Welcome to the PAYONE documentation platform. In the following, we will provide you with information about nature, scope and purposes of processing your personal data and your rights.
You can rest assured that we process your personal data exclusively as mandated by statutory data protection provisions. But data protection is more than just a legal obligation for us. In fact, data protection in practice is a customer-oriented quality feature and is our highest priority at PAYONE.
Controller: PAYONE GmbH, Lyoner Straße 9, 60528 Frankfurt am Main, Germany
Legal representative:
Managing Directors: Niklaus Santschi, Frank Hartmann, Björn Hoffmeyer, Roland Schaar
Chairman of the Supervisory Board: Ottmar Bloching
Data protection officer: Data Protection Officer of PAYONE GmbH, Lyoner Strasse 9, 60528 Frankfurt am Main, privacy@payone.com
| Categories of personal data processed by us: | Purpose of processing: | Legal basis: | Period of storage: |
|---|---|---|---|
Server log data: IP address, website usage data (log data about website access or file access, e.g. name of the file accessed, date and time of access, amount of data transferred) and device information (e.g. operating system, browser type and version), cookie information in session cookies |
| § Art. 6 (1) 1 lit. f) GDPR.
| 7 days If further storage is required for evidence purposes, the data will be deleted after the incident has been conclusively clarified Session cookies are deleted at the end of the browser session |
Plausible Analytics Plausible Insights OÜ, Västriku tn 2, 50403, Tartu, Estonia (Plausible Analytics Provider), https://plausible.io/ We use Plausible's privacy-friendly web analytics service to collect anonymous statistics about the use of our website. Based on anonymized data, the analysis does not allow any conclusions to be drawn about individual persons. The following data is processed:
|
| The processing of the data is based on our legitimate interest in measuring the reach of our website (Art. 6 para. 1 p. 1 lit. f) GDPR). | No personally identifiable data points are stored. Salted hashes are rotated daily. The data storage does not take place in the Plausible Cloud, but on our own server. You can find more information about Plausible at https://plausible.io/data-policy. |
Data recipients
Personal data is passed on to the following data recipients for the purpose of providing our website services: Hosting service providers, data center operators.
Data Transfer To Third Countries
- no
Legal rights of the data subjects
| Statutory data protection right | Content | Legal Basis |
|---|---|---|
| Right of access | Right to information about the processed personal data concerning you and further information relating to the data processing which concerns you (e.g. processing purposes, data recipients). | Art. 15 GDPR |
| Right to rectification | Right to rectify inaccurate personal data relating to you or to complete incomplete personal data. | Art. 16 GDPR |
| Right to restriction of processing | Right to restrict the processing of personal data concerning you under certain conditions (e.g. contested accuracy of the data for the duration of the review). | Art. 18 GDPR |
| Right to Erasure ("Right to be forgotten") | Right to erasure of personal data concerning you under certain conditions (e.g. cessation of purpose, revocation of consent). | Art. 17 GDPR |
| Right to object | Right to object to the processing of your personal data under certain conditions. | Art. 21 GDPR |
| Right to data portability | Right to receive personal data prepared in a structured, widely used and machine-readable format in order to be able to transfer the data to another location or right to transfer the data directly to the other location, to the extent that this is technically feasible, under certain conditions. | Art. 20 GDPR |
| Right to lodge a complaint with a supervisory authority | Right to lodge a complaint with a competent data protection supervisory authority if you believe that the processing of your personal data breaches the GDPR. For example, this may be the supervisory authority responsible for PAYONE: The Hesse Data Protection Commissioner, Gustav-Stresemann-Ring 1, 65189 Wiesbaden, https://datenschutz.hessen.de/ | Art. 57 Para 1(f), Art. 77 GDPR |
| Right of withdrawal | Right to withdraw your consent to the processing of your personal data at any time with future effect. | Art. 7 Para 3 GDPR |
To assert the legal rights of the data subject and for all other questions regarding data processing, please write to the above address or send an email to privacy@payone.com.
Additional Information About Data Processing
| Legal obligation to provide personal data: |
|
| Does automated decision-making take place? |
|
| What is the source of the personal data? (if not provided by the data subject) | Not relevant, as none of your personal data is obtained from third-party sources. |