This is the privacy statement for IGP GROUP LTD. The IGP GROUP LTD Group companies and all its subsidiaries and affiliates (IGP GROUP LTD, we, us, our).

IGP GROUP LTD respects and protects the privacy of visitors to our websites and our customers who use our services. To ensure transparency, this Privacy Policy describes our data handling practices when you access content we own or operate on the website located at www.ipgpayments.com or any other associated websites we own or operate (site(s)).

Please take a moment to read through our privacy policy. If you have any specific questions about it, you’re welcome to contact us at sales@ipgpayments.com and we will be happy to give you further clarity.

Information on our Privacy Policy

This Privacy Policy outlines what data we collect from you, how we use this information, and how we take care in disclosing this information, in compliance with data protection laws, including the General Data Protection Regulation (GDPR).
By accessing and reading our Privacy Policy, you acknowledge you have been informed about the processing of your personal data that we may process from you.

In this statement we have used certain terms which are set out in the UK’s General Data Protection Regulation (GDPR or the Regulation):
Personal data means: any information relating to an identified or identifiable natural person (data subject).

An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Controller means: the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

Processor means: a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Processing means: any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

PRIVACY STATEMENT

What is the lawful reason IGP GROUP LTD uses to process personal data?

The four lawful reasons IGP GROUP LTD uses to process personal data are set out in Article 6 of the Regulation.

Processing will only be lawful if and to the extent that at least one of the following applies:

• The data subject has given consent to the processing of his or her personal data for one or more specific purposes (Consent).
• Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (Contract Performance).
• Processing is necessary for compliance with a legal obligation which we are subject to (Legal Obligations).
• Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party (Legitimate Interest).

1. Consent

Where we process personal data as a result of Consent, we ensure that consent is freely given, specific and informed, and established by a clear affirmative act. Where Consent is withdrawn, we have set out below how this may be undertaken by the data subject.

2. Contract Performance

Where we enter into a contract with third parties, processing of personal data may be necessary in order to execute such a contract or take pre-contract preparation steps.

3. Legal Obligations

Where there are legal obligations which apply to IGP GROUP LTD, processing of personal data may be required by law.

4. Legitimate Interest

Where we process personal data as it is necessary for the purpose of our legitimate interests, we do so on the basis of a balanced evaluation of our interests and the rights and freedoms of the data subject.

We have concluded that the way we manage the processing of personal data results in a cumulation of data subject protections which show that the balance is in favour of IGP GROUP LTD being able to rely on Article 6.1(f) of the Regulation.

Why does IGP GROUP LTD need to collect and store personal data?

We collect and store personal data to provide our clients, customers, suppliers or third parties with the service they require or provide as a party to a contract with us. We do not process personal data for any reason other than this purpose.

We only keep personal data for as long as is necessary to undertake this purpose.

When does IGP GROUP LTD collect my information?

IGP GROUP LTD collects information about you if you:

• Register with or use our website or online services;
• Represent one of our business clients;
• Work with us as a service provider;
• Visit an IGP GROUP LTD office or register to attend an IGP GROUP LTD event.

What type of personal data does IGP GROUP LTD collect?

If you wish to use any of our services, we will collect and retain certain relevant data, including:

• Personal info: Name, signature
• ID data: Government-issued identifiers, DOB
• Financial: Account and transaction data
• Contractual: Service-related information
• Socio-demographic: Job, nationality, education
• Technical: IP address, device details
• Behavioural: Usage data
• Location: Geographical information
• Communications: Messages, emails
• Public info: Online or public record data

How does IGP GROUP LTD handle my personal data?

We collect personal data only for specific purposes.

We process data only for compatible purposes.

We do not retain data longer than necessary unless required by law.

How will IGP GROUP LTD use the personal data it collects about me?

We may use your personal information to:

Provide and improve services

Administer internal operations

Inform you of updates or services

Process billing

Meet legal/regulatory obligations

We may disclose your info to:

• Affiliates, agents, and advisers
• Service providers
• Law enforcement or regulators (if required)

We do NOT:

• Send marketing without consent
• Sell your data to third parties

Will IGP GROUP LTD share my personal data with anyone else?

Yes, when necessary for service provision, compliance, or business operations. This may include:

• Internal IGP GROUP LTD teams
• Third-party processors or controllers
• Fraud prevention organisations
• Regulatory bodies
• Government and legal authorities

Your data protection rights

You have the right to access, correct, restrict, object, or request deletion of your personal data. You also have the right to data portability and to not be subject to automated decisions. Contact sales@ipgpayments.com for requests.

Security measures for your personal data

We use technical and organisational measures to safeguard your data from loss, destruction, unauthorised access or processing. Risk assessments and safeguards are reviewed regularly.