MacroPay’s Privacy Policy

Being transparent and providing accessible information to individuals about how we will use their personal data is a key element of our organization. Please read the following privacy policy (“privacy policy”) to understand how we use and protect personal data.

Who we are?

MacroPay SRL (or “MacroPay”, “we”, “us”, “our”) is a limited liability company registered and functioning under the laws of Romania, having its registered address at Calea Motilor 6-8, Cluj-Napoca 400001, Romania, registered with the Cluj Trade Register under no. J12/371/2016, having sole registration no. 34702999.

In this privacy policy, we sometimes refer to “you”. “You” could be a visitor to one of our websites, a user/prospective user (“online merchant” or “merchant”) of our services, or a customer of a user.

What we do?

Together with our partners and affiliates, we are offering services to online merchants, in order for them to accept payments through different alternative payment methods on their websites and to enable their customers to pay for products or services by using such payment methods.

The collection and use of data from a variety of sources is essential to our ability to provide our payments products and services “services”) in a safely manner and is helping us and our partners to reduce the risk of fraud and money laundering. If you disagree with the practices described in this privacy policy, you should not continue to request or to use our services.

  1. Personal data we collect

The personal data may be collected in different ways, when: you visit our website, apply for a merchant account, conduct a transaction on one of our merchants’ website or application through our payment page, contact us by e-mail, you respond to our emails, telephones, questionnaires or surveys. We also may receive information from other sources, such as our merchants, partners, financial service providers, identity verification services and publicly available sources.

Whenever we use your personal data, we will have a legal basis to do this. For example, you have asked us to provide our services, we have a legal obligation to do so or a legitimate interest in using your personal data, and/or the processing is necessary for the performance of a task carried out in the public interest.

The personal data that we may collect includes: merchant personal data, such as name, address, telephone number, e-mail address, ID/Passport details regarding the merchant’s legal representatives, shareholders, ultimate beneficial owners that are natural persons (such data is collected before entering in a contractual relationship with us and during such relationship); (b) customers name and contact details and financial data (such data may be collected through the payment page or when making a transaction or received from the merchant from whom you buy goods or services).

Also we might collect certain information through cookies and other technologies that record data about the use of our websites and the use of our services, such as: (i) browser and device data, such as IP address, device type, operating system and Internet browser type, operating system name and version, device manufacturer and model, language, plug-ins, add-ons; (ii) transaction data, such as purchases, purchase amount, date of purchase, and payment method; (iii) cookie and tracking technology data, such as time spent on the services, pages visited, language preferences, and other anonymous traffic data. In the EEA countries, such information might be treated as “personal data” under applicable data protection laws. Where this is the case, we will process such information only for the same purposes as personal data under this privacy policy.

  1. How we use information we collect

We use information we collect about you to provide you with the services we offer, to detect and prevent fraud, to promote, analyse and improve our products and services or to notify you about changes to our products and services.

These are examples of how we may use personal data: (i) process payment transactions and provide our services; (ii) verify identity for compliance purposes; (iii) evaluate an application from a prospective merchant to use our services; (iii) manage risk, or to detect, prevent, and/or mitigate fraud or other potentially illegal or prohibited activities; (iv) respond to inquiries and provide customer support (for example in relation to chargebacks or returns); (v) for audits, regulatory purposes, and compliance with industry standards; (vi) to send marketing communications to you; (vii( to develop new products and to improve or modify our services.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data, like: public interest, legal obligation (necessary for compliance with a legal or regulatory obligation), performance of a contract (necessary for the performance of a contract to which you are a party or to take steps at your request prior to entering into a contract) when you gave us your consent to do so or our legitimate interest.

  1. Disclosure of information

Generally, we collect, store and process personal data on servers located in the European Union. We might share your personal data with our partners and contractors, including: (i) affiliated entities that we control or are under common control, to provide our services; (ii) services providers who enable us to provide the services, with things like payment processing (such as, financial institutions, alternative payment method operators, processors, acquiring banks), website hosting, information technology and related infrastructure, customer service, email delivery, fraud prevention and risk mitigation; (iii) alternative payment method schemes to provide our services under their rules and regulations; and (iv) our merchants, as necessary to process transactions or provide the services (for example transaction information about the purchases made by customers through our services). We may also disclose your personal data to third parties if we are under a duty to disclose or share your personal data in order to comply with a legal obligation or a court order.


  1. Cross-Border transfer

The personal data that we collect from you, and which is shared with the third parties mentioned above, may be transferred to and processed in a destination outside of the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for us or one of our suppliers. In these circumstances, your personal information will only be transferred on one of the following bases: (i) the country that we send the data is approved by the European Commission as providing an adequate level of protection for personal information; or (ii) the recipient has agreed with us standard contractual clauses approved by the European Commission, obliging the recipient to safeguard the personal information; or (iii) there exists another situation where the transfer is permitted under applicable data protection legislation (for example, where a third-party recipient of personal data in the United States has registered for the EU-US Privacy Shield).

  1. Security

We maintain appropriate administrative, technical and physical safeguards to protect personal information against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access, use, and all other unlawful forms of processing of the personal data in our possession.


  1. Data retention period

We will retain personal data for the period necessary to fulfil the purposes outlined in this privacy policy unless a longer retention period is required or permitted by law. Please note that we have a variety of obligations to retain the data that you provide to us, including to ensure that transactions can be appropriately processed, settled, refunded or charged-back, to help identify fraud and to comply with anti-money laundering and other laws and rules that might apply to us and to our financial service providers. If your merchant account is closed, we reserve our ability to retain and access the certain data for so long as required to comply with applicable laws or alternative payment method rules. When we no longer need to retain your personal data, it will be deleted or be anonymized so that you can no longer be identified from it.


  1. Third party websites

Our websites may, from time to time, contain links to and from the websites of third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these third party websites.

  1. Your choices and rights

If you no longer want to receive marketing-related emails from us, you may opt-out via the unsubscribe link included in such emails. We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out of receiving marketing-related emails from us, we may still send you important administrative messages that are required to provide you with our services.

Generally, you have certain rights under the applicable data protection legislation in respect to your personal data (right of access, right to rectification, right to restriction, right to opposition, erasure, right to data portability, or right to make a complaint to the national competent authority). If you would like to review, correct, or update personal data that you have previously disclosed to us, you may do so by signing in to your merchant account or by contacting us at:

If emailing us your request, please make clear in the email what personal data would like to have changed. Note that we may have to review your identity and full details of your request, before we process any request. We will try to comply with your request as soon as reasonably practicable.


  1. Use of services by minors

Our services are not directed to children we request that they not provide personal data through the services. We do not knowingly collect information, including personal data, from children or other individuals who are not legally able to use our services, including our sites.

  1. Data processor

We might process personal data about the customers when acting as the merchant’s services provider. Our merchants are responsible for making sure that the customer’s privacy rights are respected, including ensuring appropriate disclosures about third party data collection and use. To the extent that we are acting as a merchant’s data processor, we will process personal data in accordance with the terms of our agreement with the merchant, the merchant’s lawful instructions and applicable data protection legislation and rules.


  1. Changes to our privacy policy

We may amend this privacy policy from time to time. Any changes we may make to our privacy policy in the future will be posted on our website and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.


  1. Contact us

If you have any questions or comments concerning this privacy policy please e-mail us at: or at the following address: Calea Motilor 6-8, Cluj-Napoca 400001, Romania.