Privacy Notice

We will collect and process all or some of the following personal data about you:

• Information you provide to us personal data that you provide to us such as when you complete a form on our Website, including but not limited to, your name, email address, phone number, country and company (and/or the industry your work in). We may also process information on your education and work experience in connection with a job opening at Worldline for which you wish to be considered. You may also provide us with your contact details, address and bank details to enable us to perform a contract you have entered into with us or to make payments to you in relation to goods or services you provide to us;
• Correspondence and other communications if you contact us by telephone, letter or by email, we will typically keep a record of that correspondence or communication;
• Survey information and feedback, we may also ask you to complete surveys that we use for research purposes or to provide feedback that we use to develop and improve our product and service offering. In such circumstances we shall collect the information provided in the completed survey/feedback request;
• Website and communication usage details of your visits to the websites and information collected through cookies and other tracking technologies including, but not limited to, your IP address and domain name, your browser version and operating system, browser language, access time, traffic data, location data, web logs, movements on the website, referring web site addresses and other communication data.  We may also collect information about the pages you view within the Website and other actions you take while visiting us. In addition, we may also use such technologies to determine whether you’ve opened an e-mail or clicked on a link contained in an e-mail;.
• Information from third parties we may also be provided with your information from other sources, for example from our affiliate companies or business partners in relation to business opportunities or from search engines, credit reference companies or government agencies, in relation to our due diligence processes.

In this section, we set out the purposes for which we use personal data that we collect and hold and, in compliance with our obligations, especially under European privacy law, identify the “legal grounds” on which we rely to process the information.

We use your personal data only when we have a valid legal basis to do so. Depending on the circumstance, we may rely on your consent or the fact that the processing is necessary to fulfil a contract with you, protect your vital interests or those of other persons, or to comply with law. We may also process your personal data where we believe it is in our or others’ legitimate interests, taking into consideration your own interests, and rights.

To communicate effectively with you and conduct our business, including to fulfil your requests:

We might use your personal data in order to effectively respond to your contact request; your registration request to events organized by us; or to your appointment request with one of our experts; to respond to your request for proposal or offer if you are interested in doing business with us; or we may contact you if we are interested in doing business with you; to respond to your job application; to otherwise communicate with you; or with other internal and external parties concerning you; or to carry out our obligations arising from any agreements entered into between you and us.

When we use your information for these purposes, we often base such use on your prior and informed consent, or on contractual necessity (which means we will not be able to fulfil our part of an agreement without using your data to do so), or on our legitimate interests (which means we have legitimate business interests that we wish to protect and cannot do so without using your personal data).

To provide you with access to restricted Website areas: 

In order to provide you with an online account and access to restricted areas, where you have filled in a form to create an account on our Website.

When we use your information for these purposes, we base such use on contractual necessity (which means we will not be able to facilitate access to the restricted areas without using your data to do so), or on our legitimate interests (which means we have legitimate business interests that we wish to protect and cannot do so without using your personal data).

To provide you with marketing materials: 

To provide you with email alerts, updates, offers and invitations to our events, where you have chosen to receive these.  We may also use your information for marketing our own and our selected business partners’ products and services to you. Where required by law, we will ask for your prior and informed consent. We will provide an option to unsubscribe or opt-out of further communication on any electronic marketing communication sent to you or you may opt out by Contacting us as set out in the “Contacting us” section below.

When we use your information for these purposes, we base such use on your prior and informed consent, or on our legitimate interests (which means we have legitimate business interests to keep you updated with news about our products and services and cannot do so without using your personal data).

For research and development purposes:

To analyze your personal data in order to better understand you so that we can continue to develop and improve our products and services.

When we use your information for these purposes, we base such use on our legitimate interests (which means we have legitimate business interests to improve our products and services and cannot do so without using your personal data).

To ensure proper functionality of our websites and to ensure relevance of content: 

We collect usage data and statistics about our websites’ usage and effectiveness through the use of various technologies and personalize your experience while you are on our Websites, as well as tailor our interactions with you. We have a separate Cookie Notice that gives you more information on how we use cookies on our website. We also collect information to ensure that content from our websites are presented in the most effective manner to you, which may include passing your data to business partners, suppliers and/or service providers. 

Depending on the types of cookies we place, which can range from strictly necessary to marketing cookies, we base such use on our legitimate interests to ensure proper functionality of our website or on your prior and informed consent. When using your data for content relevance, we typically base this on our legitimate interests (which means we have a legitimate interest to keep our website content current and updated and fit for your use. We will be unable to do this without using your personal data).

To monitor certain activities: 

We collect information about you to monitor queries and transactions to ensure service quality or to comply with our legal obligations to combat fraud.

When we use your information for these purposes, we base such use on our legal duty (which means that there are different laws that compel us to monitor for certain behaviors and activities) or on our legitimate interests (which means we have legitimate business interests to monitor for fraudulent transactions and cannot do so without using your personal data).

To inform you of changes: 

To notify you about changes to our services and products;

When we use your information for these purposes, we base such use on our legitimate interests (which means we cannot communicate changes to you without using your personal data).

To reorganize or make changes to our business: 

Should we ever sell our business or a part thereof; or undergo re-organization, we might be obligated to disclose your personal data to the relevant third party (or its advisors) as part of any due diligence process for the purpose of analyzing any proposed sale or re-organization. We may also need to transfer your personal data to that re-organized entity or third party after the sale or reorganization for them to use for the same purposes as set out in this notice.

When we use your information for these purposes, we base such use on our legitimate interests (which means we cannot communicate changes to you without using your personal data).

In connection with contractual, legal or regulatory obligations: 

We may disclose your personal data to external third parties such as service providers, contractors, agents, advisors, group companies, affiliates, subsidiaries, supervisory authorities in order to comply with our contractual duties, legal obligations or to protect your interests.

We may also use your personal data to comply with our regulatory requirements or dialogue with regulators as applicable, which may include disclosing your personal data to third parties, the court service and/or regulators or law enforcement agencies in connection with enquiries, proceedings or investigations by such parties anywhere in the world or where compelled to do so.  Where permitted and feasible, we will direct any such request to you or notify you before responding unless to do so would prejudice the prevention or detection of a crime.  

When we use your information for these purposes, we base such use on contractual necessity (which means we will not be able to fulfil our part of an agreement without using your data to do so),  our legal obligations (which means we are legally required to comply with certain laws), or on our legitimate interests (which means we have legitimate business interests in cooperating with law enforcement and regulatory authorities in compliance with applicable laws and cannot do so without using your personal data).

Recipients

In order to fulfil your requests, we may need to share or otherwise transfer your personal data within our group of companies such as to a shared services company located in a different region or jurisdiction to you. Where appropriate we may also transfer your personal data to third parties, for example external event organizers or partner companies who may be in a better position to satisfy your request.

We may also share your personal data with our service providers who perform services on our behalf. We contractually require these service providers to use or disclose the personal data only as necessary to perform services on our behalf.

Security over the internet 

As you will know, the transmission of information via the internet is not completely secure. We maintain commercially reasonable physical, electronic, and procedural safeguards to protect your personal data in accordance with data protection legislative requirements.

All information you provide to us is stored on our or our subcontractors’ secure servers and accessed and used subject to our security policies and standards.  Where we have given you (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential and for complying with any other security procedures that we notify you of.  We ask you not to share a password with anyone.

International data transfer

Where we transfer personal data from the European Economic Area (the “EEA”) to a country outside the EEA (or a country that is NOT considered as offering an adequate level of protection as adopted by the European Commission on the basis of Article 45 of the General Data Protection Regulation 2016/679 (GDPR), we may be required to take specific additional measures to safeguard the relevant personal data and such transfer will be based on legal grounds and mechanisms justifying such transfer, such as EU Commission-approved standard contractual clauses, or other legal grounds permitted by applicable law.

Certain countries outside the EEA have been approved by the European Commission as providing essentially equivalent protections to EEA data protection laws and therefore no additional safeguards are required to export personal data to these jurisdictions (see the full list here https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en).

This international data transfer can for example occur when your personal data may be transferred to, or stored in, or accessed by our staff or suppliers in a destination outside the country in which you are located. Despite any differences in the regional or national laws, we will, in all circumstances, safeguard personal data as set out in this Privacy Notice.

Data retention

Our retention periods for personal data are based on business needs and local legal requirements. We retain personal data for as long as is necessary for the processing purpose(s) for which the information was collected, and any other permissible, related purpose. For example, we may retain the information you provided to us as long as necessary to provide you with the services you requested through our Website and until the time limit for claims which may arise from those services has expired, or to comply with regulatory requirements regarding the retention of such data. So, if we use your personal data for more than one purpose, we will retain it until the purpose with the latest period expires; but we will stop using it for the purpose(s) with a shorter period once that period expires.

When personal data is no longer needed, we either irreversibly anonymize the data (and we may further retain and use the anonymized information) or securely destroy the data.

We are committed to facilitating your ability to exercise your rights regarding your personal data. Depending on your location and the nature of our processing activities, you have the following legal rights:

• Right of Access: You can request a copy of the personal data we hold about you.
• Right to Rectification: You can ask us to correct inaccurate or incomplete data.
• Right to Erasure ("Right to be Forgotten"): You can request that we delete your data under certain legal conditions.
• Right to Restriction of Processing: You can ask us to temporarily stop processing your data while a dispute is resolved.
• Right to Data Portability: You can request that we transfer your data to you or another provider in a structured, machine-readable format.
• Right to Object: You can object to our processing of your data based on legitimate interests or for direct marketing purposes.
• Right to Withdraw Consent: Where our processing is based on your consent, you have the right to withdraw it at any time.
  

Right to Lodge a Data Protection Complaint

If you believe that our processing of your personal data infringes data protection laws, or if you are dissatisfied with how we have handled your data, you have the right to lodge a formal complaint directly with us.

In accordance with the Data (Use and Access) Act 2025, we actively facilitate this process through dedicated, accessible channels:

1. Our Commitment: We will formally acknowledge your complaint within 30 days of receipt.
2. Investigation: Our Data Protection Officer (DPO) will investigate your concerns thoroughly and "without undue delay".
3. Submission: To file a complaint, please use the dedicated electronic submission channels detailed on our website or contact us via the details in Section 5 (Contacting us).

Escalation to Regulatory Authorities

You maintain the right to escalate your complaint to a supervisory authority at any time:

• United Kingdom: You can complain directly to the Information Commissioner’s Office (ICO) via their website at www.ico.org.uk.
• European Economic Area (EEA): You can complain to the local data protection authority in the country where you live, work, or where the alleged infringement occurred.

If you would like to exercise any of your rights listed in this Privacy Notice, or if you wish to lodge a formal data protection complaint, you should first fill in our dedicated electronic webform designed for that purpose. You can access it here:

Data Subject Request & Complaint Form

Using this electronic form ensures that your request or formal dispute is safely routed and processed within the legally mandated timeframes.

If you have other questions in relation to our processing of your personal data, or if you prefer to contact our Data Protection Officer (DPO) through an alternative channel, you can reach us at:

• Email: dpo-rbub@worldline.com

When submitting a dispute or request via email or post, please clearly state "Data Protection Complaint" or "Data Rights Request" in the subject line or heading to help us fast-track your inquiry.

We use cookies and tracking technologies on our websites. To find out more about how we use cookies, please see our Cookie Notice

We may change the content of our websites and how we use cookies and consequently our Privacy Notice and our Cookie Notice may change from time to time in the future. If we change this Privacy Notice or our Cookies Notice, we will update the date it was last changed below. If these changes are material, we will indicate this clearly on our Website.

This Privacy Notice was last updated on 11 June 2026.