Repayd
Apply for access

Legal

Privacy Policy

Last updated 27 May 2026

This Privacy Policy explains how Craftr London Ltd, trading as Repayd (“Repayd”, “we”, “us” or “our”), collects, uses, and protects personal data when you use our services. We are the data controller for the personal data described in this policy. We process personal data in accordance with the UK GDPR and the Data Protection Act 2018.

1. Who we are

Repayd provides software that helps developers integrate third-party payment service providers (“PSPs”) such as Mollie, Stripe and Shopify into their applications. We are the integration layer — we are not a payment processor and we do not store cardholder data or take custody of funds. Payment data is handled by the relevant PSP under its own privacy policy.

2. Data we collect

We collect the following categories of personal data:

  • Account data — name, email address, company details, and credentials you provide when registering or contacting us.
  • Integration and transaction metadata — limited technical data about the transactions routed through your integration (such as amounts, timestamps, currency, status, and the PSP used) that we need to provide the service and calculate our per-transaction fees. We do not collect or store full payment card details.
  • Usage and technical data — API usage, log data, IP address, device and browser information, and similar diagnostic data.
  • Communications — the content of messages you send us through our contact forms, email, or support channels.

3. How we use your data

We use personal data to:

  • provide, operate, and maintain the services;
  • route transactions to your chosen PSP and calculate and charge our fees;
  • authenticate users, secure the services, and prevent fraud and abuse;
  • respond to your enquiries and provide support;
  • analyse and improve our services;
  • comply with legal and regulatory obligations.

4. Legal bases for processing

We rely on the following legal bases under the UK GDPR: performance of a contract (to deliver the services you request); legitimate interests (to secure, operate, and improve the services, balanced against your rights); legal obligation (to meet our compliance and record-keeping duties); and consent (where required, for example for certain marketing communications, which you may withdraw at any time).

5. Sharing your data

We may share personal data with:

  • PSPs and payment providers you choose to integrate, to enable the transactions you initiate;
  • Service providers who support our operations (such as hosting, infrastructure, and analytics providers) under appropriate data-protection terms;
  • Authorities or third parties where required by law, to enforce our terms, or to protect our rights, users, or the public.

We do not sell your personal data.

6. International transfers

Some of our providers may process data outside the UK or European Economic Area. Where we transfer personal data internationally, we put in place appropriate safeguards — such as UK adequacy regulations or the International Data Transfer Agreement / Standard Contractual Clauses — to ensure your data remains protected.

7. Data retention

We retain personal data only for as long as necessary to provide the services and to meet our legal, accounting, and reporting obligations. When data is no longer needed, we securely delete or anonymise it.

8. Your rights

Subject to applicable law, you have the right to access, rectify, or erase your personal data; to restrict or object to processing; to data portability; and to withdraw consent where processing is based on consent. To exercise these rights, contact us at privacy@repayd.net. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) at ico.org.uk.

9. Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or disclosure. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security.

10. Cookies

We use cookies and similar technologies to operate our website, remember your preferences, and understand how the site is used. You can control cookies through your browser settings; disabling some cookies may affect how the site functions.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and revise the “last updated” date above. Material changes will be communicated where appropriate.

12. Contact

For any privacy questions or to exercise your rights, contact us at privacy@repayd.net. Repayd is a trading name of Craftr London Ltd, 71–75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ, registered in England & Wales under company number 16419143.