Rapyd Privacy Center

Privacy considerations are a key part of our products and offerings, and in this page you will find information about how we protect your personal data in compliance with privacy laws and regulations and security best practices.

What do we do?

Rapyd is a financial service company, we enable our clients to collect and disburse funds globally. This means that we mainly process transactional (financial) data which relates to our clients and their customers/end users (collectively ‘you’). 

Which personal data we collect and why

We collect personal data essential for our services, such as identifying and authorizing your usage, processing payments, safeguarding our business and your interests, ensuring legal compliance, managing our relationship with you, and marketing our services.

Below is a list of the main categories of personal data we collect: 

  • Contact information (such as your name and email)
  • Financial information (such as data regarding transactions)
  • KYC information (such as identification or utility bills);
  • Usage information (such as information which is collected via our site)

Is Rapyd a data controller or a data processor?

The Rapyd group is made up of different companies around the world. The Rapyd company providing the services to you is responsible for processing your personal data and is the controller of your personal data:

In the EEA: Rapyd Europe hf.;

In the UK: CashDash UK Limited or Rapyd Payments Ltd.

In Singapore: Rapyd Holdings Pte Ltd;

In Hong Kong: Neat Limited or Neat Asia Limited.

Other entities will be considered as data processors depending on their role.

Where do we store personal data? 

The data is stored in a secure system with access controls. Given the global nature of our services and our presence, personal data may be maintained, processed and stored by our affiliated companies. All Rapyd employees receives data protection and information security training.

How does Rapyd handle data subject requests?

The Rapyd webform should be used when a Rapyd customer or Rapyd former customer wants to exercise their rights under applicable Data Protection Law.
We monitor and assess each request we receive and address it directly with the data subject. If you would like to submit a data subject request via email, please contact us: [email protected]

To which data protection law is Rapyd subject? 

The Rapyd group is made up of different companies around the world. In order to enable the highest level of protection regarding your privacy, we are adhering to the General Data Protection Regulation (GDPR) and UK GDPR as the most comprehensive, modern and protective privacy regimes. In parallel, we are also complying with local laws and regulations in accordance with the jurisdiction in which we operate through our affiliated companies as follows:

  • For clients and activities in Singapore, please see our information regarding The Personal Data Protection Act 2012 (PDPA);
  • For clients and activities in Hong Kong please see our information regarding  the Personal Data (Privacy) Ordinance (Cap. 486) (Ordinance) (PDPO).

For how long do you store my personal data?

We’ll generally keep your personal data for six years after our business relationship ends, or such period as may be required by applicable local laws. It means that different retention periods may apply. We may keep your personal data for longer because of a potential or ongoing court claim, or for another legal reason. If we have no legal basis to store your data, we will delete it once it is no longer required. 

Does Rapyd use cookies?

If you would like to see which cookies we collect and use, please click on Cookie Settings.

For more information about the types of personal data we collect, how we handle and safeguard it, please see our Site Privacy Policy which is applicable to you if you are our site visitor; or Product Privacy Policy – if you are our customer or otherwise use our services.

We also invite you to visit our Security Center.  

If you have any questions please contact our Privacy Team at [email protected].

FAQ

We provide our Rapyd webform for privacy requests which enables our customers, former customers and their authorized representatives, who have enquiries about personal data, to contact Rapyd in a secure way.

The Rapyd webform should be used when a Rapyd customer or Rapyd former customer wants to exercise their rights under applicable Data Protection Law themselves or through an authorized representative. In particular, you will be able to exercise – for example:

  • Right of access
  • Right to erasure (“right to be forgotten”)
  • Right to object to processing

You can expect to receive an answer from our team within a maximum of 30 days.

When filling out the webform you will be asked to enter:

  • Your country of residence
  • Information about your relationship with Rapyd (customer, former customer, authorized representative thereof)
  • Your request type
  • Full name
  • Email address

We may request a copy of the ID / Passport for identity validation purposes and to ensure personal data does not fall into the wrong hands. We advise you to black out any information which is not relevant to the identification process. We require the following data points to be visible on the copy provided to us:

  • Full name 
  • Date of birth 
  • Expiry date 
  • Photograph

If you choose to subscribe to receive marketing communication from Rapyd, you may, at any time, request to unsubscribe and discontinue receiving marketing offers from us. You can do it by clicking the unsubscribe button at the bottom of each marketing email you receive, or by sending us a blank message with the word “unsubscribe” to [email protected]. We will comply with your request as soon as reasonably practicable. 

Please note that even if you unsubscribe from our marketing mailing list, we may continue to send you services-related updates and notifications.

In certain circumstances, Rapyd may be required by law to retain and process your personal data even after a data deletion request or objection to a processing of data. For example, Rapyd is required to retain certain personal data it receives from its customers to satisfy legal obligations under Know Your Business and Anti-Money Laundering laws.

Rapyd may also rely on legitimate grounds to continue processing your personal data. Rapyd may act on such legal grounds, for example, when Rapyd takes steps to prevent fraudulent activity and in such cases Rapyd may not be able to fulfill data subject requests to delete or stop processing data.

As a Client, you can close your Rapyd account via Client Portal.

As a provider of payment services, Rapyd is required to comply with many regulations, including Anti-Money Laundering laws. These regulations and laws may require Rapyd to retain transactional records associated with customers for a certain period of time after the close of the business relationship.

Visit our security page to learn more about our security practices. You should contact us immediately if you become aware of any unauthorized use of your Rapyd account or any other security breach.