Skip to end of metadata
Go to start of metadata

Welcome to the PAYONE documentation platform. In the following, we will provide you with information about nature, scope and purposes of processing your personal data and your rights.

You can rest assured that we process your personal data exclusively as mandated by statutory data protection provisions. But data protection is more than just a legal obligation for us. In fact, data protection in practice is a customer-oriented quality feature and is our highest priority at PAYONE.

Controller: PAYONE GmbH, Lyoner Straße 9, 60528 Frankfurt am Main, Germany
Legal representative:

Managing Directors: Niklaus Santschi, Frank Hartmann, Björn Hoffmeyer, Roland Schaar

Chairman of the Supervisory Board: Ottmar Bloching
Data protection officer: Data Protection Officer of PAYONE GmbH, Lyoner Strasse 9, 60528 Frankfurt am Main, privacy@payone.com

Categories of personal data processed by us:Purpose of processing:Legal basis:Period of storage:

Server log data:

IP address, website usage data (log data about website access or file access, e.g. name of the file accessed, date and time of access, amount of data transferred) and device information (e.g. operating system, browser type and version), cookie information in session cookies

  • Network communication
  • Security and functionality of the website
  • Error detection and troubleshooting

§ Art. 6 (1) 1 lit. f) GDPR.

  • The legitimate interest in the temporary storage of the log data (server log files) and session cookie information is in our interest for the efficient and secure provision of our website.

7 days

If further storage is required for evidence purposes, the data will be deleted after the incident has been conclusively clarified

Session cookies are deleted at the end of the browser session

Plausible Analytics

Plausible Insights OÜ, Västriku tn 2, 50403, Tartu, Estonia (Plausible Analytics Provider), https://plausible.io/  

We use Plausible's privacy-friendly web analytics service to collect anonymous statistics about the use of our website. Based on anonymized data, the analysis does not allow any conclusions to be drawn about individual persons. The following data is processed:

  • Website URL
  • HTTP referrer
  • Browser version
  • Operating system
  • Device type
  • Country (the IP address is not stored)
  • Basic Analytics about Website usage
The processing of the data is based on our legitimate interest in measuring the reach of our website (Art. 6 para. 1 p. 1 lit. f) GDPR).

No personally identifiable data points are stored. Salted hashes are rotated daily.

The data storage does not take place in the Plausible Cloud, but on our own server. You can find more information about Plausible at https://plausible.io/data-policy.

Data recipients

Personal data is passed on to the following data recipients for the purpose of providing our website services: Hosting service providers, data center operators.

Data Transfer To Third Countries

  • no

Legal rights of the data subjects

 Statutory data protection rightContentLegal Basis
Right of accessRight to information about the processed personal data concerning you and further information relating to the data processing which concerns you (e.g. processing purposes, data recipients).Art. 15 GDPR
Right to rectificationRight to rectify inaccurate personal data relating to you or to complete incomplete personal data.Art. 16 GDPR
Right to restriction of processingRight to restrict the processing of personal data concerning you under certain conditions (e.g. contested accuracy of the data for the duration of the review).Art. 18 GDPR
Right to Erasure ("Right to be forgotten")Right to erasure of personal data concerning you under certain conditions (e.g. cessation of purpose, revocation of consent).Art. 17 GDPR
Right to objectRight to object to the processing of your personal data under certain conditions.Art. 21 GDPR
Right to data portabilityRight to receive personal data prepared in a structured, widely used and machine-readable format in order to be able to transfer the data to another location or right to transfer the data directly to the other location, to the extent that this is technically feasible, under certain conditions.Art. 20 GDPR
Right to lodge a complaint with a supervisory authority

Right to lodge a complaint with a competent data protection supervisory authority if you believe that the processing of your personal data breaches the GDPR. For example, this may be the

supervisory authority responsible for PAYONE:

The Hesse Data Protection Commissioner, Gustav-Stresemann-Ring 1, 65189 Wiesbaden, https://datenschutz.hessen.de/

Art. 57 Para 1(f), Art. 77 GDPR
Right of withdrawalRight to withdraw your consent to the processing of your personal data at any time with future effect.Art. 7 Para 3 GDPR

 To assert the legal rights of the data subject and for all other questions regarding data processing, please write to the above address or send an email to privacy@payone.com.

Additional Information About Data Processing

Legal obligation to provide personal data:
  • No
  • Yes
Does automated decision-making take place?
  • No
  • Yes
What is the source of the personal data? (if not provided by the data subject)Not relevant, as none of your personal data is obtained from third-party sources.
  • No labels