Privacy Policy


Welcome to the PAYONE documentation platform. In the following, we will provide you with information about nature, scope and purposes of processing your personal data and your rights.

You can rest assured that we process your personal data exclusively as mandated by statutory data protection provisions. But data protection is more than just a legal obligation for us. In fact, data protection in practice is a customer-oriented quality feature and is our highest priority at PAYONE.


PAYONE GmbH, Lyoner Straße 15, 60528 Frankfurt am Main, Germany

Legal representative:

Managing Directors: Ottmar Bloching, Frank Hartmann, Björn Hoffmeyer, Roland Schaar
Chairman of the Supervisory Board: Sven Korschinowski

Data protection officer:

Data Protection Officer of PAYONE GmbH, Lyoner Strasse 15, 60528 Frankfurt am Main, email:



Personal Data Processing


Categories of personal data processed by us: Purpose of processing: Legal basis: Period of storage:

Plausible Analytics
Plausible Insights OÜ, Västriku tn 2, 50403, Tartu, Estonia (Plausible Analytics Provider),
We use Plausible's privacy-friendly web analytics service to collect anonymous statistics about the use of our website. Based on anonymized data, the analysis does not allow any conclusions to be drawn about individual persons. The following data is processed:


  • Website URL
  • HTTP referrer
  • Browser version
  • Operating system
  • Device type
  • Country (the IP address is not stored)

Basic Analytics about Website usage

The processing of the data is based on our legitimate interest in measuring the reach of our website (Art. 6 para. 1 p. 1 lit. f) GDPR).

No personally identifiable data points are stored. Salted hashes are rotated daily.

The data storage does not take place in the Plausible Cloud, but on our own server. You can find more information about Plausible at

Server log data:

IP address, website usage data (log data about website access or file access, e.g. name of the file accessed, date and time of access, amount of data transferred) and device information (e.g. operating system, browser type and version), cookie information in session cookies

  • Network communication
  • Security and functionality of the website
  • Error detection and troubleshooting

§ Art. 6 (1) 1 lit. f) GDPR.

The legitimate interest in the temporary storage of the log data (server log files) and session cookie information is in our interest for the efficient and secure provision of our website.

7 days

If further storage is required for evidence purposes, the data will be deleted after the incident has been conclusively clarified

Session cookies are deleted at the end of the browser session


Data Recipients

Personal data is passed on to the following data recipients for the purpose of providing our website services: Hosting service providers, data center operators.

Data Transfer To Third Countries


Legal rights of the data subjects

Statutory data proteciton right Content Legal Basis

Right of access

Right to information about the processed personal data concerning you and further information relating to the data processing which concerns you (e.g. processing purposes, data recipients).

Art. 15 GDPR

Right to rectification

Right to rectify inaccurate personal data relating to you or to complete incomplete personal data.

Art. 16 GDPR

Right to restriction of processing

Right to restrict the processing of personal data concerning you under certain conditions (e.g. contested accuracy of the data for the duration of the review).

Art. 18 GDPR

Right to Erasure ("Right to be forgotten")

Right to erasure of personal data concerning you under certain conditions (e.g. cessation of purpose, revocation of consent).

Art. 17 GDPR

Right to object

Right to object to the processing of your personal data under certain conditions.

Art. 21 GDPR

Right to data portability

Right to receive personal data prepared in a structured, widely used and machine-readable format in order to be able to transfer the data to another location or right to transfer the data directly to the other location, to the extent that this is technically feasible, under certain conditions.

Art. 20 GDPR

Right to lodge a complaint with a supervisory authority

Right to lodge a complaint with a competent data protection supervisory authority if you believe that the processing of your personal data breaches the GDPR. For example, this may be the

supervisory authority responsible for PAYONE:

The Hesse Data Protection Commissioner, Gustav-Stresemann-Ring 1, 65189 Wiesbaden,

Art. 57 Para 1(f), Art. 77 GDPR

Right of withdrawal

Right to withdraw your consent to the processing of your personal data at any time with future effect.

Art. 7 Para 3 GDPR


 To assert the legal rights of the data subject and for all other questions regarding data processing, please write to the above address or send an email to


Additional Information About Data Processing

Legal obligation to provide personal data:



Does automated decision-making take place?



What is the source of the personal data? (if not provided by the data subject)

Not relevant, as none of your personal data is obtained from third-party sources.


For any further information about Data Privacy and our Privacy Policy, please feel to contact us over the webportal here (in german) or contact our team under