GoCustomate is the trading name of Customate Ltd, a company registered in England. Customate provides payment services to organisations including the provision of payment accounts. From a data privacy standpoint, Customate acts as the data controller with regards to data specifically related to the identity and status of its customers and customers are the data controllers for all data relating to payments being processed through the system including any personal data relating to clients of a customer which may be required to complete a payment transaction. Where the customer acts as the data controller, Customate acts as the data processor

You may communicate with us using any of the following methods: E-mail, via support@gocustomate.com for general communication, product information or any other commercial or non-commercial inquiry. We may send you information by email regarding our Service and Products. If required by applicable law, we will send you such information only with your consent, which was given at the time you provided us with the Personal Data. We may deliver Service Bulletins and Product Bulletins regarding the provision of our Service to our Customers, unless an account deletion is made. A Service Bulletin is non-marketing and non-commercial communication including but not limited to updates to the Terms of Service, Privacy Policy and any other contractual communication. A Product Bulletin is a non-marketing and non-commercial communication, including but not limited to security notifications, Product updates, Product security patches or data breach notifications.

When you register for our Service, we may collect the following Personal Data from you: First, middle and last name, Email address, Date of birth, Company name, Company registration number, Company VAT number, Shareholder information, Country location, Mailing address, Phone number. We collect this information for the purpose of providing the Service and the Product(s), identifying and communicating with you, responding to your requests/inquiries, provide support, servicing your purchase orders, and improving our services. In addition, Customate has a statutory duty under various financial crime legislation to carry out identity checks on all customers prior to allowing any payments being processed. The data held is dependent on the structure of the organisation and may include personal data of the beneficial owners or controllers of the organisation including items such as date of birth and a government issued identity document. Proof of establishment of the organisation will also be collected and credit checks will also be carried out. Such information is periodically refreshed as required by legislation.

The customer can create several authorised users of the system. Such users will be issued with security credentials that will identify them to the system. By way of example this could be a user name and password. These credentials are held by Customate generally in an encrypted form.

When you visit the Service, we may automatically collect information that your browser sends whenever you visit our Service (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages and other statistics. In addition, we may use third-party services such as Google Analytics that collect, monitor and analyse this type of information in order to increase our Service’s functionality. These third-party service providers have their own privacy policies addressing how they use such information. We do not use your submitted Personal Data in association with any Automatically Collected Data. When we process Automatically Collected Personal Data you can expect a minimal privacy impact.

We use cookies to track the activity on our Service and hold certain information. Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service. We use Session Cookies to operate our Service. These Cookies makes it possible for you to login to the Service to access your account and request support.

We use Personal Data submitted by you to provide access to the Service, assist your support request and inquiries and to notify you of important changes to the Services. We may use your Automatically Collected Data to analyse, administer, support, improve the use of the Service. We may use data relating to your use of Service, without identifying you, to analyse, administer, support and improve your access to and use of the Services.

You have the right to obtain access to, correct and delete your Personal Data processed by us. You also have the right to obtain restriction of processing, direct objection to the processing and obtain the right to data portability. Customers have rights to see all their data held by Customate and to have any errors corrected. Copies of all data held is available from the Customate Customer Support team who can also correct any errors contained there within. If you need to change or correct your Personal Data provided to us or wish to have Personal Data removed from our systems, you can use the built-in functionality.

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. Customate neither store nor transfer any personal data outside of the European Economic Area. If you are located outside United Kingdom and choose to provide information to us, please note that we transfer the data, including Personal Data, to United Kingdom and to our computers to process it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and transfer of your Personal Data will take place via a Privacy Shield certified third party.

.We may share your Personal Data and other information with certain third parties without further notice to you if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation or lawful requests by public authorities, including meeting national security or law enforcement requirements and applicable law, rule, order, or regulation, (ii) protect and defend the rights or property of the Service, (iii) act in urgent circumstances to protect the personal safety of users of the Service or the public, or (iv) protect against legal liability. Such disclosures are carried out under strict contractual control and such disclosures are only used for the provision of the services requested by the customer. To fulfil the requirements of applicable legislation, Customate may pass some data relating to customers to external service providers for the purpose of confirming the identity of the customer or for the provision of credit checking the customer.

The security of your Personal Data is important to us, and we strive to implement and maintain reasonable, commercially acceptable security procedures and practices appropriate to the nature of the information we store, in order to protect it from unauthorized access, destruction, use, modification, or disclosure. Your data will be stored on service and provider who are ISO/IEC 27001:2013, PCI DSS, SOC 1 Type II and SOC 2 Type II certified or higher. However, please be aware that no method of transmission over the internet, or method of electronic storage is 100% secure and we are unable to guarantee the absolute security of the Personal Data we have collected from you. If we learn of a security systems breach, we will inform you and the authorities of the occurrence of the breach in accordance with applicable law.

We only retain the Personal Data collected from you for the duration of the service between you and us or, for a limited period as long as we need it to fulfil the purposes for which we have initially collected it unless otherwise required by law. We will retain and use information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Customate is obliged to retain copies of this information for a period defined by the financial crime legislation of the country where the data is being processed. For customer data the legislation currently defines the retention period as starting from the time the agreement between the customer and Customate is terminated however this happens. Data is automatically deleted at the end of the statutory period.

We may employ third party companies to facilitate our Service (“Service Providers”), to perform Service-related services such as payment processing. These third parties might have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Our Service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party services.

Only persons age 18 or older have permission to access our Service. Our Service does not address anyone under the age of 18 (“Children”). We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

This Privacy Policy is effective as of 1 November 2023 and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page. We reserve the right to update or change our Privacy Policy at any time and you should check this Privacy Policy periodically. Your continued use of the Service after we post any modifications to the Privacy Policy on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy. If we make any material changes to this Privacy Policy, we will notify you either through the email address you have provided us or by placing a prominent notice on our website.

If you have any questions about this Privacy Policy, please contact us by visiting the contact details provided on our website. One of the Company’s core values is to uphold responsible and fair business practices. It is committed to promoting and maintaining the highest level of ethical standards in relation to all its business activities. Its reputation for maintaining lawful business practices is of paramount importance and this Policy is designed to preserve these values. The Company therefore has a zero-tolerance policy towards bribery and corruption and is committed to acting fairly and with integrity in all its business dealings and relationships and implementing and enforcing effective systems to counter bribery.