RooterPay

Menu

Edit Content
Click on the Edit Content button to edit/add the content.
Register / Log in

Privacy Policy

 

1. Overview

Your privacy is a priority. At RooterPay, we handle your personal information responsibly, securely, and transparently. This Privacy Policy explains the types of data we collect, why we process it, how we protect it, and your rights as a user. Our practices comply with the UK General Data Protection Regulation (UK GDPR) and other relevant laws.

 

2. About the Service

RooterPay is a digital payment platform operated by the Company (“Company”), registered in the United Kingdom at (“Address”). The Company is authorised and supervised by the Financial Conduct Authority (FCA) to ensure compliance with applicable laws, including AML/CTF regulations and financial service standards.

 

3. Your Data: Collection and Purpose

a. Categories of Data

We may collect:

  • Identity details – full name, date of birth, and verified identification documents.
  • Contact details – email address, mobile number, and communication preferences.
  • Payment and transaction information – sender and recipient card details, transaction amount, currency, and frequency.
  • Device and usage information – IP address, browser type, and device data for security and analytics.
  • Verification records – KYC and AML/CTF documents.
  • Communication records – support messages, emails, or inquiries.
  • Marketing or engagement data – voluntarily provided via surveys, feedback, or promotions.

We also use cookies and similar technologies; details are in our Cookies Notice.

 

b. Purpose of Processing

We use your data to:

  • Process and complete transfers to approved destinations, including Russia and permitted CIS countries (Georgia, Armenia, Uzbekistan, Kyrgyzstan, Tajikistan).
  • Verify identity, prevent fraud, and comply with AML/CTF obligations.
  • Detect and investigate unusual or suspicious activity.
  • Improve the reliability, security, and functionality of our services.
  • Communicate service updates, confirmations, or operational changes.
  • Meet legal and regulatory reporting requirements.
  • Analyse anonymised data for risk management and operational improvements.

Retention: Personal data is stored only as long as required for its purpose or as mandated by law, typically up to seven years, then securely deleted or anonymised.

 

4. Lawful Grounds for Processing

Your data is processed based on:

  • Contractual necessity: to provide requested services.
  • Legal obligation: to meet AML, CTF, and other regulatory requirements.
  • Legitimate interest: to secure our platform, prevent misuse, and enhance service quality, provided your rights are not overridden.

 

5. Data Disclosure

We may share data with:

  • Regulatory or law enforcement authorities as legally required.
  • Verified third-party service providers (e.g., payment processors, KYC providers) under strict confidentiality agreements.
  • Legal, auditing, or compliance advisors assisting with regulatory obligations.

No sale of personal data: Your information is never sold, rented, or traded.

 

6. Transfers Beyond the UK

Transfers of data outside the UK, including to service providers in other jurisdictions, are safeguarded via Standard Contractual Clauses or equivalent mechanisms. This includes transfers required to process payments to Russia and permitted CIS countries.

 

7. Data Protection and Security Practices

We safeguard your information using:

  • Encryption of data in transit and at rest.
  • Access restricted to authorised personnel.
  • Monitored storage systems with regular audits.
  • Up-to-date technical and organisational measures aligned with cybersecurity best practices.

 

8.Data Lifecycleand Retention

Data is retained only as needed for operational and regulatory purposes. Once the retention period ends, records are securely deleted or anonymised in accordance with industry standards.

 

9. Your Privacy Rights

Depending on your jurisdiction, you can:

  • Access your personal data.
  • Request correction of inaccurate or incomplete data.
  • Request deletion, subject to regulatory obligations.
  • Restrict or object to specific processing.
  • Obtain a portable copy of your data.

How to exercise rights: Contact our support team via email or support channels.

10. Policy Updates

We may update this Privacy Policy to reflect legal changes, service improvements, or operational adjustments. The latest version will be published on our website with the “Last Updated” date clearly indicated. Significant updates affecting data handling, including transfers to Russia or CIS countries, will be communicated directly to users where appropriate.

 

11. Complaints and Contact

If you believe your data has not been handled properly, you may contact our Data Protection Officer via email or raise concerns with the UK Information Commissioner’s Office (ICO) at www.ico.org.uk