What is 'personal data'?
Personal data is any information relating to you as an individual that can be used to identify you either directly or indirectly, through certain factors. Personal data can be anything from your name, address, photo, email address, bank details, social media posts, IP address and more.
How does Paystack keep my data secure?
Paystack uses a combination of administrative, technical and organisational measures to ensure your data is kept secure. Employees are only granted access to data on a need-to-know basis and strictly in line with their role. Technical measures to protect personal data include network security, endpoint protection, the use of VPNs, access control mechanisms, firewalls and more. Many of these measures have been reviewed by independent third-party auditors, meeting PCI-DSS Level 1 and certifying against ISO/IEC 27001:2022, and ISO/IEC 27701:2019 standards.
Where does Paystack keep my personal data?
Your data is stored on a private cloud with servers located in Ireland. Ireland is subject to the European General Data Protection Regulation, so your data is securely stored under adequate protection legislation.
What happens if a security incident or data breach involves my data?
Paystack handles and communicates security incidents in accordance with our documented security practices in our Incident Response Framework. You can report any suspected incidents to security@paystack.com.
In the event of a data breach that affects the rights and freedoms of data subjects, Paystack will report this breach to the relevant Data Protection Authority and notify affected users.
Does Paystack have a Data Protection Officer?
Yes, Paystack has a global Data Protection Officer (DPO) who is responsible for ensuring data privacy and data protection compliance across the jurisdictions in which we operate. You can reach our DPO at the following email address for any privacy-related inquiries: dpo@paystack.com.
How do I exercise my rights with Paystack?
Our Privacy Policy page on our website and Merchant Dashboard explains your data subject rights, which may differ according to your jurisdiction. In order to exercise your rights to amend or erase (for example) your personal data held by Paystack, you have to send an email to dpo@paystack.com. If you happen to email our support team at hello@paystack.com instead, our Data Privacy Team will pick up the request and respond immediately.
Please note that we may need to verify your identity with additional information before carrying out your request. Rest assured that any additional information you provide will be deleted in order to comply with the principles of purpose limitation and storage limitation (only keeping personal data strictly for the purpose in which it was intended, and only for as long as reasonably possible — in this instance, the data is used to verify your identity, after which it shall be deleted).
What happens if I delete my Paystack account as a merchant?
Once you close your Paystack account, you will no longer have access to the Merchant Dashboard and, therefore, cannot view any pending, past or future transactions. You will also be unable to dispute settlements and view previous settlements. Please note that in accordance with applicable law, and statutory or legal obligations, we will retain certain personal data (KYC) and transaction data to comply with these obligations. However, all personal data shall be destroyed by Paystack where possible or anonymised in other instances.
If you have any further questions, feel free to reach out to us at support@paystack.com.
Comments
0 comments
Article is closed for comments.