The Payments House LLC Ltd. ("we", "us") is committed to protecting your privacy. This policy explains what personal data we collect, how we use it, and the rights you have under the GDPR, UK GDPR and other applicable laws.
Data we collect
Business contact details, KYC documentation for ultimate beneficial owners and directors, transactional data (card BIN, amount, currency, IP, device), and correspondence.
Lawful bases
We process data to perform the contract with our merchants, to comply with legal obligations (AML, sanctions, card-scheme rules), and where we have legitimate interest in fraud prevention.
Retention
KYC and transactional records are retained for 7 years after termination, in line with AML regulations.
Sharing
We share data with our acquiring banks, card schemes, regulators, and approved processors only as necessary to deliver services. We never sell personal data.
Your rights
You may request access, rectification, erasure, or restriction of your personal data by writing to dpo@thepayment.company.
International transfers
Where data is transferred outside the EEA, we rely on Standard Contractual Clauses and equivalent safeguards.