1. General Provisions
This Privacy Policy sets out how Litas (hereinafter — "we", "Litas" or the "Platform"), available at litas.cloud, collects, uses, stores and discloses information obtained from platform users (hereinafter — "Merchant" or "you").
Litas is a payment acceptance platform that enables merchants to accept payments from their customers using QR codes, bank redirects (Open Banking) and contactless card payments (Tap to Pay).
By using the Litas platform, you agree to this Privacy Policy.
2. Data Controller
The controller of your personal data is the Litas platform, available at litas.cloud.
Contact for data protection matters: info@litas.cloud
3. What Data We Collect
3.1. Merchant Registration Data
- First and last name
- Email address
- Phone number
- Company name and registration number
- Personal identification number (for KYC verification)
- Bank account (IBAN) details for payouts
3.2. Payment Data
- Transaction amounts, currencies, dates
- Payment statuses and references
- Payment method type (QR, Tap to Pay, Open Banking)
- Paysera or Adyen transaction identifiers
3.3. Device Data
- Device model and operating system
- Unique device identifier
- Login date and time
3.4. Technical Data
- IP address
- Browser type
- Login session information
- Cookie data
4. Purposes and Legal Basis for Data Processing
| Purpose | Legal Basis |
|---|---|
| Account creation and management | Performance of a contract |
| Payment acceptance and processing | Performance of a contract |
| KYC/AML verification | Legal obligation |
| Executing payouts | Performance of a contract |
| Fraud prevention | Legitimate interest |
| Platform improvement | Legitimate interest |
| Technical cookies | Legitimate interest |
5. Sharing Data with Third Parties
Your data may be shared with the following partners who are necessary for service delivery:
- Paysera — for payment processing via Checkout and Open Banking
- Adyen — for Tap to Pay contactless payment processing
- Server providers — for data storage within the EU territory
We do not sell or rent your personal data to third parties for marketing purposes.
6. Data Retention Periods
- Account data — retained while account is active + 1 year after closure
- Transaction data — 5 years (per accounting requirements)
- KYC documents — 5 years after the end of the business relationship
- Technical logs — 90 days
7. Your Rights (GDPR)
Under the General Data Protection Regulation (GDPR), you have the following rights:
- Right of access — to obtain information about data being processed
- Right to rectification — to request correction of inaccurate data
- Right to erasure — to request deletion of personal data
- Right to restriction of processing — to request a temporary suspension of processing
- Right to data portability — to receive data in a structured format
- Right to object — to object to data processing
To exercise these rights, contact us at: info@litas.cloud
8. Data Security
We apply the following security measures:
- All data is transmitted using TLS/SSL encryption
- Passwords are stored using bcrypt hashing
- JWT tokens with limited expiry time
- Role-based access control (RBAC)
- Regular audit logs
- Databases hosted within EU territory
9. International Data Transfers
Your data is processed and stored within the European Union. Our payment processing partners (Paysera, Adyen) also operate in accordance with EU data protection standards.
10. Changes
We may update this Privacy Policy at any time. We will notify you of significant changes by email or via a platform notification.
11. Contact
For any privacy-related questions, contact us:
Email: info@litas.cloud
Website: litas.cloud