Privacy Policy

Hier finden Sie die Datenschutzhinweise  der secupay AG.

Settings cookies

Data protection declaration for the application process
Data protection notice of secupay AG (hereinafter "secupay")

We hereby inform you about the processing of your personal data and the rights and claims to which you are entitled under the data protection regulations.

Who is responsible for data processing and whom can I contact?

secupay AG
Represented by the board of directors Hans-Peter Weber and Katja Hartmann
Goethestrasse 6
01896 Pulsnitz

Phone +49 (0) 35955 7550-0
Fax +49 (0) 35955 7550-99
E-mail address [email protected]

Sie erreichen unsere Datenschutzbeauftragte unter:
secupay AG
Frau Dominika Juszczyk
Goethestrasse 6
01896 Pulsnitz
E-mail address [email protected]

For what purposes and on what legal basis do we process your data?

We process personal data that we receive from you in the course of initiating business or a business relationship in order to perform our services, execute your orders, and conduct all activities required in connection with operating and administering a financial transfer service provider. We process personal data in accordance with the provisions of the European Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG-neu).

To the extent necessary to provide our services, we process data that we have duly received from other companies or other third parties (e.g. infoscore GmbH). In addition, we process personal data that we have obtained from publicly accessible sources (e.g. debtor lists, land registers, commercial and association registers, press and other media) and are permitted to process. Relevant personal data may include, in particular:

  • Personal data (name, date of birth, place of birth, nationality and similar data)
  • Contact details (address, email address, telephone number and similar data)
  • Legitimation data (identification, registration and comparable data)
  • Current accounts and credit card data
  • Information about your financial situation (creditworthiness data including scoring, i.e. data for assessing credit risk)
  • Data on the use of tele media we offer (e.g. time you call up our websites, apps or newsletters, pages of ours clicked or entries and comparable data)

Who else receives your data (recipients)?

To provide our services if is necessary for your data to be passed on to the following companies:

  • Creditreform Boniversum GmbH
  • Concardis GmbH
  • infoscore Consumer Data GmbH, Baden-Baden
  • SIX Group AG
  • Transact elektronische Zahlungssysteme GmbH
  • SIT Solution for IT-Payment GmbH
  • HIT Hanseatische Inkasso-Treuhand GmbH
  • Bluro GbR („Serverspot“)
  • Professionals with an obligation to secrecy such as auditors, tax consultants and lawyers
  • secucard GmbH
  • GmbH & Co. POS-cash KG
  • Processor

Within secupay AG, your data is sent to those departments that require it for us to fulfil our contractual and legal obligations.

If we commission service providers, your data is subject to the same security standards there as it is with us.

If the purchase price claim has been assigned to secupay AG, the data may be passed on to subsequent companies to enforce the purchase price claim:

  • Creditreform Dresden Aumüller KG
  • Creditreform München Ganzmüller, Groher & Kollegen KG

Is data transferred to a third country or an international organization?

In connection with providing our service, data is transferred to companies in the United States of America on the basis of EU standard contractual clauses (it is possible to inspection of this document).

How long will my data be stored?

To the extent necessary, we process and store your personal data for the duration of our business relationship, which also includes the initiation and execution of a contract.

In addition, we are subject to various storage and documentation obligations arising from, inter alia, the German Commercial Code (HGB), the German Fiscal Code (AO), the German Banking Act (KWG) and the German Money Laundering Act (GwG). The periods specified for storage or documentation therein are between two and ten years.

What data protection rights do I have?

Against us, you have

  • a right of access to your personal data pursuant to Art. 15 GDPR, as well as, under certain conditions,
  • a right of rectification pursuant to Art. 16 GDPR should your personal data be inaccurate or
  • a right to erasure pursuant with Art. 17 GDPR if, inter alia, the erasure does not conflict with any statutory retention obligations or
  • a right to restriction of processing pursuant to Art. 18 GDPR or
  • a right to object to the processing of your personal data pursuant to Art. 21 GDPR and
  • the right to data portability according to Art. 20 GDPR, i.e. the right to receive your data in a structured, common and machine-readable format and to transfer it to a third party.

In addition, you have a right to appeal to the data protection supervisory authority (Art. 77 GDPR). You can address this to the data protection supervisory authority responsible for us, whose contact details can be found at .

Is automated decision-making conducted in individual cases (including profiling)?

We transmit your data (name, address and, if applicable, date of birth) to check your creditworthiness, obtain information for assessing the risk of non-payment based on mathematical-statistical methods using address data, and verify your address (checking for deliverability) to infoscore Consumer Data GmbH, Rheinstr. 99, 76532 Baden-Baden.

Furthermore, for credit assessment and address verification purposes, we transmit your data (name, address and date of birth) to the companies that make up the association Creditreform Boniversum GmbH, Hammfelddamm 13, 41460 Neuss: Creditreform Boniversum GmbH, Hammfelddamm 13, 41460 Neuss, Creditreform München Ganzmüller, Groher & Kollegen KG, Machtlfinger Str. 13, 81379 Munich and Creditreform Dresden Aumüller KG, Augsburger Str. 4, 01309 Dresden.

The legal basis for these transfers is Art. 6(1)(b) GDPR.

No information on particularly sensitive data according to Art. 9 GDPR is processed.

Fraud prevention utilizing device fingerprint

For fraud prevention and detection, the data you provide may be used to verify whether an atypical payment transaction has occurred. In principle, we have a legitimate interest in carrying out such a review. The legal basis of the processing is Art. 6(1)(f) GDPR.

For this purpose, we use the services of Risk.Ident GmbH, Am Sandtorkai 50, 20457 Hamburg ("Risk.Ident") to operate our services. Risk.Ident uses cookies and other tracking technologies to collect and process data to identify the terminal device used by the user and other data about the use of our services. No assignment to a specific user occurs. Insofar as IP addresses are collected by Risk.Ident, they are immediately encrypted.

The data is stored by Risk.Ident in a fraud prevention database. In the database, we also store data transmitted by us to Risk.Ident regarding terminal devices, through the use of which (attempted) fraud has already occurred. Also in this respect, no allocation to specific users takes place. When a user uses our services, we retrieve a risk assessment of the user's terminal device from the Risk.Ident database. This risk assessment on the probability of a fraud attempt takes into account, inter alia, whether the terminal device has dialled in via different service providers, whether the terminal device has a frequently changing geo-reference, how many transactions have been made via the terminal device, and whether a proxy connection is used. The legal basis of the processing is Art. 6(1)(f) GDPR.

What data is collected when visiting the website?

For technical reasons, the following data, inter alia, that your Internet browser transmits to us or our web space provider is recorded (known as server log files):

  • browser type and version
  • operating system used
  • website from which you visit us (referrer URL)
  • website you visit
  • date and time of your access
  • your Internet Protocol (IP) address.

This anonymous data is stored separately from any personal data you may have provided for 7 days and thus does not allow any conclusions to be drawn about a specific person. It is evaluated for statistical purposes in order to be able to optimize our Internet presence and our offers. The legal basis for the processing of this data is Art. 6(1)(1)(f) GDPR (our legitimate interests as the data controller).

Contact form

If you send us inquiries via the contact form, your data from the inquiry form, including the contact data you provide there, will be transmitted to us in encrypted form.

The legal basis for the processing of this data, which is transmitted in the course of sending a request, is Art. 6(1)(f) GDPR (our legitimate interests as the data controller). If the request is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6(1)(b) GDPR (performance of a contract).

The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory legal provisions – in particular retention periods – remain unaffected.

User-generated content

When users leave comments, their IP addresses may be stored for 7 days based on our legitimate interests as defined in Art. 6(1)(f) GDPR. This is done for our security, in case someone leaves illegal content in comments and posts (insults, forbidden political propaganda, etc.). In this case, we ourselves may be prosecuted for the comment or post and are therefore interested in the identity of the author.

Furthermore, we reserve the right, on the basis of our legitimate interests pursuant to Art. 6(1)(f) GDPR, to process the information of the users for the purpose of spam detection.

We will store personal information provided in the context of the comments, any contact and website information, as well as content-related information, permanently until the user objects.


Wir verwenden auf unserer Seite sog. Cookies zum Wiedererkennen mehrfacher Nutzung unseres Angebots, durch denselben Nutzer/Internetanschlussinhaber. Cookies sind kleine Textdateien, die Ihr Internet-Browser auf Ihrem Rechner ablegt und speichert. Sie dienen dazu, unseren Internetauftritt und unsere Angebote zu optimieren. Es handelt sich dabei zumeist um sog. „Session-Cookies“, die nach dem Ende Ihres Besuches wieder gelöscht werden.

Teilweise geben diese Cookies jedoch Informationen ab, um Sie automatisch wieder zu erkennen. Diese Wiedererkennung erfolgt aufgrund der in den Cookies gespeicherten IP-Adresse. Die so erlangten Informationen dienen dazu, unsere Angebote zu optimieren und Ihnen einen leichteren Zugang auf unsere Seite zu ermöglichen.

Sie können die Installation der Cookies durch eine entsprechende Einstellung Ihres Browsers verhindern; wir weisen Sie jedoch darauf hin, dass Sie in diesem Fall gegebenenfalls nicht sämtliche Funktionen unserer Website vollumfänglich nutzen können.

Google Analytics

We use functions of the web analysis service Google Analytics on this website. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

Google Analytics uses "cookies". These are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.

The storage of Google Analytics cookies is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimize both its web offering and its advertising.

IP anonymization

We have activated the IP anonymization function on this website. As a result, your IP address is truncated by Google within Member States of the European Union or in other contracting states to the Agreement on the European Economic Area before being transmitted to the USA. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and Internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google.

Browser plug-in

You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link

For more information on how Google Analytics handles user data, please see Google's Privacy Policy

Order processing

We have concluded an order processing agreement with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.

Use of Google Adwords and Google Conversion Tracking

This website uses Google AdWords. AdWords is an online advertising programme of Google LCC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States ("Google").

Within the scope of Google AdWords, we use “conversion tracking”. When you click on an ad placed by Google, a cookie is set for conversion tracking. Cookies are small text files that the Internet browser stores on the user's computer. These cookies lose their validity after 30 days and are not used to personally identify users. If the user visits certain pages of this website and the cookie has not yet expired, we and Google can recognize that the user clicked on the ad and was redirected to this page.

Each Google AdWords customer receives a different cookie. The cookies cannot be tracked through AdWords customers' websites. The information collected using the conversion cookie is used to create conversion statistics for AdWords customers who have opted for conversion tracking. Clients learn the total number of users who clicked on their ad and were redirected to a page tagged with a conversion tracking tag. However, they do not receive any information with which users can be personally identified. If you do not wish to participate in the tracking, you can object to this use by easily deactivating the Google conversion tracking cookie via your Internet browser under user settings. You will then not be included in the conversion tracking statistics.

The storage of “conversion cookies" is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimize both its web offering and its advertising.

For more information on Google AdWords and Google Conversion Tracking, please see Google's Privacy Policy

You can set your browser to inform you about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. When cookies are disabled, the functionality of this website may be limited.

Use of Google reCaptcha

reCAPTCHA by Google LLC (Google). The query is used to distinguish whether the input is made by a human or abused by automated, machine processing. The query includes sending the IP address and possibly other data required by Google for the reCAPTCHA service to Google. For this purpose, your input is transmitted to Google and used there further.To protect your queries submitted via Internet form, we use the service

By using reCaptcha, you agree that the recognition you provide will be used in the digitization of old works. In case of activation of IP anonymization on this website, however, your IP address will be truncated beforehand by Google within Member States of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the USA and truncated there.

On behalf of the operator of this website, Google will use this information to evaluate your use of this service. The IP address transmitted by your browser as part of reCaptcha is not merged with other data from Google. The deviating data protection provisions of the Google company apply to this data.

If you want to prevent reCAPTCHA, you can do so by either adding the string the blocking list of the AdBlocker (which prevents the reCAPTCHA scripts from being reloaded from the Google server), or disabling JavaScript altogether – of course, in doing so you accept the associated disadvantages.

Use of OpenStreetMap

This site uses the free open-source mapping service OpenStreetMap via an API. The provider is the Openstreetmap Foundation, 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, United Kingdom. To use the functions of OpenStreetMap it is necessary to store your IP address. This information is usually transferred to a server of OpenStreetMap within Europe and stored there. The provider of this site has no influence on this data transmission. The use of OpenStreetMap is in the interest of an appealing presentation of our online offers and of easy findability of the places indicated by us on the website. This constitutes a legitimate interest within the meaning of Art. 6(1)(f) GDPR. For more information on the handling of user data, see the OpenStreetMap Foundation Privacy Policy

Use of Facebook components

We use components of the provider on our site. Facebook is a service of facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA.

With each visit to our website that is equipped with such a component, this component causes the browser you are using to download a corresponding representation of the component from facebook. This process informs facebook which specific page of our website you are currently visiting.

If you visit our site and are logged in to facebook during this time, facebook recognizes which specific page you are visiting through the information collected by the component and assigns this information to your personal account on facebook. If, for example, you click on the "Like" button or make corresponding comments, this information is transmitted to your personal user account on facebook and stored there. In addition, the information that you have visited our site is passed on to facebook. This happens regardless of whether you click on the component or not.

If you want to prevent this transmission and storage of data about you and your behaviour on our website by facebook, you must log out of facebook before you visit our site. The Privacy policy of Facebook provides more detailed information, in particular on the collection and use of data by facebook, your rights in this regard, and the settings options for protecting your privacy:

In addition, external tools are available on the market to block Facebook social plugins with add-ons for all popular browsers.

You can find an overview of the Facebook plugins at

Use of the Twitter recommendation components

We use components of the provider Twitter on our site. Twitter is a service of Twitter Inc, 795 Folsom St, Suite 600, San Francisco, CA 94107, USA.

With each visit to our website that is equipped with such a component, this component causes the browser you are using to download a corresponding representation of the component from Twitter. This process informs Twitter which specific page of our website is currently being visited.

We have no influence on the data that Twitter collects through this, nor on the scope of this data collected by Twitter. To the best of our knowledge, Twitter collects the URL of the respective website accessed and the IP address of the user but does not use it for purposes other than displaying the Twitter component. For more information, please see Twitter's Privacy Policy at

You can change your privacy settings in the account settings under ändern.


Within our online offer, functions and contents of the service Instagram, offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA, may be integrated. This may include, for example, content such as images, videos, or text and buttons that allow users to express their liking of the content, subscribe to the content creators, or subscribe to our posts. If the users are members of the Instagram platform, Instagram can assign the call of the above-mentioned content and functions to the profiles of its users. Instagram Privacy Policy

Use of Vimeo

We use the provider Vimeo, among others, to integrate our videos. Vimeo is operated by Vimeo, LLC, headquartered at 555 West 18th Street, New York, New York 10011.

On some of our web pages, we use plugins from the provider Vimeo to play videos. When you visit the Internet pages of our website that are provided with such a plugin, a connection is established to the Vimeo servers and the video is displayed. This transmits which of our Internet pages you have visited to the Vimeo server. If you are logged in as a Vimeo member, Vimeo assigns this information to your personal user account. You can prevent this assignment by logging out of your Vimeo user account before using our website and deleting the corresponding cookies from Vimeo.

For the purpose and scope of the data collection and the further processing and use of the data by Vimeo, as well as your rights in this regard and setting options for protecting your privacy, please refer to the Vimeo’s Privacy Policy of Vimeo

Use of YouTube

In addition, videos from the YouTube platform are also integrated into our website. YouTube is operated by Google Ireland Ltd, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter "Google"). The videos from YouTube are embedded on our website, stored on and can be played directly from this website. When you call up the embedded video, a connection is established to the servers of the provider YouTube in the USA and certain information (e.g. your IP address) is sent to the provider, even if you are not logged in to the provider. We do not obtain knowledge of the type and scope of the data collected by YouTube and have no influence on its use.

The purpose and scope of the data collection and the further processing and use of the data by YouTube, as well as your rights in this regard and the available settings options for protecting your privacy, can be found in the provider’s privacy policy: Privacy Policy of Google

You can technically deactivate the storage and use of cookies by YouTube in the settings of your browser or by means of browser add-ons; however, we would like to point out that in this case, you may not be able to use all functions of our website to their full extent.

Use of unbounce

We use the service unbounce for promotions and advertising campaigns (landing pages) on certain pages.

unbounce Marketing Solutions Inc.
400-401 West Georgia Street
Vancouver, BC
V6B 5A1

These pages are hosted by unbounce and the user's browser communicates directly with unbounce so that the user's IP address is transmitted and cookies can be set. All information entered by the user on these pages is also stored at unbounce. secupay is then provided with an evaluation of the activities. For more information about Unbounce and privacy at Unbounce, click here

Our online presence on social networks and platforms

Our presence on social networks and platforms serves to improve active communication with our customers and prospects. On these channels, inform about our services and ongoing special promotions.

When visiting our online presence on social media, your data may be automatically collected and stored for market research and advertising purposes. “Usage profiles” are created from this data using pseudonyms. These may be used, for example, to serve advertisements within and outside the platform that are presumed to match your interests. Cookies are generally used on your terminal device for this purpose. These cookies store visitor behaviour and interests. Pursuant to Art. 6(1)(f) GDPR, this serves to protect our legitimate interests in an optimized presentation of our offer and effective communication with customers and interested parties, which prevail in the context of a balancing of interests. If you are asked by the respective social media platform operators for consent (agreement) to the data processing, e.g. through a checkbox, the legal basis for the data processing is Art. 6(1)(a) GDPR.

Insofar as the aforementioned social media platforms have their headquarters in the USA, the following applies: In connection with the provision of our service, data is transferred to companies in the United States of America on the basis of contracts that ensure the protection of personal data.

For detailed information on the processing and use of data by the providers on their sites, as well as a contact option and your rights and setting options in this regard to protect your privacy, in particular objection options (opt-out), please refer to the privacy notices of the providers linked below. If you still need help in this regard, you can contact us.


Shariff sharing function

We use the privacy-safe "Shariff" buttons. "Shariff" was developed to allow more privacy on the web and replace the usual "share" buttons of social networks. In this case, it is not the user's browser but the server on which this online offering is located that establishes a connection with the server of the respective social media platforms and queries, for example, the number of likes, etc. The user remains anonymous.

Contact form

*Mandatory field

Please note our Privacy Policy
Settings cookies
How can we help you?
Die Darstellung der Website kann nicht in vollem Umfang abgebildet werden.

Um diese Seite vollumfänglich nutzen zu können, wechseln Sie Ihren Browser bitte zu Firefox, Edge or Chrome.

Thank you very much for your message

If you have any questions, please do not hesitate to contact us by phone or e-mail.

Best regards
Your secupay team

Email: [email protected] | Telephone: +49 (0) 35955 75 50 0
Monday - Friday 9:00 a.m. to 5:00 p.m