This Privacy Policy explains how Damsole Technologies Limited ("Damsole", "we", "our", "us") collects, uses, stores, and protects personal data in connection with our payment infrastructure platform and related services.
1. Who We Are
Damsole Technologies Limited is a company registered in England and Wales. We operate an ISO payment operating platform ("the Platform") that provides payment processing infrastructure to independent merchants and ISO partners ("Merchants").
For the purposes of UK data protection law (UK GDPR and the Data Protection Act 2018), Damsole Technologies Limited is the data controller in respect of personal data collected through our website and platform.
Contact: support@damsoletech.com
2. Data We Collect
2.1 Website Visitors
- IP address and browser/device identifiers (collected automatically via server logs)
- Pages visited, time on site, and referrer URL (analytics)
- Name, email address, and message content (if you submit our contact form)
2.2 Merchant Partners & ISO Partners
- Full name, business name, registered address
- Email address and phone number
- Government-issued identity documents (for KYC/KYB purposes)
- Bank account details (for settlement purposes)
- Business registration documents, VAT numbers, and related regulatory information
- Transaction data processed through the Platform
2.3 End Customers
When end customers make payments through Merchants using our Platform, we may process limited payment-related data (e.g. masked card details, transaction amount, currency, IP address) as a data processor acting on behalf of the Merchant.
3. How We Use Your Data
- Contract performance — to onboard Merchants, process transactions, and provide Platform services
- Legal obligation — to comply with AML, KYC, and other financial regulations
- Legitimate interests — to prevent fraud, secure the Platform, and improve our services
- Consent — to send marketing communications where you have opted in
4. Data Sharing
We do not sell personal data. We may share data with:
- Payment processors and card networks (Visa, Mastercard) to process transactions
- Identity verification providers for KYC/KYB compliance
- Cloud hosting providers (data stored within the UK/EEA where possible)
- Law enforcement or regulators where legally required
5. Data Retention
We retain personal data for as long as necessary to fulfil the purposes described above. For Merchant and transaction data, we retain records for a minimum of 6 years in accordance with UK financial services requirements.
6. Your Rights
Under UK GDPR, you have the right to: access your personal data; rectify inaccurate data; request erasure (subject to legal retention obligations); restrict or object to processing; and data portability.
To exercise your rights, email support@damsoletech.com. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
7. Cookies
Our website uses essential cookies for security and session management, and optional analytics cookies. Please see our Cookie Policy for details.
8. Changes to This Policy
We may update this policy from time to time. The "Last updated" date at the top of this page reflects the most recent version. Continued use of the Platform after changes constitutes acceptance.