Privacy Policy

wave shape

Privacy Policy

Last Updated February 09, 2026

 

 

Privacy Policy

1. Introduction

AYDAP-SP-ZOO LTD (“we”, “our”, “us”) is committed to protecting and respecting your privacy.

AYDAP-SP-ZOO LTD provides cross-border money remittance and payment services as a PSD Agent appointed by GCC Exchange UK Ltd, an Authorised Payment Institution regulated by the Financial Conduct Authority.

AYDAP-SP-ZOO LTD operates strictly under the permissions and regulatory scope of its principal, GCC Exchange UK Ltd.

This Privacy Policy explains how we collect, use, process, store, and protect your personal data when you use our website, mobile application, or services.

By accessing or using our services, you confirm that you have read and understood this Privacy Policy.

 

2. Company Details (Data Controller Information)

Company name: AYDAP-SP-ZOO LTD
Company number: 16492422
Registered office address:
374 Edgware Road,
London, W2 1EB,
England

AYDAP-SP-ZOO LTD acts as a Data Controller for personal data it processes in accordance with this Privacy Policy and applicable data protection laws.

Our principal, GCC Exchange UK Ltd, may act as an independent or joint data controller for certain regulated processing activities.

 

3. Regulatory Status

AYDAP-SP-ZOO LTD is:

  • Registered as a PSD Agent on the Financial Services Register
  • Acting on behalf of GCC Exchange UK Ltd (FCA Ref: 596446)
  • Subject to UK GDPR, Data Protection Act 2018, and AML/CTF regulations

ICO registration is maintained through the relevant controller structure in accordance with UK data protection requirements.

You have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at any time.

 

4. Purpose of This Policy

This policy explains:

  • What personal data we collect
  • How and why we use it
  • With whom we share it
  • How long we keep it
  • Your legal rights under GDPR

 

5. What Is Personal Data

“Personal Data” means any information relating to an identified or identifiable natural person, including but not limited to:

  • Name
  • Contact details
  • Identification documents
  • Financial and transaction data

As defined under the GDPR.

 

6. Data We Collect

We may collect personal data from the following sources:

A. Data You Provide Directly

  • Full name
  • Residential address
  • Nationality
  • Date of birth
  • Phone number and email
  • Occupation and source of income
  • Purpose of transactions
  • Relationship between sender and beneficiary
  • Identification documents (passport, ID card, driving license)
  • Proof of address
  • Bank account and payment card details

B. Transaction & Financial Data

  • Transaction amounts
  • Payment references
  • Beneficiary details
  • Account numbers (where required)

C. Technical & Usage Data

  • IP address
  • Device information
  • Browser and operating system
  • App and website usage behavior
  • Cookies and tracking technologies

D. Third-Party & Verification Sources

  • Government databases
  • AML/KYC service providers
  • Sanctions and PEP databases
  • Payment processors and banking partners

 

7. Why We Process Your Data (Lawful Basis)

We process personal data for the following purposes:

  • To provide payment and remittance services
  • To perform identity verification (KYC)
  • To comply with AML/CTF legal obligations
  • To prevent fraud and financial crime
  • To process and monitor transactions
  • To meet regulatory reporting requirements
  • To improve services and user experience
  • To communicate with you

Lawful bases include:

  • Legal obligation
  • Performance of a contract
  • Legitimate interests
  • Consent (where required)

 

8. Disclosure of Personal Data

We may share your data with:

  • GCC Exchange UK Ltd (our principal)
  • Banking and payment partners
  • IT and cloud service providers
  • Compliance, audit, and legal advisors
  • Regulatory and law enforcement authorities (when legally required)

We do not sell personal data.

 

9. International Data Transfers

Your data may be processed outside the UK or EEA where required for service delivery.

Where this occurs, we ensure appropriate safeguards, including:

  • Adequacy decisions
  • Standard Contractual Clauses (SCCs)
  • Legally binding agreements

 

10. Data Security

We implement industry-standard safeguards including:

  • Encryption
  • Access control and role-based permissions
  • Secure servers and firewalls
  • Staff confidentiality obligations
  • Continuous monitoring and risk assessment

 

11. Data Retention

We retain personal data only for as long as necessary, including:

  • Regulatory retention periods (AML/CTF)
  • Legal obligations
  • Contractual requirements

After expiry, data is securely deleted or anonymised.

 

12. Marketing Communications

We will only send marketing communications where:

  • You have given consent, or
  • Permitted by law

You may opt out at any time using the unsubscribe link or by contacting us.

 

13. Your Rights Under GDPR

You have the right to:

  • Access your data
  • Rectify inaccurate data
  • Erase data (subject to legal obligations)
  • Restrict processing
  • Data portability
  • Object to processing
  • Not be subject to automated decision-making

 

14. Children’s Privacy

Our services are not intended for persons under 18.
We do not knowingly collect data from children.

 

15. Updates to This Policy

We may update this policy from time to time.
Changes will be published on our website.

 

16. Contact Information

For privacy-related inquiries, please contact:

AYDAP-SP-ZOO LTD
374 Edgware Road
London, W2 1EB
England

Email: help@aydapay.com
Phone: +44 0794 080 2327

 

Table of Contents
Policy version: 2.3
Need Help?

If you have any questions about our Privacy Policy, please don't hesitate to contact us.

How can I contact customer support?