The protection of personal data is more than just a legal requirement for BS PAYONE. Rather, they are a customer-oriented quality feature and have a high priority in the design of business relationships and processes.
As a data processor, we are governed by the requirements of the Data Protection Act or DPAct for short – and supplementary data protection regulations set out in many other codes and directives.
In our view, data protection is not simply a legal obligation. It is also a socio-political issue and a measure of quality which puts the interests of customers first. Accordingly, we have a data protection policy in place within our organisation.
In our view, all data and information are equally worthy of protection. Such data and information include the personal data belonging to our employees, customers, suppliers and other business partners as well as their and our corporate data.
We only process data as appropriate for its intended purpose. All employees handling personal data are bound by the data secrecy obligation in accordance with Art. 16 DPAct and receive training accordingly. We meet the requirements of the DPAct relating to data processing security by implementing organisational and technical measures in accordance with Art. 16 DPAct.
Unauthorised users have no access our data processing facilities and cannot use our systems. Only authorised users can access our data and only they are permitted to process and transfer it; various security controls are in place and data availability is assured. When undertaking data processing outsourced to us by third parties, we work exclusively under the instructions issued to us by the contracting party in writing in accordance with Art. 16 DPAct. These instructions specify the how data is to be processed, the organisational and technical measures to be implemented and any subcontractual relations between principal and agent. They also define the parties responsible for the individual tasks to be completed.
We, BS PAYONE GmbH, herewith state that we are responsible for the security of cardholder data we possess or otherwise store, process, or transmit on behalf of our customers or to the extent that they could impact the security of your cardholder data environment.
Personal data belonging to the users of our online products and services is only processed insofar as is necessary for the performance of the services offered. In principle, our online products and services can also be used anonymously. However, this does not apply to our areas and services protected by login mechanisms, where users must register with their personal data. You do not have to reveal your true identity. If you purchase the newsletter, for example, we will ask you for your name and other personal information. You are free to choose whether or not to enter your data. We save the data you provide on servers which are afforded particular protection.
Access to the servers is only permitted to a small number of authorised users with an official remit to perform the associated technical, commercial or editorial tasks.
Data usage when signing up for email newsletter
When you subscribe to our newsletter, we use the data required for this purpose or additionally provided by you to send you regularly our e-mail newsletter according to your consent. You can unsubscribe from the newsletter at any time by sending a message to the contact form described below or via a link provided in the newsletter.
The servers are only accessible by a few authorized persons who are responsible for the technical, commercial or editorial support of the servers.
Your IP address is saved as pseudonymised data for the purpose of website optimisation; in other words, there is no unique assignment between an IP address saved as pseudonymised data and the user of that IP address. For reasons of operational safety and reliability, the IP addresses which access our website are retained for 7 days before being deleted completely.
We will only use your personal data within BSPAYONE GmbH and its affiliated companies for the purpose of processing your order. We will not disclose your personal data to third parties without your express consent. Where data is disclosed to service providers during the course of processing your order, said providers shall be bound by the DPAct and other legal requirements, as well as being bound contractually by the data protection guidelines set out by BSPAYONE GmbH.
Right of withdrawal
Having given it, you can at any time withdraw your consent for your personal data to be collected, processed and used from that point on.
Right to information
For information about what personal data we have on record for you, please submit a request in writing.
Please direct all questions, suggestions or comments about data protection to:
BS PAYONE GmbH
Lyoner Straße 9
Email to our Data Protection Officer
A cookie is a text file no bigger than 4k that a website asks your browser to store on your computer or mobile device. This allows the website to "remember" your actions or preferences over a period of time.
Most browsers support cookies however users can set their browsers to decline them and can also delete them whenever they like.
Cookies can also be used for online behavioral target advertising and show ad-verts relevant to something that the user searched for in the past.
A cookie can be classified by its lifespan and the domain to which it belongs. By lifespan, a cookie is either a:
As for the domain to which it belongs, there are either:
Permanent cookies we use will be stored from 30 up to 540 days, sessions cookies will be stored until the end of the session (first-party cookies) or for up to 30 minutes (third-party cookies).
We use "analytical" third-party permanent and session cookies which allow us to recognise and count the number of visitors and to see how visitors move around the site when they’re using it.
You can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available under:
Please note that this website initializes Google Analytics with the setting anonymizeIp. This guarantees anonymized data collection by masking the last part of your IP address. Further information concerning the terms and conditions of use and data privacy can be found at