Legal

Privacy Policy

Last updated: 29 May 2025  ·  Effective date: 29 May 2025

1. Who We Are

RevixPay Ltd. ("RevixPay", "we", "us", or "our") is the data controller responsible for your personal data.

For any privacy-related enquiries, please contact us at:
Email: privacy@revixpaynow.com
Website: revixpaynow.com

This Privacy Policy explains how we collect, use, store, and disclose personal data when you visit our website or use our services, in accordance with the EU General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) and applicable national data protection laws.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity data: name, job title, company name
  • Contact data: email address, telephone number, postal address
  • Technical data: IP address, browser type and version, device identifiers, time zone, operating system, and pages visited
  • Usage data: information about how you navigate and interact with our website
  • Communications data: the content of messages you send us via contact forms, email, or live chat
  • Business data: information you voluntarily provide during consultation enquiries, such as company registration details, jurisdiction, and regulatory status — necessary to assess engagement scope

We do not collect special category data (e.g. health, biometric, or criminal record data) and do not knowingly collect personal data from children under 16.

3. How We Collect Personal Data

  • Directly from you — when you submit an enquiry form, send an email, book a consultation, or otherwise contact us
  • Automatically — through cookies and similar technologies when you visit our website (see Section 8 on Cookies)
  • From third parties — such as LinkedIn or other professional networking platforms, where you have chosen to share your information publicly

4. Legal Basis for Processing (GDPR Article 6)

We process your personal data under the following legal bases:

  • Legitimate interests (Art. 6(1)(f)): to respond to enquiries, manage our client relationships, improve our services, and conduct security monitoring — where such interests are not overridden by your rights
  • Contract performance (Art. 6(1)(b)): where processing is necessary to deliver consulting services you have engaged us to provide
  • Legal obligation (Art. 6(1)(c)): to comply with applicable anti-money laundering (AML), know-your-customer (KYC), and other financial regulatory obligations where they apply to our advisory work
  • Consent (Art. 6(1)(a)): for marketing communications and non-essential cookies, where you have given explicit, freely given consent. You may withdraw consent at any time.

5. How We Use Your Personal Data

  • Responding to enquiries and scheduling consultations
  • Delivering compliance advisory and licensing support services
  • Managing ongoing client engagements and communication
  • Sending service updates or marketing communications (with consent)
  • Improving website performance and user experience via analytics
  • Complying with legal, regulatory, and tax obligations
  • Detecting and preventing fraud, security incidents, and misuse

We do not sell, rent, or trade your personal data to third parties for their own marketing purposes.

6. Data Sharing and Disclosure

We may share your personal data with:

  • Service providers: IT infrastructure, CRM, email delivery, and analytics vendors engaged to support our operations — bound by data processing agreements
  • Professional advisers: lawyers, accountants, and compliance consultants who assist us under duties of confidentiality
  • Regulatory authorities: where required by applicable law (e.g. FCA, CBI, EBA, or other competent authorities)
  • Business transfers: in the event of a merger, acquisition, or restructuring, personal data may be transferred as part of the business assets, subject to appropriate safeguards

7. International Data Transfers

RevixPay primarily processes data within the European Economic Area (EEA). Where we transfer personal data to countries outside the EEA, we ensure adequate safeguards are in place, such as:

  • European Commission adequacy decisions (e.g. for the UK under GDPR)
  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Binding Corporate Rules (BCRs) where applicable

You may request details of the safeguards used for any specific transfer by contacting us at privacy@revixpaynow.com.

8. Cookies and Tracking Technologies

We use cookies and similar technologies on our website. These include:

  • Strictly necessary cookies: essential for the website to function — no consent required
  • Analytics cookies: used to understand how visitors interact with our website (e.g. page views, session duration). We use these only with your consent.
  • Preference cookies: to remember your language and other settings

You can manage your cookie preferences at any time via your browser settings or by clicking "Cookie Settings" in our website footer. Withdrawing consent for analytics cookies will not affect your ability to use the site.

We do not use advertising or cross-site tracking cookies.

9. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Policy, or as required by law:

  • Enquiry and contact records: up to 2 years from last contact, unless an engagement commences
  • Client engagement records: up to 7 years after the end of the engagement, to comply with legal and tax obligations
  • AML/KYC records: as required by applicable anti-money laundering legislation (typically 5 years)
  • Website analytics data: up to 26 months, subject to your cookie consent preferences

When data is no longer required, we securely delete or anonymise it.

10. Your Rights Under GDPR

As a data subject under the GDPR, you have the following rights:

  • Right of access (Art. 15): request a copy of the personal data we hold about you
  • Right to rectification (Art. 16): request correction of inaccurate or incomplete data
  • Right to erasure (Art. 17): request deletion of your personal data ("right to be forgotten"), subject to legal retention obligations
  • Right to restrict processing (Art. 18): request that we limit how we use your data in certain circumstances
  • Right to data portability (Art. 20): receive your personal data in a structured, machine-readable format and transmit it to another controller, where processing is based on consent or contract
  • Right to object (Art. 21): object to processing based on legitimate interests or for direct marketing purposes
  • Rights related to automated decision-making (Art. 22): we do not make solely automated decisions with legal or significant effects on individuals
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing

To exercise any of these rights, please contact us at privacy@revixpaynow.com. We will respond within 30 days. We may ask you to verify your identity before processing your request.

If you are dissatisfied with our response, you have the right to lodge a complaint with your local supervisory authority. In the EU, you may contact your national Data Protection Authority; in the UK, the Information Commissioner's Office (ICO) at ico.org.uk.

11. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction, alteration, or disclosure. These include:

  • Encryption of data in transit (TLS) and at rest where applicable
  • Access controls and role-based permissions
  • Regular security reviews and vendor assessment
  • Staff training on data protection obligations

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority as required under GDPR.

12. Crypto-Specific Processing Note

Where RevixPay provides compliance advisory related to crypto-asset businesses (including MiCA CASP authorisation, AML/CFT programme design, and virtual asset licensing), we may process additional business information you provide — such as wallet addresses used as organisational identifiers, token structures, and smart contract descriptions — solely for the purpose of delivering the requested advisory service. This information is treated as business confidential and is not shared beyond what is necessary for delivery of services.

We do not process blockchain transaction data for individual users of your platform as part of our consulting engagement, and we are not a data processor in relation to your end-user data unless explicitly agreed in writing.

13. Third-Party Links

Our website may contain links to third-party websites (such as regulatory authority portals or reference resources). We are not responsible for the privacy practices of those sites. We encourage you to read their privacy policies before sharing any personal data with them.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this Policy periodically.

Where required by law, we will notify you of significant changes by email or by posting a prominent notice on our website.

15. Contact Us

For any questions, requests, or complaints regarding this Privacy Policy or our data processing practices:

RevixPay Ltd.
Data Privacy Team
Email: privacy@revixpaynow.com

Contact Us