Rapyd Site Privacy Policy

Updated: December 2023

Who We Are

The Rapyd group of companies, which includes Rapyd Financial Network (2016) Ltd., Rapyd Payments Limited, Neat Limited, Rapyd Holdings Pte Ltd, and Rapyd Europe hf. (together with certain other Rapyd group companies – “Rapyd”, “we”, “our” or “us”), provides a fintech-as-a-service platform (“Platform”) and operates the world’s largest local payment network. The Platform allows for the integration of various payment methods into digital applications from one single API, the effective performance of cross-jurisdictional transactions, company registration and incorporation, card issuing, and other financial-related services.

Application of this Privacy Policy

We are strongly committed to making our practices regarding our use and processing of your personal data transparent and fair, and we respect your privacy. For the purpose of this Privacy Policy, “Personal Data” means any information that identifies, relates to, describes, is reasonably capable of being associated with, or linked, directly or indirectly, to an individual. This Privacy Policy applies to any:

1. Visitor of Rapyd.net, Rapyd Developer Community, or any other website operated by Rapyd (“Site”) (“Visitors”).
2. Participant at our events,challenges or similar programs (“Participants”).
3. Marketing leads.
4. Prospective clients who communicate with us through the contact details available on our Sites.

If you are using Rapyd financial services, please refer to this privacy policy.

Specifically, this Privacy Policy describes our practices regarding:

1. Data Collection
2. Data Uses
3. Data Location and Retention
4. Data Sharing
5. Cookies and Tracking Technologies
6. Communications
7. Data Security
8. Data Subject Rights
9. Additional Notices
10. Additional Terms for California Residents

Please read this Privacy Policy carefully and make sure that you fully understand and agree to it. If you do not agree to this Privacy Policy, please discontinue and avoid using our Sites, events and challenges (collectively, the “Services”).

You are not legally required to provide us with any Personal Data, but without it, we will not be able to provide you with the full range of Services or with the best user experience when using our Services.

 1. Data Collection

We collect and process the following categories of Personal Data:

• Contact information: we collect contact information (such as name, phone number and email address) from you when you submit web-forms, including opportunities to sign up for and agree to receive email communications from us.
• Usage Information: when you use the Sites, we collect technical information about your interaction with our Sites, such as your user agent, IP addresses, device data (like device type, OS, device ID, browser version, locale and language settings used), activity logs, session recordings, and the cookies and pixels installed or utilized on our Sites and/or a user’s device, as further described under the “Cookies and Tracking Technologies” section below.
• Communication Information and Engagement Information: when you send us an email or contact our support team or sales team, we collect the Personal Data you provide us. This includes your name, email address and any other information you choose to provide. We will also collect your engagement data such as your registration for attendance of Rapyd events, challenges and other interaction with Rapyd employees. If you submit Personal Data to us to participate in an offer or promotion, we will use the Personal Data you submit to administer the offer or promotion.
• Account Data (from our Community Members only): when you open an account at the Rapyd Developer Community, you will be asked to provide account login credentials (usernames and passwords) and your email address. You may provide additional information about yourself, such as your name, profile photograph, achievements, and badges. We will also collect information about your activity within the community, such as posts, photos or videos you upload to the community. If you choose to log in, access or otherwise connect to the Rapyd Developer Community through a social networking service (such as Facebook, Twitter, Instagram, etc.), we may collect your user ID and/or username associated with that social networking service, as well as any information you make public using that social networking service or that the social networking service allows us to access.

 2. Data Uses

We use Personal Data as necessary for the performance of our Services and in reliance on the following legal bases:

Purpose	Legal basis for processing
To facilitate, operate, and provide our Service.	Legitimate Interest Performance of a Contract
To provide you assistance and support.	Legitimate Interest Performance of a Contract
To evaluate and develop new features, technologies, and improvements to the Service.	Legitimate Interest
To facilitate and optimize our marketing campaigns, ad management and sales operations, and to manage and deliver advertisements for our products and services more effectively, including on other websites and applications.	Legitimate Interest Consent (where required)
To contact our Visitors, Participants, marketing leads and prospective clients with general or personalized messages and communications, as further described under Section 6 below.	Legitimate Interest Consent (where required)
To comply with our contractual and legal obligations and requirements, and maintain our compliance with applicable laws, regulations and standards.	Legal Obligation Performance of a Contract Legitimate Interest
To support and enhance our data security measures, including for the purposes of preventing and mitigating the risks of fraud, error or any illegal or prohibited activity.	Legal Obligation Legitimate Interest

If you reside or are using the Services in a territory governed by privacy laws which determine that “consent” is the only or most appropriate legal basis for processing Personal Data (in general, or specifically with respect to the types of Personal Data you choose to share via the Service), your acceptance of our terms and conditions and of this Privacy Policy will be deemed as your consent to the processing of your Personal Data for all purposes detailed in this Privacy Policy. We may also obtain express consent from you separately (e.g. where required for the purpose of sending direct marketing), in which case we will proceed to process your Personal Data on the basis of such express consent. If you wish to revoke your consent, please contact us by email at privacy@rapyd.net.

 3. Data Location and Retention

Data Location. Given the global nature of our Services, your Personal Data may be maintained, processed and stored by our Service Providers (defined below) in the United States of America (U.S.), the State of Israel, Singapore, the European Economic Area (“EEA”), Iceland, the UK, Hong Kong, Dubai, and other jurisdictions, as necessary for the proper delivery of our Services, or as may be required by law. For data transfers from the EEA or the UK to countries which are not considered by the European Commission and the UK Secretary of State to be offering an adequate level of data protection, we and the relevant data importers have entered into Standard Contractual Clauses as approved by the European Commission and UK Information Commissioner’s Office (ICO).

Data Retention. We will retain your Personal Data for as long as we deem it as reasonably necessary, for the purposes listed above, in order to maintain and expand our relationship and provide you with our Services ; in order to comply with our legal and contractual obligations, or to protect ourselves from any potential disputes (i.e., as required by laws applicable to log-keeping, records and bookkeeping, and to have proof and evidence concerning our relationship, should any legal issues arise following your discontinuance of use), in accordance with our data retention policy.

 4. Data Sharing

Rapyd Subsidiaries: we may share Personal Data internally within Rapyd for the purposes described in this Privacy Policy. Such sharing is made subject to our internal Data Processing Agreements.

Service Providers: we may engage selected third party companies and individuals to perform services complementary to our own, namely – hosting, data analytics, consulting, support, marketing and advertising, data and cyber security, user engagement, instant messaging, company registration and incorporation; as well as our business, financial, compliance and legal advisors (collectively, “Service Providers”). These Service Providers may have access to your Personal Data, depending on each of their specific roles and purposes in facilitating and enhancing our Services, and may only use it for such purposes.

Legal Compliance: we may disclose or allow government and law enforcement officials access to your Personal Data, in response to a subpoena, search warrant or court order (or similar requirement), or in compliance with applicable laws and regulations. Such disclosure or access may occur if we believe in good faith that we are legally compelled to do so, or that it is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing.

Rapyd Developer Community: when you post in the Rapyd Developer Community, your posts will be publicly available to other community members and Site Visitors. You may also choose to share your Personal Data with other community members by sending them a direct message, in which case the content of the message and your Personal Data will be shared with the community member with whom you chose to interact.

Event Sponsors: if you attend an event or webinar organized by us, a webinar or other activity involving third-party sponsors or presenters, we may share your Personal Data with them. If required by applicable law, you may consent to such sharing via the registration form or by allowing your attendee badge to be scanned at a sponsor booth. In these circumstances, your Personal Data will be subject to the sponsors’ privacy statements. If you do not wish for your Personal Data to be shared, you may choose to not opt-in via event/webinar registration or elect to not have your badge scanned.

Protecting Rights and Safety: we may share your Personal Data with others if we believe in good faith that this will help protect the rights, property or personal safety of Rapyd, our Visitors, Participants, marketing leads and prospective clients, or any members of the general public.

Mergers and Acquisitions: should Rapyd undergo any change in control or ownership, including by means of merger, acquisition or purchase of all or part of its assets, your Personal Data may be shared with the parties involved in such event.

For the avoidance of doubt, Rapyd may share your Personal Data in additional manners, such as pursuant to your explicit approval, if we are legally obligated to do so, or if we have successfully rendered such data non-personal and anonymous. We may transfer, share or otherwise use non-personal data at our sole discretion and without the need for further approval.

5. Cookies and Tracking Technologies

Some of our Services and Service Providers utilize “cookies”, anonymous identifiers and other tracking technologies which help us provide, secure and improve our Services, personalize your experience and monitor the performance of our activities and campaigns.

A cookie is a small text file that is placed, for example, to collect data about activity on our Site. Some cookies and other similar technologies serve to recall Personal Data, such as an IP address, that was previously indicated by the Visitor.

While we do not change our practices in response to a “Do Not Track” signal in the HTTP header from a browser and recommend the use of cookies for an optimal user experience of our Services, most browsers allow you to control cookies, including whether to accept them or to remove them. You may set most browsers to notify you if you receive a cookie, or you may choose to block cookies with your browser. You can read the complete Rapyd Cookie Policy here.

We also use analytics tools such as Google Analytics. These tools help us understand your behavior on our Services, including by tracking page content, and click/touch, movements, scrolls and keystroke activities. Further information about the privacy practices of our Google Analytics is available at: www.google.com/policies/privacy/partners/;

Further information about your option to opt-out of Google Analytics services is available at: https://tools.google.com/dlpage/gaoptout.

Please note that if you get a new computer or device, install a new browser, erase or otherwise alter your browser’s cookie file (including upgrading certain browsers), you may also clear the opt-out cookies installed once you opt-out, so an additional opt-out will be necessary to prevent additional tracking.

6. Marketing Communications

We may contact you with promotional messages (such as newsletters, special offers and sales, new product announcements, etc.) or any other information we think you will find valuable. We may provide such notices through any of the contact means available to us (e.g. phone or email), through the Services, or through our marketing campaigns on any other sites.

If you do not wish to receive such promotional communications, you may notify us at any time by sending an email to privacy@rapyd.net, changing your communications preferences in your account, or by following the “unsubscribe”, “stop”, “opt-out” or “change email preferences” instructions contained in the promotional communications you receive.

7. Data Security

In order to protect your Personal Data, we use industry-leading physical, procedural and logical security measures. However, please be aware that regardless of any security measures used, we cannot and do not guarantee the absolute protection and security of any Personal Data stored with us or with any third parties as described in Section 4 above.

8. Data Subject Rights

Depending on the jurisdiction in which you reside, you may have certain rights under relevant applicable laws regarding the collection and processing of your Personal Data. To the extent these rights apply and concern you, you can contact us and ask to exercise the following rights:

8.1. Right of access:

You have the right to receive confirmation as to whether or not Personal Data concerning you is being processed and access your stored Personal Data.

8.2. Right of data portability:

you have the right to request us to move, copy and transfer your Personal Data easily from one IT environment to another, in a safe and secure way, without affecting its usability.

8.3. Right of rectification:

You have the right to request rectification of your Personal Data in our control in the event that you believe the Personal Data held by Rapyd is inaccurate, incomplete or outdated.

8.4. Right of deletion/erasure:

You have the right to request that Rapyd erase or delete Personal Data held about you at any time.

8.5. Right to restriction or objection to processing:

You have the right to request that Rapyd restrict or cease to conduct certain Personal Data processes at any time.

8.6. Right to withdraw your consent:

To the extent we process Personal Data on the basis of your consent, you have the right to withdraw your given consent at any time.

8.7. Right to limit use and disclosure of your sensitive Personal Data:

This right is not applicable, as Rapyd does not process sensitive Personal Data about Visitors and Participants.

8.8. Right not to be subject to automated decision making:

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly effects to you.

8.9. Right to opt-out of the sale or share of Personal Data:

In the event that we sell or share your Personal Data for behavioral advertising purposes, you have the right to submit a request to opt-out of the sale or share of your Personal Data. After you opt-out, we may continue disclosing some Personal Data with our partners to help us perform business-related functions such as, but not limited to, providing the Services, ensuring that the Services is working correctly and securely, providing aggregate statistics and analytics and preventing fraud.

8.10. Right to non-discrimination:

you have the right to be free from any discrimination for exercising your rights, such as offering you different pricing or products, or by providing you with a different level or quality of services, based solely upon your request.

Please note that these rights are not absolute, and may be subject to the relevant applicable laws, our own legitimate interests and regulatory requirements. Please also note that the rights mentioned above may have different application, title or legal definition depending on your jurisdiction. 

If you wish to exercise your rights, you can submit your request via Rapyd Privacy Request Webform or contact us  at the following email address: privacy@rapyd.net. We will consider any requests, complaints or queries and provide you with a reply in a timely manner. We take our obligations seriously and we ask that any concerns are first brought to our attention, so that we can try to resolve them. To the extent you feel unsatisfied with our response to your request to exercise your rights, you may choose to send us a request to appeal our decision. If you are unsatisfied with our response, you can lodge a complaint with the applicable data protection supervisory authority. 

Please note that once you contact us by email regarding your data subject rights, we may require additional information and documents, including certain Personal Data, in order to authenticate and validate your identity and to process your request. Such additional data will be then retained by us for legal purposes (e.g. as proof of the identity of the person submitting the request), in accordance with Section 3 above.

9. Additional Notices

Updates and Amendments: we may update and amend this Privacy Policy from time to time by posting an amended version on our Services. The amended version will be effective as of the date it is so published. We will provide a 10-day prior notice on the homepage of our Sites if we believe any substantial changes are involved via any of the communication means available to us or via the Services. After such notice period, all amendments shall be deemed accepted by you.

External Links: while our Services may contain links to other websites or services, we are not responsible for their privacy practices, and encourage you to pay attention when you leave our Services for the website or application of such third parties and to read the privacy policies of each and every website or service you visit. This Privacy Policy applies only to our Services.

Our Services are not designed to attract children under the age of majority (as determined under the applicable laws where the individual resides; “Age of Majority”). Our Services are not intended for, and we do not knowingly collect Personal Data from individuals under the Age of Majority and do not wish to do so. If we learn that a person under the Age of Majority is using the Services, we will prohibit and block such use and will make all efforts to promptly delete any Personal Data stored with us with regard to such individuals. If you believe that we might have any such data, please contact us by email at privacy@rapyd.net.

Contact Us: If you have any comments or questions about this Policy or if you want to exercise any of your rights, please contact us by sending a message to privacy@rapyd.net.

 

If you reside in the EU/EEA, you may contact our EU/EEA representative:
Rapyd Europe hf.
Dalshraun 3,
220 Hafnarfjörður,
Iceland
privacy@rapyd.net

 

If you reside in the UK, you may contact our UK representative:

Rapyd Payments Limited
Rapyd suite 26
Weston business  Centre
Parsonage Road
Takeley
Essex
CM22 6PU.
England
privacy@rapyd.net

 Additional Terms for California Residents

 This part of this Privacy Policy addresses the specific disclosure requirements under the California Consumer Privacy Act of 2018 (Cal. Civ. §§ 1798.100–1798.199) and the California Consumer Privacy Act Regulations by the Attorney General (collectively, “CCPA“).

 The categories of Personal Information we process:

In the preceding 12 months, we have collected and disclosed the following categories of Personal Information (as this term is defined under the CCPA):

Category of Personal Information Collected	Personal Information Collected	Categories of service providers to whom Personal Information was disclosed
A. Identifiers	A real name, online identifier, Internet Protocol address, email address, and account names.	Rapyd subsidiaries; Service providers; Ad-network and advertising partners
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	A name, telephone number, and address.	Rapyd subsidiaries; Service providers
F. Internet or other electronic network activity data	Browsing history, search history, and information on interactions with our websites or advertisements.	Rapyd subsidiaries; Service providers; Ad-network and advertising partners
G. Geolocation data	Approximate location derived from IP address.	Rapyd subsidiaries; Service providers; Ad-network and advertising partners
H. Sensory data	Photos of our Community Members (optional)	Rapyd subsidiaries; Service providers
I. Employment related data	Current or past job history.	Rapyd subsidiaries; Service providers

 Sources of Personal Information:

In the preceding 12 months, we have collected Personal Information from the following categories of sources:

(a)   Consumer directly.

(b)   Advertising networks.

(c) Social networks.

Sharing and Selling Personal Information

 We do not “sell” Personal Information as most people would typically understand that term. However, we share Personal Information with third parties for the purpose of cross-context behavioral advertising, via the cookies we place on your browser when you visit our website. In order to see the full list of cookies we use, including those used for cross-context behavioral advertising and understand how to opt-out of such usage, please visit Rapyd’s Cookie Policy here.

In the preceding 12 months we “sell” or “share” the following categories of Personal Information for a business purpose:

Category (corresponding with the table above)	Category recipient	Purpose of sale of share
Category A Category F Category G	Ad-network and advertising partners.	Cross-context behavioral advertising.

Your rights

You can exercise your rights, as detailed in the Data Subjects Rights section, by submitting a verifiable consumer request to the contact details listed above.

The request must:

• Provide sufficient information to allow us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative.
• Describe your request with sufficient details to allow us to properly understand, evaluate, and respond to it.
• We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. Making a verifiable consumer request does not require you to create an account with us.  We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

 Authorized Agent

You can designate an authorized agent to make a request under the CCPA on your behalf if:

• The authorized agent is a natural person or a business entity registered with the Secretary of State of California; and
• You sign a written declaration that you authorize the authorized agent to act on your behalf.

If you use an authorized agent to submit a request to exercise your right to know or your right to request deletion, please mail a certified copy of your written declaration authorizing the authorized agent to act on your behalf using the contact information below.

If you provide an authorized agent with power of attorney pursuant to Probate Code sections 4000 to 4465, it may not be necessary to perform these steps and we will respond to any request from such authorized agent in accordance with the CCPA.