidiaries;
  • Service providers;
  • Law enforcement, courts, governments and regulatory agencies.

Sources of Personal Information:

In the preceding 12 months, we have collected Personal Information from the following categories of sources:

(a) Consumer directly.

(b) Our Clients or End Users. 

(c)   Our Service Providers.

Sharing and Selling Personal Information 

We do not “sell” Personal Information as most people would typically understand that term. However, we share Personal Information with third parties for the purpose of cross-context behavioral advertising, via the cookies we place on your browser when you visit our website. In order to see the full list of cookies we use, including those used for cross-context behavioral advertising and understand how to opt-out of such usage, please visit Rapyd’s Cookie Policy here

In the preceding 12 months we “sell” or “share” the following categories of Personal Information for a business purpose: 

Category (corresponding with the table above) Category recipient Purpose of sale of share
Category A
Category F
Category G		 Ad-network and advertising partners. Cross-context behavioral advertising.

Your rights

You can exercise your rights, as detailed in the Data Subjects Rights section, by submitting a verifiable consumer request to the contact details listed above.

The request must:

  • Provide sufficient information to allow us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative.
  • Describe your request with sufficient details to allow us to properly understand, evaluate, and respond to it.
  • We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. Making a verifiable consumer request does not require you to create an account with us.  We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Authorized Agent

You can designate an authorized agent to make a request under the CCPA on your behalf if:

  • The authorized agent is a natural person or a business entity registered with the Secretary of State of California; and
  • You sign a written declaration that you authorize the authorized agent to act on your behalf.

If you use an authorized agent to submit a request to exercise your right to know or your right to request deletion, please mail a certified copy of your written declaration authorizing the authorized agent to act on your behalf using the contact information below.

If you provide an authorized agent with power of attorney pursuant to Probate Code sections 4000 to 4465, it may not be necessary to perform these steps and we will respond to any request from such authorized agent in accordance with the CCPA.