Home>Website Privacy Notice

1. In a nutshell

This privacy notice (the “Privacy Notice” or “Notice”) explains why and how UnionPay International Co. Ltd (“UPI” or “we”) may process your personal data.

· What does “personal data” mean?

Personal data means any information that can be linked directly or indirectly to identified or identifiable individuals.

· Who is UPI?

UPI is a company incorporated under the laws of the People’s Republic of China (“PRC”) with its registered office at Floor 2-7, No.6 Dongfang Road, Pudong New District, Shanghai, PRC.

UPI is an international company established in numerous countries/regions across the world.

If you have any questions in relation to data protection matters, you can write to us at the abovementioned address or send an email to us at legalteam@unionpayintl.com.

· Why does UPI process personal data?

UPI operates a card scheme for payment services and processing payment transactions.

· What is UPI’s role in relation to your personal data?

In some cases, UPI determines the purposes and means of how your personal data will be processed and this Privacy Notice is intended to explain how such personal data will be used.

· What is the key information contained in this Privacy Notice?

You will find relevant information on the personal data we process about you, the purposes and legal bases for the processing of this data and your rights.  

2. The purposes of the processing of your personal data

You will find below the main purposes for which UPI processes personal data:

· providing products and services directly to individuals;

· providing products and services directly to financial institutions, corporate clients, merchants, UPI Members and partners

· marketing activities;

· internal research, reporting and analysis;

· compliance with applicable laws, regulations and law enforcement requests.

3. The categories of data subjects and of personal data we process about you

The main types of personal data we process are the following:

· Personal data of staff from financial institutions, merchants, UPI Members, suppliers, vendors and other partners, such as:

̵ contact information of persons at such entities (e.g., name, business email address, business postal address, business telephone number, job title);

̵ where required by applicable national law, personal data includes address of merchants and ID numbers;

· Personal data of customers and official website users (whether or not cardholders), such as:

̵ identification information (e.g. names, nicknames, date of birth, gender, country/region)

̵ contact information (e.g., name, postal or email address, phone number);

̵ electronic identification data (e.g., username, password, security questions, IP address, device type, serial number of the device, operation system).

4. The legal bases on which we process your data

UPI processes personal data on the following legal bases:

· With your consent to the processing of your personal data for one or more specific purposes (example: in case of use of cookies or direct marketing);

· To fulfil a contract with you or between you and a third party (in particular a UPI Member), or in order to take steps at your request before entering into a contract (example: in case of use of a credit card issued by a UPI Member);

· To comply with the laws that are applicable to us worldwide; and/or

· When we have legitimate interests in processing your data, except where such interests are overridden by your interests or fundamental rights and freedoms (example: compliance with a legal obligation under a foreign state, internal research, reporting and analysis).

5. Your rights

Accessing your personal information

We understand that you may like to know what personal data we hold about you. We are happy to assist you with your request. To protect your personal data, however, we require that you prove your identity to us at the time your request is made: you can contact us in writing via email or letter including your signature and a copy of a signed government issued identification document.

UPI reserves the right to decline access to your personal information under certain circumstances as permitted by law. If your personal data is not disclosed to you, you will be provided with the reasons for this non-disclosure.

Other rights

You may also be entitled to:

̵ object to the processing of your personal data;

̵ opt out from processing of your personal information for direct marketing purposes;

̵ request the restriction of the processing of your personal data;

̵ request the correction and/or deletion of your personal data;

̵ withdraw your consent to the processing of your personal data (where UPI is processing your personal information based on your consent);

̵ request the receipt or transmission to another organisation, in machine-readable form, of the personal information you may have provided to UPI;

̵ lodge a complaint with a supervisory authority; and

Where you are given the option to share personal information with UPI, you can always choose not to do so.

If you do not wish to receive marketing information from UPI, you may send an e-mail to legalteam@unionpayintl.com. You will always have the ability to accept or decline any form of communication from UPI. You may unsubscribe from electronic marketing communications at any time by selecting the “unsubscribe” link included in such communications.

If you object to the processing of your personal information, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice.

This could mean that we will be unable to perform the actions necessary to achieve the purposes of processing data for you as described above (see article 2) and that you may be unable to use our services.

After you have chosen to withdraw your consent, UPI may be able to continue to process your personal information to the extent required or otherwise permitted by law.

If at any time you wish to exercise any of these rights, you can do so by writing to us at legalteam@unionpayintl.com.

6. The recipients of your personal data and cross-border transfers

The recipients of your personal data are:

· UPI’s staff, establishments and affiliates: these are located all around the world;

· UPI’s processors and other contractors, suppliers and service providers: these are located all around the world;

· UPI Members: these are located all around the world; however the UPI Members involved in a card transaction are the acquiring bank (that is the bank you are withdrawing cash from, or the bank of the merchant you are paying in exchange for goods or services) and the issuing bank (that is the bank that issued your card): this will help you determine, for each transaction, the country where your data may be transferred by UPI;

· All other necessary parties for the network to function efficiently and to foster innovation.

 Such recipients shall undertake all necessary measures to keep your personal information confidential.

Additional requirements apply when your personal data is transferred to (or accessed from) another country/region. UPI only transfers personal data to another country/region where that transfer complies with data protection law.

7. Security

UPI has installed a strict security system to prevent any access to your personal data by any unauthorized persons, including the staff of UPI. We have minimized authorised and train staff for processing personal data. As such, all staff of UPI and any third party who are authorized to have access to your personal data will be required to strictly comply with the non-disclosure obligations.

Appropriate technical and organisational measures have been implemented to prevent from unauthorised or unlawful processing of your personal data and against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored or otherwise processed.

8. Cookies

For further information, please refer to UPI’s cookie policy.

9. Data retention

Your personal data will be stored for the period of time required by applicable law. This may involve retaining data following your transaction. We will delete your personal data once it is no longer required for any of the purposes described above.

In order to determine the amount of time we will store your personal data we take into consideration the role and function of the information, type of products and services, nature of the relationship between you and us and statutory requirement of retention period made by applicable laws and regulations.

10. Links to other websites

You may find links to access the websites of other companies on our official website or in the material we provide to you. We recommend that you read the privacy policies of these other websites, as this Privacy Notice does not apply to the processing of your personal data by them and UPI is not responsible for the processing of your personal data on external websites.

11. Changes in Privacy Notice

We may update this Privacy Notice from time to time – in particular in case of change of law, of guidance from competent authorities or of UPI’s internal policies. In that case, we will share with you the updated Privacy Notice through our website, and, in certain circumstances, we may seek your consent.


Cookie Policy

By continuing your navigation on our website, you consent to the use of cookies in particular for marketing purposes.  To learn more, read our cookie policy.

1. What is a cookie?

A cookie is a small file of letters and numbers that is stored on your device (e.g. computer, phone), and used by our website to send information to your browser allowing it to return information to our official website (e.g. user session ID, choice of language or a date).

There are different types of cookies:

· Session cookies which disappear as soon as the user leaves the website;

· Permanent cookies which remain on the user's device until they expire or until the user deletes the cookies using the browser settings.

Cookies used on UPI's official website are not able to identify you personally.

12. What cookies are used on UPI's website?

UPI's official website uses 3 types of cookies.

12.1 Cookies necessary to use UPI's official website

These cookies are essential as they enable you to fully experience the possibilities offered by our website, such as accessing to your personal account.

By disabling the use of such cookies, you will no longer be able to use the basic features and functionalities resulting in a slower and less efficient user experience.

The information collected through these cookies is only used for this purpose and is never shared or sold to third parties.

12.2 Cookies necessary to improve UPI's official website

These cookies are used to collect anonymous information and enable UPI to understand how visitors use UPI's official website and monitor any errors that users may be experiencing (e.g. the number of visits, the number of pages visited, the activity on the website, errors messages received).  These cookies are necessary to improve UPI's official website and provide a better user experience.

The information collected through these cookies is only used for this purpose and is never shared or sold on to third parties.

12.3 Targeting cookies

These cookies are used to enable UPI to manage and improve the effectiveness of the delivery of advertising campaigns and to refine the targeting of these campaigns so that UPI can display the most relevant content for each user.  The data collected through these cookies is anonymous.

13. How to manage the use of cookies on UPI's website?

You can block cookies by activating the settings on your browser that enable you to refuse the settings of all or some cookies. The following settings may be subject to change based on version(s) used.

13.1 Manage the use of cookies on 360 Secure

· In the settings menu, select "advanced settings" at the top of the page;

· Select the "content settings" tab;

· The page that then appears tells you about cookies and allows you to manage the use of cookies.  It also allows you to clear any cookies currently stored.

13.2 Manage the use of cookies on Google Chrome

· In the settings menu, select "advanced settings" at the bottom of the page;

· Select the "content settings" tab in the privacy and security section;

· The top section of the page that then appears tells you about cookies and allows you to manage the use of cookies.  It also allows you to clear any cookies currently stored.

13.3 Manage the use of cookies on Mozilla Firefox

· In the tools menu, select "Internet options" (MAC users, go to the Firefox menu & select preferences);

· Select the privacy tab in the options box;

· From the dropdown choose, "use custom settings for history".  This will bring up the options for cookies and you can choose to enable or disable them by clicking the tick-box.

13.4 Manage the use of cookies on Internet Explorer

· In the tools menu, select "Internet options";

· Click the privacy tab;

· You will see a privacy settings slider which has six settings that allow you to control the number of cookies that will be placed: Block All Cookies, High, Medium High, Medium (default level), Low, and Accept All Cookies.

13.5 Manage the use of cookies on Safari

· In the settings menu/Safari menu, select the "preferences" option;

· Open the privacy tab;

· Select the option you want from the "block cookies" section.