Logo da Worldfy Branca.

Terms and conditions

We have brought together all the usage policies and legal pages of the platform.

Privacy Policy

Last updated: April 2025.

1. Introduction:

This Privacy Policy ("Policy") applies to all services offered by WORLDFY OÜ, a private limited liability company registered in Estonia under registry code 16668272, headquartered at Sepapaja 6, Tallinn 15551, Estonia.

WORLDFY is committed to safeguarding your privacy and ensuring the protection of your personal data. This Policy is intended to provide clear and transparent information about the collection, processing, and storage of personal data necessary for the delivery of our services.

By using our services, the data subject acknowledges this Policy and grants explicit consent for the processing of their personal data by WORLDFY. If you do not agree with the processing terms described herein, you should refrain from using the services of WORLDFY.

This Policy applies primarily to natural persons. If the user is a legal entity, some provisions may not apply depending on the applicable data protection law.

2. Definitions:

Unless otherwise stated, the capitalized terms used in this Policy have the following meanings:

a. GDPR: The General Data Protection Regulation (EU) 2016/679, which governs the processing, protection, and privacy of personal data within the European Union.

b. Data Subject: Any natural person whose personal data is processed.

c. Personal Data: Any information relating to an identified or identifiable natural person, such as full name, address, phone number, email, financial data, date of birth, nationality, and identification documents.

d. Supervisory Authority: A public authority responsible for monitoring compliance with data protection legislation. In Estonia, this is the Estonian Data Protection Inspectorate (AKI).

e. Processing: Any operation performed on personal data, including collection, recording, organization, storage, adaptation, retrieval, consultation, use, disclosure, erasure, or destruction.

f. Data Protection Officer (DPO): The person appointed by WORLDFY to serve as the point of contact for data subjects and the supervisory authority.

3. Types of Personal Data Processed and Purposes:

WORLDFY collects and processes personal data in accordance with the principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality.

The personal data collected may vary depending on the user interaction and may include:

  • Registration data: full name, company name, email, phone number, address, and national identification number;
  • Service execution data: bank account details including IBAN, bank name, and account number;
  • Customer support: name, email, and relevant information provided in the support request;
  • Marketing and communication: name, email, phone number, and interaction history with our platform;
  • Access logs: IP address, timestamps, device and browser information, and cookies.

Data is collected to:

  • Provide and improve our services;
  • Prevent fraud and enhance security;
  • Conduct statistical analysis and market research;
  • Manage recruitment processes;
  • Comply with applicable legal obligations.

WORLDFY may also collect data from third-party databases when justified by legitimate interest or legal requirements.

4. Sharing of Personal Data:

Personal data may be shared with third parties only when necessary and in accordance with data protection laws:

  • With partners and service providers to enable contracted services;
  • With regulatory authorities, upon legal request;
  • In cases of legal disputes or to protect the rights of WORLDFY;
  • In corporate transactions such as mergers, acquisitions, or reorganizations.

All third parties are contractually obligated to adopt equivalent data protection and confidentiality standards.

5. Storage and Deletion of Personal Data:

Personal data will be retained as long as necessary to fulfill the purposes outlined in this Policy, comply with legal obligations, or defend against legal claims.

Once data is no longer required for these purposes, it will be securely deleted or anonymized, unless continued retention is mandated by applicable law.

6. Data Subject Rights:

Under the GDPR, data subjects have the following rights:

  • Right to access personal data;
  • Right to rectify inaccurate or incomplete data;
  • Right to erasure ("right to be forgotten");
  • Right to restrict processing;
  • Right to object to processing based on legitimate interest;
  • Right to data portability;
  • Right to withdraw consent at any time;
  • Right to lodge a complaint with a supervisory authority.

To exercise any of these rights, contact our DPO at: dpo@worldfypayments.com

Data subjects are also responsible for ensuring the accuracy of the data they provide and for safeguarding their login credentials.

7. Security Measures:

WORLDFY employs industry-standard technical and organizational measures to protect personal data against unauthorized access, loss, alteration, or disclosure. These include encryption, firewalls, secure servers, and access controls.

While WORLDFY makes every effort to safeguard data, users are responsible for protecting their credentials and avoiding data sharing with third parties. In the event of a security incident, affected individuals and authorities will be notified in accordance with applicable law.

8. Changes to This Policy:

This Policy may be updated at any time to reflect changes in legislation, services, or internal processes. The latest version will always be available on our website.

When changes are significant, users will be informed via email or platform notifications.

9. Contact:

For inquiries about this Policy or to exercise your data protection rights, contact our Data Protection Officer:
Email: dpo@worldfypayments.com