Updated May 25 2018 to meet GDPR requirements

Your privacy is very important to us. We, APP.UMBRELLA, a.s., Antala Staška 1859/34, Prague 4, 140 00, Czech Republic, Case number B 22093 kept at the Municipal Court in Prague, IČO: 01855867.

As a data controller, we are committed to collecting only the necessary data to offer and enhance the products and services we provide to you while complying with all legal obligations.

This Privacy Policy applies to the data we collect about you when you sign up for an APP.UMBRELLA (further referred as “AU”) account, log on to any of our webpages, our mobile apps, or our products, use our website, apps or products, or when you communicate with us or your employees (all collectively referred to as "Services"). This policy also applies to data we collect when you do not register with our Services but use these Services to make payment transactions.

We may change this Privacy Policy at irregular intervals. In such a case, we will always publish their current version on our website. We recommend that you regularly review any changes on the appropriate page on our site. This will give you the most up-to-date information and no news will surprise you. Any major changes to this Privacy Policy will always notify you by email or announcement that appears when you sign up for our site or open our mobile app.

You may use our Services only if you agree to the full content of this Privacy Policy.

  1. Collecting your data

1.1 Once you have registered your AU account ("Account"), we will begin collecting your data, such as your full name, address, date of birth, email address, and phone number. In addition, we will collect your business information, including your company name, legal form, business type, nature and purpose of your business, address of your company's registered office, telephone number, and details of directors and real owners.

1.2 In order to realize the payments based on transactions we collect your bank details.

1.3 For research purposes or for market research purposes, we may collect additional data, such as your preferences and interests, based on your registration at irregular intervals.

1.4 In order to verify your identity in accordance with applicable anti-money-laundering laws and to prevent fraud, we may collect your data from third parties. These data may include, among other things, your creditworthiness, financial history, court judgments, stock capital, VAT ID and Company ID, company registration dates, and composition of the Board of Directors.

1.5 If you use our Services, we collect data about your transactions, including time, place, amount, method of payment, and cardholder information.

1.6 In the case of your access to our web site, or if you use one of our mobile applications, we may automatically collect, inter alia, data such as your IP address, operating system, browser type, identifying information of your computer or mobile device, date and time your visit, and your behavioral information during this visit.

  1. Processing your data

2.1 We collect data that we collect about you in order to provide you with the Services and to send you all relevant information including Transaction Confirmations, Payments Reports, Safety Notices, and Customer Support Notices.

2.2 We also use the data we collect about you to improve and adapt our Services. In the future, for example, we can add features tailored to your business in our mobile apps.

2.3 If you do not decide to withdraw these notifications, we may use the information we collect about you to send you news and up-to-date information about our Services or information about any special events, offers, and rewards offered by us or our APP. UMBRELLA, a.s partners.

You can unsubscribe from your account in your account or email us at It must be mentioned in the email that you are declining to consent to the sending of these messages. Services APP.UMBRELLA, a.s. we can continue to offer you without this additional service.

2.4 The data we collect through cookies and tracking pixels (for details see below in Article 8) can also be used to track and analyze your user behavior and any activities related to special events, offers, and rewards concerning our Services.

2.5 The data we collect about you may be used to protect our rights or to investigate or prevent fraud and other unlawful activities and to other purposes related to our Services which we will inform you about.

  1. Usage of your personal information

3.1 We may provide the data we collect about you to any company in our Group, including its affiliates, the parent of our holding and its affiliates. Forwarding this data will allow us to provide you with a complete range of services in cases where part of our services is provided by other companies in our group. These include customer support, money laundering, payment reporting, and internal audit.

3.2 We may necessarily provide data to third parties who, in the course of processing your transactions on our behalf, provide activities such as fraud prevention and verification service providers, financial institutions, processors, credit card issuers, and other payment processors payments.

3.3 If you do not decide to sign out of the relevant communications, we may also collect the data we collect about you from third parties with which we collaborate in advertising campaigns, competitions, special events or other events and activities related to our Services.

3.4 We may collect the data we collect about third parties in connection with any merger, sale of a share in the Company or the sale of assets, financing, taking over, confiscation of assets or liquidation of one of our companies as complete or a part of such a company.

3.5 We may also collect the data we collect about you if (i) such providing is necessary to meet the requirements of applicable legislation or regulations, (ii) to apply the general terms and conditions of business or principles, (iii) to ensure the security or integrity of our Services, and (iv) to protect our rights

3.6 In any case, we will always ensure that your data is processed only in connection with the Services and in accordance with this Privacy Policy and the applicable privacy laws.

  1. Cross-border data processing

The data we collect about you can be handed over to members of our group of companies and to third parties acting on behalf of us outside of the European Economic Area (EEA) or countries where the European Commission has adequate data protection. The protection of personal information we collect about you may not be in the EEA countries at the same level as the EEA countries. However, we will continue to collect, store and use your data in all circumstances in accordance with this Privacy Policy and the General Privacy Policy (GDPR). SumUp will ensure that data is provided only to organizations that guarantee an adequate level of protection of personal data in accordance with applicable data protection laws and that there are satisfactory contractual arrangements with such parties.

  1. Data security

5.1 We are responsible for securing the data we collect about you. We have taken reasonable steps to perform administrative, technical and physical actions to protect your data against loss, theft, misuse, unauthorized access, disclosure, alteration, and destruction. Once you log in to your account, all Internet communications are secured with Secure Socket Layer ("SSL") and highly secure 128-bit encryption.

5.2 This high level of security can only work if you adhere to some basic security principles, for example, you will not tell anyone about your Account details or login information. If you are convinced that the login information for your Account has been received by an unauthorized person, you can change your password at any time on our website or our mobile app. At the same time, however, you must immediately contact customer support.

5.3 Unfortunately, we cannot guarantee the safety of data transmitted over the Internet, because this type of transmission is never completely risk-free. You carry out all such transmissions on your own responsibility. As soon as we get your data, we will secure it against unauthorized access in accordance with our strict practices and our security structures.

  1. Security of cardholder data

6.1 APP.UMBRELLA, a.s. is responsible for securing the cardholder's data that it processes, transmits and stores through its systems. We use best practices that are in compliance with strict regulatory requirements to protect sensitive data, and we go through an audit every year to confirm that we meet these requirements successfully.

6.2 For the purpose of anti-money-laundering, it shall keep all transaction data for at least 5 years after the termination of the relationship with the Customer. In some cases, we keep the data of your Cardholder customers. These data may, in accordance with legal requirements, include the name, email or telephone number to issue payment statements.

  1. Saving data

7.1 Legal regulations require we must store certain records of the data we collect about you for at least five years after your Account has been canceled. Unless your other decision, we reserve the right to delete and erase any other data we have collected about you. In the event of your decision and the appropriate agreement, we will continue to store your details, such as your transaction history, which you can use for accounting purposes.

7.2 Notwithstanding the above, you are entitled to ask us to delete your details. Depending on the services that APP.UMBRELLA, a.s. provided in our business relationship, the legal obligation to keep certain data for us for a period of five years from the date of the request for data deletion can be made for us. If you ask for the deletion of your data, you will lose the ability to continue to use APP.UMBRELLA, a.s..

7.3 You may request the deletion of your details in your account or by sending the relevant request to the email address

  1. Cookies and tracking pixels

8.1 We use a variety of cookies and tracking pixels on our site and in our apps. Cookies are small data files stored on your computer, mobile, or other devices where you browse our site or use our apps or web-based software. Tracking pixels are small graphic images or web code that can be part of a website or any of our emails

8.2 We may use cookies and tracking pixels for the following purposes: (i) to personalize our Services that we provide as individuals, to customize our Services to your preferences, (ii) to ensure the effective operation of our websites and apps, (iii) to track website traffic and track usage patterns for statistical needs, and to find out what pages and features our users consider useful, and vice versa, (iv) to identify users after logging in to their Accounts, and to help users recover passwords, (v) to ensure compliance with regulatory requirements in areas such as anti-money-laundering and fraud prevention, or to protect your Account against Identity Theft, and (vi) to refer to the websites of our Group companies.

8.3 Some cookies may not come from APP.UMBRELLA, a.s. If you visit a site with embedded content from YouTube or Facebook, you can save cookies from your site on your computer. We do not control the distribution of cookies from third parties. For more information about these cookies and their privacy policies, visit the third-party websites.

8.4 Cookies and tracking pixels will never allow us to get data from your computer, mobile or other devices different from those you choose to provide us with.

8.5 Most web browsers automatically allow cookies. However, you can disable the use of cookies at any time in your browser settings. In this case, however, some features of our site, mobile app or web software may be restricted.

8.6 If you disagree with cookies, you must remove them from your computer, mobile or other devices. You can also disable them in your browser settings or stop using our Services. For information on how to delete and manage cookies, visit For information on how to delete and manage cookies, visit

  1. Links to other websites

If you use a link to websites that are not owned by APP.UMBRELLA, a.s. but third parties, the protection of your personal data will be subject to the respective policies of these third parties. We do not have any liability for such privacy policies. You should be aware of their content before entering any of your data on this site.

  1. Right of access to data and options

You have the right to request access to our personal data that we store, and you may disallow at any time any collection, storage or providing of your information described in this Policy. However, if you ask us not to process your data, you will lose access to APP.UMBRELLA, a.s. services and products.

You may use the following rights towards us:

Right of access to personal data: You may ask us for a machine-readable copy of your personal data and a copy of the personal data you have provided us with. The right to object to the use of data or to restrict the use of such information: You may ask us to discontinue use of some or all of your personal data, or to limit the scope of use. Right to complete data: You may request the repair or updating of our personal data that we keep. Right to clear data: You may ask us to delete or delete all or some of your personal information. Right to data portability: You have the right to request SumUp to immediately transfer data to another administrator .

You may send us requests to provide a copy of your personal information, to add, delete or update it, or to withdraw your consent to process your data from us, either directly from your account or at,

If you are not satisfied, you can file a complaint with the appropriate Personal Data Protection Authority. APP.UMBRELLA, a.s. will engage in all investigations and willfully actively and possible endeavor to meet all requirements. The relevant authorities in each country are listed on the following European Commission website:

  1. Cancellation of consent

If you choose to withdraw your consent to further processing as outlined in this Privacy Policy, we will notify you that we will no longer be able to provide you with the services you have requested and therefore we may terminate your contracts with you. In addition, we may be required to retain your personal data in order to comply with legal and regulatory obligations.

  1. Applicable law

12.1 This Privacy Policy and its interpretation are governed by applicable EU law.

12.2 A Czech language version of this Privacy Policy prevails. All translations and other language versions of this Privacy Policy are for informational purposes only. In the event of a conflict between the Czech language version and a translation or other language version of this Privacy Policy, the text in the Czech language always prevails.

12.3 This Privacy Policy (including any applicable General Terms and Conditions) constitutes the entire agreement between you and us and, to the fullest extent permitted by applicable law, substitutes all prior agreements, conditions, warranties or statements.

  1. Contacts

Feedback and questions about this Privacy Policy are welcome and we will be glad when you send them to the following addresses:


Postal address: APP.UMBRELLA, a.s., Antala Staška 1859/34, Praha 4, 140 00, Česká Republika




"We love to earn money, you love it too?"