Data privacy FAQs

Personal data is any information relating to you as an individual that can be used to identify you either directly or indirectly, through certain factors. Personal data can be anything from your name, address, photo, email address, bank details, social media posts, IP address and more.

Paystack uses a combination of administrative, technical and organisational measures to ensure your data is kept secure. Employees are only granted access to data on a need-to-know basis and strictly in line with their role.

Technical measures to protect personal data include network security, endpoint protection, the use of VPNs, access control mechanisms, firewalls and more. Many of these measures have been reviewed by independent third-party auditors and meet the standards of PCI-DSS Level 1 and ISO 27001:2013.

Your data is stored on a private cloud with servers located in Ireland. Ireland is subject to the European General Data Protection Regulation, so your data is securely stored under adequate protection legislation.

Paystack handles and communicates security incidents in accordance with our documented security practices in our Incident Response Framework. You can report any suspected incidents to security@paystack.com.
In the event of a data breach that affects the rights and freedoms of data subjects, Paystack will report this breach to the relevant Data Protection Authority and notify affected users.

Yes, Paystack has a global Data Protection Officer (DPO) who is responsible for ensuring data privacy and data protection compliance across the jurisdictions in which we operate. You can reach our DPO at the following email address for any privacy-related inquiries: dpo@paystack.com.

Our Privacy Policy page on our website and Merchant Dashboard explains your data subject rights, which may differ according to your jurisdiction. In order to exercise your rights to amend or erase (for example) your personal data held by Paystack, you have to send an email to dpo@paystack.com. If you happen to email our support team at hello@paystack.com instead, do not worry, as our Data Privacy Team will pick up the request and respond immediately.

Please note that we may need to verify your identity with additional information before carrying out your request. Rest assured that any additional information you provide will be deleted in order to comply with the principles of purpose limitation and storage limitation (only keeping personal data strictly for the purpose in which it was intended, and only for as long as reasonably possible — in this instance, the data is used to verify your identity, after which it shall be deleted).

Once you close your Paystack account, you will no longer have access to the Merchant Dashboard and cannot view any pending, past or future transactions. You will also be unable to dispute settlements and view previous settlements. Please note that in accordance with applicable law, and statutory or legal obligations, we will retain certain personal data (KYC) and transaction data to comply with these obligations. However, all personal data shall be destroyed by Paystack where possible or anonymised in other instances.

Please feel free to contact us via email at support@paystack.com or our contact form. You can also reach out to our Data Protection Officer via email at dpo@paystack.com.