Worldpay includes within its group, Worldpay (UK) Limited, Worldpay Limited, Worldpay BV and Worldpay AP Limited, which sometimes use trading names including Streamline Merchant Services, Worldpay Total and Worldpay Zinc. The reference to Worldpay (or “We”) includes the above companies and all relevant group affiliates, a list of which can be obtained via the Contact Us section. Worldpay is committed to protecting your privacy and will take all reasonable steps to ensure that your personal information is treated securely and will be collected, used, stored and disclosed in accordance with this policy. “You” in this policy means an individual who is accessing or applying to use the Worldpay Services either on his or her own account or on behalf of a business. This includes, in relation to a customer or prospective customer of Worldpay, any sole trader and any principals, including the managing and financial directors, any other directors and officers, shareholders, partners and beneficial owners of a customer as well as any member of staff accessing or using the Worldpay Services on behalf of a customer.
- the website/portal features and services provided to you when you visit our websites or portals;
- when you apply to use and/or use Worldpay’s products and services (including any loyalty or reward schemes, whether points-based or otherwise (‘Loyalty’));
- your use of software including terminals, mobile and desktop applications provided by Worldpay; and
- email, other electronic messages including SMS, telephone, web chat, website/portal and other communications between you and Worldpay.
Together these are all referred to in this policy as “Worldpay Services”. When we use the word ‘card’ in this policy, it applies to all payment methods and types and not simply those involving a physical card; and use of the term ‘cardholder’ applies to any shopper or individual whose payment transactions may be processed.
Personal and non personal information
Personal information is information that can be used to uniquely identify a single person. Worldpay also collects non-personal information, or may anonymise personal information in order to make it non-personal. Non-personal information is information that will not allow a specific individual to be identified. You agree that Worldpay may collect, store, use, transfer and disclose non-personal information for any reasonable business purpose; for example, the use of aggregated transactional information for commercial purposes, such as trend analysis and the use of data analytics to obtain learnings and insight around cardholder transaction patterns and usage. Where Worldpay uses and/or discloses confidential or cardholder transactional information for preparing and furnishing compilations, analyses and other reports of aggregated information and anonymised information, it will do so provided it has taken reasonable measures to avoid identifying any i) customer of Worldpay other than the customer for which Worldpay prepares the compilation, analysis or other report or ii) cardholder whose transactions were involved in the preparation of any compilation, analysis or other report. Under this policy, information collected by cookies and similar technologies are dealt with as non-personal information. To the extent that Internet Protocol (IP) addresses (or similar identifiers) are clearly defined to be personal information under any local law and where such local law is applicable to Worldpay Services, we will manage such identifiers as personal information.
Please note that Worldpay is a B2B (‘business to business’) organisation. If you are a shopper/consumer, please see our shopper pages for information.
Collecting your information
We collect the following information:
Information you give us: we receive and store any information including personal and financial information you provide to us including when you or your business: enquire of or make an application for Worldpay Services; register to use and/or use any Worldpay Services; upload and/or store information with us using the Worldpay Services; and when you communicate with us through email, SMS, a website or portal, or the telephone or other electronic means. Such information may include you or your customer’s:
- name including first name and family name, date of birth, email address, billing address, username, password and/or photograph, address, nationality and country of residence
- Card primary account number, card expiry date, CVC details, bank and/or issuer details
- Information relating to any items purchased, including the location of the purchase, the value, the time and any feedback that is given in relation to such purchase
- Points or rewards earned or redeemed in any Loyalty scheme.
Automatic Information: Worldpay receive and store certain information whenever you interact with Worldpay; for example by way of “cookies”. We also obtain certain information when your web browser accesses Worldpay Services or advertisements and other content provided by or on behalf of Worldpay on other web sites, or when clicking on emails including:
- Technical information, including the Internet protocol (IP) address used to connect your computer or device to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system platform;
- Information about your visit or whether you opened an email, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products or services you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks and mouse-overs) and methods used to browse away from the site page and any phone number used to call our customer service number.
Please also refer to our Cookies Policy, below, for more information and see the separate Cookies section of this policy, also below. Where cookies are set, information about individual cookies is specific to the email/website and can be obtained directly from links in such emails/websites.
Applications: if you download or use mobile or desk top applications provided by Worldpay, we may receive information about your location and your device or the service you are using (including where a payment transaction takes place). Some devices allow applications to access real-time location based information (for example GPS). Our mobile and desktop apps may collect such information from your mobile device or your computer at any time while you download or use our apps. We will always seek to notify you if it is our intent to collect real-time location information and, where required, obtain your consent unless otherwise permitted by law. We may use such information for regulatory purposes, our own due diligence checks, to better understand card usage patterns and to optimise your experience.
Email and Other Communications: we may receive information about you and your use of Worldpay Services when we communicate with each other, including when you open messages from us and from the use of electronic identifiers, for example, Internet Protocol addresses or telephone numbers.
Information from Other Sources: we may share or receive information about you with or from other sources and add it to our account information, including when you use any of the other websites we operate or other services we provide. We are also working closely with third parties (including, for example, business partners, subcontractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference and fraud prevention agencies) and may receive information about you from them or provide such information to them and as further explained in the Credit Reference and Fraud Prevention Agencies guide.
Use of information
Your information (as above) will include information about you and your business or your transactions. If you give us information, including sensitive personal information, about yourself or other people, you agree (and confirm that the person the information is about has agreed) that we can use this information in the way set out in this policy.
We may use and share your information with other companies within the Worldpay group, its directors, employees, professional advisors, sub-contractors and third party service providers to help us and them:
- Provide our Worldpay Services to you and your business including fulfilling Worldpay’s obligations to you or to financial or other institutions in connection with the Worldpay Services we provide to you or your business;
- To improve and develop our business, including without limitation to optimise our websites/portals, products and services;
- To provide you with the information, products and services you have requested or we think may be of interest to you;
- assess financial and insurance risks, including the financial position of you and your business and any linked parties such as directors, shareholders and principals;
- obtain information about you from credit reference agency and fraud prevention agency information to check you or your business’s credit status/profile and identity on a periodic basis. The agencies will record our enquiries which may be seen by other companies who make their own credit enquiries; and a “footprint” may be placed on your credit file, whether or not you are accepted as a customer. If you are a Director, we will seek confirmation from credit reference agencies, that the residential address that you provide is the same as that shown on the restricted register of directors’ usual addresses at Companies House. We may use credit scoring. Your application will be assessed using credit reference agency records relating to anyone with whom you have a joint account or similar financial association. If it is a joint application and such a link does not already exist then one may be created. These links will remain until you file a “notice of disassociation” at the credit reference agencies. Where you take services from us, we will give details of your accounts to credit reference agencies and how you manage them. If you do not repay any monies in full and on time, credit reference agencies will record the outstanding debt. Information regarding how you manage your account and/or any debt may be supplied to other organisations by credit reference and fraud prevention agencies to perform similar checks and to trace your whereabouts and recover any debts that you owe. Records remain on file at such agencies for 6 years after they are closed, whether settled by you or defaulted. This is a condensed version of our use of credit reference agencies and if you would like to read the full details, please see the Credit Reference and Fraud Prevention Agencies guide, together with the information in the Disclosure section of this policy below together with the information in the Disclosure section of this policy below;
- record and track details of transactions you or your customers carry out in relation to the Worldpay Services;
- analyse and report on you or your customers use of any Loyalty service;
- facilitate the collection or redemption of any points or other rewards currency in respect of any Loyalty programme;
- manage any circumstances where transactions, rewards or points are disputed;
- manage, investigate and resolve complaints;
- recover debt or in relation to your insolvency, including tracing your whereabouts;
- To prevent, detect and prosecute fraud or crime or to assist others in doing so;
- To identify and monitor for fraud, we and other organisations may access and use, from the UK or other countries, information recorded by fraud-prevention agencies. If false or inaccurate information is provided and/or fraud is identified or suspected by Worldpay, information concerning you and/or your business may be passed to fraud prevention agencies by us or any other third party to whom we have shared your information. Worldpay may also obtain information about you from fraud prevention agencies or services on a periodic basis, whether or not fraud is suspected. This may include recording sensitive personal information such as criminal offences you have been accused of;
- Worldpay also participates in anti-fraud initiatives, which may involve assessing you, your customers, transactions and/or locations, including utilising products and services from third parties (including the sharing of information with such third parties) to monitor transactions, detect patterns requiring investigation or otherwise profile and assess the likelihood of fraud occurring;
- To assist in the course of any investigation by Worldpay, other financial organisations or other third parties into any suspected criminal activity;
- To mitigate information security risk, sector risk or credit risk;
- To obtain your views on our goods, services and our website/s;
- To notify you about important changes or developments to our website or our goods and services;
- To understand our customers' requirements, perform analysis and comparisons, create profiles and create marketing opportunities (including how you or your customers use our services and to better align our services and marketing offers to your interests); this may include the aggregation and sharing of non personal information to facilitate cross-industry analysis, shopper-level insight and card usage;
- To send you information we believe you would find interesting including marketing and promotional materials; by post, email, telephone, SMS text or other means, including electronic means;
- To develop and test products and services;
- To comply with local and national laws, including card scheme rules and requests from law enforcement and regulatory authorities; and
- In respect of marketing, market research and similar activities, we may use your personal information for such purposes whether or not you are accepted as or continue to receive Worldpay Services. If you no longer wish to receive marketing or promotional information from Worldpay, please let us know via the Contact Us section.
Disclosure of information
We do not disclose information which could identify you personally, to anyone except as described in this policy, including:
- Within the Worldpay Group;
The above explanation of credit reference agencies is a condensed version of how your information may be used and if you would like to read the full details please see the Schedule to this policy. You also have a right to apply to the credit reference agencies for a copy of your file. We carry out most of our credit searches using Experian, but we may disclose to and liaise with all the credit reference agencies. You may wish to apply to each agency as they may hold different information. A small fee may apply. You can contact them as follows:
Experian Consumer Help Service, PO Box 8000, Nottingham NG80 7WF or call 0844 481 8000 or log on to www.experian.co.uk;
Equifax plc, Credit File Advice Centre, PO Box 3001, Bradford BD1 5US or call 0870 010 0583 or log on to www.myequifax.co.uk;
CallCredit, Consumer Services Team, PO Box 491, Leeds LS3 1WZ or call 0870 060 1414 or log on to www.callcredit.co.uk;
- Fraud prevention agencies (as outlined above and including Action Fraud, Financial Fraud Action and the Financial Fraud Bureau);
- Third Party Service Providers: suppliers who assist us with the provision of Worldpay Services, including processing orders, fulfilling orders, processing payments, managing credit, security, sector and fraud risk, and marketing, market research and survey activities carried out on behalf of Worldpay;
- Where we are required or permitted to do so by law: we may be required by law to pass information about you to regulatory authorities and law enforcement bodies worldwide, or we may otherwise determine that it is appropriate or necessary to do so. Such disclosures may also include requests from governmental or public authorities, for purposes of litigation or legal process, national security or where we deem it in the national interest or otherwise lawful to do so;
- Business transfers: Worldpay may buy or sell business units or affiliates. In such circumstances, we may transfer customer information as a business asset. Without limiting the foregoing, if our business enters into a joint venture with or is sold to or merged with another business entity, your information may be disclosed to our new business partners or owners; and
- With your permission: Your information may also be used for other purposes for which you give your specific permission, or when required by law or where permitted under the terms of the Data Protection Act 1998 or the laws of any relevant jurisdiction. Except where permitted as stated, Worldpay does not sell, rent, share or otherwise disclose personal information about its customers to third parties for commercial purposes.
Worldpay or such other third party service provider may also process payments through other financial institutions. These external organisations may process and store your personal information abroad and we and they may have to disclose your information to foreign authorities to help them in their fight against crime and terrorism. Where these organisations are based outside the EEA, your personal information may not be protected to the same standards.
We may monitor or record telephone calls, emails, web chat or other communications with you for regulatory, security, customer services or training purposes. When visiting our offices, CCTV, access control systems and/or other monitoring systems may be in operation.
Social networking and media
We may review and use public comments and opinions made on social networking sites (e.g. Facebook and Twitter) to better understand our customers and our provision and development of Worldpay Services.
We have implemented measures designed to secure your personal information from accidental loss and from unauthorised access, use, alteration and disclosure.
The safety and security of your information is also dependent upon you. Where we have given you (or where you have chosen) a password or access code for access to certain parts of our website/portal or mobile applications and similar, you are responsible for keeping this password and/or access code confidential. You are not permitted to share your password and/or access code with anyone. You should use all reasonable endeavours to ensure that there is no unauthorised use of your password and access code. You therefore authorise Worldpay to act upon instructions and information received from any person that enters your user id and password and you agree to be fully responsible for all use and any actions that may take place during the use of your account. You also agree to promptly notify Worldpay of any information you have provided to us which has changed.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Our websites (and some emails) use “cookies” and other technologies, which store small amounts of information on your computer or device, to allow certain information from your web browser to be collected. Cookies (and similar technologies) are widely used on the internet and allow a website/portal to recognise a user’s device, without uniquely identifying the individual person using the computer. These technologies help to make it easier for you to log on and use the site, provide feedback to us as to which parts of the website you visit (or whether particular emails have been read), so we can assess the effectiveness of the site or communication and provide a better user experience.
‘Do Not Track’ Signals – some web browsers may send out ‘do not track’ signals. But there is no industry standard currently in place as to what websites and other online services should do on receipt of such signals. Should such a standard be developed, Worldpay will re-visit its policy, but currently takes no action on receipt of such signals.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow such a link, please note that these websites have their own privacy and cookies policies and Worldpay does not accept any responsibility or liability for these third party websites.
This policy is global in scope, but is not intended to override any legal rights in any territory where such rights prevail. In such event, the rights and obligations set out in this policy will apply, subject only to amendment under any applicable local law having precedence.
Data protection rights and accessing your information
Where applicable, you may have certain rights under the UK’s Protection Act 1998 including the right to see the personal information held about you and you may ask us to make any necessary changes to ensure that it is accurate and up to date. If you would like a copy of the personal information we hold about you, please see the Contact Us section. There is a £10 fee. Where applicable, the Data Protection Act also provides the following rights, in relation to personal information and which can also be facilitated by using the Contact Us section below:
- Prevent processing where it may cause damage or distress;
- Commence Court action to claim compensation for damage or distress caused by our failure to comply with the Data Protection Act 1998;
- Object to automatic processing;
- Prevent direct marketing.
The laws of other territories applicable to your dealings with Worldpay may also be relevant (and may also impact the above rights) and any such rights can also be progressed via the Contact Us section below.
Once you are no longer a customer, we will retain your personal information for a reasonable period, or as otherwise allowed or required by law.
All comments, queries and requests relating to our use of your information are welcomed. If you wish to exercise any of your rights or receive further information as to which applicable Worldpay group companies to which this policy applies, you should write to the address below, marked FAO Corporate Legal or Contact us.
Worldpay (UK) Limited Registered in England No. 07316500. Registered Office: The Walbrook Building, 25 Walbrook, London EC4N 8AF, United Kingdom. Worldpay (UK) Limited is authorised by the Financial Conduct Authority under the Payment Services Regulations 2009 (No 530923) for the provision of payment services. Worldpay (UK) Limited is authorised and regulated by the Financial Conduct Authority for consumer credit activities. Registered with the Office of the Information Commissioner, registration Z2431349. The notifications can be found in the notifications register on ico.org.uk.
Worldpay Limited Registered in England No 03424752. Registered Office: The Walbrook Building, 25 Walbrook, London EC4N 8AF, United Kingdom . Worldpay Limited is authorised by the Financial Conduct Authority under the Payment Services Regulations 2009 (No 504504)) for the provision of payment services. Registered with the Office of the Information Commissioner, registration Z8563896. The notifications can be found in the notifications register on ico.org.uk.
Worldpay AP Limited Registered in England No 05593466. Registered Office: The Walbrook Building, 25 Walbrook, London EC4N 8AF, United Kingdom . Registered with the Office of the Information Commissioner, registration Z1380245. The notifications can be found in the notifications register on ico.org.uk.
Worldpay BV, incorporated and registered in the Netherlands (Handelsregister KvK no. 60494344). Registered Office: Claude Debussylaan 16, 1082 Amsterdam, Netherlands. Worldpay BV holds a licence from and is included in the register kept by De Nederlandsche Bank, which registration can be consulted through www.dnb.nl. Registered with the Dutch privacy regulator College Bescherming Persoonsgegevens. The notifications can be found in the notification register on cbpweb.nl/en.
Last updated: 20.02.15
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilised in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from Worldpay or subsidiary organisations.