This policy was last updated September 2022.
Corpay One takes the privacy of your personal information seriously. In the course of operating our business and interacting with you, we collect, use, and share personal information.
Corpay One offers a software platform and services for bill management and payment. We collect data about individuals and businesses, when they use the platform, services and our websites(collectively known as "Services").
Find terms, conditions and relevant definitions here.
Corpay One may have a direct relationship with you, and you may choose to provide personal data tous in connection with that relationship or we may collect it via other means. The data we collect about you may include:
Company contact person
CVR number (company registration number)
We do not collect nor store personal data in the form of credit or debit card numbers. This information is collected through our payment partners. When using our integration to connect your bank account to Corpay One, Corpay One may store and transmit routing and account information.
We use different methods to collect data from and about you, depending upon the nature of our relationship. This may include through direct interactions we have with you, through the use of automated technologies (e.g. cookies) and from third parties or publicly available sources.
How we use your data
Depending on the nature of our relationship with you, we may use your data to:
▪ Provide the services our customers have signed up for
▪ Process your transactions
▪ Administer your online account
▪ Protect ourselves against fraud and money laundering.
▪ Provide you with information about our products and services.
▪ Allow you to participate in interactive features e.g. via the website such as via our live chatfunction.
▪ Operate, evaluate and improve our business.
▪ Perform analysis (including anonymisation) of your data.
▪ Comply with our legal obligations, applicable industry standards and our policies.
▪ Administer the contracts we have with our customers, including to update contracts and to correspond with our customers about our services and the contracts.
▪ Other ways which we notify you of at the time of its collection or use.
▪ Other members of the Fleetcor group
▪ Marketing and data analytics companies
▪ Partners who provide features on our websites.
▪ IT suppliers.
▪ Risk and fraud monitoring providers.
▪ Our insurers and professional advisers.
▪ Regulators and other government agencies including, but not limited to, public authorities, regulators, the police and other law enforcement agencies.
▪ Any company to whom we sell or buy any business or assets, in which case we may discloseyour personal data to the prospective seller or buyer of such business or assets, along with its professional advisers.
We do not authorize any third parties that we share data with to use or disclose your data except as necessary to perform certain services on our behalf or comply with legal requirements. We require these third parties, through our contractual arrangements with them, to appropriately safeguard the privacy and security of the data they process on our behalf.
We may also receive data about you from the following third parties:
▪ Social media platforms.
▪ Data brokers.
▪ Our commercial partners.
▪ Public databases.
▪ Regulators and other government agencies.
If you would like to receive a full list of our suppliers and other third parties who we share your datawith or receive your data from then you can get in touch with us using the details provided in the section “Who should you contact with questions?”.
As with any multinational organization, we are often required to transfer data internationally.Accordingly, your personal data may be transferred globally (if your data is collected within theEuropean Union, this means that your data may be transferred outside of it). This includes transfers that have been identified in the previous section “Who do we share your data with and for what purposes”.
Corpay One will take appropriate technical and organizational security measures to secure your personal data and to protect it from loss, misuse or alteration. Personal data that we hold about you is stored on our secure servers or those of our appointed suppliers.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website. You are responsible for keeping this password confidential. We ask you not to share this password with anyone.
Corpay One maintains an information security program that is designed to:▪ Secure and maintain confidentiality of your personal data.
▪ Protect against anticipated threats or hazards to security or integrity of your data.
▪ Protect against unauthorized access to or use of your data that could result in substantial harm or inconvenience to you or your entity if compromised.
▪ Comply with applicable laws.
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Details of retention periods for different aspects of your personal data can be requested by contacting the Corpay One DPO.
In some circumstances you can ask us to delete your data, please see “Your Rights and Choices”.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with or be used to identify you) for research or statistical purposes in which case we may use suchdata indefinitely without further notice to you.
Corpay One’s websites are not intended for use by children, especially those under the age of 18. No individual under the age of 18 should provide any personal data or participate in any forums, chats, or online discussions. Minors under the age of 18 are prohibited from applying for emails, newslettersand/or products or services, on our websites. If we identify that we have received any such personal data we will delete it.
You may have some or all of the following rights in respect of personal data about you that we hold:
● Request us to give you access to it.
● Request us to rectify it, update it, or erase it.
● Request us to restrict our using it, in certain circumstances.
● Object to our using it, in certain circumstances.
● Where legally possible, withdraw your consent to our using it.
● Data portability, in certain circumstances.
● Opt out from using it for direct marketing.
● Lodge a complaint with the supervisory authority in your country (if there is one).
You are able to exercise these rights by contacting Corpay One using the details set out in the “How to reach us” section below.
Furthermore, if you have any complaints about Corpay One’s processing of your data you may contact the Danish Data Protection Agency at:
Carl Jacobsens Vej 352500
We will update this policy from time to time to reflect changes in our business. We will inform you of these changes as required under applicable laws.