Privacy policy

1. Introduction
Mobilipay (CY) Limited ("We", "Us", "Our") registered in Cyprus with company number HE380914 and whose registered office is at Pavlou Nirvana & Aipeias, Alpha Tower, 1st Floor, Office 11, Limassol, 3021, Cyprus, respects your privacy and is committed to protecting your personal data. This privacy policy will inform you about how we look after your personal data in relation to our services and explains your privacy rights under the General Data Protection Regulation (GDPR).

2. Data We Collect
We do not collect personal data directly from individuals. The personal data we handle and process are provided by our clients (which are legal entities) in order for us to provide our services. The data categories we process may include contact details of employees (email addresses, phone numbers, etc.). For our payment gateway service, we process masked bank card numbers, IP addresses, voluntarily stated email addresses, and names of cardholders related to transactions. For our SMS broadcasting and OTP services, we process phone numbers and message content. Please see our Cookie Policy for more information on how we may use cookies and similar technologies.

3. How We Use Your Personal Data
We use personal data to provide our services, including bank card acquiring, pay-outs, connectivity, onboarding and compliance, account management, and other related services. We also provide SMS broadcasting and OTP services, which involve the use of phone numbers and message content. We process the data solely based on instructions provided in the contract between us and our client under Article 6(1)(b) of the GDPR.

4. Disclosure of Your Personal Data
The personal data we process may be accessed by our employees and by employees of our clients only in relation to the services provided. The access of the client's employees is limited to the data related to their requests only. Personal data may also be shared with third-party service providers, such as banks, PSPs, telecom operators, and trusted aggregators, as required for the provision of our services.

5. Data Security
We have implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including encrypting personal data during transfer, limiting access to your personal data to those employees who need to know, and other security measures to prevent unauthorized access, alteration, disclosure, or destruction of your personal data.

6. Data Retention
We retain personal data for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

7. Your Legal Rights
As per GDPR, you have certain rights in relation to your personal data, including the right to access, correction, erasure, restriction of processing, data portability, and objection to processing. If you have any inquiries or complaints about how we handle your personal data, please contact us at

8. Changes to this Privacy Policy
We reserve the right to update this privacy policy at any time, and any changes will be posted on our website. You are responsible for regularly checking this policy to ensure you are aware of any changes.

This Privacy Policy was last updated on June 1, 2023.

Contact Details
If you have any questions about this privacy policy or our privacy practices, please contact us at