Log in

Privacy Notice

This Privacy Notice outlines our processing of personal data in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of personal data (the “GDPR“).

  1. Who are we and how to contact us
    • EntirePay is a trading name of Inpay A/S, a Danish registered and licenced electronic money institution.
    • If you wish to exercise your rights as described below or have any questions regarding our processing of your personal data or this Privacy Notice, you may contact us at:
      Email: support@entirepay.com 
  2. On whom do we process personal data (the “Data Subjects“)
    • Persons using EntirePay’s services.
    • Subscribers to our newsletters and users of our website.
  3. How we collect personal data
    • Personal data is collected through the provision of our services. This can occur directly from Data Subjects or through third parties such as intermediary payment service providers or corporate customers. Data may also be collected through marketing activities, events, or interactions with our website.
  4. What personal data we collect and process

    We collect and process various types of personal data, including:
    • E-wallet user data:
      • Profile and account login information: Full name, date of birth, address, country or residence, email address, phone number and, where applicable, encrypted password and face-ID used for authentication and access control.
      • Platform usage information: Technical usage data such as user agent, IP addresses, device details (e.g., type, OS, device ID, browser version, geolocation, and language settings), connectivity data, activity logs, session recordings, and cookies installed or used on the customer’s device.
      • Identification Information: Supplementary documentation required for compliance with anti-money laundering legislation, such as copies of government-issued identification cards, personal bank statements, or other valid proofs of identity or address.
    • Website Users and Marketing Recipients
      • Technical and aggregated usage data: This includes user agent, IP addresses, device details, connectivity data, activity logs, session recordings, and cookies or pixels used on our Sites or your device.
  5. Our legal basis for processing personal data
      • We process personal data for various legitimate interests, including managing our business operations, providing services, fulfilling contractual obligations, marketing our services, and complying with relevant financial regulations, anti-money laundering laws, and accounting requirements.
      • Processing activities may also include analysing usage data, gathering user statistics, and conducting price analysis to improve our website and services through cookies.
      • In cases where we rely on your consent for processing, such as sending marketing emails, you have the right to withdraw consent at any time by using the link provided in the marketing material.
    • Our legal basis for processing personal data is in accordance with the following articles of the GDPR:
      • Article 6 (1)(a): Processing based on explicit consent.
      • Article 6 (1)(b): Processing necessary for the performance of a contract.
      • Article 6 (1)(c): Processing necessary for compliance with a legal obligation.
      • Article 6 (1)(f): Processing necessary for pursuing legitimate interests, provided that these interests are not overridden by your rights and interests.
    • Please note: Under Article 21 of the GDPR, you may object to processing based on legitimate interests if you believe your rights outweigh our interests. See “Your rights under the GDPR” for more information.
  6. Recipients of personal data
    • We may share personal data with various third parties to support our business operations and provide our services effectively. These recipients include:
      • Intermediary Payment Service Providers: To facilitate payments between payers and payees.
      • Service Providers and Contractors: Including hosting providers, content delivery networks, internet service providers, data analytics services, marketing and advertising platforms, cybersecurity firms, fraud detection services, and payment processing systems.
      • Compliance-Related Partners: Such as companies providing background checking services to fulfil our anti-money laundering obligations.
      • Advisors: Including legal, tax, financial, and compliance advisors when necessary.
      • Government and Law Enforcement Authorities: When legally required or when necessary to comply with applicable legal obligations, such as subpoenas, search warrants, or similar orders.
    • All recipients are required to handle personal data in accordance with our instructions and applicable data protection laws. We do not share your data with third parties unless it is necessary for the provision of our services or to comply with legal obligations.
  7. Processing outside of the eu/eea
    • We may utilize service providers and partners outside of the EU/EEA. Your data may be transferred and processed outside of the EU/EEA, but we take great care to ensure that this is only done when appropriate safeguards are in place.
    • If data is transferred to a country outside the EU/EEA, and if the country has not been approved by the European Commission as providing adequate protection, transfers will be based on standard contractual clauses approved by the European Commission.
  8. Storage period
    • We retain personal data only as long as necessary to fulfil the stated purposes. This may include providing services, complying with contractual obligations, or as required for bookkeeping and regulatory compliance. Data processing based on your consent will be deleted if you withdraw your consent.
  9. Security measures
    • We have implemented technical and organizational measures to protect the personal data we process. Our employees receive training and instructions on data security, and we have implemented contractual safeguards with data processors to ensure adequate security measures.
  10. Your rights under the gdpr

    You have the right to:
    • Request access to your personal data.
    • Request rectification of inaccurate or incomplete data.
    • Object to processing of your data when based on legitimate interests.
    • Request erasure of your data under certain circumstances.
    • Request restriction of processing in limited circumstances.
    • Request portability of your data in a commonly used format.
    • Withdraw consent where processing is based on consent.

You may contact us at the details provided above to exercise your rights. 

Complaints can be made to the Danish Data Protection Agency (Datatilsynet): https://www.datatilsynet.dk/english/file-a-complaint

Last updated: 9 April 2025