The information contained in the privacy policy includes:

1. Definitions
2. General provisions
3. Information on personal data processing – Seller’s account
4. Information on personal data processing – Customer
5. Information on personal data processing – Acceptor
6. Underage persons
7. Competitions, promotional activities, contact form
8. Telephone contact
9. Video surveillance
10. Social media
11. Work at PeP Sp. z o.o.
12. Personal Data Protection
13. Scope of Personal Data Processing
14. Access to Your Data
15. Data Transferring to Third Countries
16. Rights to be exercised
17. Closure of the Seller Account
18. Other information
19. Changes to the Privacy Policy

1. DEFINITIONS

• Administrator – the entity which decides on the purposes and means of personal data processing – Polskie ePłatności Sp. z o.o. with its registered office in Tajęcina (hereinafter referred to as “Settlement Agent” or “AG”),address: Tajęcina 113, 36-002 Jasionka, entered in the Register of Entrepreneurs of the National Court Register under KRS No. 0000227278, NIP (Tax Identification Number) 5862141089, REGON No. 220010531, with a share capital of PLN 16,699,500, fully paid up,
• Personal data – information about an identified or identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of the natural person,
• GDPR – Regulation (EU) 2016/679 of the European parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
• DPO – Data Protection Officer – a person appointed by the controller to assist with compliance with data protection legislation. Any questions or concerns regarding the Privacy Policy can be directed to us at: dane.osobowe@pep.pl.
• Data Subject – any natural person whose personal data is processed by the Administrator in connection with the Administrator’s business, e.g. a Acceptor, a Customer, an employee of the Administrator,
• Policy – the subject Privacy Policy of Polskie ePłatności Sp. z o.o.,
• Settlement Agent – provider providing payment service, as referred to in Article 3.1.5 of the Payment Services Act – Polskie ePłatności Sp. z o.o. with its seat in Tajęcina (hereinafter referred to as “Settlement Agent” or “AG” or PeP Sp. z o.o.) address: Tajęcina 113, 36-002 Jasionka,
• Seller – an entrepreneur, being a natural person, a legal person or an organisational unit without legal personality endowed with legal capacity, who sells goods or provides services via the Internet and who has concluded an Agreement with the Settlement Agent,
• Customer – an entity that makes a payment for goods or services offered by a vendor on its website,
• Processor – Centrum Rozliczeń Elektronicznych S.A. with its registered office in Tajęcina, Tajęcina 113, 36 -002 Jasionka, entered into the Register of Entrepreneurs kept by the District Court in Rzeszów, XII Economic Division of the National Court Register under KRS number 0000347131, NIP (Tax Identification Number) 813-36-11-149, REGON No. 180523400.
• Acceptor – an entity other than the consumer who is the recipient of the funds that are the subject of the Transaction and who has entered into the Agreement with the Settlement Agent and the Processor,
• Seller Account – means a sub-page of the Settlement Agent’s IT system assigned to the Seller, which the Seller accesses via the website https://merchant.pep.pl only with the use of a valid ID and password; the Seller Account is an administrative area that allows the Seller to manage Payment-related data and communicate with the Settlement Agent and, at the same time, may constitute an accounting settlement account – in the event that AG provides acquiring services to the Seller,
• Service and Sites – the Administrator’s websites to which this Policy applies,
• Payment Gateway – means a functioning application which is linked to acquirers, banks and other financial institutions and which allows data to be transferred to the IT systems of these institutions for the purpose of completing online payment transactions (e.g. credit card payments, MOTO and online payments, online bank transfers, PayPal) initiated by Customers,
• Intermediary Institution – an institution that participates in the transfer of payment funds by the Customer to the Seller for the purpose of making Payments, in particular banks, clearing agents, payment system operators, Card Organisations, electronic money institutions,
• Third country – within the meaning of the GDPR is a country outside the European Economic Area (the EEA consists of the countries of the European Union plus Iceland, Liechtenstein and Norway).

2. GENERAL PROVISIONS

1. The Settlement Agent fully supports the need to protect your privacy both when you visit our websites and when you use our services – either through our websites or by other means.
2. With this in mind, we have created this document to set out the rules for collecting, storing, sharing and safeguarding the information we receive when you visit and browse our websites or use the Settlement Agent Services. This Privacy Policy governs your User Account and any information you provide to us through our websites, products, services or other features or technologies available on our websites or elsewhere.
3. This Privacy Policy also fulfils the information obligation towards the persons whose personal data we process, as indicated in the GDPR. We encourage you to take the time to read the Privacy Policy. Similarly, we also encourage you to familiarise yourself with the policies available on other websites you visit – whether by linking to such a website or otherwise.
4. If you wish to use the AG Services, you must accept all the provisions of this Policy. If you do not agree to any of the provisions of the Policy, you will not be able to register for or use any of our Services. If you do not agree to this, please do not visit or use our websites. There may be links on our pages which, when clicked, will redirect you from our website to another website. Please note that we are not responsible for the privacy policies of other websites. Likewise, we do not control or guarantee the usability, merchantability, workmanship of the products or services offered on third-party websites.
5. “We” and “Settlement Agent” mean the same thing. ‘You’ and ‘Customer’ mean the same thing. “User Account” means an account set up by the Settlement Agent, which allows access to transaction data from the Customer’s merchant account.

3. INFORMATION ON PERSONAL DATA PROCESSING – SELLER ACCOUNT

What data we collect

1. 1. If you choose to open a Seller Account on our Sites and to use the AG Services and complete the relevant form – we will ask you to provide certain information about yourself. The extent of this information will depend on the type of services you would like to receive from AG. In particular, we may ask for the following information:

• username,
• password,
• e-mail address,
• name or company name,
• postal address,
• country,
• payment details, e.g. billing address, credit card number and expiry date, cardholder’s name,
• tax identification number.

2. We may also ask for other (optional) personal or business data, for example:

• telephone number,
• number of years the company has been in operation,
• company description,
• addresses of their own websites,
• monthly sales value,
• gender,
• other personal or business data.

We may also receive such information when you update or complete your details in your Seller Account.

3. Using a Seller Account, you can also create additional User Accounts within your Seller Account. In this case, we will jointly process personal data in terms of:

• name,
• surnames,
• the email address of the Account User.

4. As part of the information in the Seller’s Account about completed payments:

• country,
• IP address,
• information on the method of payment,
• card issuer information, card number (partially encrypted), card expiry date, cardholder’s first and last name.

Purpose and legal basis for personal data processing:

We process the personal data of the Seller, i.e. a natural person conducting business activity:

• on the basis of Article 6(1)(a) of the GDPR, prior to the conclusion of the agreement, i.e. to provide you with an offer of our product or service that you have requested, to assess whether you are eligible to open a Seller Account,
• on the basis of Article 6(1)(b) of the GDPR in order to conclude and perform the agreement, to duly provide services to you,
• on the basis of Article 6(1)(c) of the GDPR in order to comply with legal requirements (including tax and accounting and in order to fulfil the legal obligation of the Settlement Agent under the AML/CFT Act),
• on the basis of Article 6(1)(f) of the GDPR in order to provide a full service, including troubleshooting technical problems and providing the relevant functions, to contact you, in particular for the purposes of providing services, maintenance, authorised marketing and advertising activities, to carry out research and analysis in order to improve the performance of the available services, to enforce compliance with the Terms and Conditions of the Website, analytical and statistical purposes, possible establishment, investigation or defence against claims.

We process the personal data of users of the Seller Account, i.e. the natural person who has access to the Seller Account:

• on the basis of Article 6(1)(b) of the GDPR in order to perform the agreement,
• on the basis of Article 6(1)(f) of the GDPR in order to provide a full service, including troubleshooting technical problems and providing the relevant functions, to contact you, in particular for the purposes of providing services, maintenance, authorised marketing and advertising activities, to carry out research and analysis in order to improve the performance of the available services, to enforce compliance with the Terms and Conditions of the Website, analytical and statistical purposes.

We process the personal data of persons representing the Seller:

• on the basis of Article 6(1)(f) of the GDPR in order to ensure ongoing contact in the performance of the agreement
• on the basis of Article 6(1)(f) of the GDPR in order to provide a full service, including troubleshooting technical problems and providing the relevant functions, to contact you, in particular for the purposes of providing services, maintenance, authorised marketing and advertising activities, to carry out research and analysis in order to improve the performance of the available services, to enforce compliance with the Terms and Conditions of the Website, analytical and statistical purposes, possible establishment, investigation or defence against claims.

4. INFORMATION ON THE PERSONAL DATA PROCESSING – CUSTOMER

What data we collect

Information provided to us by Sellers and Seller Account Users. When you purchase products or services from a Seller (using a payment card or using any other payment method in connection with which we provide certain services to that Seller), we require you to provide that Seller with certain cardholder or account details, i.a.

• first and last name / company name
• credit card number, bank account number.

Our Sellers must pass on some of this data to the Settlement Agent in order to be able to process your transaction.

As part of the information on completed payments in the Seller’s Account, the Settlement Agent processes data to the extent of:

• country,
• IP address,
• information on the method of payment,
• card issuer information,
• card number (partially encrypted),
• the expiry date of the card,
• first and last name of the cardholder

The Settlement Agent processes the Seller’s customer data:

• on the basis of Article 6(1)(b) of the GDPR – in order to perform the agreement with the Seller – the execution of transactions on behalf of the Seller in order to facilitate the performance of payment transactions initiated by the customer,
• on the basis of Article 6(1)(c) of the GDPR – in order to comply with a legal obligation incumbent on the Settlement Agent, to meet the requirements set out in applicable laws and regulations of the relevant payment card organisations or other payment institutions (e.g. Visa, MasterCard).

Special Categories of Personal Data of the Seller’s Customers

The Seller’s Customers’ personal data related to the purchased product may reveal special categories of personal data (e.g. political views, health data) – the Settlement Agent processes such personal data on the basis of Article 9(2)(a) of the GDPR, consent, acceptance of the payment terms and conditions on the Seller’s website, in connection with the necessity to establish, assert or protect claims, e.g. in connection with the handling of the chargeback process.

The Seller acknowledges and accepts that the Settlement Agent may process personal data to the extent necessary for the prevention, investigation and detection of online payment fraud by the competent authorities on the basis of Article 6(1)(c) of the GDPR in order to fulfil the legal obligation of the Settlement Agent under the AML/CFT Act.

5. INFORMATION ON PROCESSING OF PERSONAL DATA – ACCEPTOR

The Settlement Agent processes the personal data of the Acceptor and the persons representing the Acceptor:

• on the basis of Article 6(1)(b) of the GDPR in order to prepare, conclude and perform the agreement, including assessing the risk of non-performance or improper performance of the agreement, by verifying financial probity before concluding the agreement,
• on the basis of Article 6(1)(f) of the GDPR for purposes arising from the legitimate interests of the Settlement Agent, i.e. for the possible establishment, investigation or defence of claims,
• on the basis of consent for direct marketing of the products and services of the Settlement Agent, including profiling and automated decision-making, if such consent has been given, until such time as consent is revoked. Profiling may be the assessment of certain personal factors to better understand your interests and needs regarding the services offered by the Settlement Agent. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of consent before its withdrawal,
• on the basis of Article 6(1)(c) for, inter alia, archiving purposes, fulfilment of obligations relating to the payment of taxes, including the keeping and retention of tax books and documents relating to the keeping of tax books, fulfilment of obligations relating to the prevention of money laundering and terrorist financing.

The Settlement Agent processes the personal data of the persons representing the Acceptor:

• on the basis of Article 6(1)(f) of the GDPR, in order to ensure proper representation and guarantee liability for the obligations of this entity, as well as to ensure ongoing contact with the Acceptor

The Settlement Agent processes the personal data of the persons indicated in the agreement for contact:

• on the basis of Article 6(1)(f) of the GDPR in order to ensure ongoing contact with the Acceptor

The Settlement Agent processes the personal data of the real beneficiaries:

• on the basis of Article 6(1)(c) in order to comply with obligations relating to the prevention of money laundering and terrorist financing. The legal basis for data processing is the legal obligation under the AML/CFT Act

6. UNDERAGE PERSONS

The Settlement Agent shall not solicit or knowingly and actively collect information from persons under the age of 18. Our Sites are not intended for minors, especially not for children under the age of 13. Children may only use our Sites if they are under the direct supervision of their legal guardians.

7. COMPETITIONS, PROMOTIONAL ACTIVITIES, CONTACT FORM

Subscription to services, features on the Sites. If you wish to add comments to our reviews or articles, complete surveys, receive newsletters, participate in contests, promotions or otherwise take advantage of the options available on our Sites, we may ask you to provide information such as:

• name or company name,
• email address, URL and information related to your participation in competitions, promotions, surveys or use of additional services or options. This is usually done by you completing an online form or questionnaires.

If you take part in competitions and promotional activities, your data may be processed on the basis of:

• Article 6(1)(a) of the GDPR of the consent of the person taking part in the competition or promotional action,
• Article 6(1)(b) of the GDPR in order to conclude and perform the award payment agreement,
• Article 6(1)(c) of the GDPR for archiving purposes, inter alia under the Accounting Act,
• Article 6(1)(b) of the GDPR in order to, inter alia:

– provide a full service, including troubleshooting technical and organisational problems,

– to assert or defend against possible claims.

If you contact us for information about our business, we may store information about the questions you have asked and their content. This applies to the following cases:

• you complete and submit the form available on our Website,
• you send us a message via e-mail, or fax.

We will process your data contained in the form in order to respond to the message left via the form. The legal basis for the processing of your data is the consent you have given in the form or by your action of voluntarily leaving your personal data and the content of the message, i.e. on the basis of Article 6(1)(a) of the GDPR. On this basis, we also process your data in order to provide you with commercial information if you have consented to this. You have the right to withdraw your consent at any time.

We may also process your personal data on the basis of Article 6(1)(f) of the GDPR for, among other purposes:

• provide a full service, including troubleshooting technical and organisational problems,
• to contact you, in particular for the purposes of providing services, maintenance, authorised marketing and advertising activities,
• defence against possible claims,
• carry out research and analysis to improve the performance of available services and the customer service department, or
• for statistical purpose.

8. PHONE CONTACT

When you contact us by telephone, we ask you to provide us with data related to the agreement concluded or the services provided. We ask for personal data only if it is necessary to handle the matter to which the contact relates in order to correctly verify the caller. We may ask for your Tax Identification Number, business name and address, agreement number or terminal details. The legal basis in this case is the legitimate interest of the Administrator (Article 6(1)(f) of the GDPR) consisting of the need to resolve a reported matter related to your business.

1. Telephone calls are recorded, which we inform you of at the beginning of the call. Calls are recorded to monitor the quality of the service provided and to verify the work of consultants and for statistical purposes. Recordings are only available to our staff and hotline operators.
2. 2Personal data in the form of a recording of the conversation is processed:

• on the basis of Article 6(1)(b) of the GDPR for the purposes of serving customers and visitors via the Support PeP helpline, in connection with the performance of the concluded agreement,
• on the basis of Article 6(1)(f) of the GDPR for the legitimate interest of the Administrator, to monitor the quality of the service in order to provide the best possible service and for statistical and analytical purposes.

9. VIDEO SURVEILLANCE

We can use video surveillance and access control at our premises. The data collected during monitoring is processed on the basis of Article 6(1)(f) of the GDPR in the legitimate interest of the Administrator, to ensure the safety of the users of the facilities and the protection of property, as well as for the purposes of possibly establishing, investigating or defending against claims.

10. SOCIAL MEDIA

The Settlement Agent may process the personal data of Users (including, but not limited to, comments, likes, as well as the IP address of the device) visiting the Administrator’s public company profiles conducted on social media. Social media include portals (Facebook, YouTube, Instagram, Twitter or LinkedIn). Data is processed exclusively in connection with the running of company profiles. The purpose is to enable Users to be active on their profiles, to present information about the Administrator’s initiatives and other activities in connection with the Administrator’s promotion of various events, services and products. We may also process the data for statistical and analytical purposes and for the purposes of claiming and defending against claims. The legal basis for the Administrator’s processing of personal data for these purposes is the Administrator’s legitimate interest (Article 6(1)(f) of the GDPR) in promoting its own brand.

11. WORKING AT PeP Sp. z o.o.

Personal data processed in the job offer response form

In the form for responding to a job offer, we ask you to leave information that constitutes your personal data, i.e. first name, last name, gender, contact telephone number, e-mail address, address of residence, as well as to attach a CV in which your personal data will be included.

Purpose and legal basis for processing your personal data

PeP SA will process your personal data for the purposes necessary for the recruitment process in which you are taking part and/or future recruitments if you have given your consent. We will process your personal data on the basis of:

• Article 6(1)(a) of the GDPR- i.e. on the basis of your consent,
• Article 6(1)(b) of the GDPR – i.e. in connection with the taking of necessary steps prior to the conclusion of an agreement at your request and for the performance of the agreement, in the case of its conclusion,
• Article 6(1)(c) of the GDPR – i.e. the processing is necessary for the fulfilment of a legal obligation incumbent on the controller (including primarily the Labour Code),
• Article 6(1)(f) of the GDPR – i.e. the fulfilment of the legitimate interest of the controller, among others to provide full service, including the resolution of technical and organisational problems, defence against possible claims, statistical.

12. PERSONAL DATA PROTECTION

Your personal and business data is stored and processed on our computers in Poland. We have put in place a wide range of measures to ensure the security and confidentiality of your data. In particular, we use mechanical, electronic and administrative safeguards such as firewalls, data encryption, SSL and other modern technologies. We use physical access control to our buildings and files. In addition, only those employees who need the personal data of our customers in order to fulfil their job duties are granted access to such information.

We comply with the requirements set out in the Payment Card Industry Data Protection Standards (we are PCI-certified) and endeavour to comply at all times. In accordance with the above requirements, we submit ourselves to periodic assessment by relevant third parties.

We are also subject to periodic network scans to ensure that, among other things, we possess and maintain a proper firewall configuration for data protection; we encrypt every transmission of cardholder and other sensitive data on the public network; we do not use default (i.e., hardware manufacturer-provided; we do not use default (i.e. hardware vendor-supplied) system passwords or other security parameters; we use and regularly update anti-virus software; we develop and maintain secure systems and applications; we restrict access to data to those who need it to perform our business properly; we track and monitor every access to network resources and cardholder data; we regularly test our security systems and processes; we assign a unique identifier to each person with access to a computer; and we restrict physical access to cardholder data.

It is extremely important that you do not share your User Account password with anyone. The Settlement Agent has established internal security processes that encrypt each customer’s password to protect it from unauthorised access by third parties or disclosure to anyone other than you. No employees or contractors of the Settlement Agent will be given access to your password. Neither the AG’s contractors nor the AG itself will ask you for your password whether by e-mail, telephone, letter or in any other way. It is your responsibility to keep your unique password and User Account details confidential at all times.

We would like to point out that we are not in a position to guarantee the security of your data when transmitted over the Internet or via servers that are outside our control. While we endeavour to protect your personal and business information, we are unable to ensure or warrant the security of any data you submit to our Sites or transmit in connection with our provision of the Services. If you therefore make any data transmission on the Internet, you do so at your own risk. However, as soon as we receive information from you, we make the utmost effort to ensure its security and confidentiality on our systems.

13. SCOPE OF PERSONAL DATA PROCESSING

If we process data on the basis of your consent, your personal data will be processed by us until you withdraw your consent. Your data may also be retained by us for a period of time corresponding to the period of limitation of claims that may be raised against us and that we may have against you.

Please note that the withdrawal of consent does not affect the lawfulness of the processing before the withdrawal. Ways to withdraw consent are indicated in Chapter 16.

Personal data processed on the grounds listed in the Privacy Policy, other than consent, will be processed by us for the duration of the contract. Once the agreement has ended, we will process the data for as long as it is required by law or our legitimate interest. Specific retention periods are provided for in tax law, civil law, accounting law, anti-money laundering and anti-terrorist financing law.

14. ACCESS TO YOUR DATA

As a general rule, the Clearing Agent does not share, sell, rent or otherwise make available to third parties your personal or business data – except as provided for in this Privacy Policy. We reserve the right to share your personal or business data to the extent and in the situations stipulated by law – including reporting and as a result of regulations established by payment card organisations. We may also release this data when we believe in good faith that disclosure is necessary to protect our rights, to report suspected illegal activities, to comply with our obligations in legal proceedings (including enforcement of court orders and judgments). In addition, we may share your personal or business data with the following entities:

• if you are or become our Seller, we may, in the course of providing the Services, disclose data relating to you to payment card organisations, banks and other financial institutions that process or control transactions carried out on your behalf, as well as to other entities with whom we have contracted to provide certain services relating to our Services (e.g. collection of fees, marketing services, fraud prevention, IT services). In addition, we may use or share your data with third parties for additional purposes intended to facilitate the execution and completion of transactions authorised or initiated by the Sellers,
• if you are a Seller, we may share your data with the Processor in the course of providing services at payment terminals, for the purposes of marketing the services.

In addition, personal data may be transferred to persons authorised by the Settlement Agent, to employees and associates who need to have access to the data to perform their duties and to processors to whom we outsource this task, such as. companies that support the recruitment and employment process, companies that operate IT systems, companies that provide server space rental services, electronic document processing and identity verification, subcontractors, including companies that provide debt collection services, accounting services or companies that provide audit services for the purpose of conducting a Seller satisfaction survey, companies that verify identity and assist in establishing financial integrity, group entities.

15. TRANSFER OF DATA TO THIRD COUNTRIES

Your personal data is processed by us in the European Economic Area. However, in some cases the companies we work with may be based outside the European Economic Area. Data transfers then only take place subject to the existence of appropriate transfer safeguards, such as: adequacy decisions or standard contractual clauses approved by the European Commission, the use of binding corporate rules approved by the competent supervisory authority.

16. THE APPLICABLE RIGHTS

• you have the right to access and rectify the content of your data and to restrict processing,
• you have the right to request the removal of your data except where the processing is necessary for the fulfilment of a legal obligation incumbent on us and for the establishment, investigation or defence of claims by us,
• you have the right to portability of your personal data processed by us on the basis of consent or agreement, if the processing is carried out by automated means,
• in the case of personal data processed on the basis of your consent, you have the right to withdraw your consent to its processing, which does not affect the lawfulness of the processing of such data prior to the withdrawal of consent. You can withdraw your consent as follows:

by sending an e-mail to support@pep.pl

by calling our 24-hour Service Centre on 178596969,

by contacting us via Customer Area that you use,

by contacting your agreement mentor,

by sending a letter to the following address: PeP Sp. z o.o., Tajęcina 113, 36-002 Jasionka

you can also send an email to dane.osobowe@pep.pl.

If you have received a message from us offering our services, you can unsubscribe from the mailing list by clicking on the link in the message for this purpose.

• You also have the right to object to the processing of your personal data for purposes arising from our legitimate interests,
• You have the right to lodge a complaint with the supervisory authority (President of the Data Protection Authority) if you consider that the processing of your personal data violates the provisions of the GDPR.

You also have the right to be notified of a breach of the protection of your personal data if it results in a high risk of violation of your rights or freedoms.

The rights listed will be exercised in accordance with the requirements of the law, including the provisions of the GDPR, noting that we will always also need to take into account our powers and obligations as a controller to store (retain) data for the purposes of providing payment services, recognising complaints, protecting against claims, pursuing redress and preventing fraud, money laundering and counteracting terrorism.

17. CLOSING A SELLER ACCOUNT

You have the right to review, amend and delete your personal and business data at any time by contacting us via email: support@pep.pl. If you wish to deregister and stop using your User Account, you can close it. Please note, however, that if you close your User Account as described in this paragraph, it will be closed permanently. You should only close your Account if you are sure that you will never use it again. You can close your Account by contacting us via email: support@pep.pl. We store the information that is deleted in backups for a period of up to 180 days, unless applicable law provides otherwise. This information is not available to third parties. If you deregister from us and close your User Account, you agree that we will retain your data that we have already collected for record-keeping purposes only.

18. OTHER INFORMATION

You can contact us:

• by letter to: Tajęcina 113, 36-002 Jasionka
• by telephone at the phone number: 178596969
• by sending an e-mail to: support@pep.pl

The Settlement Agent has appointed a Data Protection Officer with whom you can contact via a dedicated email: dane.osobowe@pep.pl, by letter at: Tajęcina 113, 36-002 Jasionka or by telephone on +48 691101419

19. CHANGES TO THE PRIVACY POLICY

The Settlement Agent reserves the right to amend this Privacy Policy at any time – especially if this is required in order to comply with the requirements set out in the regulations of the various payment organisations, or the requirements set out in applicable legislation. If we decide to change this Privacy Policy, we will post the revised version of the Policy on our Sites. The amended version will be effective when posted as described above. If we believe that a planned change is material, we will inform you by posting an appropriate notice of the planned change to the Privacy Policy on our Sites at least 7 days before the change takes effect.

Update date: January 2023

Jeśli masz pytania bądź wątpliwości odnośnie niniejszej Polityki Prywatności, skontaktuj się z nami korzystając z niniejszego linka, Kontakt – PeP Online, wysyłając email: support@pep.pl lub pisząc do nas na adres:

Polskie ePłatności Sp. z o.o.
Tajęcina 113
36-002 Jasionka, Polska

Cookie files and pixel policy

Informację zawarte w polityce cookies obejmują:

• Jakie dane gromadzimy
• W jakim celu gromadzimy Twoje dane osobowe

1. WHAT DATA WE COLLECT

1. As a part of the website we ask you to provide us with data including personal data. This is realted to your request to contact us for direct marketing purpose.

Data we collect include in particular:

• contact details, including name and surname, email adress, phone number (data collected in contact forms),
• NIP,
• login and account information including username, password, ID number (Strefa Klienta, Strefa Partnera, Strefa Vendingu)
• data about your activity on the website including click analysis,
• device ID,
• browser type, domain and communication language, operating system and settings assigned to it,
• country
• time zone,
• websites visited in pep.pl domain,
• personal and marketing preferences,
• cookies and pixel tags,
• IP address.

The website may periodically contain links to other websites or media (radio, television, spatial advertising, etc.). Such sources operate independently of the Website and are not supervised by us in any way. These websites may have their own privacy policies which you should review. We are not responsible for the rules of data handling within these websites

2. Cookies files and pixel tags

When you use our website, information is downloaded and stored from your web browser which often constitutes personal data. The collected data is, among others, in the form of cookies and pixel tags. These files allow you to identify the software you use and customize your individual preferences. Cookies usually contain the name of the domain they come from, the time of their storage on the Device and the assigned value, they also contain data on activity on the website.

Cookies and pixel tags are used to collect information related to your use of the website. Cookies enable in particulari:

a) maintaining your session (after logging in), thanks to which you do not have to re-enter your login and password on each subpage;

b) adapting the content of websites to your preferences and optimizing the use of websites; in particular, these files allow you to recognize your device and properly display the website, tailored to your individual needs;

c) verifying how you use the website and creating statistics that help to understand how other users also use our websites, which allows improving their structure and content\.

We use two types of cookie files:

a) session cookie files: are stored on the user’s device and remain there until the end of a session of a specific search engine. The information that has been saved is then permanently deleted from the device memory. The session cookie files mechanism does not allow for downloading personal data or any confidential information from the user’s device;

b) permanent cookie files: are stored on the user’s device and remain there until the moment of their deletion. The end of a session of a specific search engine or the device switch-off do not cause their deletion from the user’s device.

The following types of cookie files are used in the Website:

a) “necessary”cookie files which allow to search for the services available through the website, e.g. certifying cookie files used for the services which require certification through the website and cookie files used to ensure security, e.g. used to detect abuses in the field of authentication within the website; files in this category ensure the basic functionality of the website, and the use of services available on our websites depends on their download, which means that their service is constantly turned on;

b) “functionality” cookie files which enable to extend the Website’s functionality and ensure at the same time that your selected settings and interface personalisation be saved;

c) “analytical” cookie files which allow us to collect the information on the method to use the sites, help us improve the Website; due to these files, we often have an option to process your request faster and we can save your settings; switching off these files may cause some irregularities in displaying the content and the slow-down in the site functioning;

d) “advertising” cookie files which allow to provide you with advertising content that will be better tailored to your interest; for these cookies, ads displayed on this site and in other locations comply with your preferences. If switched off, there may be displayed the content of the site that will not follow your preferences and the Website use may be then less optimized.

3. Managing settings of cookie files

Settings of the section which concern the cookie files can be changed at any time. And, then, you may limit or switch off access to cookie files. If the latter option is used, the Website may be in fact used, apart the functions which require cookie files due to their nature.

The majority of search engines that are available on the market function based on default cookie file saving. The terms and conditions of using these files may be determined by search engine settings. The foregoing means that an option save cookie files may be limited (e.g. temporarily) or switch off permanently and, if so, it may however affect certain functionalities of the Website. But still for intention to change current settings, below you may select the cookie files to be authorized (apart from necessary cookie files). The so-called necessary cookie files are collected to ensure that you can use the Website. If switched off, you could display the content included in the Website.

2. WHY WE COLLECT YOUR PERSONAL DATA

1. Objectives

Twoje dane wykorzystujemy dla zoptymalizowania funkcjonalności naszego Serwisu. Część danych, które od Ciebie zbieramy jest niezbędna do korzystania z naszego Serwisu, w tym w szczególności są to pliki cookies tzw. niezbędne. Bez ich przekazywania nam nie byłoby możliwe korzystanie z naszej strony.

Niejednokrotnie korzystanie z pełnej funkcjonalności naszego Serwisu będzie wymagało przekazywania nam także dodatkowych danych oraz wyrażenia zgody na ich przetwarzanie przez nas. Dzięki tym danym jesteśmy także w stanie dostarczyć Ci zindywidualizowaną reklamę naszych produktów.

Dane te są także zbierane, aby ulepszać nasze produkty i wyświetlać Ci informacje o nich.

Te wszystkie informacje pomagają nam ulepszać jakość świadczonych przez nas usług. Lepiej rozumiemy preferencje kontrahentów, a nadto możemy weryfikować błędy pojawiające się w funkcjonalności strony i reagować na nie.

Szanujemy Twoje decyzje, więc zawsze możesz zmienić zdanie, jeśli nie chcesz w przyszłości otrzymywać od nas żadnych informacji marketingowych.

Jeśli zdecydujesz się pozostać z nami w kontakcie po 25 maja 2018 r., pamiętaj, że możesz zrezygnować z otrzymywania informacji marketingowych w dowolnym momencie, klikając link anulowania subskrypcji dołączony do każdej informacji marketingowej.

Your data are used to optimize the Website functionality. Some of the data collected from you are necessary to use the Website, including specifically the so-called necessary cookies files; otherwise, you would not be able to use it.

It is often that additional data and the authorisation to process them are required to ensure that all the Website functionalities are used. For these data, we may provide you with individualized advertising for our products.

These data are also collected to improve our products and display information about them.

All this information help us improve the quality of services we provide. This is why we better understand preferences of our vendors; we may also verify the errors which occur in the website functionality and respond to them.

We respect your decisions, so you may change your preferences at any time, if you decide not to obtain marketing information in future.

If you decide to stay with us after 25 May 2018, you need to bear in mind that you may resign from obtaining marketing information at any moment, through clicking the link to cancel subscription that is always contained in marketing information.

2. Tools we use

To be able to optimally use the content of, for example, collected cookie files, we apply analytical tools which enable to manage advertising and marketing of the provided services and products. Due to these tools, we may process the information contained in cookie files in the manner that will enhance our research and development works on the products. And, it is possible due to the delivered statistical data related to the interest in specific products.

These tools process your data in an automated manner (profiling).

These are tools such as those provided by Google (Google Tag Manager, Google AdWords, Google Adsense, Google Analytics, Google Fonts, Google reCAPTCHA), tools for remarketing our products and recording your traffic on the website (Matomo, Hotjar)