Safe Data - Clear Processes

The protection of personal data is more than just a legal requirement for BS PAYONE. Rather, they are a customer-oriented quality feature and have a high priority in the design of business relationships and processes.

Our philosophy

As a data processor, we are governed by the requirements of the Data Protection Act or DPAct for short – and supplementary data protection regulations set out in many other codes and directives.

In our view, data protection is not simply a legal obligation. It is also a socio-political issue and a measure of quality which puts the interests of customers first. Accordingly, we have a data protection policy in place within our organisation.

In our view, all data and information are equally worthy of protection. Such data and information include the personal data belonging to our employees, customers, suppliers and other business partners as well as their and our corporate data.

We only process data as appropriate for its intended purpose. All employees handling personal data are bound by the data secrecy obligation in accordance with Art. 16 DPAct and receive training accordingly. We meet the requirements of the DPAct relating to data processing security by implementing organisational and technical measures in accordance with Art. 16 DPAct.

Unauthorised users have no access our data processing facilities and cannot use our systems. Only authorised users can access our data and only they are permitted to process and transfer it; various security controls are in place and data availability is assured. When undertaking data processing outsourced to us by third parties, we work exclusively under the instructions issued to us by the contracting party in writing in accordance with Art. 16 DPAct. These instructions specify the how data is to be processed, the organisational and technical measures to be implemented and any subcontractual relations between principal and agent. They also define the parties responsible for the individual tasks to be completed.

Card Data Protection Guarantee

We, BS PAYONE GmbH, herewith state that we are responsible for the security of cardholder data we possess or otherwise store, process, or transmit on behalf of our customers or to the extent that they could impact the security of your cardholder data environment.

Use of our online products and services

Personal data belonging to the users of our online products and services is only processed insofar as is necessary for the performance of the services offered. In principle, our online products and services can also be used anonymously. However, this does not apply to our areas and services protected by login mechanisms, where users must register with their personal data. You do not have to reveal your true identity. If you purchase the newsletter, for example, we will ask you for your name and other personal information. You are free to choose whether or not to enter your data. We save the data you provide on servers which are afforded particular protection.

Access to the servers is only permitted to a small number of authorised users with an official remit to perform the associated technical, commercial or editorial tasks.

Data usage when signing up for email newsletter
When you subscribe to our newsletter, we use the data required for this purpose or additionally provided by you to send you regularly our e-mail newsletter according to your consent. You can unsubscribe from the newsletter at any time by sending a message to the contact form described below or via a link provided in the newsletter.

The servers are only accessible by a few authorized persons who are responsible for the technical, commercial or editorial support of the servers.

IP address storage

Your IP address is saved as pseudonymised data for the purpose of website optimisation; in other words, there is no unique assignment between an IP address saved as pseudonymised data and the user of that IP address. For reasons of operational safety and reliability, the IP addresses which access our website are retained for 7 days before being deleted completely.

Links to other providers

Some of our Internet pages contain links to other providers’ Internet pages; these pages are not covered by our data protection and privacy policy. We have no way of ensuring that the operators of these pages will comply with data protection regulations. Therefore, if you visit these Internet pages, please find out about the applicable data protection regulations.

Disclosure of personal data to third parties

We will only use your personal data within BSPAYONE GmbH and its affiliated companies for the purpose of processing your order. We will not disclose your personal data to third parties without your express consent. Where data is disclosed to service providers during the course of processing your order, said providers shall be bound by the DPAct and other legal requirements, as well as being bound contractually by the data protection guidelines set out by BSPAYONE GmbH.

Right of withdrawal
Having given it, you can at any time withdraw your consent for your personal data to be collected, processed and used from that point on.

Right to information
For information about what personal data we have on record for you, please submit a request in writing.

Questions and comments

Please direct all questions, suggestions or comments about data protection to:
Lyoner Straße 9
D-60528 Frankfurt
Email to our Data Protection Officer

BS PAYONE Cookie Information

What is a cookie?

A cookie is a text file no bigger than 4k that a website asks your browser to store on your computer or mobile device. This allows the website to "remember" your actions or preferences over a period of time.

Most browsers support cookies however users can set their browsers to decline them and can also delete them whenever they like.

What are they used for?

Websites mainly use cookies:

  • to identify users
  • to remember the user's custom preferences
  • to help complete a task without having to re-enter information when brows-ing from one page to another or when visiting the site again sometime later

Cookies can also be used for online behavioral target advertising and show ad-verts relevant to something that the user searched for in the past.

How are they used?

The web server supplying the webpage can store a cookie on the user's com-puter or mobile device. An external web server that manages files included or referenced in the webpage is also able to store cookies. All these cookies are called http header cookies. Another way of storing cookies is through JavaScript code contained or referenced in that page.

Each time the user requests a new page, the web server can receive the values of the cookies it previously set and return the page with content relating to these values. Similarly, JavaScript code is able to read a cookie belonging to its domain and perform an action accordingly.

What are the different types of cookies?

A cookie can be classified by its lifespan and the domain to which it belongs. By lifespan, a cookie is either a:

  • session cookie which is erased when the user closes the browser or
  • persistent cookie which remains on the user's computer/device for a pre-defined period of time.

As for the domain to which it belongs, there are either:

  • first-party cookies which are set by the web server of the visited page and share the same domain
  • third-party cookies stored by a different domain to the visited page's domain. This can happen when the webpage references a file, such as JavaScript, located outside its domain.

How long will cookies be stored?

Permanent cookies we use will be stored from 30 up to 540 days, sessions cookies will be stored until the end of the session (first-party cookies) or for up to 30 minutes (third-party cookies).

What third-party cookies do we use?

We use "analytical" third-party permanent and session cookies which allow us to recognise and count the number of visitors and to see how visitors move around the site when they’re using it.

Moreover, we use cookies from googleadwords and doubleclick in order to provide individualised marketing information, please find further information here:

Google Analytics Disclaimer

This website uses Google Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses "cookies", which are text files placed on your computer to help the website analyse how visitors use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States . Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

You can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available under:

Please note that this website initializes Google Analytics with the setting anonymizeIp. This guarantees anonymized data collection by masking the last part of your IP address. Further information concerning the terms and conditions of use and data privacy can be found at or at


About us - Company profile

Learn more about the company, our products and services.

Success in e-commerce

Are you looking for a reliable partner for your e-commerce project with a flexible service offer that adapts to your business model and who allows you to spend more time on your core business by automating all payment processes? Use the modular payment platform for your business.