Back

PAILY PRIVACY POLICY

1. Generаl provisions

1.1. This Privacy Policy (hereinafter referred to as the «Policy») describes the procedure implemented by Paily AS, the compаny registered under the registration number 12426661 аt Mааkri street 19/1, Tаllinn, Estoniа (hereinafter referred to as “Paily”, “Company”, “we”, “our” or “us”), on processing of personal data of data subjects using the services of Paily or having contractual relations with data subjects using the services of Paily available via the website with the URL https://paily.io (hereinafter referred to as the “Site”) and the mobile applications of Paily available through App Store and Google Play application stores that are used for the provision of the services (hereinafter referred to as the “Applications”).

1.2. This Policy is enacted in accordance with the General Terms & Conditions of Paily regulating provision of the services via the Website and the Applications (hereinafter referred to as the “Terms”) and the User Agreements enacted in accordance with the Terms which are the essential parts of the Terms. The terms and definitions provided for in the Terms and the User Agreements apply to this Policy unless the provisions of the Terms or the User Agreement contradict the provisions of the Policy.

1.3. This Policy and the activities of Paily and Paily’s processors related to processing of personal data are governed by the General Data Protection Regulation No. 2016/679 adopted by the European Parliament and the Council on 27 April 2016 (hereinafter referred to as the “GDPR”).

1.4. The following terms and definitions apply to this Policy:

“Data subject” means a User or a Client, as well as any other person the personal data of which is processed under this Policy.

“User” means a natural person or a legal entity using the Services of Paily in accordance with the Terms, including Freelancers and Business Users as defined in the Terms, that are Data subjects under GDPR. The term “User” also applies to representatives of Users who are natural persons in case the User is a legal entity.

“Service” or “Services” means the services provided by Paily in accordance with the Terms to the Users.

“Account” means a set of data about the User stored in a computer system of Paily necessary for providing the User with the Services. The Account is the personal page of the User on the Site or in the Application.

“Client” means a natural person or a legal entity with whom or which a User concluded a contract for provision of services, performance of works, or sale of goods. The Client is the Data subject for the purposes of this Policy.

“Controller” means Paily as the legal person which determines the purposes and means of the processing of personal data.

“Processors” means:

(1) Paily’s subsidiaries, dependent companies, or other affiliated persons or/and legal entities (hereinafter referred to as the “Affiliates”);

(2) Service providers as defined in the Terms;

(3) Other natural or legal persons

which process personal data on behalf of the Controller.

“Third parties” means natural or legal persons receiving personal data from Paily or Paily’s Processors for the purposes other than processing of personal data.

1.5. Any timeframes set forth herein, are stated according to time zone UTC+2 unless otherwise stated in the text of this Policy. The beginning and the end of calendar dates set forth herein, including those used to determine the duration of a term, shall be determined according to the beginning and the end of respective days in time zone UTC+2.

2. Consent to processing of personal data

2.1. Paily obtains several ways for receiving consent to processing of Data subject’s personal data depending on the type of the personal data processed.

2.2. When the Data subject opens the Site and starts browsing the Site, the special window with the following text will appear on the Data subject’s screen:

“By continuing to browse and use this website, I provide Paily AS, the company registered under the registration number 12426661 аt Mааkri street 19/1, Tаllinn, Estoniа, and Paily’s processors with the consent to processing of my personal data in accordance with Privacy Policy of this website and General Data Protection Regulation No. 2016/679, which includes the consent on cross-border transfer of my personal data in accordance with the rules established in the Privacy Policy.

By pressing the button “I agree”, I also confirm that I am at least 16 (sixteen) years of age. If I am less than 16 (sixteen) years of age, I shall not press the button “I agree”

I understand that if I press the button “I do not agree” or ignore this window and do not press any button at all, I may not be able to use all the functions of this website which are necessary for receiving the services provided by Paily.”

The window will also include the buttons “I agree” and “I do not agree”. If the Data subject presses the button “I agree”, the Data subject will provide Paily and Paily’s Processors with the consent to processing of Data subject’s personal data provided for in para.4.4 of the Policy. If

the Data subject presses the button “I do not agree” or ignores the appeared window and does not press any button at all, the Data subject will refuse to provide Paily and Paily’s Processors with the consent to processing of personal data provided for in para.4.4 of the Policy.

If the Data subject refuses to provide Paily and Paily’s Processors with the consent to processing of personal data provided for in para.4.4 of the Policy, Paily is entitled to refuse the use of particular Site’s functions if the use of such functions is impossible without processing of Data subject’s personal data provided for in para.4.4 of the Policy.

2.3. When the User creates the Account or otherwise voluntarily provides Paily with the personal data provided for in para.4.1 of the Policy, the User shall put a tick in the box next to the following phrase:

“By putting a tick in the box, I agree with processing of my personal data in accordance with the Privacy Policy of Paily AS, the company registered under the registration number 12426661 аt Mааkri street 19/1, Tаllinn, Estoniа, and General Data Protection Regulation No.2016/679. My consent to processing of my personal data includes the consent on cross-border transfer of my personal data in accordance with the Privacy Policy.

I understand that if I do not put a tick in the box, Paily AS is entitled to refuse provision of the services offered by Paily AS.”

If the User puts a tick in the box in accordance with this paragraph of the Policy, the User will provide Paily and Paily’s Processors with the consent to processing of User’s personal data provided for in para.4.1 of the Policy.

If the User does not put a tick in the box in accordance with this paragraph of the Policy, the User will refuse to provide Paily and Paily’s Processors with the consent to processing of personal data provided for in para.4.1 of the Policy. In this case, Paily is entitled to refuse provision of the Services because provision of the Services is impossible without processing of personal data provided for in para.4.1 of the Policy.

2.4. When the User verifies the Account in accordance with the procedure prescribed in the Terms, the User shall provide Paily and Paily’s Processors with the personal data provided for in para.4.2 of the Policy. By providing Paily with the personal data prescribed in para.4.2 of the Policy, the User provides Paily and Paily’s Processors with the consent to processing of personal data provided for in para.4.2 of the Policy. If the User refuses to provide Paily and Paily’s Processors with personal data prescribed in para.4.2 of the Policy, the User will have the limited access to the Services but will not be able to use all the Services offered by Paily if the use of the Services is impossible without processing of personal data provided for in para.4.2 of the Policy.

2.5. When the User concludes a contract with the Client by use of the Services, the User shall inform the Client in advance that the User is using the Services of Paily. In order to use the Services of Paily, the User shall obtain the personal data about the Client provided for in para.4.3 of the Policy. By providing the User with the personal data provided for in para.4.3 of the Policy, the Client provides Paily and Paily’s Processors with the consent to processing of Client’s personal data provided for in para.4.3 of the Policy. If the Client refuses to provide the User and Paily with the Client’s personal data, Paily is entitled to refuse provision of the Services if provision of the Services is impossible without processing of personal data provided for in para.4.3 of the Policy.

3. Creation of the Account

3.1. In order to use the Services of Paily, the User shall create the Account and pass through the verification process in accordance with the procedure prescribed in the Terms. If the User refuses to create the Account or verify the Account, the User may browse the Site as the Data subject, but Paily may refuse provision of the Services if provision of the Services is impossible without creation of the Account and verification of the Account.

3.2. In order to create the Account, the User shall provide Paily with the personal data provided for in para.4.1 of the Policy.

3.3. In order to verify the created Account, the User shall provide Paily with the personal data provided for in para.4.2 of the Policy.

3.4. The User having the Account may change the name, telephone number, email address and/or other personal data that was specified by the User during the creation of the Account. However, the information provided by the User shall be valid and veridical. If Paily finds out that the User provided Paily with incorrect information about the User, Paily has the right to block or/and delete the Account of the User and discontinue provision of the Services.

3.5. The User may at any time delete the Account and ask Paily to delete all the personal data associated with the Account in accordance with Section 12 of the Policy. If the User deletes the Account, the User will not be able to use the Services in accordance with the Terms and the User Agreements.

4. Personal data processed

4.1. The Company processes the following personal data of Users:

4.1.1. The full name of the User.

4.1.2. The email address of the User.

4.1.3. Country of User’s residence.

4.1.4. City and full address of the User (including ZIP).

4.1.5. User’s telephone number.

4.1.6. The information about User’s field of expertise and competences.

4.1.7. The corporate information about the User, namely:

(A) The name of the legal entity (if the User is the legal entity)

(B) The registration information about the User (the registration number of the User as the entrepreneur or legal entity, TIN and VAT numbers, if applicable)

(C) The payment details of the User (including information about bank accounts or online wallets of the User which is necessary and sufficient for making payments in favor of such accounts)

4.1.8. The information about User’s representative (if the User is a Business User as defined in the Terms and the User Agreement for the Provision of Business Service), namely:

(A) The first and family name of the User’s representative

(B) The information about the status (role) of the representative in respect to the User

(C) The representative’s country of residence and full address (including ZIP)

(D) The representative’s email address and telephone number

4.1.9. Records of communication with Paily or Paily’s Processors.

4.1.10. Data of birth of the User or User’s representative (if the User is a legal entity).

4.2. Paily processes the following personal data of Users necessary for the verification of Users’ Accounts:

4.2.1. The photo of the User’s (if the User is a natural person) or User representative’s (if the User is a legal entity) face.

4.2.2. The photo of the User’s (if the User is a natural person) or User representative’s (if the User is a legal entity) ID (passport, driving license, or other type of ID that Paily considers appropriate subject to the laws applicable to the User or User’s representative).

4.3. Paily processes the following personal data of Clients

4.3.1. First and family name of the Client (if the Client is a natural person) or the company name of the Client (if the Client is a legal entity).

4.3.2. Corporate information about the Client, namely:

(A) The registration number of the Client (if applicable)

(B) Legal address of the Client (including ZIP)

(C) Payment information about the Client (including bank account details)

(D) VAT or/and TIN numbers of the Client

4.3.3. Email address of the Client.

4.3.4. Telephone number of the Client.

4.3.5. Records of communication with Paily or Paily’s Processors.

4.4. Paily processes the following personal data of Data subjects who visit and browse the Site:

4.4.1. Cookie files processed in accordance with Section 6 of the Policy.

4.4.2. Analytical data about the use of the Site by Data subjects processed by Google Tag Manager.

5. Purposes of using personal data

5.1. Paily has the right to use personal data of Users provided for in para.4.1 and para.4.2 of the Policy for the following purposes

5.1.1. Identification of the User or/and User’s representative.

5.1.2. Provision of the Services and the services related to the Services to Users (including processing of payments made by Clients and facilitating withdrawals of funds).

5.1.3. Communication with Users.

5.1.4. Marketing and advertising purposes.

5.1.5. Analytical purposes.

5.1.6. Resolving disputes with Users or Clients.

5.1.7. Improving the work of the Site and the Applications.

5.1.8. Improving the quality of the Services.

5.2. Paily has the right to use personal data of Clients provided for in para.4.3 of the Policy for the following purposes:

5.2.1. Provision of the Services to Users.

5.2.2. Communication with Clients.

5.2.3. Providing Clients with the opportunity to pay for goods, services, or work of Users.

5.2.4. Processing payments of Clients.

5.2.5. Resolving disputes with Users or Clients.

5.2.6. Improving the work of the Site and the Applications.

5.2.7. Improving the quality of the Services.

5.3. Paily has the right to use personal data of Data subjects provided for in para.4.4 of the Policy for the following purposes:

5.3.1. Analytical purposes.

5.3.2. Improving the work of the Site and the Applications.

5.3.3. Improving the quality of the Services.

5.3.4. Marketing and advertising purposes.

6. Cookies

6.1. The Site of the Company uses “cookies”

Information that Paily gets through the cookies helps to deliver the Services in the most convenient way. By using the Site and providing consent to processing of personal data in accordance with para.2.2 of the Policy, the Data subject agrees with the placement of cookies in his device under the terms of this Policy.

6.2. Information on cookies.

Cookies are small text files downloaded by the internet browser of the Data subject to his PC/tablet computer, mobile phone or any other device used by the Data subject for access to the Site.

Cookies are used in order to ensure a personalized experience of the Site use and convenient Site navigation. They help to track the most visited web pages, determine the efficiency of advertising and web searches, and give an indication of the Data subject behavior, thereby contributing to improvement of communication means and products offered to Data subjects.

The cookies also help the Data subject not to lose data inserted into the request form, when the Site page is refreshed.

Cookies that the Company saves through the Site do not contain any data enabling to identify the Data subject.

Please note that Paily does not guarantee a correct work of the Site in the Data subject’s browser, if the Data subject does not provide consent to processing of cookies under para.2.2 of the Policy.

6.3. Used cookies

Paily uses the cookies of the following types:

6.4. Cookies management.

Most web browsers are preset to accept cookies. The Data subject may change settings to block the cookies by the browser or to get notifications, when such files are sent to the device. There are several ways to manage cookies. Read the browser manual please to learn more

about how to adjust or change the browser settings. Please keep in mind that the Data subject selecting such settings may be not able to get full access to all functions of the website.

6.5. Term of storage of cookies.

Some cookies operate from the moment of the Data subject’s access to the Site till the end of a particular session in the browser. These files become useless and they are automatically deleted upon closing the browser. Such files are called session cookies.

Some cookies are also saved on device between the sessions in the browser and they are not deleted after the browser is closed. Such cookies are called persistent cookies

6.6. Additional terms and condition.

You can find information on how to turn off cookies or change cookie settings for your browser by clicking on the following links:

Google Chrome: https://support.google.com/chrome/answer/95647

Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences

Internet Explorer: https://windows.microsoft.com/en-GB/windows-vista/Block-or-allow-cookies

Safari: https://help.apple.com/safari/mac/8.0/#/sfri11471

Most browsers allow you to see the cookies stored on your device and individually delete or block cookies from certain or all websites. Please note that when you delete all cookies, all of your preferences will be lost, including the preference for not using cookies, since it implies the setting of a cookie that provides this failure. More information on changing your browser's settings for blocking or filtering cookies is available at http://www.aboutcookies.org/ or http://www.cookiecentral.com/faq/.

7. Controller and Processors

7.1. Paily acts as the Controller of Data subjects’ personal data in accordance with Art.24 GDPR.

7.2. Paily as the Controller involves several categories of Processors in the processing of Data subjects’ personal data. All the Processors engaged in personal data processing act under the contract concluded with the Controller or Controller’s Affiliate under the direct instruction of Paily. Processors process only personal data of Data subjects provided for in Section 4 of the Policy.

7.3. Paily involves Affiliates as the Processors of Data subjects’ personal data for the purposes provided for in paras.5.1 and 5.2 of the Policy, which includes the following:

7.3.1. Processing of Clients’ personal data for the purpose of providing Clients with the opportunity to pay for the work of Users in accordance with contracts between Clients and Users.

7.3.2. Processing of Users’ personal data for the purpose of providing Users with the Services in accordance with the Terms and User Agreements.

7.3.3. Organizing the process of identifying Users and User’s representatives.

7.4. Paily involves Service providers as the Processors of Data subjects’ personal data for the purposes provided for in para.5.1 of the Policy, namely:

7.4.1. Providing Users with the Services prescribed by the Terms and the User Agreements.

7.4.2. Providing Users with additional services related to the Services.

7.5. Paily involves GetID OÜ, an Estonian corporation with registration code 14700264, having the registered office at Maakri 19/1, Tallinn, Estonia (https://getid.ee/), as the Processor of Users’ personal data for the purpose of identifying Users and Users’ representatives provided for in para.5.1.1 of the Policy.

For the purposes of identification, GetID is entitled to process personal data of Users provided for in para.4.2 of the Policy.

GetID acts under the data processing agreement concluded with one of the Controller’s Affiliates - Paily Freelance Zrt, a Hungarian corporation with registration code 01-10-049440, having the registered office at Lágymányosi utca 12. fszt. 2., 1111, Budapest, Hungary.

By concluding the data processing agreement with GetID, Paily Freelance Zrt acted exclusively under the instructions and orders of Paily as the Controller of Users’ personal data.

GetID has the right to involve sub-processors in processing of Users’ personal data subject to the simultaneous presence of the following conditions:

GetID acts under the data processing agreement concluded with one of the Controller’s Affiliates - Paily Freelance Zrt, a Hungarian corporation with registration code 01-10-049440, having the registered office at Lágymányosi utca 12. fszt. 2., 1111, Budapest, Hungary.

(A) The sub-processors provide sufficient guarantees to implement appropriate technical and organizational measures to ensure the protection of Users’ personal data.

(B) GetID has concluded agreements with all sub-processors, the data protection provisions of which materially conform to the provisions of data processing agreement between GetID and Paily Freelance Zrt.

(C) GetID remains liable for all the actions of sub-processors.

7.6. Paily involves DigitalOcean (https://www.digitalocean.com/) as the Processor of Data subjects’ personal data for the purpose of storing the processed personal data.

Paily may involve other storage providers for the purpose of storing Data subjects’ personal data.

7.7. Paily may involve social networks, websites, marketing or advertising agencies, and other companies providing marketing or advertising services as the Processors of Data subjects’ personal data for the purposes provided for in paras.5.1.4, 5.1.5, 5.3.1, and 5.3.4 of the Policy.

7.8. Paily may involve analytical companies as the Processors of Data subjects’ personal data for the purposes provided for in paras.5.1.4, 5.1.5, 5.3.1, and 5.3.4 of the Policy.

7.9. Paily may involve consultants, lawyers, accountants, auditors, and any other providers of professional consulting services as the Processors of Data subjects’ personal data for the purposes provided for in paras.5.1.5-5.1.8, paras.5.2.5-5.2.7, and paras.5.3.1-5.3.3 of the Policy, namely:

7.9.1. Receiving professional advice on data processing, including compliance with applicable data processing legislation.

7.9.2. Resolving disputes with Data subjects.

7.9.3. Applying measures or procedures necessary for compliance with applicable data processing legislation.

7.9.4. Other purposes aimed at resolving disputes with Data subjects or/and improving the quality of the Services and the work of the Site and the Applications.

7.10. Paily involves legal entities providing financial and fintech services (including Service providers and other legal entities which process payments, provide bank accounts and online wallets, and provide other types of financial services) as the Processors of Data subjects’ personal data for the purposes provided for in paras.5.1.2, 5.2.1, 5.2.4 of the Policy.

8. Personal data and Third parties

8.1. Paily does not share personal data with any Third parties for the purposes not related to processing of personal data. Paily does not sell personal data to Third parties and has no intention to do so.

8.2. Paily may transfer personal data of Data subjects to Third parties, if Paily believes that it is required by applicable law, regulation, court proceedings, or request issued by a public authority, or if such information needs to be disclosed for the settlement of conflict situations (in particular, with respect to the Services), ensuring security to the Data subjects.

8.3. The personal data of Data subjects may be provided by Paily to Third parties in connection with such events as merger or sale of Paily’s assets, amalgamation and restructuring, financing, and acquisition of a business as a whole or in part, or during the negotiations of such matters.

8.4. Paily may disclose personal data of the Data subject to Third parties in situations which are not expressly stated hereby, subject to obtaining the Data subject’s consent to disclosure of information pertaining to him/her.

9. Personal data and children

9.1. Paily does not process personal data of Data subjects that are under 16 (sixteen) years of age and does not provide Services to Users who are below this age limit.

9.2. When the Data subjects visits the Site and Paily offers the Data subject to provide consent with the personal data processing under para.2.2 of the Policy, Paily will warn the Data subject in advance that the Data subject shall not provide the consent to the personal data processing if the Data subject is less than 16 (sixteen) years of age.

9.3. When the User creates the Account for the purpose of receiving the Services, Paily will ask the User to provide the information about User’s date of birth. If the information about the date of birth reveals that the User is less than 16 (sixteen) years of age, Paily will refuse creation of the Account and provision of the Services and will delete all the information about the User that has already been collected.

9.4. When the User concludes a contract with the Client, the User shall find out in advance whether the Client (if the Client is a natural person) is at least 16 (sixteen) years of age.

If the User finds out that the Client is less than 16 (sixteen) years of age, the User shall obtain the consent to the processing of Client’s personal data from the holder of the parental responsibility over the Client. Such consent shall be provided in writing and shall include the indication that the personal data provided will be processed by Paily as the agent of the User in accordance with the Terms and the Policy. The consent shall be signed by the holder of the parental responsibility over the Client.

Paily is entitled to ask the User to demonstrate Paily the obtained consent. If Paily figures out that the User’s Client is less than 16 (sixteen) years of age and the User has not obtained the consent to personal data processing from the holder of the parental responsibility over the Client, Paily will refuse processing of Client’s payments and provision of the Services to the User in connection with such Client.

10. Security

10.1. We follow the proper security procedures to prevent unauthorized access to personal data of Data subjects and their misuse. All the security procedures applied by Paily comply with the requirements of Art.32(1) GDPR.

10.2. We apply the relevant corporate systems and procedures in order to protect the personal data provided to us. We also use security procedures and apply technical and physical restrictions to the use of personal data and access to them on our servers.

10.3. Only employees with special rights have the right to access personal data in the process of performing their duties.

11. Storage and destruction of information

11.1. Paily stores the personal data of Data subjects provided for in para.4.4 of the Policy as long as such personal data is needed to reach the purposes prescribed in para.5.3 of the Policy.

11.2. Paily stores the personal data of Users and Clients provided for in paras.4.1-4.3 of the Policy as long as the User uses the Services of Paily. The User discontinues using the Services when the User deletes the Account in accordance with para.3.5 of the Policy. When the User deletes the Account, the User has the right to ask Paily to delete all the personal data associated with the Account in accordance with Section 12 of the Policy.

After the User stops using the Services, the Company has the right to store personal data of the User and the User’s Clients during 3 (three) years after the last Service was provided to the User. In this case, the personal data may be stored for the following purposes:

(A) Compliance with any legal, fiscal, insurance, and other requests in accordance with applicable law

(B) Improvement of the Services quality

(C) Research and analytics with respect to the Services use

(D) Direct marketing

Upon expiry of the 3 (three) years term, Paily shall delete or anonymize such information in accordance with the requirements of GDPR.

11.3. The general rule is that personal data of Data subjects is stored exclusively in the territory of the European Union and in the jurisdictions which provide the adequate level of personal data protection in accordance with Art.45(1) GDPR.

11.4. DigitalOcean, which is involved by Paily as the Processor under para.7.6 of the Policy, stores personal data of Data subjects in the United Kingdom of Great Britain and Northern Ireland, which is the country with the adequate level of personal data protection in accordance with Art.45(1) GDPR.

11.5. DigitalOcean also provides Paily with the servers for storing personal data in the following jurisdictions:

11.5.1. The Netherlands.

11.5.2. Germany.

11.5.3. The United States of America.

11.5.4. Singapore.

11.5.5. Canada.

11.5.6. India.

11.6. By providing Paily with the consent to processing of personal data in accordance with Section 2 of the Policy, the Data subject explicitly agrees that his or her personal data can be stored in the jurisdictions provided for in paras.11.5.3-11.5.6 of the Policy, despite the possible risks of such storage, which include the following:

11.6.1. Efforts of hacking attacks. Paily and Paily’s Processors take all the reasonable measures to prevent such attacks.

11.6.2. Existence of personal data rules and regulations that are different from GDPR. Paily and Paily’s Processors provide Users with all the rights and guarantees provided for in GDPR.

11.6.3. Restriction of Processor’s business activity in a third country by the state body of a country provided for in paras.11.5.3-11.5.6 of the Policy. Processors of Paily take all the necessary measures to secure Data subject’s personal data and safely transfer Data subject’s personal data to a server in another country in case of such situations.

11.7. GetID as the Processor of personal data under para.7.5 of the Policy uses the servers of Amazon located in Ireland for the purpose of identifying Users and storing their personal data specified in para.4.2 of the Policy.

12. The rights of Data subjects

12.1. Each Data subject has the right to withdraw the consent to processing of personal data in accordance with this Policy.

In order to withdraw the consent, the Data subject shall send an email to the email address of Paily at support@paily.io.

The User may withdraw the consent to processing of personal data by deleting the Account in accordance with para.3.5 of the Policy.

If the User withdraws the consent to processing of personal data, Paily is entitled to refuse provision of the Services because provision of the Services is impossible without processing of User’s personal data.

The fact that the Data subject withdraws the consent to personal data processing does not affect the legality of the personal data processing carried out by Paily prior to withdrawal.

After the User deletes the Account, the User may request Paily to delete all the personal data associated with the Account by sending an email to the email address of Paily at support@paily.io. If the User requests Paily to delete personal data of the User prior to deletion of the Account, Paily is entitled to refuse provision of the Services to the User because provision of the Services is impossible without processing of User’s personal data.

Other Data subjects may also at any time request Paily to delete their personal data by sending an email to the email address of Paily at support@paily.io.

If the User’s Client withdraws the consent to processing of Client’s personal data or requests Paily to delete personal data of the Client, Paily is entitled to refuse provision of the Service to the User if provision of the Service is impossible without processing of Client’s personal data.

Paily may refuse to delete personal data of any Data subject or does not take into account the withdrawal of consent to processing of personal data if there are other legitimate grounds provided by GDPR enabling Paily to continue processing of personal data.

12.2. The Data subjects also have the following rights guaranteed by GDPR:

12.2.1. The right to get access to the Data subject’s personal data, as well as the right to the information about processing of Data subject’s personal data (including the information about the purposes of processing, the categories of personal data processed, the recipients of personal data, and the data storage period).

12.2.2. The right to rectification of inaccurate personal data. The User is responsible for the correctness of the personal data provided to Paily and Paily’s Processors.

12.2.3. The right to data portability: the right to receive a copy of a Data subject’s personal data in a standard, structured, and machine-readable format and transmit such personal data to another controller.

12.2.4. The right to erasure of personal data subject to the grounds provided for in Art.17 GDPR.

12.2.5. The right to restriction of personal data processing subject to the grounds provided for in Art.18 GDPR.

12.2.6. The right to object to processing of personal data (which includes objection to processing for direct marketing purposes).

12.2.7. The right not to be subject to a decision based solely on automated processing, including profiling.

12.2.8. The right to file a request or complaint with Paily as the Controller of personal data

12.2.9. The right to lodge a complaint with a supervisory authority in accordance with Art.77 GDPR.

12.2.10. The right to an effective judicial remedy against Paily or its Processors in accordance with Art.79 GDPR.

12.3. To exercise any of the rights provided for in para.12.2 of the Policy (except for the rights provided for in paras.12.2.9-12.2.10 of the Policy), the Data subject shall send a request to the email address of Paily at support@paily.io.

12.4. Paily is deemed to have received the request of the Data subject sent in accordance with para.12.1 and para.12.3 of the Policy on the 5th (fifth) business day after the dispatch of the email, if the shorter term is not provided by GDPR or other applicable personal data legislation.

Paily shall respond to the request sent by the Data subject in accordance with para.12.1 or para.12.3 of the Policy within 30 (thirty) days, if the shorter term is not provided by GDPR or other applicable personal data legislation.

13. Enactment and updating of the Policy

13.1. This version of the Policy shall come into effect on August 16, 2021, and remain valid until the approval of a new version of the Policy.

13.2. The Company reserves the right to make at its own discretion any amendments to this Policy at any time.

If Paily provides this Policy with amendments, Paily will post the updated version of the Policy on the Site. The new version of the Policy shall come into force upon posting of the new version on the Site.

By posting the new version of the Policy on the Site, Paily notifies Data subjects about the enacted amendments of the Policy.

Paily may also send emails to Users notifying the Users about the enacted amendments of the Policy. However, the absence of such emails does not affect the legality and validity of the updated version of the Policy.

By continuing to browse the Site or establish contractual relations with the User after the new version of the Policy is enacted, the Data subject agrees to processing of his personal data in accordance with the updated version of the Policy.

By continuing to use the Services after the new version of the Policy is enacted, the User agrees to processing of his personal personal data in accordance with the updated version of the Policy.

14. Contacting Paily

14.1. The Data subject can contact Paily by using the contact forms available via the Site and the Applications, as well as by using the following contact information of Paily:

Registration number of the company: 12426661

Email: support@paily.io.

Address: the Republic of Estonia, Harju maakond, Tallinn, Kesklinna linnaosa, Maakri tn 19/1, 10145