Back to home
Legal

Privacy Policy

Last updated: 8 July 2026

Introduction

We are DirePay ("we", "our", "us"), operating the website https://www.direpay.io/ (the "Website") and providing payment gateway, settlement, and related financial technology services to merchant partners across Asia (the "Services").

We are committed to protecting your personal data and to complying with applicable data protection laws, including (as relevant to you) the General Data Protection Regulation (GDPR), and the personal data protection laws of the markets we operate in across Asia (for example Malaysia's Personal Data Protection Act, Thailand's PDPA, or equivalent laws in Vietnam, India, Indonesia, Bangladesh, and the Philippines).

This Privacy Policy explains how we collect, use, disclose, and safeguard information when you: (a) visit our Website; (b) apply to become a merchant, partner, or reseller; (c) apply for a job with us; or (d) interact with our AI chat assistant. Information relating to end-users who make payments through our merchants' platforms is governed by the applicable merchant's own privacy policy and our data processing agreement with that merchant, not by this Policy.

1. Who We Are

Data Controller: DirePay

How to Contact Us:
Email: [email protected]

2. What Data We Collect

2.1 Website Visitors and Enquiries

When you contact us, fill in a form on the Website, or message our AI chat assistant, we may collect:

Please do not send us sensitive personal data (health information, political opinions, religious beliefs, biometric data, etc.) unless it is specifically requested and necessary.

2.2 Merchant and Partner Onboarding

When you apply to integrate with DirePay as a merchant, or to become a reseller/referral partner, we may additionally collect:

This data is used to assess eligibility, prevent fraud, and comply with anti-money-laundering (AML) and payment industry obligations, and is also addressed in your merchant/partner services agreement with us.

2.3 Job Applicants

If you apply for a role with us, we may collect:

2.4 Cookies and Technical Data

We use cookies and similar technologies to operate the Website and understand how it is used. This may include your IP address, browser type, device information, approximate location, and pages visited. Details are set out in our separate Cookie Policy.

By submitting information to us, you confirm it is accurate, complete, and up to date, and you may update it at any time by contacting us.

3. Why We Process Your Data and Our Legal Basis

PurposeLegal Basis
Responding to enquiries and onboarding merchants/partnersNecessary to take steps at your request prior to a contract; legitimate interests
Conducting compliance, KYB, and fraud-prevention checksLegal obligation; legitimate interests
Sending service updates or marketing communicationsConsent, or legitimate interests where permitted, with an opt-out available at any time
Operating and securing the Website, including the AI chat assistantLegitimate interests
Website analytics and performance cookiesConsent (non-essential cookies); legitimate interests (essential cookies)
Processing job applicationsNecessary to take steps at your request prior to a contract; legitimate interests

You may withdraw consent or object to processing based on legitimate interests at any time — see Sections 8 and 9.

4. Who We Share Your Data With

We may share personal data with:

We do not sell your personal data. Third parties who process data on our behalf are contractually required to use it only for the purposes we specify and to apply appropriate security measures.

5. Data Security

We apply technical and organizational safeguards — including encryption, access controls, secure infrastructure, and regular security reviews — to protect personal data against unauthorized access, disclosure, alteration, or destruction. Access is limited internally on a need-to-know basis. While we work hard to protect your data, no system can guarantee absolute security.

6. International Data Transfers

Because we operate across multiple Asian markets and may use service providers located outside your home country, your data may be transferred internationally. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses, Binding Corporate Rules, or equivalent mechanisms recognized under applicable law. Contact us at [email protected] for more information about the safeguards used for a specific transfer.

7. How Long We Keep Your Data

We do not keep personal data longer than necessary for the purposes it was collected for.

8. Your Data Rights

Subject to applicable law, you may have the right to:

To exercise any of these rights, contact us at [email protected].

9. Withdrawing Consent

Where we rely on your consent, you may withdraw it at any time by emailing [email protected] or using the unsubscribe link in our communications.

10. How to Lodge a Complaint

If you have concerns about how we handle your data, please contact us first at [email protected] so we can try to resolve the issue. You also have the right to lodge a complaint with your local data protection authority (for example, the data protection authority in an EU/EEA member state where you live or work, or the relevant authority in your Asian market of residence).

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. Updates will be posted on this page with a revised "Last updated" date, and where changes are significant, we will notify you directly and seek consent where required by law.

12. Contact Us

DirePay

Email: [email protected]