Privacy Notice
Last updated: February 2026
Prior versions of this Privacy Notice can be found at this Link
About this Privacy Notice
This Privacy Notice is meant to give you information about what personal data we collect about you, how we use it, why we use it, and how you control the data processing.
1. The Basics
1.1 Who We Are. We, Klearly B.V., offer a solution that allows merchants ("merchants") to collect payments from their customers using their devices, which is available through our application and/or dashboard connected thereto. Our offices are located at Mr Treublaan 7, 1097 DP, Amsterdam, and our registration number is 86158236.
1.2 Contact. If you have questions about our company or your privacy, or want to exercise your rights, you can contact us at [email protected].
1.3 DPO. We have appointed a data protection officer (DPO), who oversees our privacy practices. If you have any comments or questions about this Privacy Notice or if you wish to exercise any of your rights, please contact our DPO at [email protected].
1.4 Our Role: Controller and Processor. Certain data protection laws, including the laws in the EU, differentiate between a party that determines why and how personal data is processed (a "controller") and a party that processes personal data solely on the controller's behalf and according to the controller's instructions (a "processor"). We are the controller in respect of the processing described in this Privacy Notice, which relates to our processing activities on the website and as otherwise detailed herein.
1.5 Definitions and Recommendations
1.5.1 When we refer to "services", we mean the services provided on and in connection with our site.
1.5.2 When we refer to "personal data", we mean information that is defined as personal data under law. This includes information that identifies you directly or indirectly, including unique identifiers like IP addresses or cookie IDs.
1.5.3 When we refer to "you", we mean any visitor of our site.
1.6 A Note on Legal Bases. Certain jurisdictions only allow the processing of personal data where a legal basis has been established. Under the EU's General Data Protection Regulation ("GDPR"), the possible legal bases include (but are not limited): your consent, the processing is necessary to perform a contract with you, the processing is necessary to fulfill our legal obligations, or a company has a legitimate business interest to process your personal data. Where we are a controller, we only collect and process data where we have established a legal basis. Below you can find more details about specific legal bases.
2 Personal Data We Collect, How We Use It, and Why.
Below is a description of the types of personal data we collect, how we use it, and the reason why we consider each use lawful. You have no legal obligation to provide us with personal data, but if you don't provide us with certain information, we may not be able to provide you with the associated services.
2.4 Website Visitors. When you visit our site, we may collect the following types of data about you.
2.4.1 Contact Form Information. When you send us a message through the contact form on our site, per email and/or per whatsapp (Meta) we collect any data you provide, such as your company name, email address, phone number and the content of your message. Note that any communication through whatsapp and/or any other third party tool is subject to whatsapp’s and/or the relevant tool’s terms and policies.
How We Use this Data: To respond to your message and to provide you with informational newsletters about our products and services.
Legal Basis: We process this personal data based on the performance of a contract with you. Processing your personal data to share our newsletters with you is based on our legitimate interest to promote our products and services. You may opt out by unsubscribing from the email list.
2.4.2 Chat. We offer a chat function on our website. Chats are initially handled by an AI chatbot and may be transferred to our support team where needed.
How We Use this Data: We process the content of your messages and related technical data (such as date/time and IP address) to (i) operate and secure the chat service, (ii) respond to your requests, (iii) provide customer support, and (iv) improve our services.
Legal bases: We process this personal data for performance of a contract with you when we provide your support and/or respond to your requests. Processing for improvement of our services and general operation of our services is based on our legitimate interest.
Please do not include sensitive personal data in the chat unless we specifically request it and provide a secure method. If a chat is transferred, the chat history may be shared with the relevant support personnel to handle your request. The AI chatbot provider (OpenChat, Inc.) may use your usage data for its own purposes, in accordance with its own policies.
2.4.3 Activity and System Data (Including Cookies). When you visit our site, we automatically collect data about your computer or mobile device, including personal data such as your IP address, device ID, browsing history (e.g. the other sites you've visited before ours), usage data, metadata, and your activity on our site (e.g. what pages you visited, for how long, and what links you clicked on). For more information about the cookies we use and how to adjust your preferences, see the Cookies and Similar Technologies section below.
How We Use this Data: We mainly use this data to generate aggregated analytics data about the use of our site so we can maintain and improve the site and develop new products or services. We also use statistical data to prevent fraud and protect the security of our site. One of the tools we use to collect and analyze this data is "Google Analytics" (Firebase). For more information about how Google collects information and how you can control such use, see: www.google.com/policies/privacy/partners/.
Legal Basis: We process this personal data based on your consent and, where permitted, based our legitimate interests to develop and improve our products and services, and to prevent fraud. Additional information regarding Our Marketing Activities is provided below.
2.5 Job Applicants
2.5.1 Application Details. If you apply for a job with us, we collect the information you provide as part of your application and during the course of the application process. This may include your name, contact details, resume, recommendations, and any other information we may request or that you choose to share with us.
How We Use this Data: We use this data to process your job application, including using your contact details to contact you for scheduling purposes and to provide you with updates. We also use this data to manage our recruitment campaigns, as well as to analyze their results and improve future campaigns.
Legal Basis: When we use this data to process your job application, we do so based on performance of a contract with you or in order to take steps at your request prior to entering into a contract. When we use this data to manage our current campaigns and improve future campaigns, we process your application data based on our legitimate interest to attract and assess candidates for employment.
2.6 Event Participants. From time to time, we hold special events in which we may invite you to participate. If you receive an invitation, we may collect the following personal data from you:
2.6.1 Registration Data. When you register for and participate in an event, we collect your name, company name and role, contact details, and any other information we may request.
How we use this data: We use this data for logistical purposes, such as to help us plan the event, as well as to contact you with reminders and updates about the event and to ask for your feedback regarding the event so that we may improve future events or our services. If you consent, we may also send you marketing information about future events and other updates.
Legal Basis: When we process this personal data in the course of planning for and running the event, we do so in order to perform a contract with you. When we process this personal data to improve our events and services, we do so based on our legitimate interest to grow and improve our business and services. When we process this personal data to send you marketing information, we do so based on your consent. You may withdraw your consent at any time by contacting us at [email protected].
2.6.2 Event Pictures. We may hire photographers to cover certain events. Event participants may be photographed directly or may appear in the background of event photos.
How we use this data: We may post event pictures, including on social media, to notify or update the public that the event took place. We may tag individuals in specific photos. We may also use the photos in other marketing materials.
Legal Basis: When we collect event pictures, we do so on the basis of our legitimate interest to market future events and our services. Where required by law, we will request your explicit consent before taking or publishing your photo.
2.7 Visitors to Our Social Media Pages
2.7.1 Visitors' Interactions. When you engage with our social media outlets, such as when you post on our social media page, like, share, comment our posts, answer surveys, or similar activities, we collect the personal data you provide, such as the content of your post and the information available to us through your profile or account. The social media companies we use may also provide us with aggregate and analytical information about activity relating to us.
How we use this data: We may use this information to engage with you or respond to your posts and comments and to analyze the effectiveness of our social media efforts and to improve how we manage them, and for marketing purposes.
Legal Basis: When we process your personal data to engage with you or respond to your posts and comments and to, we do so on the basis of our legitimate interest to engage with and serve our audiences in an effective manner. When we process your personal data to improve our social media outlets or for marketing purposes, we do so based on our legitimate interest to effectively market our products and services, improve our services, and develop new ones.
3 Our Marketing Activities
As described above, we may use personal data we collect for advertising and marketing purposes. We try to limit the marketing material we send to a reasonable and proportionate level. Below we describe how you can control the marketing material you receive from us.
3.4 Email Marketing and Services Communications
3.4.1 We use your contact details to send you informational newsletters about our products and services. You may unsubscribe at any time by emailing us at [email protected].
3.4.2 You can stop the delivery of all marketing emails by following the "unsubscribe" link in any messages we send you. Alternatively, you can contact us at [email protected] to request to unsubscribe.
3.4.3 Note that if you are a registered user, we may need to contact you about administrative or service-related issues as part of the services we provide to you. This is not marketing communication and you will continue to receive these messages even if you opt-out of marketing emails.
4 Sharing the Personal Data We Collect
We share your personal data as follows:
4.1 Affiliates. We share your personal data, with our affiliated companies where this is necessary to provide you with our products and services and so that we can manage our business, such as to keep updated records of website visitors, customers and business partner.
4.2 Service Providers. Below is a list of the types of service providers we use, the service each provides, and the types of data shared with each.
| Type of Service | Description | Personal Data Shared |
|---|---|---|
| Cloud Computing | We use service providers that offer cloud computing services. They offer us space on their servers for us to store our files and programs, including your personal data. | All personal data that we collect from you is stored on third party servers. |
| Customer Relationship Management (CRM) | We use an external CRM tool to help us keep track of our customers and information related to them, including their personal data and to send emails. | Your name, company, name and your position, email address, and phone number. |
| Analytics Providers | We use a service provider to assist us with analytics services. | Data collected automatically through our site, including IP addresses and cookie information. |
| Third Party AI Tools, such as chatbot | We use third party AI tools to provide you with services and support. | Personal data you provide, usage data. |
4.3 Change of Ownership. If we are looking to sell our company, liquidate assets, or merge with another, we may share your personal data with other interested parties as part of negotiations toward that transaction. In such case, or where we do sell our company, your personal data shall continue to be subject to the provisions of this Privacy Notice.
4.4 Law Enforcement Related Disclosure. We may share your personal data with government agencies or other relevant parties, such as a law office or independent auditor: (i) if we believe that such disclosure is appropriate to protect our rights, property or safety (including the enforcement of this Privacy Notice) or those of a third party; (ii) if required by law or court order; or (iii) as is necessary to comply with any legal and/or regulatory obligations, such as audit requirements.
5 International Transfers
Some of our service providers and affiliates are located in countries other than your own and outside the EU, including the US and Israel. When we transfer your personal data internationally, we will do so safely and securely and in accordance with applicable law.
5.1 If you are located in the EU, when we share your personal data with third parties based outside of the European Economic Area ("EEA"), we will ensure that they sign agreements that require them to comply with applicable law, and make sure that your data protection rights are protected. We will also implement the following safeguards:
5.1.1 When we transfer your personal data to jurisdictions with “adequacy decision”, we rely on the decision by the European Commission that says that those countries are considered to provide an adequate level of data protection.
5.1.2 When we transfer your personal data to entities in the US that are covered under the Data Privacy Framework, we rely on the decision by the European Commission that says that these entities are considered to provide an adequate level of data protection.
5.1.3 Where we transfer your personal data to other countries, we (i) take additional security measures to protect the data and (ii) use specific contracts approved by the European Commission, known as the Standard Contractual Clauses, to give your personal data the same protection it has in the EEA.
5.1.4 Please contact us at [email protected] if you would like further information on the specific mechanism used by us when transferring your personal data out of the EEA.
6 Security
The security of your personal data is our highest priority. We work hard to make sure that your personal data will be held securely and that it will not be shared or lost accidentally. However, it is impossible to guarantee absolute security. The security of your data also depends on the security of the devices you use and the way in which you protect your user IDs and passwords. The measures we take include:
6.1 Technical Measures. The electronic safeguards we employ to protect your personal data include secure servers, firewalls, and antivirus protections. We encrypt data using secure protocols.
6.2 Access Control. We limit access to your personal data only to authorized personnel who have a need to know. We review these permissions regularly and revoke an employee's access immediately after his/her termination.
6.3 Internal Policies. We maintain and regularly review and update our privacy related and information security policies.
6.4 Personnel. We require employees to sign non-disclosure agreements according to applicable law and industry customary practice.
6.5 Standards and Certifications. We have built our systems on third-party infrastructure that has been certified as compliant with ISO 27001 (Information Security Management)/ ISO 27017 (Cloud Security)/ ISO 27018 (Cloud Privacy), ISO 27701 (Security Techniques), ISO 22301 (Security and Resilience), ISO 9001 (Quality Management Systems), and CSA STAR CMM v3.0.1. Our payment processor complies with the Payment Card Industry's Data Security Standards (PCI DSS 3.2).
7 Your Rights - How to Control Our Use of Your Personal Data
Depending on which laws apply, you have certain legal rights over your data. Below is some general information about rights that may apply to you but we recommend checking the law or consulting with a lawyer to understand what applies in your specific case. To exercise your rights, please contact us at [email protected]. We may ask for reasonable evidence to verify your identity before we can comply with any request.
7.1 Right of Access. You may have a right to know what personal data we collect about you. We may charge you with a fee to provide you with this information, if permitted by law. If we are unable to provide you with all the information you request, we will do our best to explain why. See Article 15 of the GDPR for more details, if your personal data is subject to GDPR.
7.2 Right to Correct Personal Data. You may request that we update, complete, correct or delete inaccurate, incomplete, or outdated personal data. See Article 16 of the GDPR for more details, if your personal data is subject to GDPR.
7.3 Deletion of Personal Data ("Right to Be Forgotten"). If you are located in the EU, you may have the right to request that we delete your personal data. Note that we cannot restore information once it has been deleted. Even after you ask us to delete your personal data, we may be allowed to keep certain data for specific purposes under applicable law. See Article 17 of the GDPR for more details, if your personal data is subject to GDPR.
7.4 Right to Restrict Processing. If you are located in the EU, you may have the right to ask us to stop processing your personal data. See Article 18 of the GDPR for more details, if your personal data is subject to GDPR.
7.5 Right to Data Portability. If you are located in the EU, you may have the right to request that we provide you with a copy of the personal data you provided to us in a structured, commonly-used, and machine-readable format. See Article 20 of the GDPR for more details, if your personal data is subject to GDPR.
7.6 Right to Object. If you are located in the EU, you may have the right object to certain processing activities. See Article 21 of the GDPR for more details, if your personal data is subject to GDPR.
7.7 Withdrawal of Consent. If we are processing your data based on your consent, you are always free to withdraw your consent, however, this won't affect processing we have done from before you withdrew your consent.
7.8 Right to Lodge a Complaint with Your Local Data Protection Authority. If you are located in the EU, you have the right to submit a complaint to the relevant data protection authority if you have any concerns about how we are processing your personal data, though we ask that as a courtesy you please attempt to resolve any issues with us first.
8 Data Retention
8.1 We retain your personal data as long as necessary to fulfill each of the purposes we described above.
8.2 When deciding how long to store personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized access, the purposes for which the personal data was collected, as well as applicable legal requirements. Please note that we may delete information from our systems without notifying you first. Retention by any of our service providers or subcontractors may vary in accordance with each business's retention policy.
8.3 Please contact us at [email protected] if you would like details about the retention periods for each type of personal data we process.
9 Cookies and Similar Technologies
9.1 What are Cookies? A cookie is a small piece of text that is sent to your browser by a website you visit. This piece of text acts as a sort of tag, letting the website know that it's you (really, your device) that's visiting. There are other technologies that act similarly, like web beacons, pixel tags, and Device IDs for apps, but for simplicity's sake we'll refer to them all as "cookies".
9.2 First-Party / Third-Party Cookies. Websites can place their own cookies (called "first-party cookies") but can also place cookies from other sites (called "third-party cookies"). If your browser holds both first and third-party cookies for a given website, both the website and the third party are notified when you visit the site. We may place both first and third-party cookies on our site.
9.3 How We Use Cookies. While the specific names and types of cookies we use may change from time to time, they generally fall into one of the categories listed below.
| Cookie Type | Function |
|---|---|
| Necessary | These cookies allow the site to work correctly. They enable your access to the site, move around, and access different services, features, and tools. These cookies cannot be disabled. |
| Functionality | These cookies remember your settings, preferences, and other choices you make (like placing an item in a shopping cart) in order to help personalize and streamline your experience. |
| Performance/Analytics | These cookies collect analytical information to help us understand how you use our site, for example whether you have viewed messages, clicked on links, and how long you spent on each page. This helps us improve our site to better suit your needs. |
9.4 Third Party Cookies. In addition to our first-party cookies, we place cookies from the following third parties, subject to your consent: Mixpanel, Firebase, Hotjar.
9.5 How to Adjust Your Preferences. Most web browsers are initially configured to accept cookies, but you can change the settings so your browser refuses all cookies or certain types of cookies. In addition, you are free to delete any existing cookies at any time. Please note that some features of the services may not function properly when cookies are disabled or removed. For example, if you delete cookies that store your account information or preferences, you will be required to input these each time you visit.
10 Third-Party Services
You may have access to third-party services through our services. Please note that all use of third-party services is at your own risk and subject to such third party's terms and privacy policies. We do not take any responsibility for the performance of other services.
11 Children
We do not knowingly offer the services to children under the age defined by applicable data protection laws (typically 16 in the EU). In the event that you become aware that an individual under the age of sixteen (16) has been using our services without parental permission, please advise us immediately.
12 Changes to the Privacy Notice
We may update this Privacy Notice from time to time to keep it up to date with legal requirements and the way we operate our business. We will place any updates on this webpage. Please come back to this page every now and then to make sure you are familiar with the latest version.