READ

Latest Policy

READ

Latest Policy

READ

Latest Policy

Privacy Policy

Updated Date: Jun 12, 2025, 12:00 AM

Privacy Policy

Effective Date: June 12, 2025

1. Introduction

K2‑18 Pay (“we”, “us”, “our”) is committed to protecting your privacy. This policy explains how we collect, use, disclose, store, and protect your personal data when you use our website and services across Europe.

2. Information We Collect

2.1 Information You Provide

  • Account & Registration: name, email, company, phone, etc.

  • Support & Communication: messages, transcripts, feedback.

  • Usage of Sandbox/API: integration metadata, test transactions.

2.2 Data Collected Automatically

  • Log Data: IP addresses, browser/device data, timestamps, pages visited.

  • Cookies & Tracking: essential cookies for functionality; optional analytics cookies with consent.

  • API Usage Metrics: endpoints accessed, payload sizes, error logs.

3. How We Use Your Data

We process your information for the following purposes:

  • To provide and monitor our services and API.

  • To maintain and support your account.

  • To fulfil legal and regulatory obligations.

  • To analyse usage trends and improve our platform.

  • To ensure security—detect fraud & misuse.

  • To send product updates, only with your consent.

Legal Bases (per GDPR): performance of contract, compliance with law, legitimate interest (e.g., fraud prevention), and consent.

4. Data Sharing & Disclosure

  • Service Providers: third parties (e.g., hosting, analytics, support tools) under confidentiality agreements.

  • Legal Requirements: when required by law or to protect legal rights.

  • Business Transfers: in case of mergers, acquisitions, or asset sales, always with privacy protections.

  • International Data Transfers: when personal data moves outside the EEA, we use EU Standard Contractual Clauses.

5. Cookies & Tracking

We use cookies to enhance functionality and security.

  • Essential cookies are always active to support the core features of our site.

  • Non-essential cookies (e.g., analytics) are used only with your explicit consent. You can withdraw consent at any time.

6. Data Retention

We retain personal data as long as it is needed to provide service, support, and comply with legal obligations—typically no longer than 3 years after your last active interaction unless required otherwise.

7. Your Rights

Under GDPR, you have the right to:

  • Access your data.

  • Correct inaccuracies.

  • Delete data (“right to be forgotten”).

  • Restrict processing or object to it.

  • Request portability.

  • Withdraw consent at any time.

To exercise these rights, please contact [email protected]. We may ask for identity verification and will respond within legal timeframes.

8. Security Measures

We use industry-standard safeguards—encryption, access controls, secure data storage, and regular audits—to protect your data. However, no method of transmission or storage is 100% secure.

9. Children

Our services are not intended for individuals under 16 years old. We do not knowingly collect data from minors.

10. Changes to This Policy

This policy may be updated. We’ll post changes on this page with a new “Effective Date” and notify you if changes materially impact your rights.

11. Contact Us

For questions, requests, or complaints related to this policy, please contact:
Email: [email protected]

Note: This Privacy Policy is designed for compliance in the European Economic Area (EEA) and the UK. If your business is subject to other juris­dictions (e.g., US privacy laws), please review and adapt accordingly.