Logo
Products

Products

Payment inititation

Transform the way you process payments

  • Active payment link
  • Recurring payments
  • One-click payments
  • Automated refunds
  • Card payments
  • Apple Pay and Google Pay
  • BLIK
Automated Payouts

Automate your payouts while maintaining full control

  • Real-time payouts
  • Seamless API integration
  • Bulk payment capabilities
  • Scheduled payouts
User Verification

Verify customer identities instantly while maintaining compliance

  • Real-time ID checks
  • Biometric authentication
  • Fraud prevention systems
  • API-driven integration
Advanced Solutions

Faster your transactions, increase conversion rates and customize as you want

  • Account information service
  • BNPL
  • Industry-specific integrations
Solutions

Solutions

E-Commerce & Marketplaces

Neopay powers marketplaces and online stores with flexible integrations, advanced fraud protection, and expert support.

Financial Services & Banking

Neopay enables instant, compliant transactions for loans, account funding, and transfers.

Energy & Utilities

Neopay integrates with utility platforms to automate collections, reduce delinquencies, and ensure compliance.

IGaming

Neopay offers customizable solutions and expert support to help gaming companies maximize their potential.

Need different solutions?
Contact Us To Get Personalized Offer That Fits Your Needs
Resources

Resources

Documentation
Blog
Countries & Banks
Need different solutions?
Contact Us To Get Personalized Offer That Fits Your Needs
Company
Learn more about our features
  • Lorem ipsum dolor
  • Lorem ipsum dolor
  • Lorem ipsum dolor
Need different solutions?
Lorem ipsum dolor sit amet consectetur. Aliquet eget porta risus tellus libero metus morbi a pulvinar.
Log in

Global (English)

Lietuva (Lietuvių)

Login
PERSONAL DATA PROCESSING AGREEMENT

‍

This Personal Data Processing Agreement (the “Agreement”) is an integral part of the Payment Service Agreement between the Service Provider and the Service Recipient, as identified in the special conditions of the Payment Service Agreement.

1. PREAMBLE

1.1. The parties have entered into  Payment Service Agreement (the "Main Agreement"), under which, in performance of its contractual obligations, it shall exchange information which, in certain cases provided for in the Main Agreement, includes the Personal Data of the Data Subjects. The Parties confirm that, in the event that one Party discloses to the other Party Personal Data of the Data Subject, each Party shall be responsible for ensuring that the Personal Data of the Data Subject are processed in accordance with all applicable laws of the Party, as the Controller, including but not limited to The Personal Data Protection Law of the Republic of Lithuania, the General Data Protection Regulation (“GDPR”).

1.2. The Parties confirm that the Personal Data will be used only for the purpose for which they were transmitted, unless the Party has another legitimate purpose for further processing of the Personal Data and complies with the legislation of the Republic of Lithuania and the provisions of GDPR.

1.3. Taking into account that the Service Provider may/ will use Data Processors in fulfilling the obligations of the Main Agreement, the Parties agree that Personal Data may be transferred only to those Data Processors, which are specified in Annex No. 1 or about which the Service Recipient is informed in writing and which expressly consents to the transfer of Personal Data to the specified Data Processors.

1.4. The Parties confirm that the Service Recipient and the Service Provider are two separate and independent Controllers of the Data Subjects.

1.5. The Parties, on a voluntary basis, shall enter into a Personal Data Processing Agreement (hereinafter referred to as the "Agreement"), which sets out the rights and obligations of both Parties with regard to the protection and processing of Personal Data.

1.6. This Agreement shall form an integral part of the Main Agreement.

2. DEFINITIONS

2.1. Personal data - means any information relating to an identified or identifiable natural person.

2.2. Personal data security violation - a situation where accidental or unlawful destruction, loss, alteration, unauthorized disclosure, transfer or storage of Personal Data or unauthorized access to them occurs.

2.3. Data Recipient - a Data Controller, who receives Personal Data from another Data Controller.

2.4. Data Subject - a natural person whose Personal data is processed in accordance with the Main Agreement and this Agreement.

2.5. Processing -  means any operation or sequence of operations carried out by automated or non-automated means on Personal Data or a collection of Personal Data, such as collection, recording, sorting, systematizing, storing, adapting or modifying, searching, using, disclosing, transmitting, distributing or otherwise enabling including access to, restriction of, access to, deletion of, or destruction of, other data.

2.6. Data Controller - a legal entity that determines the purposes and means of processing of Personal Data.

2.7. Data Processor - a natural or legal person who processes personal data on behalf of the Data Controller and in accordance with the instructions of the Data Controller.

2.8. Services - all services provided by the Service Provider to the Service Recipient under the Main Agreement.

2.9. Other terms used in this Agreement shall be understood as defined in the GDPR and other legal acts of the European Union.

3. SUBJECT MATTER OF THE AGREEMENT

3.1. By this Agreement, the Parties agree to provide the Personal Data referred to in Annex No. 1, for the purposes of implementing the Main Agreement, as well as for any other legitimate purpose for the further processing of Personal Data and in compliance with the applicable legislation.

4. OBLIGATIONS OF THE PARTIES

4.1. Each Controller warrants and represents that:

4.1.1. Personal data is collected and processed in accordance with the provisions of the GDPR;

4.1.2. Upon request, provide Data Subjects with information on the processing of Personal Data, including their transfer;

4.1.3. apply appropriate technical and organizational measures to ensure the security of Personal Data and the protection of the rights of Data Subjects;

4.1.4. will process Personal Data in Attachment no. 1, and for no longer than is necessary for the purpose of processing the Personal Data;

4.1.5. duly inform the Data Subjects of the transfer of the Personal Data by the Data Controller to another Data Controller;

4.1.6. ensure that its staff, service providers and data processors handling Personal Data are made aware of their obligation to protect Personal Data;

4.1.7. immediately inform the other Party in writing of a potential violation of Personal Data security.

5. LIABILITY OF THE PARTIES

5.1. Each Party shall perform its obligations under this Agreement at its own expense and shall be responsible for the improper performance and / or non-performance of these obligations.

5.2. Each Party shall be liable to the other Party for direct damage caused by any violation of this Agreement due to its fault, as stipulated in the Main Agreement. Each Party shall be directly liable to the Data Subjects for any damage caused by any violation of the Data Subjects' rights.

5.3. In the event of a dispute with the Data Subject or the Lithuanian Data Protection Inspectorate, or any one or both of the Parties regarding the processing of Personal Data, the Parties will notify each other of any disputes or claims and cooperate to resolve them peacefully and timely.

6. TERMINATION

6.1. If one of the Data Controllers improperly performs or violates its obligations under this Agreement or the applicable legislation, the other Data Controller may suspend the provision of Personal Data to the other Party until such breach is rectified or the Agreement is terminated. If the specific breach is not remedied within a reasonable time, the first Party shall have the right to terminate the Agreement unilaterally in accordance with clause 6.3 of this Agreement.

6.2. Each data controller is responsible for the confidentiality and security of personal data from the moment of receipt. In cases where a threat is identified or reasonable suspicions arise about a threat to the confidentiality of personal data, and/or if the Party receiving personal data does not ensure the proper protection of the provided personal data, the Party providing personal data informs the Party receiving personal data about it and has the right to temporarily suspend the provision of personal data. Each data controller assumes full responsibility for its data processors and their subprocessors.

6.3. In the event of a material or persistent breach by the receiving Party of its obligations under this Agreement or the bankruptcy or liquidation of the receiving Party. The providing Party shall have the right to terminate this Agreement, without prejudice to any other rights it may have against the receiving Party.

6.4. If this Agreement is terminated, each Party may process or destroy the Personal Data it receives (unless it has the right to further process) in accordance with the applicable legislation and in accordance with its obligations as a Data Controller. If there is another purpose for processing Personal Data, a Party may continue to process Personal Data for this purpose in accordance with the laws of the European Union and the Republic of Lithuania.  

7. FINAL PROVISIONS  

7.1. This Agreement shall be governed by and construed in accordance with the laws of the Republic of Lithuania.

7.2. Neither Party may assign its rights and obligations under this Agreement to any third party without the consent of the other Party. This requirement shall not apply to the use of Data Processors.

7.3. This Agreement forms an integral part of the Main Agreement. By signing the special conditions of the Main Agreement, the Service Recipient confirms it has read, understood and agreed to this Agreement.


ANNEX NO. 1 "DATA PROVISION INFORMATION" TO THE PERSONAL DATA PROCESSING AGREEMENT

The Parties hereby sign this Annex No. 1 (hereinafter referred to as "the Annex") to clarify the provision of data as specified in the Personal Data Processing Agreement (the "Agreement") The terms used in the Annex correspond to the definitions used in the Main Agreement and in the Agreement.

1. PURPOSE OF DATA PROVISION

1.1. The data may be processed for the purposes of performing the Main Agreement signed by the Parties, for the fulfillment of the statutory duties related to the performance of the services specified therein, as well as for the legitimate interests of the Service Provider for the collection of debts.

2. LEGAL BASIS FOR DATA SUBMISSION AND RECEIPT

2.1. Data shall be processed in accordance with the laws of the Republic of Lithuania, the Main Agreement and the General Data Protection Regulation (Article 6 (1) (b), (c), (f)).

3. CATEGORIES OF DATA SUBJECTS

3.1. The categories of Data Subjects are the clients of the Service Recipient (Payers) and employees of the Parties and / or Data Processors and/ or representatives of the Data Processors.

4. DATA CATEGORIES

4.1. For the purposes of performance of the Main Agreement, (payment services, debt collection), the Parties shall provide each other in a secure manner with:

4.1.1. The Service Recipient may provide the Service Provider with the following data for the purpose of providing payment services:

4.1.1.1. Unique payment transaction identification number provided by the Service Recipient;

4.1.1.2. Amount payable by the Payer;

4.1.1.3. Payer's payment currency;

4.1.1.4. Recipient of the payment made by the Payer;

4.1.1.5. IBAN account number of the payee of the payment made by the Payer;

4.1.1.6. Purpose of the payment made by the Payer;

4.1.1.7. BIC of the payment institution chosen by the Payer/ Payment institution chosen by the Payer;

4.1.1.8. Payer's personal code;

4.1.1.9. Payer‘s email address.

4.1.1.10. The first 6 (six) and the last 4 (four) digits of the card number (only for PCOV service)

4.1.1.11. Other data related to a specific Payer's payment transaction.

4.1.2. The Service Provider may provide the Service Recipient with the following data for the purpose of providing payment services:

4.1.2.1. Payer's name, surname;

4.1.2.2. Payer's payment status, date and time;

4.1.2.3. Unique payment transaction identification number provided by the Service Recipient;

4.1.2.4. Amount payable by the Payer;

4.1.2.5. Payer's payment currency;

4.1.2.6. Recipient of the payment made by the Payer;

4.1.2.7. IBAN account number of the payee of the payment made by the Payer;

4.1.2.8. Purpose of the payment made by the Payer;

4.1.2.9. BIC of the payment institution chosen by the Payer/ Payment institution chosen by the Payer;

4.1.2.10. Other data related to the Payer / Payer's payment. 4.2. In order to identify a person entitled to represent a Party, perform written agreements concluded by the Parties on its behalf, perform other functions related to the performance of the Framework Agreement, exercise the rights provided for in the Main Agreement, the Parties shall provide each other with the following Data:

4.2.1. Position, name, surname of the employees of the Parties and / or Data Processors and/ or representatives of the Data Processors;

4.2.2. Telephone number, e-mail of the representatives of the Parties' employees and / or Data Processors and/ or representatives of the Data Processors.

4.2.3. The Parties expressly agree that they have duly informed their employees, the representatives of the Data Controllers about the transfer of their personal data to the other Party for the purposes of the performance of the Main Agreement.

5. DATA RETENTION PERIOD

5.1. Each Party, acting as an independent Data Controller, shall retain personal data only for as long as it is necessary to fulfill their respective purposes under the Main Agreement and in compliance with applicable laws.
5.2. Upon the termination or expiration of the Main Agreement, each Party shall delete or anonymize the personal data under their control unless further retention is required by applicable laws or necessary to exercise or defend legal claims.

6. DATA REPORTING PROCEDURE

6.1. The Parties shall transmit the data automatically using secure software interfaces or by e-mail encrypting the correspondence sent.

7. LIST OF DATA PROCESSORS OF THE SERVICE PROVIDER

7.1. The Parties agree that Personal Data may be processed by the following Data Processors on behalf of the Service Provider:

7.1.1. The individual company “Hosty”,under the service agreement, provides administration and maintenance of the server used by the Service Provider;

7.1.2. Private Limited Liability Company “BankingLab”, provides HSM service under the service agreement;

7.1.3. Private Limited Liability Company “Klavakrapštis”, provides payment services programming and monitoring services under the service agreement.

7.2. The Parties agree that the Service Provider must inform the Service Recipient in writing in advance of any changes in the list of Data Processors.

‍

Cookie Name
Cookie Category
Description
validity period
CookieScriptConsent
Necessary cookie
Cookie used to store the website visitor’s cookie consent preference.
7 months
_ga_7P30C3KH6T
Statistics cookie
Used by Google Analytics to track user  activity.
1 year 1 month
_gcl_au
Marketing cookie
Cookie used by Google AdSense. Helps deliver targeted advertising to theuser.
2 months
_ga
Statistics cookie
Google Analytics cookies used to distinguish users.
1 year 1 month
test_cookie
Necessary cookie
Used to check if the user’s browser supports cookies.
1 day
_gid
Statistics cookie
Used by Google Analytics to track user behavior and page views.
2 days
_gat_UA-150901074-1
Statistics cookie
Used by Google Analytics to limit the rate of requests.
1 day
IDE
Marketing cookie
Used by Google DoubleClick to show personalized ads to users.
1 year
__cf_bm
Necessary cookie
Cloudflare cookie used to protect the site from bots and malicioustraffic.
1 day

THIRD PARTY SERVICES

‍

We regularly use Google Analytics software to optimize marketingmessages from Google LLC. It allows tracking visitors online behaviour: thetime spent on the website, geographic location and usage specifics of thewebsite. This information is collected through tracking pixels and/or cookies.The information obtained through tracking pixels and/or cookies is anonymousand is not bundled with personal data. Google processes personal information onits servers in various countries around the world. Personal information can beprocessed on a server that is not in the country where the user resides. We donot share this information with any other third parties that would be able toaccess it freely.

This website has an interface with third-party communication channels“Linkedin” and “Facebook”, where we place information about the Company'sactivities and act as separate data controllers. The cookies used by thischannel allow us to obtain aggregated statistics and insights into how visitorsinteract with our posts, ads, this website, videos and other content on thesesocial media.  

You can learn more about the third-party monitoring technologies used onour website here:

‍

Cookie identifier
Description
The moment ofcreation
Expiry date 
„Linkedin“visitor monitoring technologies used
„Linkedin“visitor monitoring technologies are used toidentify the visitor, ensure the safety of the visitor's account, monitor hisbehavior and provide adapted content, including advertisements.
During the visit
More information aboutLinkedin cookies: https://www.linkedin.com/legal/cookie-policy
User monitoringtechnologies used by Facebook
Facebook visitor andMessenger user monitoring technologies are used to identify the visitor,monitor their behavior and improve their content.
During the visit
More information aboutFacebook and Facebook Messenger cookies: https://www.facebook.com/policies/cookies

HOW TO MANAGE COOKIES?

In order for the website to function properly,you do not have to accept all the cookies used here but doing so will makebrowsing easier for you. You can block all but the necessary cookies, however,some features of this website may not work as intended and you may need toreset some options each time you visit our website.

Most browsers allow you:

§  to check which cookies are storedand to delete cookies one by one;

§ blockall third-party cookies;

§ blockcookies from specific websites;

§ blockall cookies on the website;

§  delete all cookie preferences whenclosing the browser.

How to disable cookies?

You can refuse cookies by adjusting the cookiesettings on our website. When you open the page, you will see a cookie icon atthe bottom right corner. By clicking this icon, you will access the cookiesettings. You can disable all cookies except those that are necessary. Aftermaking your changes, click the “Save” button at the bottom.

 

It is important toremember that the website requires "Required cookies" to functionproperly, it is not possible to disable these cookies.

 

versions of the cookie policy

We regularly review the cookies used on thewebsite and, if necessary, notify you of any material changes to the visitortracking technology used here by updating this Cookie Policy.

The latest revision of this Policy was made on 05/28/2025.

‍

Your gateway to high conversions and enormous transactions volume

NEO Finance, AB

Ukmerges str. 126, Vilnius

support@neopay.online

Stay ahead with Neopay updates!
Subscribed
Oops! Something went wrong while submitting the form.
Products
Payment InitiationCountries & Banks
Company
AboutContact usBlog
Support & Resources
API DocumentationDemo
Legals
Terms of serviceCookie policyPrivacy policyComplaints procedureLicense
Copyright © 2025 Neopay | All Rights Reserved