Wollankstr. 109, 13187, Berlin
The operators of these sites take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations as well as this data protection statement.The use of our website is normally possible without giving personal data. If personal data (for example, name, address or e-mail addresses) are collected on our pages, this is always done on a voluntary basis as far as possible. These data will not be passed on to third parties without your express consent.
We would like to point out that data transmission on the Internet (for example, when communicating via e-mail) can present security gaps. A complete
Protection of the data before access by third parties is not possible.
Server log files
The provider of the pages automatically collects and saves information in so called
Server log files, which your browser automatically transmits to us. These are:
- Browser type and browser version
- Operating system
- Referrer URL
- Hostname of the accessing computer
- Time of server request
These data can not be attributed to specific persons. This data is not merged with other data sources. We reserve the right to check these data at a later date, if we are aware of any specific indications for unlawful use.
If you send us inquiries by means of a contact form, your information from the inquiry form, including the contact details you provide, will be stored with us for the purpose of processing the inquiry and for the case of connection questions. We do not pass on this data without your consent.
Legal basis Data protection regulation
We further point out that you are the future processing of your personal data in accordance with the statutory requirements. Art. 21 DSGVO can contradict at any time. The objection may in particular be made against processing for direct marketing purposes.
PayPal has developed this Privacy Statement to explain how we may collect, retain, process, share and transfer your Personal Data when you visit our Sites or use our Services. This Privacy Statement applies to your Personal Data when you visit Sites or use Services, and does not apply to online websites or services that we do not own or control, including websites or services of other PayPal Users.
For the avoidance of doubt, this Privacy Statement does not constitute a “framework contract” for the purpose of the EU Payment Services Directive (2007/64/EC) or any implementation of that Directive in the European Economic Area.
This Privacy Statement is designed to help you obtain information about our privacy practices and to help you understand your privacy choices when you use our Sites and Services. Please note that our Service offerings may vary by region. This Privacy Statement may be supplemented with additional notices depending on the Sites and Services concerned. Supplementary information can be found in the Statement on Cookies and Tracking Technologies and the Banking Regulations Notice.
We have defined some terms that we use throughout the Privacy Statement. You can find the meaning of a capitalised term in the Definitionssection.
Please contact us if you have questions about our privacy practices that are not addressed in this Privacy Statement.
2. What Personal Data Do We Collect?
We collect Personal Data about you when you visit our Sites or use our Services, including the following:
- Registration and use information – When you register to use our Services by establishing an Account, we will collect Personal Data as necessary to offer and fulfil the Services you request. Depending on the Services you choose, we may require you to provide us with your name, postal address, telephone number, email address and identification information to establish an Account. We may require you to provide us with additional Personal Data as you use our Services.
- Transaction and experience information – When you use our Services or access our Sites, for example, to make purchases from merchants, to receive money, to process payments, or to send money to friends and family, we collect information about the transaction, as well as other information associated with the transaction such as amount sent or requested, amount paid for products or services, merchant information, including information about any funding instruments used to complete the transaction, Device Information, Technical Usage Data, and Geolocation Information.
- Participant Personal Data – When you use our Services or access our Sites, we collect Personal Data you provide us about the other participants associated with the transaction.
- Send or request money: When you send or request money through the Services, we collect Personal Data such as name, postal address, telephone number, and financial account information about the participant who is receiving money from you or sending money to you. The extent of Personal Data required about a participant may vary depending on the Services you are using to send or request money.
- Pay or request someone else to pay a bill: If you use our Services to pay a bill for the benefit of someone else, or if you request a User to pay a bill for you, we collect Personal Data from you about the account holder such as name, postal address, telephone number, email address, and account number of the bill that you intend to pay or request to be paid.
- Add value to your accounts: If you use our Services to add value to your Account or any other account you may have, or if you ask a User to add value to any of these accounts, we may collect Personal Data from you about the other party, or from the other party about you to facilitate the request. For example, if you use our Services to reload a mobile phone, or to request value be added to your mobile account, we may collect Personal Data and other information including mobile account number from the other participant.
- Personal Data about your friends and contacts – It may be easier for us to help you transact with your friends and contacts if you choose to connect your contact list information with your account. If you establish an account connection between your device or a social media platform and your Account, we will use your contact list information (such as name, address, email address) to improve your experience when you use our Services.
- Personal data that you choose to provide us to obtain additional Services or specific online Services – If you request or participate in an optional Site feature, or request enhanced Services or other elective functionality, we may collect additional information from you. We will provide you with a separate notice at the time of collection, if the use of that Personal Data differs from the uses disclosed in this Privacy Statement.
- Personal Data about you if you use the Service “Checkout without a PayPal account” – Certain limited Services are available without being required to log in to or establish an Account, also referred to as Checkout without a PayPal account. We will collect Personal Data, information about any funding instrument used, Device Information, Technical Usage Data, and Geolocation Information as necessary to complete the transaction. If you are an Account holder and choose to engage in a Checkout without a PayPal account, we will collect information about the transaction and associate it with your Account as part of our compliance and analytics operations. If you are not an Account holder and choose to engage in a Checkout without a PayPal account, we will collect and store all information you provide and use such information in accordance with this Privacy Statement.
- Personal Data about you from third-party sources – We obtain information from third-party sources such as merchants, data providers, and credit bureaus, where permitted by law.
- Other information we collect related to your use of our Sites or Services – We may collect additional information from or about you when you communicate with us, contact our customer support teams or respond to a survey.
3. Why Do We Retain Personal Data?
We retain Personal Data in an identifiable format for the least amount of time necessary to fulfill our legal or regulatory obligations and for our business purposes. We may retain Personal Data for longer periods than required by law if it is in our legitimate business interests and not prohibited by law. If your Account is closed, we may take steps to mask Personal Data and other information, but we reserve our ability to retain and access the data for so long as required to comply with applicable laws. We will continue to use and disclose such Personal data in accordance with this Privacy Statement.
The cookies we use have defined expiration times; unless you visit our Sites or use our Services within that time, the cookies are automatically disabled and retained data is deleted. Please consult our Statement on Cookies and Tracking Technologies for more information.
4. How Do We Process Personal Data?
We may Process your Personal Data for a variety of reasons that are justified under data protection laws in the European Economic Area (EEA) and Switzerland.
- To operate the Sites and provide the Services, including to:
- initiate a payment, send or request money, add value to an account, or pay a bill;
- authenticate your access to an Account;
- communicate with you about your Account, the Sites, the Services, or PayPal;
- create an account connection between your Account and a third-party account or platform;
- perform creditworthiness and other financial standing checks, evaluate applications, and compare information for accuracy and verification purposes; and
- keep your Account and financial information up to date.
- To manage our business needs, such as monitoring, analysing, and improving the Services and the Sites’ performance and functionality. For example, we analyse User behavior and perform research about the way you use our Services.
- To manage risk and protect the Sites, the Services and you from fraud by verifying your identity PayPal’s risk and fraud tools use Personal Data, Device Information, Technical Usage Data and Geolocation from our Sites and websites that offer PayPal Services to help detect and prevent fraud and abuse of the Services.
- To comply with our obligations and to enforce the terms of our Sites and Services, including to comply with all applicable laws and regulations.
- For our legitimate interests, including to:
- enforce the terms of our Sites and Services;
- manage our everyday business needs, such as monitoring, analysing;
- manage risk, fraud and abuse of PayPal Services;
- anonymise Personal data in order to provide aggregated statistical data to third parties, including other businesses and members of the public, about how, when, and why Users visit our Sites and use our Services; and
- provide personalised Services (also called interest-based marketing) offered by PayPal on third-party websites and online services. We may use your Personal Data and other information collected in accordance with this Privacy Statement to provide a targeted display, feature or offer to you on third-party websites.
- With your consent, including to:
- To market to you about PayPal products and Services and the products and services of unaffiliated businesses. We may also Process your Personal Data to tailor the marketing content and certain Services or Site experiences to better match your interests on PayPal and other third-party websites.
- To provide you with location-specific options, functionality or offers if you elect to share your Geolocation Information through the Services. We will use this information to enhance the security of the Sites and Services and provide you with location-based Services, such as advertising, search results, and other personalised (also called interest-based marketing) content.
- To make it easier for you to find and connect with others, we may use your information you have shared with the Service to suggest connections between you and people you may know. For example, we may associate information that we learn about you through your and your contacts’ use of the Services, and information you and others provide to suggest people you may know or may want to transact with through our Services. Social functionality and features designed to simplify your use of the Services with others vary by Service.
- To respond to your requests, for example to contact you about a question you submitted to our customer service team.
You can withdraw your consent at any time and free of charge. Please refer to the section on “Your Privacy Choices” for more information on how to do that.
5. Do We Share Personal Data?
We may share your Personal Data or other information about you with others in a variety of ways as described in this section of the Privacy Statement. We may share your Personal Data or other information for the following reasons:
With other members of the PayPal corporate family: We may share your Personal Data with members of the PayPal family of entities to, among other things, provide the Services you have requested or authorised; to manage risk; to help detect and prevent potentially illegal and fraudulent acts and other violations of our policies and agreements and to help us manage the availability and connectivity of PayPal products, Services, and communications.
With other companies that provide services to us: We share Personal Data with third-party service providers that perform services and functions at our direction and on our behalf. These third-party service providers may, for example, provide you with Services, verify your identity, assist in processing transactions, send you advertisements for our products and services, or provide customer support.
With other financial institutions: We share Personal Data with other financial institutions that we have partnered with to jointly create and offer a product. These financial institutions may only use this information to market and offer PayPal-related products, unless you have given consent for other uses. We may also share Personal Data to process transactions, provide you with benefits associated with your eligible cards, and keep your financial information up to date.
With the other parties to transactions when you use the Services, such as other Users, merchants, and their service providers: We may share information about you and your Account with the other parties involved in processing your transactions. This includes other Users you are sending or receiving funds from, and merchants and their service providers. The information might include:
- Personal Data and Account information necessary to facilitate the transaction;
- Personal Data to help other participant(s) resolve disputes and detect and prevent fraud; and
- Anonymous data and performance analytics to help merchants better understand the uses of our Services and to help merchants enhance Users’ experiences.
With other third parties for our business purposes or as permitted or required by law: We may share information about you with other parties for PayPal’s business purposes or as permitted or required by law, including:
- if we need to do so to comply with a law, legal process or regulations;
- to law enforcement authorities or other government officials, or other third parties pursuant to a subpoena, a court order or other legal process or requirement applicable to PayPal or PayPal’s corporate family;
- if we believe, in our sole discretion, that the disclosure of Personal Data is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity;
- to protect the vital interests of a person;
- with credit agencies and data processors for credit reference checks and anti-fraud and compliance purposes;
- to investigate violations of or enforce a user agreement or other legal terms applicable to any Service;
- to protect our property, Services and legal rights;
- to facilitate a purchase or sale of all or part of PayPal’s business;
- in connection with shipping and related services for purchases made using a Service;
- to help assess and manage risk and prevent fraud against us, our Users and fraud involving our Sites or use of our Services, including fraud that occurs at or involves our business partners, strategic ventures, or other individuals, and merchants, such as eBay, Inc.;
- to banking partners as required by card association rules for inclusion on their list of terminated merchants;
- to credit reporting and collection agencies;
- to companies that we plan to merge with or be acquired by; and
- to support our audit, compliance, and corporate governance functions.
With your consent: We also will share your Personal Data and other information with your consent or direction, including if you authorise an account connection with a third-party account or platform.
In addition, PayPal may provide aggregated statistical data to third-parties, including other businesses and members of the public, about how, when, and why Users visit our Sites and use our Services. This data will not personally identify you or provide information about your use of the Sites or Services. We do not share your Personal Data with third parties for their marketing purposes without your consent.
6. How Do We Work with Other Services and Platforms?
A significant benefit and innovation of PayPal’s Services is that you can connect your Account with a third-party account or platform. For the purposes of this Privacy Statement, an “account connection” with such a third-party is a connection you authorise or enable between your Account and a non-PayPal account, payment instrument, or platform that you lawfully control or own. When you authorise such a connection, PayPal and the third-party will exchange your Personal Data and other information directly. Examples of account connections include:
- linking your Account to a social media account or social messaging service;
- connecting your Account to a third-party data aggregation or financial services company, if you provide such company with your Account log-in credentials; or
- using your Account to make payments to a merchant or allowing a merchant to charge your Account.
If you choose to create an account connection, we may receive information from the third-party about you and your use of the third-party’s service. For example, if you connect your Account to a social media account, we will receive Personal Data from the social media provider via the account connection. If you connect your Account to other financial accounts, directly or through a third-party service provider, we may have access to your account balance and transactional information, such as purchases and funds transfers. We will use all such information that we receive from a third-party via an account connection in a manner consistent with this Privacy Statement.
Information that we share with a third-party based on an account connection will be used and disclosed in accordance with the third-party’s privacy practices. Before authorising an account connection, you should review the privacy notice of any third-party that you authorised to have an account connection that will gain access to your Personal Data as part of the account connection. For example, Personal Data that PayPal shares with a third-party account or platform such as a social media account may in turn be shared with certain other parties, including the general public, depending on the account’s or platform’s privacy practices.
7. International transfers
Our operations are supported by a network of computers, cloud-based servers, and other infrastructure and information technology, including, but not limited to, third-party service providers.
The parties mentioned above may be established in jurisdictions other than your own and outside the European Economic Area and Switzerland. These countries do not always afford an equivalent level of privacy protection. We have taken specific steps, in accordance with EEA data protection law, to protect your Personal Data. In particular, for transfers of your Personal Data within PayPal related companies, we rely on Binding Corporate Rules approved by competent Supervisory Authorities (available here). Other transfers may be based on contractual protections. Please contact us for more information about this.
If you make transactions with parties outside the EEA or Switzerland or connect our Service with platforms, such as social media, outside the EEA or Switzerland, we are required to transfer your Personal Data with those parties in order to provide the requested Service to you.
Do Not Track (DNT) is an optional browser setting that allows you to express your preferences regarding tracking by advertisers and other third-parties. We do not respond to DNT signals.
9. What Privacy Choices Are Available To You?
You have choices when it comes to the privacy practices and communications described in this Privacy Statement. Many of your choices may be explained at the time you sign up for or use a Service or in the context of your use of a Site. You may be provided with instructions and prompts within the experiences as you navigate the Services.
- Choices Relating to the Personal Data We Collect
- Personal Data. You may decline to provide Personal Data when it is requested by PayPal, but certain Services or all of the Services may be unavailable to you.
- Location and other device-level information. The device you use to access the Sites or Services may collect information about you, including Geolocation Information and User usage data that PayPal may then collect and use. For information about your ability to restrict the collection and use of such information, please use the settings available in the device.
- Choices Relating to Our Use of Your Personal Data
- Online Tracking and Interest-Based Marketing. We work with partners and third-party service providers to serve you advertising using ad-related cookies and web beacons. You can opt-out of third-party advertising-related cookies and web beacons, in which case our advertising should not be targeted to you. You will continue to see our advertising on third party websites.
- For more information on third-party advertising-related cookies and interest-based marketing, and to learn how to opt-out of these practices with companies participating in industry self-regulation, please visit Your Online Choices.
- Finding and connecting with others. If available, you may manage your preferences for finding and connecting with others from your account of the Service you use.
- Online Tracking and Interest-Based Marketing. We work with partners and third-party service providers to serve you advertising using ad-related cookies and web beacons. You can opt-out of third-party advertising-related cookies and web beacons, in which case our advertising should not be targeted to you. You will continue to see our advertising on third party websites.
- Choices Relating to Account Connections
- If you authorise an account connection to a third-party account or platform, such as a social media account, you may be able to manage your connection preferences from your Account or the third-party account or platform. Please refer to the privacy notice that governs the third-party platform for more information on the choices you may have.
- Choices Relating to Cookies
- You may have options available to manage your cookies preferences. For example, your browser or internet device may allow you delete, disable, or block certain cookies and other tracking technologies. You can learn more by visiting AboutCookies.org. You may choose to enable these options, but doing so may prevent you from using many of the core features and functions available on a Service or Site.
- You can learn more about our cookies and tracking technologies by visiting the Statement on Cookies and Tracking Technologies page.
- Choices Relating to Your Registration and Account Information
- If you have an Account, you generally may review and edit Personal Data by logging in and updating the information directly or by contacting us.Contact us if you do not have an Account or if you have questions about your Account information or other Personal Data.
- Choices Relating to Communication
- Notices, Alerts and Updates from Us:
- Marketing: We may send you marketing content about our Sites, Services, products, products we jointly offer with financial institutions, as well as the products and services of unaffiliated third parties and members of the PayPal corporate family through various communication channels, for example, email, text, pop-ups, push notifications, and messaging applications. You may opt out of these marketing communications we send by following the instructions in the communications you receive. If you have an Account with us, you may also adjust your communication preferences in your Account settings. For messages sent via push notifications, you may manage your preferences in your device.
- Informational and Other: We will send communications to you that are required or necessary to send to Users of our Services, notifications that contain important information and other communications that you request from us. You may not opt out of receiving these communications. However, you may be able to adjust the media and format through which you receive these notices.
10. What Are Your Rights?
Subject to limitations set out in EEA data protection laws, you have certain rights in respect of your Personal Data. In particular, you have a right of access, rectification, restriction, opposition, erasure and data portability. Please contact us if you wish to exercise these rights. If you wish to complete an access request to all personal data that PayPal holds on you, please note that photo identity will be required to prove your identity.
If you have an Account with any of our Services, you generally can review and edit Personal Data in the Account by logging in and updating the information directly. We may use automated decision-making for decisions concerning credit with your consent or where necessary for the entry into or performance of a contract or authorised by Union or Member state law.
Please contact us if you require more information on automated-decision making.
11. How Do We Protect Your Personal Data?
We maintain technical, physical, and administrative security measures designed to provide reasonable protection for your Personal Data against loss, misuse, unauthorised access, disclosure, and alteration. The security measures include firewalls, data encryption, physical access controls to our data centres, and information access authorisation controls. While we are dedicated to securing our systems and Services, you are responsible for securing and maintaining the privacy of your password(s) and Account/profile registration information and verifying that the Personal Data we maintain about you is accurate and current. We are not responsible for protecting any Personal Data that we share with a third-party based on an account connection that you have authorised.
12. Can Children Use Our Services?
The Sites and Services are not directed to children under the age of majority, as defined by applicable law in your country of residence. We do not knowingly collect information, including Personal Data, from children or other individuals who are not legally able to use our Sites and Services. If we obtain actual knowledge that we have collected Personal Data from a child under the age of majority, we will promptly delete it, unless we are legally obligated to retain such data.Contact us if you believe that we have mistakenly or unintentionally collected information from a child under the age of majority.
13. What Else Should You Know?
Changes to this Privacy Statement.
We may revise this Privacy Statement from time to time to reflect changes to our business, the Sites or Services, or applicable laws. The revised Privacy Statement will be effective as of the published effective date.
If the revised version includes a substantial change, we will provide you with 30 days prior notice by posting notice of the change on the “Policy Update” page of our website. We also may notify Users of the change using email or other means.
14. Contact Us
You may contact us if you have general questions or concerns about this Privacy Statement and supplemental notices or the way in which we handle your Personal Data.
We want to make sure your questions go to the right place:
If you are not satisfied by the way in which we address your concerns, you have the right to lodge a complaint with the Supervisory Authority for data protection in your country.
Our Data Protection Officer can be contacted at email@example.com or PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal L-2449, Luxembourg.
- Account means a PayPal or Xoom member account.
- Device Information means data that can be automatically collected from any device used to access the Site or Services. Such information may include, but is not limited to, your device type; your device’s network connections; your device’s name; your device IP address; information about your device’s web browser and internet connection you use to access the Site or Services; Geolocation Information; information about apps downloaded to your device; and biometric data.
- Geolocation Information means information that identifies, with reasonable specificity, your location by using, for instance, longitude and latitude coordinates obtained through GPS or Wi-Fi or cell site triangulation.
- Checkout without a PayPal Account means a person’s Use of the Services without logging into and/or establishing an Account.
- PayPal means PayPal (Europe) S.a.r.l. et Cie, S.C.A. and subsidiaries or affiliates. In this Privacy Statement, PayPal is sometimes referred to as “we,” “us,” or “our,” depending on the context.
- Personal Data means information that can be associated with an identified or directly or indirectly identifiable natural person. “Personal Data” can include, but is not limited to, name, postal address (including billing and shipping addresses), telephone number, email address, payment card number, other financial account information, account number, date of birth, and government-issued credentials (e.g., driver’s license number, national ID, passport number).
- Process means any method or way that we handle Personal Data or sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, and consultation, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of Personal Data.
- Services means any products, services, content, features, technologies, or functions, and all related websites, applications and services offered to you by PayPal with an Account or Checkout without a PayPal Account.
- Sites means the websites, mobile apps, official social media platforms, or other online properties through which PayPal offers the Services and which has posted or linked to this Privacy Statement.
- Technical Usage Data means information we collect from your phone, computer or other device that you use to access the Sites or Services. Technical Usage Data tells us how you use the Sites and Services, such as what you have searched for and viewed on the Sites and the way you use our Services, including your IP address, statistics regarding how pages are loaded or viewed, the websites you visited before coming to the Sites and other usage and browsing information collected through Cookies.
- User means an individual who uses the Services or accesses the Sites and has established a relationship with PayPal (for example, by opening an Account and agreeing to the PayPal or Xoom User Agreement) or otherwise uses the Services as a buyer, seller or other type of participant to a transaction, including a Checkout without a PayPal Account.
The information provided in this section may be specific to customers depending on your region or is provided to PayPal from third parties whom you may interact with when using the Services. You can contact us if you have any questions about the details in this section.
- Banking Regulations Notice for Customers in the EEA
- Use of your personal data by Credit Reference Agencies in Germany
- Google ReCaptacha
Banking Regulations Notice for Customers in the EEA and Switzerland
In general, the Luxembourg laws to which PayPal’s handling of user data is subject (data protection and bank secrecy) require a higher degree of transparency than most other EU laws. This is why, unlike the vast majority of providers of internet-based services or financial services in the EU, PayPal has listed in this Privacy Statement the third party service providers and business partners to whom we may disclose your data, together with the purpose of disclosure and type of information disclosed. You will find a link to those third parties here. By accepting this Privacy Statement and maintaining an account with PayPal, you expressly consent to the transfer of your data to those third parties for the purposes listed.
PayPal may update the list of third parties referred to above every quarter (January 1st, April 1st, July 1st and October 1st). PayPal will only start transferring any data to any of the new entities or for the new purposes or data types indicated in each update after 30 days from the date when that list is made public through this Privacy Statement. You should review the list each quarter on the PayPal website on the dates stated above. If you do not object to the new data disclosure, within 30 days after the publication of the updated list of third parties, you are deemed to have accepted the changes to the list and to this Privacy Statement. If you do not agree with the changes, you may close your account and stop using our services.
In order to provide the PayPal Services, certain of the information we collect (as set out in this Privacy Statement) may be required to be transferred to other PayPal related companies or other entities, including those referred to in this section in their capacity as payment providers, payment processors or account holders (or similar capacities). You acknowledge that according to their local legislation, such entities may be subject to laws, regulations, inquiries, investigations, or orders which may require the disclosure of information to the relevant authorities of the relevant country. Your use of the PayPal Services constitutes your consent to our transfer of such information to provide you the PayPal Services.
Specifically, you consent to and direct PayPal to do any and all of the following with your information:
- Disclose necessary information to: the police and other law enforcement agencies; security forces; competent governmental, intergovernmental or supranational bodies; competent agencies, departments, regulatory authorities, self-regulatory authorities or organisations (including, without limitation, the Agencies referenced in the “Agencies” section of the Third Party Provider List here) and other third parties, including PayPal Group companies, that (i) we are legally compelled and permitted to comply with, including but without limitation the Luxembourg laws of 24 July 2015 on the US Foreign Account Tax Compliance Act (“FATCA Law”) and 18 December 2015 on the OECD common reporting standard (“CRS Law”); (ii) we have reason to believe it is appropriate for us to cooperate with in investigations of fraud or other illegal activity or potential illegal activity, or (iii) to conduct investigations of violations of our User Agreement (including without limitation, your funding source or credit or debit card provider).If you are covered by the FATCA or CRS Law, we are required to give you notice of the information about you that we may transfer to various authorities. Please read more about PayPal’s obligations under the FATCA and CRS Law and how they could affect you as well as take note of the information we may disclose as result.We and other organisations, including parties that accept PayPal, may also share, access and use (including from other countries) necessary information (including, without limitation the information recorded by fraud prevention agencies) to help us and them assess and to manage risk (including, without limitation, to prevent fraud, money laundering and terrorist financing). Please contact us if you want to receive further details of the relevant fraud prevention agencies. For more information on these Agencies, fraud prevention agencies and other third parties, click here.
- Disclose Account Information to intellectual property right owners if under the applicable national law of an EU member state they have a claim against PayPal for an out-of-court information disclosure due to an infringement of their intellectual property rights for which PayPal Services have been used (for example, but without limitation, Sec. 19, para 2, sub-section 3 of the German Trademark Act or Sec. 101, para 2, sub-section 3 of the German Copyright Act).
- Disclose necessary information in response to the requirements of the credit card associations or a civil or criminal legal process.
- If you as a merchant use a third party to access or integrate PayPal, we may disclose to any such partner necessary information for the purpose of facilitating and maintaining such an arrangement (including, without limitation, the status of your PayPal integration, whether you have an active PayPal account and whether you may already be working with a different PayPal integration partner).
- Disclose necessary information to the payment processors, auditors, customer services providers, credit reference and fraud agencies, financial products providers, commercial partners, marketing and public relations companies, operational services providers, group companies, agencies, marketplaces and other third parties listed here. The purpose of this disclosure is to allow us to provide PayPal Services to you. We also set out in the list of third parties, under each ” Category”, non-exclusive examples of the actual third parties (which may include their assigns and successors) to whom we currently disclose your Account Information or to whom we may consider disclosing your Account Information, together with the purpose of doing so, and the actual information we disclose (except as explicitly stated, these third parties are limited by law or by contract from using the information for secondary purposes beyond the purposes for which the information was shared).
- Disclose necessary information to your agent or legal representative (such as the holder of a power of attorney that you grant, or a guardian appointed for you).
- Disclose aggregated statistical data with our business partners or for public relations. For example, we may disclose that a specific percentage of our users live in Manchester. However, this aggregated information is not tied to personal information.
- Share necessary Account Information with unaffiliated third parties (listed here) for their use for the following purposes:
- Fraud Prevention and Risk Management: to help prevent fraud or assess and manage risk. For example, if you use the PayPal Services to buy or sell goods using eBay Inc, or its affiliates (“eBay”), we may share Account Information with eBay in order to help protect your accounts from fraudulent activity, alert you if we detect such fraudulent activity on your accounts, or evaluate credit risk.As part of our fraud prevention and risk management efforts, we also may share necessary Account Information with eBay in cases where PayPal has placed a hold or other restriction on your account based on disputes, claims, chargebacks or other scenarios regarding the sale or purchase of goods. Also, as part of our fraud prevention and risk management efforts, we may share Account Information with eBay to enable them to operate their programmes for evaluating buyers or sellers.
- Customer Service: for customer service purposes, including to help service your accounts or resolve disputes (e.g., billing or transactional).
- Shipping: in connection with shipping and related services for purchases made using PayPal.
- Legal Compliance: to help them comply with anti-money laundering and counter-terrorist financing verification requirements.
- Service Providers: to enable service providers under contract with us to support our business operations, such as fraud prevention, bill collection, marketing, customer service and technology services. Our contracts dictate that these service providers only use your information in connection with the services they perform for us and not for their own benefit.
Use of your personal data by Credit Reference Agencies in Germany
Why do we need credit scores?
Some PayPal Services require that we make advance payments and therefore take creditworthiness risk in relation to our customers (for example in case you pay with direct debit, or in connection with a credit product of PayPal). Therefore it is necessary, that we confirm the willingness and ability to pay of our customers for the purpose of certain services, by requesting creditworthiness information. This helps us in making the decision whether we can offer the product to the customer.
Why do we share personal data with credit reference agencies?
We share your information (name, address, and date of birth, bank account details) for purposes of credit checks, for the acquisition of information to assess the risk of default based on mathematical methods utilising address data, and for verifying your address.
The legal bases for such transmissions are found in Article 6, paragraph 1, letter b and Article 6, paragraph 1, letter f of the EU General Data Protection Regulation (“EU GDPR”). Information may be shared on the basis of these provisions only insofar as doing so is necessary to safeguard the legitimate interests of PayPal or third parties and where this does not override the data subject’s interests or fundamental rights and freedoms that require the protection of personal data.
Detailed information on ICD within the meaning of Article 14 of the EU GDPR, i.e., information on the business purpose, on the purposes for storing data, on the data recipients, on the data subject’s right to obtain information, on the right to have information deleted or corrected, etc. can be found at the links in the table below provided by the Credit Reference Agencies.
Please see the table below for links to the credit reference agencies for more information on how they use your data and how to contact them.
How to Find Out More
You can contact credit reference agencies currently operating in Germany and ask them about the information they have stored about you.
|Name of credit reference agency and seat||Address, contact details to obtain information on what data are stored about a consumer|
|Accumio Finance Services GmbH||Accumio Finance Services GmbH
Customer Care Services Center
– Selbstauskunft Auskunftei –
Postfach 11 02 54
|CEG Creditreform Boniversum GmbH||Creditreform Boniversum GmbH
|CRIF Bürgel GmbH||CRIF Bürgel GmbH
– Niederlassung Zentrale –
|SCHUFA Holding AG||SCHUFA Holding AG
See more here
|infoscore Consumer Data GmbH/Arvato||infoscore Consumer Data GmbH
What Data will be sent to the credit reference agency for obtaining the Score? What data will remain with the database of the credit reference agency?
In cases where PayPal has requested a credit score about you with such credit reference agency, information may be provided to the credit reference agencies on a subsequent “negative behavior” on your side, i.e. certain instances of breaches of our contract. This includes where you have not paid an outstanding amount on your PayPal account despite there being several reminders, or any enforcement measures taken against you. This information will only be transferred if this is required in the legitimate interest of PayPal, the credit reference agency or their customers, and if no reason exists to believe that your justified interest in not transferring this information would prevail.
This information will be stored in the data base of the credit reference agency and may be used to determine a scoring value with the agency, as specified below.
How a credit reference agency uses data about “negative behavior” and use of address data for credit scores
The credit reference agency stores and uses the information received. The use includes the calculation of a probability value on the basis of the data available to the agency, to assess the credit risk (score). For the calculation of the score the credit reference agency may, on the basis of a mathematical-statistical procedure, also use address data. The data received may be transferred to contract partners in the European Area and Switzerland, in order to give these persons information for the assessment of creditworthiness of individuals. Contract partners of the credit reference agency are companies, which bear, on the basis of their services, financial credit risk (in particular financial institutions, credit card companies and leasing companies, but also traders, telecommunication companies, and energy suppliers, insurances and debt collection agencies). The credit reference agency will only make available the information to these customers, if they can establish a legitimate interest in the individual case, to require such information, and the transfer of such information is permitted after weighting all involved interests. Therefore, the information made available may vary between contract partners of the credit reference agency.
ReCaptcha is only used to fight spam and abuse.
Like most website operators, WordPress.org collects non-personally-identifying information of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. WordPress.org’s purpose in collecting non-personally identifying information is to better understand how WordPress.org’s visitors use its website. From time to time, WordPress.org may release non-personally-identifying information in the aggregate, e.g., by publishing a report on trends in the usage of its website.
WordPress.org also collects potentially personally-identifying information like Internet Protocol (IP) addresses. WordPress.org does not use IP addresses to identify its visitors, however, and does not disclose such information, other than under the same circumstances that it uses and discloses personally-identifying information, as described below.
Gathering of Personally-Identifying Information
Certain visitors to WordPress.org choose to interact with WordPress.org in ways that require WordPress.org to gather personally-identifying information. The amount and type of information that WordPress.org gathers depends on the nature of the interaction. For example, we ask visitors who use our forums to provide a username and email address.
In each case, WordPress.org collects such information only insofar as is necessary or appropriate to fulfill the purpose of the visitor’s interaction with WordPress.org. WordPress.org does not disclose personally-identifying information other than as described below. And visitors can always refuse to supply personally-identifying information, with the caveat that it may prevent them from engaging in certain website-related activities, like purchasing a WordCamp ticket.
All of the information that is collected on WordPress.org will be handled in accordance with GDPR legislation.
Protection of Certain Personally-Identifying Information
WordPress.org discloses potentially personally-identifying and personally-identifying information only to those of project administrators, employees, contractors, and affiliated organizations that (i) need to know that information in order to process it on WordPress.org’s behalf or to provide services available through WordPress.org, and (ii) that have agreed not to disclose it to others. Some of those employees, contractors and affiliated organizations may be located outside of your home country; by using WordPress.org, you consent to the transfer of such information to them.
WordPress.org will not rent or sell potentially personally-identifying and personally-identifying information to anyone. Other than to project administrators, employees, contractors, and affiliated organizations, as described above, WordPress.org discloses potentially personally-identifying and personally-identifying information only when required to do so by law, if you give permission to have your information shared, or when WordPress.org believes in good faith that disclosure is reasonably necessary to protect the property or rights of WordPress.org, third parties, or the public at large.
If you are a registered user of a WordPress.org website and have supplied your email address, WordPress.org may occasionally send you an email to tell you about new features, solicit your feedback, or just keep you up to date with what’s going on with WordPress.org and our products. We primarily use our blog to communicate this type of information, so we expect to keep this type of email to a minimum.
If you send us a request (for example via a support email or via one of our feedback mechanisms), we reserve the right to publish it in order to help us clarify or respond to your request or to help us support other users. WordPress.org takes all measures reasonably necessary to protect against the unauthorized access, use, alteration, or destruction of potentially personally-identifying and personally-identifying information.
WordPress.org may collect statistics about the behavior of visitors to its websites. For instance, WordPress.org may reveal how many times a particular version of WordPress was downloaded or report on which plugins are the most popular, based on data gathered by
api.wordpress.org, a web service used by WordPress installations to check for new versions of WordPress and plugins. However, WordPress.org does not disclose personally-identifying information other than as described in this policy.
Additionally, information about how you use our website is collected automatically using “cookies”. Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.
Our website uses plugins from LinkedIn site. The site is operated by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. If you visit one of our sites equipped with a LinkedIn plug-in, you will be connected
To LinkedIn servers. The LinkedIn server is informed which of our pages you have visited.
When you are logged in to your LinkedIn account, you enable LinkedIn to map your surfing behaviour directly to your personal profile. You can prevent this by logging out of your LinkedIn account.
Our website uses plugins from Twitter site. The site is operated by Twitter 1355 Market St #900, San Francisco, CA 94103, USA. If you visit one of our sites equipped with a Twitter plug-in, you will be connected To Twitter servers. The Twitter server is informed which of our pages you have visited.
When you are logged in to your Twitter account, you enable Twitter to map your surfing behaviour directly to your personal profile. You can prevent this by logging out of your Twitter account.
Our website uses plugins from Pinterest site. The site is operated by Pinterest, Pinterest Headquarters 808 Brannan St. San Francisco, CA 94103. If you visit one of our sites equipped with a Pinterest plug-in, you will be connected to Pinterest servers. The Pinterest server is informed which of our pages you have visited.
When you are logged in to your Pinterest account, you enable Pinterest to map your surfing behaviour directly to your personal profile. You can prevent this by logging out of your Pinterest account.
Our website uses plugins from Facebook. The site is operated by Facebook, 1 Hacker Way
Menlo Park, California 94025. If you visit one of our sites equipped with a Facebook plug-in, you will be connected to Facebook servers. The Facebook server is informed which of our pages you have visited.
When you are logged in to your Facebook account, you enable Facebook to map your surfing behaviour directly to your personal profile. You can prevent this by logging out of your Facebook account.
Vimeo & hints for integrating videos from Vimeo
This site uses for security and protection reasons
Transmission of confidential content, such as the requests you send to us as a site operator, SSL encryption. You can recognize an encrypted connection by changing the address line of the browser from “http: //” to “https: //” and the lock symbol in your browser line.
If SSL encryption is enabled, the data you submit to us can not be read by third parties.
Information, cancellation, blocking
At any time you have the right to free information about your stored personal data, their origin and recipient and the purpose of the data processing and a right to correct, block or delete this data. For this purpose and for further questions about personal data
You can always contact us at the address given in the imprint.
You can revoke this consent at any time with effect for the future. The revocation must be sent to Kirsten Wechslberger, by e-mail to firstname.lastname@example.org
The legal basis for the publication of such recordings, which show club members or third parties, forms the german Art Copyright Act (KUG).Thereafter, corresponding photos or videos may in principle only be distributed with the consent of the person depicted.
Our public events such as vernissages, lectures: Something else, however, applies to photos or videos of public events. Here it is regularly required for a lawful publication to obtain the consent of any person depicted. However, this exception applies only to shots that focus on the accumulation of people (and not the individual). We point out to visitors the possibility to contradict.
Contradiction advertising emails
The use of published in the context of the imprint obligation contact information for sending unsolicited advertising and information materials is hereby rejected. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example through spam e-mails.