Privacy policy.

Last update : May 2023
At Payflows we take Privacy and Data Protection seriously. In this Privacy and Data Protection Policy (“Policy”) we have set out how we process personal data as a data controller, for instance when you visit this website, attend an event organised by Payflows, request a trial, sign-up to our newsletters, or when we connect with you on social networks.This Policy does not apply to your use of Payflows’ online products and services that we provide to our customers enabling them and their users to process and analyse business data and plan their business operations. If you want to learn more about this, do not hesitate to contact us.
Who is Payflows?
When we refer to “Payflows” in this Policy, we mean Payflows SAS, a French simplified joint stock company with a capital of 1,405.00 euros registered with the trade and commercial register of Paris under n° 912 610 649 and having its head office at 17 RUE DE LA COMETE – 75007 Paris, France ("Payflows"), acting as data controller of personal data under our control.
What is “personal data”?
Within the meaning of the European Data Protection Regulation No. 2016/679 (known as "GDPR") entered into force on May 25, 2018 and of the French Law n° 78-17 of 6 January 1978 "Informatique et Libertés" in its amended version (“French law Informatique et Libertés”), “personal data” consists of any information that relates to an identified or identifiable individual, such as a name, email address, telephone number, and IP address.

What personal data do we process about you and why? At Payflows, we process the following personal data about you:
Your identification data and professional contact details, e.g. Name, image, email address, postal address, phone number for instance, when you request information in connection with Payflows’ products and services, when you participate in our events or when you sign-up for marketing materials.
Information you give us: when you contact us, you may provide us with additional information that is useful to be shared by you based on why you contact us. For instance, when you book a demo, you may want to share the specific items you would like to cover during our meeting. Usually, this is combined with your identification data and professional contact details.

Your communications and any information you decide to share with us, e.g. newsletters, emails, phone and call recordings (e.g. webinars), events recordings, forms and tickets raised.Data related to your usage of our website and our solution and related Payflows services, e.g. statistics, feedback, satisfaction survey, case study and customers’ testimonials.Third-party information about you and information collected from open and public databases: we work with partners and providers to help us operate our services and improve our product. They may share with us information about you such as your identification data, professional contact details and data related to your usage of our solution.
Concretely, why do we collect your personal data and what else should you know?
Payflows takes respecting privacy and protecting your personal data seriously. We have placed at the center of our commitments the respect and protection of the privacy and personal data of our customers and users, and consequently to comply with applicable laws and regulations, and in particular the French law Informatique et Libertés as amended and the GDPR, but also to ensure better data protection for the purpose of improving our products and services.

To be clear, we process your personal data for the following purposes:
To market our solution and improve our services.
To contact you in order to invite you to demos, webinars, events and keep you updated with our newest features and any other commercial communication, and organize said events.
To manage your relationship with us.
How does Payflows respect GDPR to process your personal data?
Under article 6 of the GDPR, data controllers like Payflows can process personal data relying upon several legal bases. At Payflows, your personal data are processed based on:
The performance of a contract with us or in order to take steps prior to entering into a contract with you.
The necessity to comply with a legal obligation.
Our legitimate interest.Your consent.
How long is Payflows keeping your personal data?
We will keep your personal data for 3 years after your last contact with us or, if there is a contract in place between us, after the end of our contractual relationship.
Is the processing of your personal data secure?
Payflows has implemented a number of measures to protect your privacy and personal data and to meet the requirements of the GDPR.

Regarding the security measures implemented to protect personal data from any risk of violation, unauthorized disclosure or attack on their integrity, Payflows has deployed all the necessary means with its teams and service providers to minimize the risk of security breaches, in particular:

Website SSL.
We strive in particular to maintain 24/7 systems monitoring in order to ensure the security of the personal data we process.
Our sites are regularly scanned for security breaches and vulnerabilities and we take the necessary precautions to avoid the loss, abuse or alteration of personal data.
To whom do we share your personal data with?
Your personal data may be shared with our service providers (in particular, for IT services). Otherwise, your personal data is not shared outside Payflows.

When your personal data is shared outside Payflows, we make every effort to select our service providers on the basis of very demanding criteria in terms of privacy, data protection and security. All personal data transfers are secured contractually.

Your personal data may also be shared to providers located outside of the European Economic Area (“EEA”). In such case, we ensure that our providers are:

Located in a country considered having an adequate level of protection by the European Union in terms of personal data, or
They are bound by contractual provisions ensuring an equivalent level of protection of your personal data (i.e. standard contractual clauses established by the European Commission) or the transfer is otherwise permitted under the GDPR.
Your rights?
Within the limits and conditions of applicable data protection laws, you can request us to:

Access your personal data.Rectify your personal data.
Erase your personal data.
Restrict the processing of your personal data.
Object to the processing of your personal data.
Transfer your personal data to another provider (right of portability).
You can also lodge a complaint with a competent supervisory authority (for instance, the CNIL in France).
How to contact us?
If you want to exercise your rights and for any questions regarding this document and, in general, about the collection and processing of your personal data by Payflows, do not hesitate to contact us by e-mail: legal@payflows.io.
What else?
This Privacy and Data Protection Policy may be updated from time to time, in particular to take into account changes in our services, technologies or applicable regulations. These updates will be effective immediately when they are made available and searchable on our website.

Cookies? If you want to read more about cookies, please click here.