top of page


Porterpays understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone who visits our websites, (“Our Sites”) or uses our Services. We will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.

This privacy policy informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Services and the choices you have associated with that data.

We use your data to provide and improve our Services. Your acceptance of this Privacy Policy is deemed to occur upon your first use of our website and service and you will be required to read and accept this Privacy Policy when signing up for an Account. If you do not accept and agree with this Privacy Policy, you must stop using our service immediately.



Means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data or an online identifier;


Means a Porterpays user account;



Means a small text file placed on your device by our site when you visit our site or use certain features of our services;



Means the relevant parts of the Privacy and Electronic Communications (EC Directive) Regulations 2013;



Means any method or way that we handle Personal Data such as collection, organisation, storage, adaption, alteration, transmission, dissemination, restriction, erasure or destruction;



Means any Porterpays service, content, features, function, website and applications;



Means the business requirements to manage and offer the Porterpays services or to comply with legal obligations;


About Us

The organisation size is between 3 to 10 employees. The business is solely located in Malta


Email Address:

Postal Address:   7, Robert Mifsud Bonnici Street, Lija LJA1401, MALTA


Name:               Philippe Martens

Email Address:

Description of Processing

We may process your personal data for various reasons that are justified under the data protection legislation. These include:

  1. To operate the website and provide payment and associated services, authenticate your access to an account or to correspond with you and offer support

  2. To perform compliance checks, such as verification of your identity, and helping to detect fraudulent or malicious activity on our site or services

  3. To maintain our accounts and records

  4. To manage our business needs, such as monitoring, analysing, and improving the Services and the Sites’ performance functionality

  5. To comply with all applicable laws and regulations

With your permission and/or where permitted by law, we may also use your personal data:

  1. For marketing purposes, which may include contacting you by email with information, news, and offers on our products or services. You will not be sent any unlawful marketing or spam. We may also process your personal data to tailor certain services or site experiences to better match our understanding of your interests.

  2. To provide personalised services on third-party websites and online services. We may use your personal data and other information collected in accordance with this policy to provide a targeted display, feature or offer to you on third-party websites. We may use cookies and other tracking technologies to provide these online services and/or work with other third parties such as advertising or analytics companies to provide these online services.


Please also see Cookies Section for more information about our use of Cookies and similar technologies. We will always work to fully protect your rights and comply with our obligations under the Data Protection Legislation and the Privacy and Electronic Communications (EC Directive) Regulations 2003, and you will always have the option to opt-out.

We will only use your personal data for the purpose(s) for which it was originally collected unless we reasonably believe that another purpose is compatible with that or those original purpose(s) and need to use your personal data for that purpose. If we need to use your personal data for a purpose that is unrelated to, or incompatible with, the purpose(s) for which it was originally collected, we will inform you and explain the legal basis which allows us to do so.*In some circumstances, where permitted or required by law, we may process your personal data without your knowledge or consent. This will only be done within the bounds of the Data Protection Legislation and your legal rights.


Collected Data

We collect different types of information for various purposes to provide and improve our Service to you. Depending upon your use of our service or website we may collect and hold some or all the personal (and non-personal) data set out in the table below, using the methods also set out in the table. Please also see Cookies Section for more information about our use of Cookies and similar technologies. We do not collect any ‘special category’ or ‘sensitive’ personal data or personal data relating to children or data relating to criminal convictions and/or offences.



Support information and other communications received through the website contact form or support emails, including:

  • Name, surname

  • Job title

  • Email address

  • Phone number

  • Your company/organisation details



For business users who make use of our services and business consoles we may collect:

  • Business address / city / state / country / postal code

  • Title, name, surname

  • Email

  • Business phone number, mobile number

  • Authentication details / security question and answer

  • Operator details

  • Client details

  • Language preference

  • Card currency

  • Corporate customer personal and travel details, such as contact details and travel details

  • Credit card details



  • Service provider(s) involved in the transaction

  • Funding instruments and/or bank account details

  • Merchant(s) where spending is done using a virtual card

  • Session information: login attempts, login IP address(es), session information, login browser user agent(s), geolocation information


Data Retention

We will not keep your personal data for any longer than is necessary considering the reason(s) for which it was first collected. For example, we keep your personal account information for a period of six years from the closure of account or termination of business relationship.

This enables us to comply with legal and regulatory requirements or use it where we need to for our legitimate interests such as managing your account and dealing with any disputes or concerns that may arise. We may need to retain your information for a longer period where we need the information to comply with regulatory or legal requirements or where we may need it for our legitimate business purposes, such as to respond to queries or complaints, fighting fraud and financial crime and responding to requests from regulators. Information that exceeds the retention periods is deleted or removed using industry best practices.



Our Site or services may place and access certain first-party Cookies on your computer or device. First-party Cookies are those placed directly by us and are used only by us. We use Cookies to facilitate and improve your experience of our Site and to provide and improve our products and services. We have carefully chosen these Cookies and have taken steps to ensure that your privacy and personal data is always protected and respected.


By using our Site, you may also receive certain third-party Cookies on your computer or device. Third-party Cookies are those placed by websites, services, and/or parties other than us. For more details, please refer to the table below. All Cookies used by and on our Site are used in accordance with current Cookie Law.


Our site uses analytics services, which are a set of tools used to collect and analyse anonymous usage information, enabling us to better understand how our Site is used. This, in turn, enables us to improve Our Site and the services offered through it. The analytics services used by Our Site use Cookies to gather the required information. You do not have to allow us to use these Cookies. However, whilst our use of them does not pose any risk to your privacy or your safe use of our Site, it does enable us to continually improve our Site, making it a better and more useful experience for you.


You will be required to provide cookie consent by acknowledging the privacy and cookie policies during the registration of your account. By giving your consent to the placing of Cookies you are enabling us to provide the best possible experience and service to you. You may, if you wish, deny consent to the placing of Cookies. However, certain features of our Site may not function fully or as intended.

You can choose to delete Cookies on your computer or device at any time. However, you may lose any information that enables you to access Our Site more quickly and efficiently including, but not limited to, login and personalisation settings. It is recommended that you keep your internet browser and operating system up-to-date and that you consult the help and guidance provided by the developer of your internet browser and manufacturer of your computer or device if you are unsure about adjusting your privacy settings.


Certain features of Our Site depend on Cookies to function. Cookie Law deems these Cookies to be “strictly necessary”. Your consent will not be sought to place these Cookies, but it is still important that you are aware of them. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. You may choose to enable or disable Cookies on your device by referring to However, if you do not accept cookies, you may not be able to use some portions of our Service.


We use the following cookies:


These are cookies that are required for the operation of Our Site. They include, for example, cookies that enable you to log into secure areas of our website.



We use third-party analytics providers, such as Google Analytics to collect information about the usage of our services and enable us to improve how these services work, for example, by ensuring that users are finding what they are looking for easily.



These are used to recognise you when you return to Our Site. This enables us to personalise our content for you and remember your preferences (for example, your choice of language or region).




We use third-party targeting tools, such as LinkedIn Insights and ads tags. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests.


Personal Data Storage

We will store and process your data following industry best practice and security. All our processing takes place within G-Suite services provided by Google Cloud. Our servers within Google Cloud are located within the EEA and covered by GDPR.


We may share your personal data with other companies. When your personal data is shared with a third-party, we will take the necessary steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party's obligations under the law. We ensure that our contracts with those third parties contain the appropriate GDPR model clauses and that all our third parties are also compliant with the GDPR, this affords your data the same protection away from our organisation, as it does within it.


In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.


The data we collect through our services may be processed by one or more of the following:


We process data within the EEA and countries deemed by the European Union as having adequate safeguards for protecting personal data. These countries are recognised by the EU as having suitable safeguards for the rights and freedoms of individuals and recourse processes by which data subjects can exercise their rights.


  • Trusted service providers such as technology, support, marketing, and sales service providers

  • Auditors

  • Financial Institutions

  • Money Laundering prevention companies

  • HR Partners

  • Other companies within the group


Some of the processing may take place outside of the EEA. Where we transfer your data to a third-party based in the US, the data may be protected if they are part of the EU-US Privacy Shield. This requires that third party to provide data protection to standards similar to those in Europe. More information is available from the European Commission.

Please contact us for further information about the particular data protection mechanisms used by us when transferring your personal data to a third country.


The security of your personal data is essential to us, and to protect your data, we take several important measures, including the following:


  • Limiting access to your personal data to those employees, agents, contractors, and other third parties with a legitimate need to know and ensuring that they are subject to duties of confidentiality;

  • Implementing strong technical security measures, such as encryption and infrastructure security;

  • Procedures for dealing with data breaches (the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, your personal data) including notifying you and/or the Supervisory Authority where we are legally required to do so.


Your Rights

Under the Data Protection Legislation, you have the following rights, which we will always work to uphold:


  1. The right to be informed about our collection and use of your personal data. This Privacy Policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions.

  2. The right to access the personal data we hold about you. Upon request and verification of your identity, we will send you a copy of the personal data we hold about you.

  3. The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. It is important that your personal data is kept accurate and up-to-date. If any of the personal data we hold about you changes, please keep us informed if we have that data.

  4. The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we hold. We may not always be able to comply with your request of erasure for specific legal reasons, for which you will be notified. Please note that retention requirements supersede any right to erasure requests under the data protection laws.

  5. The right to restrict (i.e. prevent) the processing of your personal data. Please note that any requests in relation to the processing of your data mean that we may not be able to provide you with the service, in which case you will be notified.

  6. The right to object to us using your personal data for a particular purpose or purposes.

  7. The right to withdraw consent. That means that, if we are relying on your consent as the legal basis for using your personal data, you are free to withdraw that consent at any time.

  8. The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.

  9. Rights relating to automated decision-making and profiling. We do not use your personal data in this way.


To exercise your rights above please contact our Data Protection Officer, Data Controller or Company representative via any of the channels provided.


You also have the right to lodge a complaint with our supervisory authority. Porterpays’ establishment is in Malta, thus its supervisory authority is the IDPC in Malta. Their contact details are as follows:

We would welcome the opportunity to resolve your concerns ourselves however, so please contact us first, using the details provided.

Quick Links for exercising your rights:

DPO email address:                     

Controller email address:               


We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection.

Any changes will be posted on Our Site and you will be deemed to have accepted the terms of the Privacy Policy on your first use of Our Site following the alterations. We recommend that you check this page regularly to keep up to date.

bottom of page