Privacy Centre


Our privacy practices for people who make payments using GoCardless

Who is GoCardless?

GoCardless provides the technology and other services that help merchants around the world process payments for their goods or services. 

If you have a question about how we handle your personal data, you can reach us at: 

GoCardless Ltd., Sutton Yard, 65 Goswell Road, London EC1V 7EN, United Kingdom

Contact the Data Protection Officer

If you have questions about how a merchant handles your personal data, or if you wish to exercise your rights for the personal data they hold, you will need to contact them directly. If you don’t recognise a payment on your statement, find out who your merchant is here.

How does GoCardless use personal data?

Reason for processing

Type of personal data we use

Providing payment services

We provide payment services and deliver key features of our service to the merchants you pay using GoCardless, such as displaying transaction history and payment status. 

Identification, contact, financial, transaction, connection

Preventing fraud

We check that you own the bank account you enter for our services and that you have the funds to cover the transaction. We may block transactions we believe to be fraudulent or unauthorised, or that violate our terms. 

When you set up a payment, we may ask you to grant us access to personal data directly from your bank account so that we can verify that you are the owner of the account. This data is limited to your bank account number, name and address, and we access it only with your consent. 

If our fraud alerts or those of our banking partner flag a potentially fraudulent payment, account or chargeback, we may need to confirm your identity. We use publicly available data or identity verification and screening services from agencies like Onfido or Lexis Nexis. After this, we will either clear the alert or stop the payment or chargeback.

Identification, contact, financial, transaction, connection

Learn more about how we make automatic decisions.

Increasing payment speed and success

We calculate whether a payment is likely to clear and use that calculation to make decisions about how we provide our services. For example, we might ask for a different payment method or change the date we withdraw the payment from your bank, or we might advance payments to your merchant to process their transactions more quickly.

Identification, contact, financial, transaction, connection

Learn more about how we make automatic decisions.

Communicating with you

We send you messages that are necessary for our services, like payment notification emails. If you need help, we communicate with you to provide customer support

We don’t market to consumers who make payments using our services, and we don’t sell personal data.

Identification, contact

Improving our services

We analyse how people engage with our site and services so that we can improve our services and develop new products or features. For example, we might use personal data and other observations to make our payment pages easier to use or our machine learning models more accurate.

Identification, contact, financial, transaction, connection

Investigating claims and other legal activities

Where we believe it is necessary to protect our legal rights and interests and the interests of others, we use personal data in connection with legal claims, compliance, regulatory and audit functions, and in connection with the acquisition, merger or sale of a business.

Under exceptional circumstances, we may be required by law to provide personal data to law enforcement agencies, courts or others in connection with claims and other litigation.

Identification, contact, financial, transaction, connection

What personal data do we use?

  • Identification information, such as your name and organisation. In some countries, we may be required by law or by financial institutions to collect a government identifier from you (for example, a social security number or tax ID).
  • Contact information such as your mailing address and email address. 
  • Financial information, such as your bank account number, sort code, account holder name, and other information you provide to us or give us consent to access from your bank.
  • Transaction information, such as the name of the merchant you pay using our services, a description of the transaction, and the payment amount.
  • Connection information, such as the type of device you use to access our services, operating system and version, device identifiers, network information, IP address and location derived from your IP address. To collect this data we use cookies and other tracking technologies.
  • If you have a question or a problem

    You can contact our privacy team to ask a question or exercise your rights or choices about our privacy practices. If we can’t resolve your concerns, you may have the right to complain to a data protection authority or other regulator where you live or work, or where you believe a breach may have occurred.

    The legal details

    If you'd like to read more about our data protection compliance and the disclosures we're required to make by law, click here.

    GoCardless Ltd., Sutton Yard, 65 Goswell Road, London, EC1V 7EN, United Kingdom

    GoCardless (company registration number 07495895) is authorised by the Financial Conduct Authority under the Payment Services Regulations 2017, registration number 597190, for the provision of payment services.