Wirecard AG and its subsidiaries (Wirecard group) offer products and services for electronic payments and risk management to their customers. Our aim is to enable companies and consumers to process electronic payments worldwide smoothly and easily.
The security and protection of personal data is one of the most important aspects in processing payments. This is why Wirecard AG ensures compliance with the legal provisions on privacy, in particular in accordance with the provisions of the German Data Protection Act (BDSG) and the German Teleservices Act (TMG).
This statement covers all key aspects of privacy. Please note the following information.
This website provides information on the services offered by the Wirecard group. The Wirecard group also provides various information systems via which affiliated customers (merchants) may obtain data concerning the payments processed via Wirecard.
Wirecard Technologies AG at Einsteinring 35, 85609 Aschheim, Germany, is the accountable body as defined by German law.
Customers are accountable for all data processed as part of contracted data processing. Wirecard will refer to the respective customer in the event of any queries regarding this data.
Anonymous page view
As a rule, pages of the Wirecard group website can be viewed anonymously. Data that is collected automatically (see below) is anonymized prior to its being stored and used.
Collection and use of personal data
Wirecard processes payment information on behalf of her customers (merchants) as part of payment processing and related services (e.g. risk management). Particularly in its role as a data processor, Wirecard works through its affiliated customers towards compliance with the principle of data efficiency as defined under the German Data Protection Act.
The affiliated customer (merchant) concerned is considered accountable for processed payment data. Sensitive data in particular, such as credit card numbers and account details, are processed as part of payment processing. This data is encrypted and stored in the Wirecard databases in compliance with PCI DSS regulations.
The data processed on behalf of an affiliated customer (merchant) is utilized only for the purpose requested by this customer – e.g. payment processing and risk management. Depending on the contracted service, additional information such as IP geolocation data and credit reports may also be consulted.
Any and all data processed on behalf of a customer will be stored as specified by the customer and also deleted at the customer’s request – at the latest, however, following expiry of the legal term. In the event that a customer requests removal of their data before expiry of this term, the data will usually be blocked instead of being deleted.
Disclosure of personal data
The companies of the Wirecard group utilize personal data only as requested by its affiliated customers (merchants). This data is disclosed exclusively to subcontractors of the Wirecard group for the purpose of completing the transaction. This data may be disclosed to relevant service providers, e.g. credit rating agencies, for the purpose of identity verification and fraud prevention.
The data is not disclosed to other third parties – e.g. for the purpose of selling addresses.
Right of revocation concerning the collection, processing and use of personal data
The customer may revoke their consent to the collection, processing and utilization of personal data at any time with effect for the future. The revocation shall be addressed to the aforementioned accountable body. Please note that the Wirecard group may not be able to perform certain services in the event of a revocation.
Automatically collected non-personal data.
When visiting the Website of the Wirecard group statistical data are automatically collected and recorded in order to constantly improve the design of the Wirecard group website. This includes the IP address, pages visited on the site, data and time of visit, cookies, and information regarding the visitor’s browser, operating system and language settings. On the basis of this non-personal data user profiles are created using a pseudonym. Cookies may be used for this purpose (please refer to the definition of the term «Cookies» below under the respective headline). These data are processed only in pseudonymous form. This especially applies for the IP-address which is processed and stored only abbreviated i.e. without the last two number blocks. The data collected will not be used to personally identify the customer and will not be merged with personal data about the bearer of the pseudonym without the express permission of the respective individual. As soon as the storage of the data is no longer necessary for the creation of the user profile, they will be deleted.
For the processing of the non-personal data, The Wirecard group uses the technologies of the etracker GmbH (www.etracker.com). The Wirecard group employs the tool by the company etracker GmbH to analyze the data collected in this fashion.
Right of revocation concerning the collection, processing and utilization of non-personal data
The customer may revoke their consent to the collection, processing and utilization of personal data at any time with effect for the future. The revocation shall be addressed to the aforementioned accountable body. In this event the non-personal data of the respective customer will no longer be collected, processed or utilized. Please note that some parts of the Website of the Wirecard group may – as consequence of the revocation – not work correctly. Furthermore all non-personal data of the opposing party which have already been stored will be deleted.
Cookies are text files that are locally stored on the temporary storage of your internet-browser to recognize it. The Wirecard group utilizes cookies in some sections of its website to make it easier for customers to use the site and to customize its design.
Customers can configure their browsers to inform them when a cookie is being saved or to prevent cookies from being saved altogether. Information on how to do this is available from the help function of the browser in question.
Some pages of third parties are linked on the website of the Wirecard group in order to provide customers with comprehensive information. Wirecard has no influence over the design of these websites and is not responsible for the content provided therein. The principles contained in this statement do not apply to the aforementioned external websites.
Right to information
At the request of a user, the Wirecard group will provide them with information regarding the personal data held on file. At the request of this user, this information may also be provided by electronic means.