SuccessPay

Privacy Policy

Effective Date: 28 April 2026  ·  Success Group, Abu Dhabi, UAE

1. Introduction

Success Group ("we", "us", "our") is committed to protecting the privacy and personal data of all individuals who interact with SuccessPay. This Privacy Policy explains how we collect, use, disclose, and safeguard personal data in accordance with the UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL) and other applicable UAE regulations.

2. Data Controller

Success Group, registered in Abu Dhabi, UAE, is the Data Controller of personal data collected through the SuccessPay platform.

Contact: hello@successpay.ae

3. Personal Data We Collect

3.1 From Merchants (Business Customers)

  • Business name, trade licence number, and registration details.
  • Names, Emirates ID or passport details of authorised signatories and beneficial owners.
  • Bank account and financial settlement information.
  • Contact details: email address, phone number, business address.
  • Transaction history and payment data.

3.2 From End-User Customers (via Merchant Integrations)

  • Payment card details (processed in encrypted, tokenised form — we do not store full card numbers).
  • Transaction amounts, dates, and merchant references.
  • Device and browser information for fraud detection.
  • IP address and geolocation data.

3.3 Automatically Collected Data

  • Website usage data and cookies (see our Cookie Policy).
  • Log files, access times, and referring URLs.

4. Legal Basis for Processing

We process personal data on the following legal grounds:

  • Performance of a contract: to provide our payment gateway and POS Services.
  • Legal obligation: to comply with UAE AML/CFT regulations, CBUAE requirements, and tax obligations.
  • Legitimate interests: to prevent fraud, ensure platform security, and improve our Services.
  • Consent: where we have obtained your explicit consent, including for marketing communications.

5. How We Use Your Personal Data

  • Processing and settling payment transactions.
  • Merchant onboarding and KYC/AML verification.
  • Fraud monitoring, risk management, and chargeback handling.
  • Regulatory reporting to CBUAE and other authorities as required by law.
  • Providing customer support.
  • Sending service-related communications and, where consented, marketing updates.
  • Improving and developing our platform and Services.

6. Data Sharing and Disclosure

We do not sell your personal data. We may share data with:

  • Payment providers, card networks (Visa, Mastercard, etc.) to process transactions.
  • Banking and financial institution partners for settlement.
  • Regulatory authorities (CBUAE, UAE Financial Intelligence Unit) as required by law.
  • Identity verification and KYC service providers.
  • Cloud and IT infrastructure providers (under data processing agreements).
  • Professional advisers (lawyers, auditors) under confidentiality obligations.

Any third-party processors are bound by contractual obligations to protect your data to standards equivalent to this Policy.

7. International Data Transfers

Where personal data is transferred outside the UAE, we ensure appropriate safeguards are in place in accordance with UAE PDPL requirements, including standard contractual clauses or transfers to jurisdictions with adequate data protection frameworks.

8. Data Retention

We retain personal data only as long as necessary for the purposes described in this Policy and as required by UAE law. In particular:

  • Transaction records are retained for a minimum of five (5) years in accordance with AML regulations.
  • Merchant onboarding records are retained for five (5) years following contract termination.
  • Marketing consent records are retained until consent is withdrawn.

9. Your Rights Under UAE PDPL

Subject to applicable law, you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete data.
  • Request deletion of your data where no longer necessary.
  • Object to processing for marketing purposes.
  • Request restriction of processing in certain circumstances.
  • Data portability, where technically feasible.

To exercise your rights, please contact us at hello@successpay.ae. We will respond within the timeframe stipulated by UAE PDPL.

10. Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, disclosure, or destruction. These include PCI-DSS compliant infrastructure, TLS encryption in transit, tokenisation of card data, and access controls. In the event of a data breach affecting your rights, we will notify you and relevant authorities as required by UAE law.

11. Children's Privacy

SuccessPay Services are intended for use by businesses and are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors.

12. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or applicable law. We will notify Merchants of material changes by email. The current version is always available at www.successpay.ae.

13. Contact Us

Data Protection Enquiries:
hello@successpay.ae
Website:
www.successpay.ae
Address:
Success Group, Abu Dhabi, United Arab Emirates