Updated December 2020
"You" means a visitor to one of our websites or a user of one or more of our Services ("User").
“User” means a user of our Services.
“Personal Data” means any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.
"Other Data" means other data besides Personal Data.
This policy does not apply to third-party websites, products, or services even if they link to our Services. We are not responsible for third parties’ content or information practices. You are strongly encouraged to consider the privacy practices of those third-parties carefully.
If You disagree with the practices described in this policy, You should (a) take the necessary steps to remove cookies from your computer after leaving our website, and (b) discontinue your use of our Services.
Corpay One ApS is the data controller of your personal information collected and processed through our Services.
Corpay One ApS
Sølvgade 38F, 1. sal
1307 København K
Telephone: +45 71 99 31 94
CVR no.: 37231525
You are welcome to contact us via mail or by telephone, in the event that You have any questions regarding the treatment of your data.
The collection and use of data from a variety of sources is essential to our ability to provide our Services – and to help keep the Services safe. Data is critical in helping us to increase the safety of your online payments, and reduce the risk of fraud, money laundering and other harmful activity.
The Data we collect depends on how our Services are used.
We collect the following information:
We collect the following information:
Personal Data does not include Data that has been aggregated or made anonymous such that it can no longer be reasonably associated with a specific person.
We do not collect nor store personal data in the form of credit or debit card numbers. This information is collected through our partner Stripe. When using our Dwolla integration to connect your bank account to Corpay One and route ACH payments, Corpay One may store and transmit routing and account information.
b. Other Data
Other Data is collected through a variety of sources such as:
a. Personal Data.
We and our service providers use Personal Data to: (i) provide the Services; (ii) detect and prevent fraud; (iii) mitigate financial loss or other harm to Users, Customers, and Corpay One; and (iv) promote, analyze and improve our products, systems, and tools. Examples of how we may use Personal Data include:
b. Other Data
Corpay One does not sell or rent Personal Data to marketers or unaffiliated third parties. We share your Personal Data with trusted third parties, including:
a. Corpay One Affiliates. We share Data with entities worldwide that we control, are controlled by us, or are under our common control, to provide our Services. Corpay One, Inc. is the party responsible for overall management and use of the Data by these affiliated parties.
b. Corpay One Service Providers and Payment Service Providers. We share Data with service providers and payment service providers who help us provide the Services. Service providers help with things like payment processing (i.e., banks, credit bureaus, payment method providers), website hosting, data analysis, information technology and related infrastructure, customer service, email delivery, and auditing.
d. Third Parties. We may share Data with third parties in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).
e. Safety, Legal Purposes and Law Enforcement. We use and disclose Data as we believe necessary: (i) under applicable law, or payment method rules; (ii) to enforce our terms and conditions; (iii) to protect our rights, privacy, safety or property, and/or that of our affiliates, You or others; and (iv) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include authorities outside your country of residence.
We use reasonable organizational, technical and administrative measures to protect Personal Data within our organization (including education and training of relevant personnel).
When You log onto our services, all transactions and communications via our Services are encrypted using Secure Socket Layer (“SSL”) technology. If You are using a public computer accessible by others besides yourself, please ensure that You log out of our Services and close the session completely.
If You have reason to believe that your interaction with us is no longer secure (e.g., if You feel that the security of your account has been compromised), please contact us immediately.
You have choices regarding our use and disclosure of your Personal Data. You may opt out of receiving electronic communications from us and no longer want to receive marketing-related emails from us on a going-forward basis. You may opt-out via the unsubscribe link included in such emails. We will try to comply with your request(s) as soon as reasonably practicable. Please note that even if You opt-out from receiving marketing-related emails from us, we may still send You important administrative messages that are required to provide You with our Services.
You have the right to ask us at any time to:
You are not required to pay any charge for exercising any of these rights, unless your request is unfounded or excessive. If You wish to exercise any of these rights, please contact us. We endeavour to respond to requests as soon as reasonably practicable. If your request is particularly complex, it may take us longer to respond. In this case, we will notify and keep You informed. You may not have a right to information if we have responded to a request, and You have made a repeat request without a reasonable period of time passing between the requests.
When contacting us by email, kindly specify clearly what Personal Data is to be amended. We may need to request specific information from You to help us confirm your identity and ensure your right to access your Personal Data, or to exercise any of your other rights. This is a security measure to ensure that your Personal Data is not disclosed to any one who has no right to receive it. We may also contact You for further information in relation to your request to speed up our response. We endeavour to comply with your request as soon as reasonably practicable.
With regards to deletion of your Personal Data held by us, we will try to comply with your request as soon as possible with commercially reasonable efforts. Please note that we may be required to keep such information and not delete it (or to keep it until such time we have fulfilled such requirements). Further explanations of data retention can be found below under XX. Retention Period.
We will retain your Personal Data for a maximum of five (5) years from the date of termination of your contractual relationship with Corpay One, as per Danish Bogføringsloven, Chapter 5, §10.
Our Services are not directed to individuals under the age of eighteen (18). We request that they not provide Personal Data through the Services. We do not knowingly collect nor solicit personal information from individuals under the age of eighteen. If we are notified (by contacting us at email@example.com) or if we learn that such personal information was collected, we will delete such information as soon as possible.
In situations where your Personal Data may be transferred out of the EEA, we will endeavor to ensure that it is given a similar degree of protection as when it is transferred inside the EEA, by ensuring at least one of the following safeguards is implemented:
You have the right to gain access to the Data processed about You. You have the right to object to your Personal Data being used at any time. You can also retract your permission to use your Personal Data at any time. If the retained Data is incorrect, you have a right to request a correction or deletion. You can request this via firstname.lastname@example.org.
Furthermore, if you have any complaints about Corpay One’s processing of your Data, you may contact the Danish Data Protection Agency at
Carl Jacobsens Vej 35
Corpay One ApS
1103 København K.