IVPAY Privacy Policy

  1. Introduction

    This Privacy Policy describes how IVPAY s.r.o. ("IVPAY," "We," "Our," "Us") collects, stores, and processes personal data in compliance with the General Data Protection Regulation (GDPR) and applicable Czech Republic data protection laws. IVPAY provides virtual assets processing services, products, and other features, technologies, and functionalities (collectively, the "Services") available through our website, social media channels, mobile applications, and email communications. This policy applies to all personal data collected through our website at https://ivpay.io, our mobile applications, and any other channels used to access our Services.

  2. Data Controller and Data Protection Officer (DPO)

    IVPAY s.r.o., registered in the Czech Republic, is the data controller for the processing of your personal data. For any queries, you may contact our Data Protection Officer (DPO) at support@ivpay.io.

  3. Personal Data We Collect

    We collect and process the following types of personal data based on your interaction with our services:

    3.1 Visitors

    • IP address
    • Email address (when subscribing to our blog or marketing materials)
    • Phone number (when contacting our sales or media team)
    • Name (when submitting support requests)

    We may also collect technical information such as your computer or access device to prevent fraud.

    3.2 Users

    When you register for our services, we collect:

    • Name and surname
    • Email address
    • Identification information (e.g., passport, ID card, etc.)

    3.3 Customers

    When making payments via IVPAY, the following personal data may be collected:

    • Email address
    • IP address
    • Donor’s name, email, address, phone number, employer, job title, and city of employment (for donations where required by law)

    Sensitive Data: IVPAY does not process sensitive personal data (e.g., religious or political views).

  4. Legal Basis for Data Processing

    We process personal data based on the following legal grounds:

    • Contract Performance: To provide and manage IVPAY services (e.g., processing virtual assets payments, delivering notices).
    • Legal Obligations: To comply with applicable laws, such as anti-money laundering (AML) regulations.
    • Legitimate Interests: For fraud prevention, improving our services, and customizing user experiences.
    • Consent: For marketing communications and where explicit consent is required (e.g., for cookies).

  5. How We Use Personal Data

    We use your personal data for the following purposes:

    • To provide the services you have requested.
    • To comply with legal obligations.
    • To process transactions and notify you about them.
    • To resolve disputes, collect fees, and troubleshoot problems.
    • To send targeted marketing, service updates, and promotional offers (with your consent).
    • To improve and customize our services and content.

  6. Data Subject Rights

    You have the following rights under the GDPR:

    • Right to Access: Request access to the personal data we hold about you.
    • Right to Rectification: Request correction of inaccurate personal data.
    • Right to Erasure: Request deletion of your personal data under certain conditions (e.g., when data is no longer necessary for the purposes it was collected).
    • Right to Restrict Processing: Request the restriction of data processing under certain circumstances.
    • Right to Data Portability: Receive your personal data in a structured, machine-readable format.
    • Right to Object: Object to the processing of your personal data for marketing purposes or on grounds of legitimate interest.
    • Right to Withdraw Consent: Withdraw consent at any time for processing activities based on consent (e.g., marketing).

    To exercise any of these rights, please contact our DPO at support@ivpay.io. We will respond within 30 days, subject to applicable legal exceptions.

  7. Data Retention

    We retain personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy. Retention periods are determined based on:

    • The duration of your use of our services.
    • Legal obligations (e.g., anti-money laundering laws).
    • Legitimate interests in preventing fraud and maintaining security.

    When the data is no longer required, it will be securely deleted or anonymized.

  8. Data Transfers

    Your personal data may be transferred outside the European Economic Area (EEA). In such cases, we ensure that appropriate safeguards, such as Standard Contractual Clauses, are in place to protect your data in accordance with GDPR requirements.

  9. Data Security

    We employ robust security measures, including:

    • Data encryption and firewalls to safeguard personal data.
    • Physical access controls to secure buildings and files.
    • Access controls to limit personal data access to authorized personnel only.

  10. Data Breaches

    In the event of a personal data breach, we will notify you and the appropriate supervisory authority without undue delay if the breach is likely to result in a high risk to your rights and freedoms.

  11. Marketing

    We will only send you marketing communications with your explicit consent. You can opt out at any time by using the "unsubscribe" link in our emails or by contacting us at support@ivpay.io. We do not sell your personal data to third parties for their marketing purposes.

  12. Cookies

    We use cookies to:

    • Ensure the proper functioning of our website.
    • Improve user experience by remembering your preferences.
    • Provide targeted advertising.

    A cookie is a small piece of data that a website asks your browser to store on your computer or mobile device. The cookie allows the website to “remember” your actions or preferences over time. Most browsers support cookies, but you can set your browser to decline them and can delete them whenever you like.

    What type of cookies do we use?

    When you access our website, we, or companies we hire to track how our website is used, may place small data files called “cookies” on your computer. We and our service providers also use cookies to customize the IVPAY Services, content and advertising; measure promotional effectiveness, and promote trust and safety.

    We send a “cookie” to your computer when you log in to your account or otherwise use the IVPAY Services. This type of cookie helps us to recognize you if you visit multiple pages on our site during the same session, so that we do not need to ask you for your password on each page. Once you logout or close your browser, this cookie expires and no longer has any effect.

    We also use longer-lasting cookies for other purposes such as to display your email address on our login page, so that you don't need to retype the email address each time you login to your account.

    We encode our cookies so that only we can interpret the information stored in them. You are free to decline our cookies if your browser permits, but doing so may interfere with your use of our website. We may also collect information about your computer or other access device to mitigate risk and for fraud prevention purposes.

    You may encounter cookies from third parties when using the IVPAY Services on websites that we do not control (for example, if you view a web page created by a third party or use an application developed by a third party, there may be a cookie placed by that web page or application.)

    Managing your cookie settings

    You can manage cookies through the settings of your Internet browser. You can have the browser notify you when you receive a new cookie, delete individual cookies or delete all cookies. Please note that, if you choose to delete IVPAY cookies, your access to some functionalities and areas of our website may be degraded or restricted.

  13. Children’s Data

    Our services are not directed at children under the age of 16. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us, and we will take steps to delete such data.

  14. Third-Party Disclosure

    We may disclose your personal data to:

    • Law enforcement authorities, where required by law.
    • Third-party service providers who assist us in delivering services (subject to strict contractual obligations).

    We ensure that any third-party data processors comply with GDPR and use your personal data only for the purposes specified by us.

  15. Changes to This Policy

    We may update this Privacy Policy from time to time. We will notify you of any material changes 30 days prior to the change taking effect by posting a notice on our website.

  16. Contact Information

    For any queries about this policy or how we process your personal data, please contact our DPO at:

    Email: support@ivpay.io