ArcaPay Ltd Privacy Policy

Effective from 25 May 2018


This Privacy Policy governs the manner in which ArcaPay Ltd collects, uses, maintains and discloses information collected from users (each, a "User") of the website ("Website" or "Site"). This Privacy Policy applies to the Site and all products and services offered by ArcaPay Ltd.

This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand the types of information we collect from you, how we use that information and the circumstances under which we might share it with third parties. By visiting and using our website you are accepting and consenting to the practices described in this policy.

For the purpose of the relevant data protection legislation, the data controller is ArcaPay Ltd, company number 07762021, registered office address at 35-37 Ludgate Hill, Office 7, London, EC4M 7JN, United Kingdom. From the 25th of May 2018, ArcaPay Ltd fully complies with the General Data Protection Regulation (“GDPR”), which supersedes the UK Data Protection Act 1998. If you require further information on your rights under the GDPR, please visit the Information Commissioner\'s website at


We may collect and use the following data about you:

Information you give us. You may give us information about you by filling in forms when registering or using our Services or via correspondence, e.g. email. The information you give us may include your name, postal and email address, phone number, date of birth, financial information (e.g. bank account information), payment reason and geographical location. We may also need additional commercial and/or identification information from you, e.g. if you send high-value transactions or as needed to comply with our anti-money laundering obligations under applicable law.

Information we collect about you. This includes details of the transactions you carry out when using our Services, geographic location from which the transaction originates and the Internet protocol (“IP”) address used to connect your computer to the Internet, Uniform Resource Locators (“URL”) clickstream to, through and from our Website, and technical information such as your browser type and version, time zone setting, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks and mouse-overs), browser plug-in types and versions, operating system and platform. We may also collect information about you from other sources, including but not limited to: social media, credit reference agencies, fraud preventions agencies and business directories or other publicly available sources.


We may use the information collected for the following purposes:

  1. To carry out our obligations relating to your contracts with us and to provide you with the information, products and services that you request from us.
  2. To comply with any applicable legal and regulatory requirements.
  3. To notify you about changes to our Services.
  4. To administer our Services and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
  5. To improve our Services.
  6. To measure or understand the effectiveness of advertising we serve and to deliver relevant advertising to you.
  7. To keep our Website safe and secure.


We adopt appropriate data collection, storage and data security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site. Our data processing technologies are professionally hosted by a company that specialises in hosting solutions. When you provide sensitive information to us, we encrypt the transmission of that information using secure socket layer technology (SSL). We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website; any transmission is at your own risk. Once we have received your information, we use strict procedures and security features to try to prevent unauthorised access.


To execute your GDPR rights please contact us via email [email protected]. Please include the email address you are registered on with as we will have to perform a customer identification process. We'll respond to your request within 30 calendar days. As a regulated business ArcaPay has an obligation to retain customers’ personal data as well as additional documents for preventing, detecting and investigating possible cases of money laundering and terrorist financing. To comply with regulatory requirements, a copy of the documents and customer’s personal information will be stored in our system for a period of at least five years after the end of the business relationship with the customer or after the date of an occasional transaction. Please be aware that anti-money laundering and counter-terrorism financing regulatory requirements overrule the GDPR requirements.

If a customer’s request is manifestly unfounded or excessive, we reserve the right to refuse to act on the request or impose an administrative fee. If you think your rights are not fulfilled properly, you can always contact our Data Protection Officer (DPO) at [email protected].


Cookies are a small piece of information saved in your browser storage. They are used to improve the user experience in pages and help third party services to work properly. ArcaPay uses cookies on its website. Private data is never stored in cookies, only anonymous identifiers or other preferences. Data retention depends on the Cookies Policy but not will not be more than 24 months.


We communicate with our clients about new products or services, special offers and other marketing announcements. By accepting this Privacy Policy you agree to receive marketing communication from us using electronic methods (email, SMS, telephone calls). If you decline this Privacy Policy, we will not send you any marketing communication. You can always change this preference in your profile settings and configure specific channels you wish to receive the communication through.

Transactional information, e.g. information about received money, document requests and/or other information related to our core services is not part of marketing communication and cannot be disabled.


Any changes we may make to our Privacy Policy in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our Privacy Policy.


This Privacy Policy and any dispute or claim arising out of the Privacy Policy is governed by English law. Any dispute or claim arising out of or in connection with the Privacy Policy will be subject to the non-exclusive jurisdiction of the courts of England and Wales.


Questions, comments and requests regarding this Privacy Policy are welcome and should be addressed to [email protected].

To enable chatting functionality please enable the functional cookies