Current as of 02 Dec 2025
Privacy Policy
Your privacy is important to us at Payvaa. We respect your privacy regarding any information we may collect from you across our website.
About this Privacy Policy
1.1. This Privacy Policy explains how Payvaa collects, uses, stores, shares and protects personal data when you use our website, mobile application (the “App”) and services (together, the “Services”).
1.2. “Personal data” means any information relating to an identified or identifiable individual. It does not include anonymised data that can no longer be linked to an individual.
1.3. This Policy applies to individuals who visit our website, use our App or use our Services as senders or as recipients of transfers.
Who we are
2.1. Payvaa operates through a group of companies (together “Payvaa”, “we”, “us”, “our”). The Payvaa entity responsible for your personal data (the “controller”) depends on where you live and which Services you use. It will generally be:
United States: Payvaa, Inc., 4199, 1007 N Orange St, 4th Floor, Wilmington, DE 19801, New Castle County, USA.
Canada: PAYVAA CANADA LTD., 807-130 Spadina Avenue, Toronto, Ontario, Canada, M8V 3W6. In Canada, PAYVAA CANADA LTD. is registered as a Money Services Business (MSB) with the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) under registration number C100001135. More information about the MSB registry is available at: https://fintrac-canafe.canada.ca/msb-esm/reg-eng
European Union (EU): Payvaa Spain, Paseo de Gràcia, 50 (08007) Barcelona Spain.
2.2. These entities are responsible for processing your personal data in connection with the Services in their respective regions and may also act together as joint controllers for some processing activities.
2.3. In this Policy, “you” means any visitor to our website or App, or any user of our Services.
How to contact us about privacy
3.1. If you have any questions about this Privacy Policy, how we process your personal data, or if you wish to exercise your rights, you can contact us at:
Email: contact@payvaa.com (please include “Privacy” in the subject line).
Postal address: Payvaa, Inc., 4199, 1007 N Orange St, 4th Floor, Wilmington, DE 19801, USA (marked “Privacy”).
3.2. We may appoint a Data Protection Officer (DPO) or equivalent contact where required by law. Details will be made available on our website and may be updated from time to time.
Types of personal data we collect
We collect and process different types of personal data depending on how you interact with us.
4.1. Information you provide directly
When you register or use our Services, you may provide:
Identification details: name, date of birth, place of birth, nationality and similar details.
Contact details: postal address, email address, phone number.
Account details: username, login credentials (hashed), security credentials, language preferences.
Identity verification data: copies and details of government-issued ID or passports, selfies or live video for biometric comparison, and any other information needed to verify your identity.
Financial and transaction data: details of the transactions you instruct (amount, currency, recipient, purpose of payment), your funding method (for example, masked card details, bank information), and related records.
Additional documentation: proof of address, proof of income or source of funds, and other documents required to comply with legal obligations.
Communications: records of communications with us, including emails, chat messages, WhatsApp messages and telephone calls (which we may record where permitted by law).
4.2. Information we collect automatically
When you use our website or App, we may automatically collect:
Technical data: IP address, device identifiers, operating system, browser type and version, time zone, language settings.
Usage data: login times, app version, app interaction, pages visited, features used, performance data, error logs.
Location data: approximate location based on IP address and, if you enable it, precise location data from your device (for example, GPS).
4.3. Information we receive from third parties
We may also receive personal data from:
Identity verification and KYC providers;
Payment service providers, card schemes, banks and other financial institutions;
Sanctions and screening databases, fraud prevention agencies and public registers;
Our payout partners in destination countries;
App stores and analytics providers;
Social media or marketing partners, where you interact with our content or grant permissions.
4.4. Information about recipients and third parties
Because we are a remittance and payment service, we may process personal data about:
Recipients of transfers (for example, their name, phone number, bank account or wallet details);
Referees and participants in promotions or campaigns; and
Other individuals involved in a transaction or enquiry.
You must ensure you have the right to share such information with us.
Legal bases for processing
We process your personal data under several legal bases, depending on the context and applicable law, including:
Contract: to enter into and perform our contract with you (for example, to create your account, process transfers and provide customer support). We cannot provide the Services without this processing.
Legal obligation: to comply with our legal and regulatory obligations, including anti-money laundering, counter-terrorist financing, sanctions screening, tax and accounting rules.
Legitimate interests: to operate, improve and protect our business and Services, to prevent fraud and misuse, to conduct analytics, to develop new products, and to send certain communications, where these interests are not overridden by your rights and freedoms.
Consent: where required by law, for example for certain types of marketing, the use of cookies or similar technologies, and some data sharing. You can withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
How we use your personal data
We use your personal data for the following purposes:
6.1. To provide and manage the Services
To create and manage your Payvaa account.
To process and execute your transfers and show you your transaction history.
To provide customer support and handle enquiries, complaints or disputes.
To send you service-related notifications, such as security alerts, transfer confirmations and changes to terms or policies.
6.2. To meet our legal and regulatory obligations
To verify your identity and carry out KYC checks.
To comply with anti-money laundering, counter-terrorist financing and sanctions screening requirements.
To maintain appropriate records for tax, accounting and regulatory purposes.
To respond to lawful requests from authorities and regulators.
6.3. To prevent fraud and protect security
To monitor and analyse transactions and behaviour to detect, investigate and prevent fraud, financial crime and misuse of our Services.
To secure our systems, networks and infrastructure, and to manage access and authentication.
To detect unusual or suspicious activity and apply appropriate controls, including blocking or restricting transactions or accounts.
6.4. To operate, improve and develop our business
To understand how our Services are used and to improve the user experience.
To test, develop and roll out new features, products and services.
To conduct internal analytics, reporting and forecasting.
6.5. Marketing and communications (where permitted)
To send you information about our Services, offers, news and promotions that may be relevant to you.
To conduct surveys, competitions or campaigns.
To personalise some of our communications based on your use of the Services, where permitted by law.
You can opt out of marketing communications at any time (see section 9).
Who we share your personal data with
We do not sell your personal data. We may share your personal data with:
Payvaa group companies: to operate our Services, provide support and comply with legal obligations.
Payment and payout partners: banks, mobile wallet operators, card schemes, payment processors and other financial institutions involved in processing your transfers or funding methods.
Recipients and their providers: certain details (such as your name and sometimes your phone number or message) may be shared with the recipient or their bank/wallet provider as part of the transfer.
Service providers: trusted third parties that help us operate our business, such as:
KYC/identity verification providers;
Fraud prevention and sanctions screening providers;
Cloud hosting and IT providers;
Analytics and business intelligence providers;
Customer support and communication tools (including chat and WhatsApp integration);
Professional advisers, such as lawyers and auditors.
Authorities and regulators: where required by law or where we reasonably believe disclosure is necessary to protect our rights, investigate fraud or respond to lawful requests.
Parties in corporate transactions: in the event of a merger, acquisition, restructuring or sale of some or all of our assets, subject to appropriate safeguards.
Where we share data with third parties acting as our processors, we require them to process personal data only on our instructions and to protect it appropriately. Some third parties, such as certain banks or authorities, may act as independent controllers, with their own privacy obligations.
8.1. Given the global nature of our Services, your personal data may be transferred to, stored in and processed in countries outside your own, including the United States, Canada, EU member states and countries where our payout partners or service providers are located.
8.2. Some of these countries may not provide the same level of data protection as your home country. When we transfer personal data internationally, we implement appropriate safeguards as required by applicable law, such as:
Contractual protections (for example, the European Commission’s standard contractual clauses);
Ensuring that recipients are subject to adequate data protection obligations; and/or
Other legally recognized transfer mechanisms.
8.3. By using our Services, you understand that your personal data may be transferred and processed across borders as described in this Policy.
Marketing communications
9.1. Where permitted by law, we may use your contact details to send you marketing communications by email, SMS, WhatsApp, in-app messages, push notifications or other channels about our Services, promotions, features and events.
9.2. You can stop receiving marketing communications at any time by:
Using the unsubscribe link in emails;
Replying with the appropriate keyword (such as “STOP”) or using equivalent instructions in SMS/WhatsApp messages; or
Changing your preferences in the App or contacting us at contact@payvaa.com.
9.3. Even if you opt out of marketing, we may still send you important service messages, such as security alerts, transactional notifications and updates about this Policy or our User Agreement.
Cookies and similar technologies
10.1. We use cookies and similar technologies on our website and App to:
Make the site and App work properly;
Recognise your device and remember your preferences (for example, language);
Analyse usage and improve performance; and
Support security and fraud prevention.
10.2. Where required by law, we will request your consent for non-essential cookies and provide options to manage your cookie preferences.
10.3. For more information about the cookies we use and how to control them, please refer to our Cookie Policy (which may be provided as a separate document or page).
Automated decision-making
11.1. We may use automated systems to help us make decisions about:
Approving or rejecting applications;
Approving, blocking or flagging transactions;
Applying risk or security rules; and
Detecting unusual or potentially fraudulent behaviour.
11.2. These processes are important to keep our Services safe and to comply with legal and regulatory obligations.
11.3. If an automated decision has a significant effect on you, you may have the right to request human review and to contest the decision, subject to local law. You can contact us at contact@payvaa.com if you believe you have been unfairly affected.
Data retention
12.1. We keep your personal data for as long as necessary to:
Provide the Services;
Comply with our legal and regulatory obligations (including anti-money laundering and financial laws, which often require us to retain data for several years after the end of a relationship);
Resolve disputes and enforce our rights.
12.2. As a regulated financial services provider, we may need to keep certain records for an extended period (for example, several years after your last transaction or after your account is closed), even if you request deletion, where we are legally required to do so.
12.3. When personal data is no longer needed, we will either delete it securely, anonymise it or restrict access to it in line with our data retention standards and applicable law.
Data security
13.1. We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, misuse, alteration or destruction. This includes measures such as:
Encryption of data in transit and at rest where appropriate;
Access controls and authentication;
Secure development practices;
Regular monitoring and security testing.
13.2. No system can be completely secure. While we work hard to protect your personal data, we cannot guarantee absolute security.
13.3. You are responsible for keeping your login details, PINs and devices safe and secure. If you suspect unauthorised access to your account, you must contact us immediately.
Your rights
Depending on your location and applicable law (for example, the EU/UK GDPR or similar regulations), you may have some or all of the following rights in relation to your personal data:
Right of access: to obtain confirmation whether we process your personal data and to request a copy.
Right to rectification: to have inaccurate or incomplete personal data corrected.
Right to erasure: to request deletion of your personal data in certain circumstances (for example, where the data is no longer needed), subject to our legal obligations to retain certain records.
Right to restriction: to request that we limit processing of your personal data in certain situations.
Right to data portability: to receive personal data you provided in a structured, commonly used and machine-readable format and to transmit it to another provider, where technically feasible.
Right to object: to object to certain processing based on legitimate interests or to direct marketing at any time.
Right to withdraw consent: where we rely on consent, you can withdraw it at any time.
Right not to be subject to certain automated decisions: as described in section 11, in some cases.
To exercise your rights, you can contact us at contact@payvaa.com. We may need to verify your identity before acting on your request. Some rights may be limited or may not apply in certain situations, for example where we must comply with legal retention obligations.
You also have the right to lodge a complaint with your local data protection authority if you are not satisfied with our handling of your personal data. We encourage you to contact us first so we can try to resolve your concerns.
Children
15.1. Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from anyone under 18.
15.2. If we become aware that we have collected personal data from a child under 18, we will take reasonable steps to delete that data and, if applicable, close the related account.
Changes to this Privacy Policy
16.1. We may update this Privacy Policy from time to time to reflect changes in our Services, legal requirements or how we process personal data.
16.2. When we make material changes, we will notify you through the App, website, email or other appropriate means and indicate the effective date of the new version.
16.3. Your continued use of the Services after the updated Policy takes effect means you acknowledge the changes. If you do not agree with any changes, you should stop using the Services and, where applicable, close your account.
Contact and complaints
If you have questions, concerns or complaints about this Privacy Policy or our handling of your personal data, you can contact us at:
Email: contact@payvaa.com
Website: https://www.payvaa.com
