Customers Retailers

Customer Support 01606 566 566 01606 566 566 Sales 0800 0566 015 0800 0566 015

Payzone Bill Payments Limited - Privacy Policy

This is the privacy notice of Payzone Bill Payments Limited ("Payzone", "us" or "we"), which applies to all personal data we process for retailers. Clients and customers, This includes any personal data you may provide as part of any contract you enter into with us, any personal data you provide (or is available to us) through your use of Payzone’s website and which we may obtain from other sources.

We are committed to protecting and respecting your privacy. This privacy notice explains the types of personal information we collect, how we use that information, who we share it with, how we protect that information, and your legal rights in relation to your information.

It is important that you read this privacy notice together with any other privacy notice (or ‘fair processing’ notice) we may provide on specific occasions when we are collecting or processing personal data about you, so that you are fully aware of how and why we are using your data. This privacy notice supplements any such other notices and is not intended to override them.

This version of the privacy notice is effective as of 5th June 2023.

Who we are

Payzone Bill Paymemts provide bill payment services that allows customers to easily pay their bills via a network of retailers throughout the UK.

Payzone Bill Payments Limited is registered in England and Wales. Registered Number 08459718. Registered Office: 100 Wood Street, London, EC2V 7ER (“Post Office Limited”).

If you have any questions about this privacy notice or the way in which your personal data is processed, we have a Data Protection Officer who can be contacted at the address above or by sending an email to data.protection@pzbp.co.uk or data.protection@postoffice.co.uk.

Information we collect about you

The different types of personal data we process are:

  • Identity Data– which includes first name, surname, any applicable maiden name, title and date of birth.
  • Contact Data– which includes business address, home address, email address and telephone numbers.
  • Contractual Data– which includes details about the products and services we have contracted to provide to you.
  • Financial Data– which includes bank account details, details of your income and business turnover.
  • Transaction Data– which includes details about transactions you have undertaken using our services or via the providers of merchant acquiring services who process transactions using equipment which we provide to you.
  • Technical Data– which includes your online identifiers such as internet protocol (IP) address, internet browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology used to access our website, information about which pages on our website you have viewed or searched, login information and technical information from the devices you use to receive our services.
  • Profile Data– which includes your interests, preferences, feedback and survey responses.
  • Usage Data– which includes information about how you use our website, products and services.
  • Marketing Data- which includes your preferences in receiving marketing from us and your communication preferences.

We collect personal data about you from different sources:

Personal data provided by you:

The information you provide to us includes your name, postal address, email address, landline and/or mobile telephone number, bank account information, identification documents, employment details, as well as other personal information as detailed in the section above.

Personal data we collect about you:

With regard to each of your visits to our website, we may also use cookies and other technologies to automatically.

Personal data we receive and collect from other sources:

We work closely with third parties, such as providers of merchant acquiring services and providers of other services and we may receive information about you from them. We also work with companies which provide us with your contact details so that we can contact you about our products and services. We may also be provided with information about you from your employer or another third party which engages your services. We may also collect information about you from publicly available sources, including Companies House.

The personal data about you which we collect and process from third parties includes:

  • Technical Data from analytics providers (such as Google) and search information providers.
  • Identity Data, Contact Data, Financial Data and Transaction Data from the third parties we work with who provider services to (or act on behalf of) merchant acquiring service providers.
  • Identity Data and Contact Data from data brokers or aggregators.
  • Identity Data and Contact Data from publicly available sources such as Companies House and social media networks.
  • Identity Data and Contact Data from your employer or another third party which engages your services.

We also collect, use and share aggregated data such as statistical or demographic data for any purpose. Such aggregated data may be derived from your personal data but is not considered personal data in law (as this data does not directly or indirectly reveal your identity). For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect any such aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.

Why we collect personal information, what we do with it, and the legal grounds we rely upon

We will only use your personal data where we have a lawful basis to do so.

The purposes for which we may use your personal data and the legal basis that we rely on are set out in the table below. Note that we may process your personal data for more than one legal basis depending on the specific purpose for which we are using your data (as shown in the table). Where more than one is shown, please contact us if you would like more information.

Purpose/Activity

Type of data

Legal basis and processing purpose

To register you as a new customer

(a) Identity Data

(b) Contact Data

Necessary for the performance of a contract to which you are a party, or to take steps at your request before entering into such a contract.

To process and deliver any products and services you have ordered, including to:

(a) manage payments, fees and charges

(b) collect and recover money owed to us

(a) Identity Data

(b) Contact Data

(c) Contractual Data

(d) Financial Data

(e) Transaction Data

(a) Necessary for the performance of a contract to which you are a party, or to take steps at your request before entering into such a contract.

(b) Necessary for our legitimate interests (to recover debts due to us).

To make checks about to verify your identity

(a) Identity Data

(b) Contact Data

 

(a) Necessary for our legitimate interests (to ensure we can be satisfied of your identity).

To make financial checks about you (including checking your credit history and making searches with licensed credit reference agencies) and seeking bank and/or trade references

(a) Identity Data

(b) Contact Data

(c) Contractual Data

(d) Financial Data

(e) Transaction Data

(a) Processing undertaken with your consent

(b) Necessary for our legitimate interests (to ensure that you do not represent an unacceptable credit risk)

To manage our relationship with you, which will include administration of your contract and notifying you about changes to our terms or privacy notice

(a) Identity Data

(b) Contact Data

(c) Contractual Data

(d) Financial Data

(e) Transaction Data

(a) Necessary for the performance of a contract to which you are a party, or to take steps at your request before entering into such a contract.

(b) Necessary to comply with a legal obligation ( to keep personal data accurate).

(c) Necessary for our legitimate interests (to keep your data safe and secure, to enhance or improve our customer’s experience of our products/services).

To enable you to partake in a prize draw, competition or complete a survey.

(a) Identity Data

(b) Contact Data

(c) Profile Data

(d) Usage Data

(e) Marketing Data

(a) Necessary for our legitimate interests (to enhance or improve our customer’s experience of our products/services).

To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).

(a) Identity Data

(b) Contact Data

(c) Technical Data

(e) Transaction Data

(a) Necessary for our legitimate interests (for running our business, including our dealings with third party providers of merchant acquiring services, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise).

(b) Processing undertaken with your consent (to optimise our website performance and provide you with a personalised experience)

To deliver relevant website content and advertisements to you and understand or measure the effectiveness of our advertising

(a) Identity Data

(b) Contact Data

(c) Profile Data

(d) Usage Data

(e) Marketing Data

(f) Technical Data

(a) Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy).

(b) Processing undertaken with your consent

To use data analytics to improve our website, products/services, marketing, customer relationships and experiences.

(a) Technical Data

(b) Usage Data

(a) Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy).

(b) Processing undertaken with your consent

To make suggestions and recommendations to you about goods or services that may be of interest to you.

(a) Identity Data

(b) Contact Data

(c) Technical Data

(d) Usage Data

(e) Profile Data

(f) Marketing Data

(a) Processing undertaken with your consent.

(b) Necessary for our legitimate interests (to develop our products/services and grow our business).

To comply with our legal obligations (including where you exercise any of your legal rights), to exercise our legal rights and to bring or defend legal claims.

(a) Identity Data

(b) Contact Data

(c) Contractual Data

(d) Financial Data

(e) Transaction Data

(f) Profile Data

(g) Usage Data

(i) Marketing Data

(a) Necessary to comply with a legal obligation (including our obligations under UK domestic law, with law enforcement agencies, courts and other organisations).

(b) Necessary for our legitimate interests to exercise our legal rights and to bring or defend legal claims.

 

We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). We also do not collect any information about criminal convictions or offences.

Please note that in some circumstances we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Who we share your personal data with

  • Any member of the Payzone group of companies, including subsidiaries and holding companies, in order to enable you to access the products and services we provided, provide you with customer support and conduct the other activities described in this privacy notice.
  • Licensed credit reference agencies and/or other relevant organisations (such as Experian), to make checks to verify your identity and to make financial checks about you (including checking your credit history).
  • Your banks, customers or suppliers, for the purposes of seeking bank and/or trade references relating to you.
  • Other third parties such as:
    • our suppliers of terminals and related logistical services (acting as our data processors) to deliver terminals and assist with installation and repair of terminals;
    • service providers (acting as our data processors) who provide us with services relating to IT, hosting and other infrastructure and IT system administration, market research, marketing (including competitions), advertising, communications, training, payment processing and data cleansing and processing services;
    • professional advisers (acting as our data processors) including lawyers, bankers, accountants, auditors and insurers based who provide legal, banking, accounting, auditing and insurance services to Payzone;
    • HM Revenue & Customs, the Financial Conduct Authority, other regulators and government authorities, for purposes required by law;
    • the police and fraud prevention agencies, for the purposes of crime detection and prevention; and
    • third parties we work with who provide services to you, including third parties who provide you with merchant acquiring services and companies which provide services to (or act on behalf of) those merchant acquiring service providers, for the purposes of administering, monitoring and fulfilling the performance of their contracts with you and/or their contracts with us.

We may also disclose your personal information to third parties:

  • in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
  • if any member of the Payzone group or substantially all of its assets are acquired by a third party, in which case your personal data may be one of the transferred assets and disclosed to them accordingly; and
  • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation or in order to enforce our terms and conditions or other agreements, or to protect the rights, property or safety of the Payzone group.

In order to process your application, we will supply your personal information to credit reference agencies (CRAs) and they will give us information about you, such as about your financial history. We do this to assess creditworthiness and product suitability, check your identity, manage your account, trace and recover debts and prevent criminal activity. We will also continue to exchange information about you with CRAs on an ongoing basis, including about your settled accounts and any debts not fully repaid on time. CRAs will share your information with other organisations. The identities of the CRAs, and the ways in which they use and share personal information, are explained in more detail at http://www.experian.co.uk/crain/index.html.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. Our third-party service providers (to the extent they are acting as our data processors) are contractually bound to use personal information only to perform the services that we have engaged them to provide and they are only permitted to process your personal data in accordance with our instructions.

Please note that some of our external third-party service provides are based outside the European Economic Area (EEA), so their processing of your personal data will involve a transfer of data outside the EEA.

Transferring personal data outside of the UK

Where we transfer the personal data we collect about you outside the UK, we ensure that the appropriate safeguards have been applied including the use the ICO’s international data transfer agreement or other suitable mechanism(s).

 

How long do we keep your personal data?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements and the business’ legitimate interests.

Security of your personal data

We use administrative, technical, and physical measures to safeguard personal data against loss, theft and unauthorised uses, access or modifications. Our staff and our third-party service providers are under a duty to process your personal data only in accordance with our instructions and they are subject to a duty of confidentiality.

Certain areas of our websites may be password protected. Where we have provided you with (or where you have created) a password, you are responsible for keeping this password confidential. We ask you not to share your password(s) with anyone.

Payments made via our websites or processed by us whilst you are on the telephone are processed in a secure environment using software supplied by third party providers.

Third party websites and apps

Our websites may contain links to and from third party websites and we may provide you with details of apps provided by third parties. Please note that if you follow a link to any of these websites or download an app, these websites and apps will have their own terms of use and privacy policies and that we do not accept any responsibility of liability for these policies.

Your Rights and Choices

Withdrawing Consent - Where we use your information on this basis, you have the right to withdraw that consent.

Access - You can request a copy of all the personal information we hold about you and other data relating to how we use your information by contacting Payzone at data.protection@pzbp.co.uk.

Correction (‘Right to Rectification’)- We always want to use the most up to date information about you so please get in touch either by contacting our Customer Services teams, or by contacting the Data Protection Officer using the contact details set out at the bottom of this policy if you think we don’t have that.

Deletion (‘Right to be Forgotten’)- In some circumstances, including where we are relying on your consent to use your data, you have a right to request us to delete your information.

‘Right to Portability’- If we have collected your data because you have given us consent, or because we need it in order to provide you with a product or service (under a contract), you have the right to receive the information you gave to us back in a ‘machine-readable’ format.

‘Right to Object’ and ‘Right to restriction of processing’- If we are using your data for activities under the ‘legitimate interest’ justification and in other circumstances, then you have a right to request restriction of processing and also a right to object to that processing.

Right to obtain human intervention where automated processing has taken place where consent has been given or under a contract and where the processing has a legal or similarly significant effect.

Complain- you have the right to lodge a complaint with the Information Commissioner’s Office if you think that our use of your information doesn’t comply with the law. See https://ico.org.uk/ or write to Information Commissioner’s Office, Wycliffe House, Water Ln, Wilmslow, SK9 5AF.

Contact Us

For further information about our privacy practices, to request previous versions of this privacy notice and to request any of these rights then please contact Payzone. You can contact the team by writing to: Data Protection, Payzone Bill Payments Ltd, Unit 4 Triangle Court, Cheshire Avenue, Lostock Green, Northwich, Cheshire, CW9 7YL.

You can also email us at data.protection@pzbp.co.uk or email our Data Protection Officer at data.protection@postoffice.co.uk.

 

Payzone
Help & Support
Policies
Customer Support:01606 566 566 Sales:0800 0566 015
Stay Connected

Payzone Bill Payments Limited Registered Office: 100 Wood Street, London, England. EC2V 7ER. Registered in England and Wales No. 11310918 VAT Number: GB 172670502. Payzone site uses cookies. Some of these cookies are essential, while others help us to improve your experience by providing insights into how the site is being used. View our Cookie Policy and our Privacy Policy.

 

ISO 27100 ISO 22301

Cert No. 9819

 
Copyright 2024 | Payzone Bill Payments Limited