My WordPress

lighting-bolt-.png

Privacy & Policy

logo.png
water-drop.png
fire.png

This Privacy Policy
Applies To The Website Of OSS.

Principles of data processing

Personal data is all information relating to an identified or identifiable natural person. This includes information such as your name, age, address, telephone number, date of birth, e-mail address, IP address or user behavior. Information that cannot be used to identify you (or only with disproportionate effort), e.g. by anonymizing the information, is not personal data. The processing of personal data (e.g. the collection, retrieval, use, storage or transmission) always requires a legal basis or your consent. Processed personal data will be erased as soon as the purpose of the processing has been achieved, unless we are required to continue holding your data for legal reasons. If we process your personal data for the provision of certain offers, we will inform you subsequently about the specific processes, the scope and purpose of data processing, the legal basis for the processing and the corresponding storage period.

Use of service providers for the processing of personal data

The data and information provided in the context of the contractual relationship may be shared within the OSS Group, its affiliated companies, including third parties in connection with providing services to you under your payment acceptance agreement. Your personal data will remain protected by contractual restrictions between the OSS Group companies that restrict the processing of your data. If your data is processed in countries with data protection laws less strict than the European Economic Area, such as the United States of America, we will ensure that your data will be adequately protected through contractual and other methods.

Various processing operations

Provision and use of the Website
Nature and scope of data processing

When you access and use our website, we collect the personal data that your browser automatically transmits to our server. This information is stored temporarily in a log file. When you use our website, we collect the following data that is technically necessary for us to provide you with access to our website and to ensure its stability and security:
IP address of the requesting computer.
Date and time of access.
Name and URL of the retrieved file.
Website from which access is made (referrer URL).
The browser used and, if applicable, the operating system of your computer as well as the name of your access providers.

Period of storage

As soon as the data is no longer required it will be erased, unless we are required to continue holding your data for legal reasons. The collection of data for the provision of the website and the storage of data in log files is necessary for the performance of the website. Consequently, the user cannot object to processing in this respect.

Legal basis

The lawful basis for processing your data is legitimate interest as outlined in Article 6.1(f) of the GDPR. The processing of the data is necessary for the provision of a website and thus serves as a legitimate interest of our company.

Data processing for the purpose of delivering payment services
Nature and scope of data processing

If you would like to apply for payment services online, we need some personal data in terms of processing your application. The following application data is therefore collected and processed within the scope of the online application:
Name and title (including the names of anyone that holds more than 25% of shares or voting rights in a company, has the right to appoint or remove the majority of the board of directors or otherwise exercises significant influence or control over the business).
Business Trading name.
Registered Business name.
Trading Address, Registered Business Address and including personal address(es).
• DOB
• Place of birth
• Nationality
• % business ownership
• Telephone / mobile phone number
• E-Mail
Tax number (VAT ID or National Insurance Number as applicable)
Description of business activities
Bank details (bank name, account holder name, address, bank account number and sort code, SWIFT/BIC, IBAN)
Data required by applicable law such as money laundering legislation.
Contact details (name, phone number and email address) for installation of terminal at site (if applicable)
Contact details (name phone number and email address) for technical support on eCommerce solutions e.g. your web developer (if applicable)

Period of storage

The data collected for the purpose of the application procedure will be stored for a duration of maximum 6 months after the end of the application procedure, unless we are required to continue holding your data for legal reasons.

Legal basis

The lawful basis for processing your data is performance of a contract as outlined in Article 6.1(b) of the GDPR. The processing of the data is necessary for the processing of your application and the provision of services. If we obtain your consent for the processing of your data, you have the right to withdraw your consent for the processing of your personal data at any time without giving reasons by sending an e-mail to support@oss1stop.com or by post to 459 Paisley Road, Glasgow, G5 8RJ. FAO: GDPR.

Use of Cookies

Nature and scope of data processing

On our website we use cookies. Cookies are small files sent to your browser on your device during your visit to our websites and stored there. Some functions of our website cannot be offered without the use of technically necessary cookies. However, other cookies allow us to perform various analyses. For example, cookies are able to recognize the browser you are using the next time you visit our website and to transmit various information to us. With the help of cookies, we can make our website more user- friendly and effective for you, for example by tracking your use of our website and determining your preferred settings (e.g. country and language settings). If third parties process information via cookies, they collect this information directly via your browser. Cookies do not cause any damage to your device. They cannot run programs or contain viruses.

Legal basis

The lawful basis for processing your data is legitimate interest as outlined in Article 6.1(f) of the GDPR. If you have given us your consent for the use of cookies due to a notification (“Cookie banner”) provided by us on the website, the lawful basis is additionally regulated by Art. 6.1(a) of the GDPR.


Period of storage

As soon as the data transmitted to us via the cookies is no longer necessary for the purposes described in section 7.1, this information will be erased, unless we are required to continue holding your data for legal reasons

Configuration of browser settings

Most browsers are set to accept cookies by default. However, you can configure your browser so that it only accepts certain cookies or no cookies at all. However, we would like to point out that you may not be able to use all functions on our website if cookies are deactivated in your browser settings on our website. You can also delete cookies already stored in your browser via your browser settings. Furthermore, it is also possible to set your browser so that it informs you before cookies are saved. Since the different browsers can differ in their respective functions, we ask you to use the respective help menu of your browser for the configuration options. If you would like a comprehensive overview of the access by third parties to your Internet browser, we recommend that you install specially developed plug-ins.

Use of Google Analytics within this website

This website uses Google Analytics, a web analysis service of Google Inc. (“Google”). Google Analytics uses so called “cookies”, which are text files placed on your computer, to help you analyze how the website is used. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.

On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with further services associated with website and internet use. The IP address transmitted by your browser in the context of Google Analytics is not merged with other data from Google.

You may refuse the use of cookies by selecting the appropriate settings in your browser; however, please note that if you do so you may not be able to use all functionality on our website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website.

Google Remarketing

Our website uses the remarketing function of Google Inc. (“Google”). This function is generally used to present personalized advertisements that is part of Google’s advertising network to website users. To enable this, cookies are stored on your computer. When you visit our website and then visit a website that is part of the Google advertising network, you may be exposed to advertising from OSS Payments International GmbH.

According to its own statements, Google does not collect any personal data in this process. However, if you do not wish to use Google’s remarketing feature, you can always deactivate it by making the appropriate.

As an alternative, you can disable the use of cookies for personalized advertising through the Advertising Network Initiative by following the instructions at www.networkadvertising.org/managing/opt_out.asp . For more information about Google Remarketing and Google’s privacy policy, www.google.com/privacy/ads/

Google AdWords

The data controller has integrated Google AdWords on this website. Google AdWords is an internet advertising service that allows advertisers to place ads in both Google’s search engine results and the Google Advertising Network. Google AdWords allows an advertiser to define certain keywords in advance, which are used to display an ad in Google’s search engine results only if the user uses the search engine to retrieve a keyword-relevant search result. In the Google advertising network, the ads are spread to topic-relevant websites using an automatic algorithm and taking into account the previously defined keywords.

The operator of Google AdWords services is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 940431351, USA. The purpose of Google AdWords is to advertise our website by displaying personalized advertising on the websites of third parties and in the search engine results of the Google search engine and by displaying thirdparty advertising on our website. If a person concerned enters our website via a Google ad, a so-called Conversion-Cookie is stored on the information technology system of the person concerned by Google. The subject of cookies has already been explained above. A Conversion-Cookie loses its validity after thirty days and is not used to identify the person concerned. If the cookie has not expired yet, the Conversion-Cookie is used to determine whether certain subpages, such as the shopping basket of an online shop system, have been accessed on our website. The Conversion-Cookie enables both us and Google to track whether a person who has accessed our website via an AdWords Ad has generated revenue, i.e. has completed or cancelled a purchase of goods.

The data and information collected through the use of the Conversion-Cookie is used by Google to generate user statistics for our website. These statistics are used by us to determine the total number of users who have been referred to us via AdWords-Ads, i.e. to determine the success or failure of the respective AdWords-Ad and to optimize our AdWords-Ads for the future. Neither OSS nor other Google AdWords advertisers receive information from Google that could identify the person concerned. The Conversion-Cookie is used to store personal information, such as the websites visited by the person concerned. Personal data, including the IP address of the internet connection used by the person concerned, is therefore transferred to Google in the United States of America each time they visit our website. The personal data is stored by Google in the United States of America. Google may transfer the personal data collected via the technical process to third parties.

The person concerned can block the setting of cookies through our website at any time, as already described above, by means of an appropriate setting of the Internet browser used and thus permanently block the setting of cookies. Such a setting of the Internet browser used would also prevent Google from setting a ConversionCookie on the information technology system of the person concerned. In addition, a cookie already set by Google AdWords can be erased at any time via the Internet browser or other software programs.

Furthermore, the person concerned has the possibility to object to personalised advertising by Google. To do this, the person concerned must access the www.google.com/settings/ads link from each of the Internet browsers they use and change the required settings there .

Rights of data subjects

The GDPR provides the following rights for you as a data subject with regard to the processing of personal data:
Right of access

According to Article 15 of the GDPR you can request information about your personal data processed by OSS. In particular, you may request information about the purposes of processing, the categories of personal data concerned, the categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations, the envisaged period for which the personal data will be stored, the existence of a right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing, the right to lodge a complaint with a supervisory Authority, where the personal data are not collected from the data subject, any available information as to their source, the existence of automated decision-making, including profiling and, where applicable, meaningful information on their details.

Right to rectification

According to Article 16 of the GDPR you can immediately demand without undue delay the rectification of inaccurate personal data stored by OSS.


Right to erasure

According to Article 17 of the GDPR you have the right to obtain the erasure of your personal data stored with us, as far as processing is not necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for the performance of a task carried out in the public Interest or for the establishment, exercise or defence of legal claims.

Right to object

In accordance with Article 18 of the GDPR, you have the right to obtain from the controller restriction of processing if you dispute the accuracy of the personal data being processed, the processing is unlawful, we no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims. You also have the right according to Article 18 of the GDPR if you have filed an objection against the processing in accordance with Article 21 of the GDPR.

Right to data portability

According to Article 20 of the GDPR, you have the right to receive the personal data provided by you to OSS in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller

Right to withdraw

According to Article 7 para. 3 of the GDPR you have the right to withdraw your consent to us at any time. As a result, we may no longer continue the processing of data based on this consent in the future.

Right to lodge a complaint with a supervisory authority

According to Article 77 of the GDPR, you have the right to lodge a complaint with a supervisory authority. The applicable competent supervisory authority is the Information Office, and can be contacted on 0204 518 0756.

Hyperlinks

Our website contains so-called hyperlinks to websites of other providers. If these hyperlinks are activated, you will be redirected from our website directly to the website of the other provider. You can recognize this, among other things, by the change of the URL. We cannot take responsibility for the confidential handling of your data on these third party websites, as we have no influence on whether these companies comply with the data protection regulations. Please inform yourself about the handling of your personal data by these companies directly on their websites.

Data security and safety regulations

We commit ourselves to protect your privacy and to treat your personal data confidentially. In order to avoid manipulation, loss or misuse of your data stored with OSS, we take extensive technical and organisational security precautions, which are regularly checked and adapted to technological progress. This includes the use of established encryption methods (SSL or TLS).

However, we would like to point out that due to the structure of the internet, it is possible that the regulations of data protection and the above-mentioned security measures may not be complied with by other persons or institutions for which we are not responsible. In particular, unencrypted data – e.g. if transferred by e-mail – can be read by third parties. We have no technical influence on this. It is the responsibility of the user to protect the data provided by him against misuse by encryption or in any other way.

GDPR Statement

The General Data Protection Regulation (“GDPR”) is effective as of 25 May 2018.The GDPR aims to strengthen the protection of personally identifiable information* in the EU

OSS Payments International GmbH, referred to herein as “OSS”, welcomes the arrival of the GDPR. We consider the security of our employees’, customers’ and third parties’ personally identifiable information very important.

We consider it our duty to comply with national and international data protection regulations globally. We strive to operate with industry leading standards for transparency, predictability and consistency.

Certifications

As a member of the Payment Card Industry, we have adopted multiple technical and organisational measures to be compliant with the high standards imposed by the Payment Card Industry Data Security Standards.

Physical Security

As a member of the Payment Card Industry, we are also involved in the physical security of our employees’, customers’ and third parties’ personally identifiable information.

Data Protection & Security

OSS has implemented and maintains data protection systems and security at all of its facilities and in respect of all its IT platforms and functions.

Right to object

In accordance with Article 18 of the GDPR, you have the right to obtain from the controller restriction of processing if you dispute the accuracy of the personal data being processed, the processing is unlawful, we no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims. You also have the right according to Article 18 of the GDPR if you have filed an objection against the processing in accordance with Article 21 of the GDPR.

GDPR Implementation

Although we have already implemented a consistent level of data protection and security in our data centres, our aim is to be fully compliant with the GDPR and all other applicable data protection laws. This includes keeping internal records of all our data processing activities and having a process to accommodate the rights of our data subjects

Right to withdraw

According to Article 7 para. 3 of the GDPR you have the right to withdraw your consent to us at any time. As a result, we may no longer continue the processing of data based on this consent in the future.

Contact Person

If your personal data are processed by OSS and you are a data subject within the meaning of the GDPR, you have the right to demand access, rectification, erasure, restriction of processing, data portability and to object to the data processing according to Articles 15 to 22 of the GDPR.

If you wish to exercise these rights or have related questions, please write to us at 459 Paisley Road, Glasgow, G5 8RJ or support@oss1stop.com. Please include your full name, relationship with OSS and the reason for your request *personally identifiable data (PII) is any data which could be used to identify a specific individual such as name, telephone number, email address, bank account details.

REQUEST A

CALL BACK

Partners