Legal

Privacy Policy

Last updated: April 2025 · ARVIGON LIMITED (CRN: 79450448)

1. Introduction

ARVIGON LIMITED (Company Registration Number: 79450448), incorporated in Hong Kong with registered office at Room 803, 8/F, Hong Kong Pacific Centre, 28 Hennessy Road, Wan Chai, Hong Kong ("we", "us", "our") operates the Paylinq platform. We are committed to protecting your personal data.

This Privacy Policy explains how we collect, use, store, and protect information when you use our platform. Where we process data of individuals located in the European Economic Area, we comply with the General Data Protection Regulation (GDPR) and applicable European data protection laws.

2. Data We Collect

Account and profile data

When you create an account, we collect your name, email address, and business information (business name, website, type of business). We use this to create and maintain your account.

Payment and transaction data

We record transaction details including amounts, currencies, payment methods used, and outcomes. We do not store full card numbers — payment tokenisation is handled by your connected payment provider (Stripe, Mollie, Airwallex, or PayPal).

Customer data

When your customers complete a payment, we process their email address, name, and transaction details in order to deliver digital products, send receipts, and handle disputes. You, as the merchant, are the data controller for your customer data. ARVIGON LIMITED acts as a data processor on your behalf.

Usage data

We collect information about how you use the platform, including pages visited, features used, and browser/device information, to improve the Service and diagnose issues.

3. How We Use Your Data

  • To provide, maintain, and improve the Service
  • To process payments and deliver digital products
  • To send transactional emails (receipts, notifications, account alerts)
  • To detect and prevent fraud and abuse
  • To respond to support requests and disputes
  • To comply with legal obligations under Hong Kong and applicable international law
  • To send product updates and marketing communications (with your consent)

4. Legal Basis for Processing

For EEA users, we process your data on the following legal bases: (a) contract performance — to provide the Service you've signed up for; (b) legitimate interests — fraud prevention, platform security, and improving the Service; (c) legal obligation — compliance with applicable laws; and (d) consent — for marketing communications.

5. Data Sharing

We share personal data with the following categories of third parties:

  • Payment providers: Stripe, Mollie, Airwallex, and PayPal receive transaction data necessary to process payments.
  • Cloud infrastructure: We use cloud hosting providers to store and serve the platform.
  • Email services: To send transactional and marketing emails.
  • Analytics providers: Anonymised usage analytics to understand platform performance.

We do not sell your personal data to third parties. All third-party processors are bound by data processing agreements. For EEA users, international data transfers are covered by Standard Contractual Clauses approved by the European Commission.

6. Data Retention

We retain your account data for as long as your account is active, plus 7 years after termination for accounting and legal compliance purposes. Transaction records are retained for a minimum of 7 years to meet financial regulatory requirements. You may request deletion of personal data subject to these retention obligations.

7. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate data.
  • Erasure: Request deletion of your data where we have no legal obligation to retain it.
  • Restriction: Request that we limit how we use your data.
  • Portability: Receive your data in a structured, machine-readable format.
  • Objection: Object to processing based on legitimate interests.
  • Withdraw consent: Withdraw marketing consent at any time via your account settings or by emailing us.

To exercise any of these rights, contact us at privacy@paylinq.net. We will respond within 30 days.

8. Cookies

We use essential cookies to maintain your session and platform functionality. We use analytics cookies (with your consent) to understand how the platform is used. You can manage cookie preferences via your browser settings.

9. Security

We implement technical and organisational measures to protect your data, including encryption in transit (TLS), encryption at rest, access controls, and regular security reviews. We maintain PCI-DSS compliance for payment data handling.

10. Contact

For any privacy-related questions, contact ARVIGON LIMITED at:
Email: privacy@paylinq.net
Address: Room 803, 8/F, Hong Kong Pacific Centre, 28 Hennessy Road, Wan Chai, Hong Kong
Company registration: 79450448

EEA users who believe we have not handled their data correctly may lodge a complaint with their national data protection supervisory authority.