Privacy Centre

Updated 1 November 2021


Our privacy practices for people who take payments for their goods and services using GoCardless

How does GoCardless use personal data?

Providing our payment services

We use identification, contact, financial, transaction and connection data to provide our services.

Preventing money laundering and financial crime

We use identification, contact, usage, connection and due diligence data to comply with anti-money laundering laws and due diligence obligations.

Communicating with you

We use identification, transaction and contact data to communicate with you.

Preventing fraud or unauthorised use

We use identification, contact, financial, transaction, usage, connection and due diligence data to monitor and prevent fraud and unauthorised use of our services.

Measuring satisfaction

We use identification, contact, transaction and connection data to understand how merchants feel about our services.

Improving our services

We use identification, contact, financial, usage, transaction and connection data to improve our services.

Investigating claims and other legal activities

We use identification, contact, financial, transaction, connection and due diligence data to protect our legal rights and interests.

What personal data do we use?

When you set up and use a GoCardless account, we collect personal data about you and your company’s employees, directors, trustees or beneficial owners. That includes:

  1. Identification information, such as name, job title, birthdate, nationality, government-issued identification (for example, a passport or driver’s license), and account username and password.
  2. Contact information, such as email address, phone number, work address, company or organisation name, country and language.  
  3. Financial information, such as sort code, bank account number and account holder name and address.
  4. Transaction information, such as the names of transacting parties, transaction description, payment amounts, and the devices and payment methods used to complete the transactions.
  5. Usage information, Usage information, such as how you enter data on our sites and services and how long it takes, and whether you opened an email or clicked a link. To collect this data we use cookies and other tracking technologies.
  6. Connection information, such as the type of device you use to access our services, operating system and version, device identifiers, network information, log-in records, IP address and location derived from it.
  7. Due diligence information, such as identity verification, background check and credit references (for example, Onfido, LexisNexis or Creditsafe), from financial institutions (such as our banking partners), from social media such as LinkedIn, or from other public sources.

If you have a question or a problem

You can contact our privacy team to ask a question or exercise your rights or choices about our privacy practices.

If we can’t resolve your concerns, you may have the right to complain to a data protection authority or other regulator where you live or work, or where you believe a breach may have occurred.

More legal details

Read more about our data protection compliance and the further legal details required in some countries, such as:

  • What makes our processing lawful?
  • Who do we share personal data with?
  • How do we protect data that crosses borders?
  • How do we make automatic decisions about people?
  • How long do we keep the data?
  • What rights do you have and how do you exercise them?

GoCardless Ltd., Sutton Yard, 65 Goswell Road, London, EC1V 7EN, United Kingdom

GoCardless (company registration number 07495895) is authorised by the Financial Conduct Authority under the Payment Services Regulations 2017, registration number 597190, for the provision of payment services.

GoCardless SAS, WeWork - 7 rue de Madrid, Paris, 75008, France

GoCardless SAS, an affiliate of GoCardless Ltd (company registration number 834 422 180, R.C.S. PARIS), is authorised by the ACPR (French Prudential Supervision and Resolution Authority), Bank Code (CIB) 17118, for the provision of payment services.