PayXpert Privacy Policy

PayXpert takes privacy and data protection issues seriously. We have designed this Privacy Policy (together with our Legal Policy and any other documents referred to on it) to explain how any personal data we collect from you, or that you provide to us, will be processed by us.

Please read the following carefully to understand PayXpert views and practices regarding your personal data and how we will treat it. The use of this website implies the acceptance of this privacy policy. Additionally, by submitting your personal information, you are consenting to PayXpert holding and using it in accordance with this policy.

PayXpert guarantees the confidentiality and privacy of the personal data collected, having adopted security measures to prevent alteration, loss, treatment or unauthorized access and ensure the integrity and security of personal data, in accordance with the provisions of current state regulations and, in any case, the Data Protection Act 2018 UK, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, by providing the necessary technical means to prevent any alteration, loss, access without authorization or misuse of the data processed.

PayXpert will not be responsible for inconsistencies in personal data when it is derived from an attack or unauthorized access to the systems in such a way that it is impossible to detect by the security measures implemented or when it is due to a lack of diligence of the User in terms of the guard and custody of their access passwords or their own personal data.

As a user you accept and guarantee that the personal data you provide is true, being the only person responsible for any damage or loss, direct or indirect, that could be caused to PayXpert as responsible for this website or third party, if you fill in any form with false information or third parties causing deception, damage or injury. Please inform us of any variation that may occur in the data provided by sending an email to

Children’s Privacy

Minors under 16 years old (and in some cases depending on the legislation of the country, 13 years old) must not transfer their personal data to Payxpert, without the prior consent of those who hold parental authority and / or legal guardianship.

In the event that PayXpert detects users who may be under this age, PayXpert reserves the right to request a copy of their ID or equivalent document, or, where appropriate, the authorization of those who they have custody and / or legal guardianship, causing their dismissal if they fail to prove compliance with this requirement or lack of response.

Incorporation of personal data. Purposes and Processing.

PayXpert informs users that all personal data provided through this Website, including the IP address, will be processed by PayXpert as per Records of Processing Activities below.

Processing activities carried out by Payxpert:


Prior to sending any request for information through any contact form on this website, as a user you must accept having read this privacy policy and the conditions of use of this website, in order to provide your express and informed consent to the processing of your data with the purposes indicated in this privacy policy. Such approval entails your express consent to:

  • The incorporation of your personal data in personal data files of PayXpert
  • The access by PayXpert to the data that, according to the infrastructure of this website, are required to contact the user, validations or recommendations on social networks and / or send the newsletters.
  • The authorization to communicate electronically with you in response to your inquiries, sending an offer or quotation.
  • The periodic realization of analysis studies of the web for statistical purposes based on the data provided.

As a result of your registration and interaction through this website you can collect and store the following information of a personal nature:

  • Name, email address and contact information.
  • Data on your activities on this platform (articles and content you visit or are related to your browsing profile);
  • The electronic communications you send us or data that you issue in your queries.
  • In the event that the international transfer of data is required to send the requested information, the transfer will be requested for your express consent. We always try to use secure tools whose servers are preferably within any member state of the European Union, or that comply with European regulation.
  • We will not use your data for any other purpose not expressed in this privacy policy, nor will we send unsolicited information through your express consent

Exercise of rights

At any time the user can modify their preferences in which regards the receiving of commercial communications, as well as exercise at all times their rights of access, rectification, erasure and to be forgotten, object, portability and limitation in, by contacting Payxpert provided in the Data Protection Act 2018 UK, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, by means of a written communication via email address The user must accompany a copy of their national identity document, passport or other valid document that identifies them; as well as all the necessary attached documentation and evidence of the right exercised.

You can also make use of the models and forms that for the exercise of these rights makes available ICO’s portal.

In addition, if you do not wish to receive communications by e-mail, you can exercise your right of erasure or to be forgotten, limitation on processing and object by electronic mail, as well as through a link that you will have in each e-mail that you receive from us.

The right of access means that you have the right to obtain information about whether your personal data is being processed, the purpose of the processing that is being carried out, the processing to which they are subject to, as well as the information available on the origin of the data, data transfers, the conservation period and the communications made or to be made. To exercise it, you do not need to issue a justification, unless you have exercised it in the last six months and / or evidence a legitimate interest. If you exercise your right of access, Payxpert is legally obliged to decide on the access request within a maximum period of one month from receipt of the request. The same can be denied in case of existing a previous request in the previous six months, or because of a national or community standard or legislation.

The right of rectification means that you have the right to modify the data that are inaccurate or incomplete, for this you must indicate to us what data is referred and the correction that must be made providing documentation that justifies it. We will have to make the rectification as diligently as possible and, in any case, within a period not exceeding one month and we can only deny it by stating the reasons.

The right of erasure means that you have the right to have the data that prove to be inadequate or excessive to be suppressed, in this case justifying the concurrence of well-founded and legitimate reasons related to your specific personal situation. We will have to make the deletion within a period of no more than one month, being able to deny it by expressing the reasons.

The right to object means that you have the right to not carry out the processing of your personal data or we cease in the same in the cases in which your consent for the processing is not necessary, that it is business prospecting files or that have the purpose of adopting decisions referred to the interested party and based solely on the automated processing of their data. We will have to carry out the rectification within a period not exceeding one month, being able to deny it by stating the reasons.

The right to restriction in the processing entails the power of the interested parties to request and obtain from the Data Controller, a limitation of the processing of their personal data when any of the following scenarios occur: inaccuracy, illegality, claims and / or object. We will have to proceed with the limitation as soon as possible and, in any case, within a period of no more than one month, being able to deny it by stating the reasons.

The right to be forgotten implies the right to prevent the dissemination of personal information through the Internet when its publication does not meet the adequacy and pertinence requirements set forth in the regulations. We will have to process your request as soon as possible and, in any case, within a period not exceeding one month, being able to deny it by stating the reasons

The right to data portability is a right that complements the right of access, since it allows people to obtain the data they have provided to the company (Controller) in a structured, commonly used and machine-readable format. It implies that your personal data, as a user, can be transmitted directly from the company to another, without the need to be delivered to the user, provided that this is technically possible. We will have to make this transfer – as technically possible – as soon as possible and, in any case, within a period of no more than one month, being able to deny it expressing the reasons.

In which regards the rights in the processing of data through social media channels, you must take into account the following:

  • Access, data portability and the right to be forgotten are defined by the functionality of each social network and the ability to access information according to the configuration you have designed for your profile.
  • We can only rectify the rectification in relation to that information that is under our control, for example, delete comments posted on this page from a linked social network or our profiles on social networks, provided they are not by third parties. Everything that escapes our control must request its exercise before the social network in question.
  • The deletion, opposition or limitation in the processing can be executed in relation to the information that is under our control or yours as a user, for example, stop being a follower in that social network that you decide. As a user, you can always control your connections, eliminate content that no longer interests you and restrict who you share your information with, so it is convenient that you access and configure the privacy of your accounts.

Security Measures Applicable to the Processing of Personal Data

  • Risk: According to the data required from users and according to the activity of the Processor, a Risk Analysis/Assessment has been carried out regarding the processing of the data, evaluating them, graduating them and taking those measures for an adequate protection and security.
  • Scope of Application of Technical and Organizational Security Measures: PayXpert states that it applies the necessary technical and organizational measures for adequate protection, confidentiality, integrity, resilience and security under of the proactivity criteria required by the Data Protection Act 2018 UK, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, to the functions described in this privacy policy.
  • Security Document: PayXpert states that it has a Security Document, in accordance with the aforementioned Risk Analysis and the criteria and principles of the Data Protection Act 2018 UK, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
  • Protocols: PayXpert declares that it has and keeps updated a series of protocols and work processes in general and, in particular, regarding the management of Personal Data; Committing to disclose them among all those employees, staff and third parties with whom it works and have access to data. Likewise, PayXpert undertakes not to allow access or processing of files with personal data to personnel who have not received a copy of said documents.
  • Incident Registry: PayXpert states that it has an Incident Registry that complies with what is specified in the Security Document and the proactiveness principles of the Controller, this registry being used by its personnel for the report of any incident related to the security of the information and personal data as well as any files with processing of personal data.
  • Access Control: PayXpert states that it complies with the following measures regarding access control:
    • Maintains an updated list of authorized users and accesses.
    • Allows access only to authorized users according to the functions assigned to each of them.
    • Establishes mechanisms that prevent access to data or resources with rights other than those authorized.
    • Access are only granted by authorized personnel.
  • Identification and Authentication: PayXpert in its access to personal data maintains the following security measures regarding the identification and authentication of users who will have access to said data:
    • The identification and authentication is personalized.
    • There is a procedure for assigning and distributing passwords, which imposes the use of robust passwords. Passwords are stored in an unintelligible way.
    • The passwords are confidential (only known by the user).
    • Passwords are changed very regularly and with time periods assigned that depend on the data that gets available with such access.
  • Support Management: PayXpert has adopted the following security measures regarding media with personal data:
    • Maintains a media inventory.
    • Has established a labelling system according to the inventory system that also allows to identify the type of information they contain.
    • Stores the authorized media in a restricted access area.
    • Has established an authorization regime for the outputs of supports for its facilities, including outputs through e-mail.
    • Adopts specific measures aimed at guaranteeing the confidentiality and security of personal data during transport and disposal of media.
  • Security copies: PayXpert states that it has a backup system that guarantees the recovery of information (if necessary), and that the same is regularly tested.
  • Non-Automated Files: Regarding the documents with personal data to which PayXpert has access adopts the following measures:
    • Keeps the documentation in filing cabinets, drawers or cabinets that have a system that hinder its opening.
    • During the review or processing of documents, the person in charge of them must be diligent and guard it to avoid unauthorized access. Only authorized personnel have access to documents.
    • If a documentation transfer occurs, security measures are adopted that prevent the loss or access by third parties to said documentation.
  • Third party personnel: PayXpert has duly communicated these obligations to its staff, ensuring compliance with the applicable regulations. Also, and by virtue of the Data Protection Act 2018 UK, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, all those responsible for processing on behalf of them have the appropriate contract for the processing signed, where there is the commitment of the latter to comply with the same legal minimums and with the measures outlined by the Controller in terms of management and protection in the processing of personal data.


We store the user’s personal data on secure servers, protected against the most common types of attacks located in France.

However, and since there is no invulnerable technology, the user must also put the means at their disposal to maintain the level of security of their data, through the use of robust passwords, the periodic modification of their passwords, avoiding using the same in diverse accounts as well as avoiding taking note of them in any physical or unencrypted medium.

PayXpert uses up-to-date technologies to protect your personal data and information, striving for the strictest confidentiality and application of technical tools for technical and organizational information security (passwords, physical security, data encryption, etc.) that correspond according to the applicable legislation, as well as keeping at all times the security document with the regulatory measures established.

Transfer of data to third parties

PayXpert informs the users that their personal data will not be transferred to third parties or organizations, with the exception that said transfer of data is covered by a legal obligation or when the provision of the service implies the need for a contractual relationship with service providers responsible for the processing. In the latter case, only the transfer of data to the third party will take place when PayXpert has the consent of the user and maintains a contractual relationship with the person in charge of the processing that guarantees its confidentiality and compliance.

If PayXpert is required by the competent authorities, may communicate personal information to respond to legal requirements, criminal investigation of possible illegal activity or claims that a content infringes the rights of third parties or protect the rights, property or security of third parties. In such cases, PayXpert may communicate to the competent authorities personal information such as name and surname, city or province, postal code, telephone number, email address, user history and address IP.

If PayXpert is transferred, absorbed or merged with another entity, we undertake to agree on the subrogation and commitment of the new managing entity responsible for the processing of personal data for the continuation of this Privacy Policy warning the commitment that if the personal information is going to be used contrary to this policy the User must be notified previously. In any case, and as a result of the operation, the User will also be transferred so that the User can renew or, if applicable, revoke the consent previously granted.

Prohibition to users to transfer data from third parties

PayXpert expressly prohibits the user from sharing, facilitating or transferring data of third parties to anyone, which may be obtained as a result of contact, interaction or browsing performance or consultation through this website, unless it could accredit the express authorization of the user whose data is intended to transfer.

We remind users that when we talk about data we also talk about image files of people. The personal image is a data protected by regulations. No one can use it without the express consent of the person who appears in it.

As a user, you acknowledge that you assume your responsibility and hold PayXpert blameless against any possible claim, penalty, fine or sanction that may be required to be borne as a result of the breach by the user of the described duty.

If you provide us with personal data of other people, you must do so with their consent and having previously informed them of the points contained in this Privacy Policy.

Comments and social networks

The data included in the form to make comments on this website may be read by third parties, and the name and other data may be read, once a comment is approved. If you make comments on the website of PayXpert, you assume the display of the comment and the data you use to assign such comment on its completion.

PayXpert actively works channels on LinkedIn social networks with the main purpose of publishing and disseminating information about the services provided through the website of PayXpert, interact with users and serve as a channel of attention and social interaction.

In the event that you access this website using an application that connects a social network with this website, you are authorizing the social network to share some data with PayXpert. It is important that you know that if you have geolocated your accounts in social networks said information of your location when sharing in networks will be visible to third parties with whom you share your information.

For more information about the method by which data is shared with social networks, we recommend that you check the privacy policies of each social network in question, as well as responsibly configure your profile in social media accounts and email applications to guarantee your privacy and security.

Below we link the privacy policy of social networks where we have an open profile at this time:


In the link “Cookies Policy” we inform you that this website of PayXpert can use cookies (small files of information that the server sends to the user’s computer that accesses this website) to carry perform certain functions that are considered essential for the proper functioning and visualization of the site, to share on social networks and, in some cases, to perform analysis of evaluation statistics and improvement proposals.

In order to obtain these analyses, this website can store certain information in the server’s registers automatically through the use of cookies that collect usage and navigation data related to the use of this website by you as a user. These records usually include information such as browser type, browser language, date and time of access request, URL, computer or device model, operating system version, unique identifiers (IP) and data on the mobile network used in accessing and browsing this website.

The IP is considering a personal data, in the sense that its situation could be investigated, and the device and its location identified if necessary at the request of the competent authorities. PayXpert uses cookies that record IP addresses when accessing and browsing this website to analyse and measure access and time spent on the different pages of this website, and draw conclusions about the trend of web traffic. PayXpert does not associate IP addresses or other data that throws the use of cookies, or the results of metrics, with identifiable information of people, or to collect personal information, although punctually serve to direct advertising or segment users to whom direct it.

It is convenient that as a user you know that we use Internet tools and platforms that install cookies that do not depend on us, so it is possible that the owners of these tools use such data for other uses, of which PayXpert is not responsible. For this reason, it is advisable that you read the Cookies Policy of this website to know which are their own, which are third-party, which are permanent, temporary or session; and can decide to uninstall those that consider appropriate, since it will not affect much the result, comfort or browsing experience. In the cookie policy you will find the shortcuts that will allow you to modify the configuration of your computer or device, deactivating or eliminating cookies if you deem it convenient.


PayXpert may modify this privacy policy at any time by publishing it on this website, which will always include the date of the last applicable update.

How to contact us

All comments, queries and requests relating to our use of your information are welcomed, or if you should wish to exercise any of your rights, you should write to

Privacy Policy updated for the last time 7th September 2022.

Scroll to Top