How we collect, use and protect your data. Last updated: July 6, 2026.
The data controller is UNIPaaS Financial Services Ltd, registered in England & Wales, an FCA-authorised Payment Institution (No. 929994). This policy covers paas.build; the processing of regulated payment data is also described in the UniPaaS privacy notice at unipaas.com.
Account & onboarding data you provide to go live: name, email, business name and website, country, and — for verification — the identity and business details required for KYB/KYC. Transaction data generated when you accept payments. Product usage: pages visited and in-product events, collected first-party via our analytics to improve the product. We do not ask for passwords or card numbers on our sign-in pages; portal access uses a one-time email code.
To provide the service and process payments (performance of a contract); to meet legal and regulatory duties including anti-money-laundering and safeguarding (legal obligation); to secure, measure and improve the product (legitimate interests); and, where required, with your consent. We do not sell your personal data.
We use Mixpanel for first-party product analytics, served through our own domain to measure how the product is used (for example, which pages and steps builders reach). We use only the storage necessary to operate the site and this measurement. You can block cookies in your browser; core sign-in still works.
With UniPaaS and its regulated payment partners to deliver the service; with card schemes, banks and settlement partners (including J.P. Morgan) to process and settle payments; with identity and compliance providers for verification; and with service providers such as email delivery, strictly to run the service. We may disclose data where required by law or regulation.
Where data is transferred outside the UK/EEA, we rely on appropriate safeguards such as adequacy decisions or standard contractual clauses.
We keep personal data for as long as needed to provide the service and to meet legal, regulatory and record-keeping obligations (financial-services records are typically retained for several years after the relationship ends).
Subject to law you may request access to, correction or deletion of your data, object to or restrict certain processing, and request portability. To exercise these rights, contact us. You may also complain to the UK Information Commissioner’s Office (ico.org.uk).
We protect data with encryption in transit, access controls, and the safeguards required of a regulated payment institution. No system is perfectly secure, but we work to keep yours protected and to notify you and regulators of incidents where required.
Privacy questions or requests: contact us, or write to UniPaaS at the address on unipaas.com.