Privacy policy

SharkPay OÜ is a legal entity incorporated under the laws of Republic Estonia (hereinafter, “Company”, “Arbex”,“we”, “us” or “our”) is committed to protecting and respecting your privacy.

This Privacy Policy (together with our terms of use and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. This Policy applies to any Company’s services, regardless of how you access or use them, through this website, or mobile devices (collectively, our “Services”). Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting (our “Website”) and clicking box “Consent to Personal Data processing” you are accepting and consenting to the practices described in this Policy.

1. General

This Policy has been prepared to meet the requirements of General Data Protection Regulation 2016/679 of 27 April 2016 (further, the “GDPR”) and it only relates to the collection, protection, disclosure and use of personal data belonging to individuals who visit our Website and use our Services.

In this Policy, the term“personal data” or “personal information” means any data or information relating to an identified or identifiable person.

    Our policy is based on the following principles:
  • We will provide clear information about how we use your personal data.
  • We will take all reasonable steps to protect your data from misuse and keep it secure.
  • We collect the personal data of only in such extent that is required by applicable law.
  • We will comply with all applicable data protection laws and regulations and cooperate with data protection authorities.
    We make sure the information is:
  • used fairly, lawfully and in transparent manner;
  • used for limited, specifically stated purpose – set out below at Section 4;
  • used in a way that is adequate, relevant and not excessive;
  • accurate and, where necessary, kept up to date;
  • kept safe and secure and for no longer than is absolutely necessary;
  • not transferred outside the European Economic Area without adequate protection.

2. Personal data that the company process

In the course of using our Services, we may collect and store the following types of information:

2.1. Information you give us

This is information about you that you give us by filling in an account application form on our Website as well as all related documentation, by corresponding with us by e-mail, phone or otherwise. It includes information you provide when you apply for and use our Services (including when you pass through the customer identification process (KYC) for the AML\CTF purposes), when you contact us with questions, report a problem with our Website or when you otherwise choose to provide personal information to us.

    The information you give us may include:
  • your legal name,
  • home address and country of residence (e.g. proof of address such as utility bills)
  • proof of identity (e.g. passport, national ID card, driving licence or other forms of identity documents);
  • contact details (e.g. e-mail address, mobile phone number, messenger ID), date of birth,
  • personal identification code,
  • employment details,
  • financial, credit card and tax information;
  • other personal information or commercial and/or identification information – whatever information we, in our sole discretion, deem necessary to comply with our AML\CTF legal obligations to which we are subject.

Please note, that you do not have to complete your customer profile and you may refuse to provide us with the requested information according to our KYC/AML requirements, however in this case we may not be able to provide you with any of our services that require customer due diligence.

2.2. Information we collect about you

    With regard to each of your visits to our site we will automatically collect the following information:
  • technical and location information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, browser plug-in types and versions, operating system and platform, visit duration, information source and other information about your computers or other access device for fraud prevention purposes;
  • information about your visit, including clickstream to, all your activity through and from our site (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, your activities on our Website, and the referring URL or the webpage that led you to our Website.


We may obtain some of your personal data from publicly available sources (such as on PEPs and sanctions lists) or use screening lists from our providers of services. We may also use automated decision-making including profiling for onboarding, fraud prevention and for the purposes of security and risk assessment relating to the performance of our Services. We may combine this information with other information that we collect about you.

3. Cookies policy

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our website. By continuing to browse the website, you are agreeing to our use of cookies. A cookie is a small file of letters and numbers that we store on your browser or the hard drive of note, that you do not have to complete your customer profile and you may refuse to your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.

    We use the following cookies:
  • Session cookies. These cookies exist whilst you are online on a particular occasion and expire at the end of your session.
  • Performance cookies. These cookies are not session-based, and remain on a visitor’s computer, so that you can be recognised as a previous visitor when you next visit our website. This allows us to collect information about your browsing habits whilst on our website, and this can be useful in assisting us to monitor and improve our services.
  • Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.

Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies. You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website.

4. Purposes for the processing of personal data

    The Company processes personal data only if and to the extent that at least one of the following applies:
  • the processing of Personal Data is necessary to enter into and perform a contract;
  • to comply with the Company’s legal obligations;
  • to protect the legitimate interests of the Company or of third party;
  • if the Company receives the Client's consent.
    The Company processes Personal Data for the following purposes:
  • to provide you with our Services;
  • to carry out our legal obligation to comply with AML/CTF requirements arising from applicable laws and regulations;
  • to protect your assets from unauthorized access, against fraud and scam activity;
  • to assess and mitigate risks related to anti-money laundering and terrorism financing as well as transaction related risks;
  • to comply with government authorities’ requests;
  • to send administrative information, including updates of policies and changes to contractual terms;
  • to process billing and to collect any fees;
  • in relation to the Company’s legitimate interests.

5. Disclosure of your personal data

    You agree that we have the right to share your personal information with selected third parties including:
  • all affiliates, agents and representatives of the Company;
  • providers that deliver services to the Company under written agreements (e.g. companies providing software services, services for identity verification, data vendors, monitoring and anti-fraud protection services, payment services, audit services, data analysis, cloud services and others);
  • to competent governmental, regulatory or other law enforcement agencies/authorities if required or permitted by law.

NOTE: We will not sell or rent Client’s personal data to any third party, will not use Client’s personal information for any purpose that is not related to the products or services provided on the Website, or for any purpose for which the Client would not reasonably expect us to use the information.

6. Personal data international transfers

    The personal data may be transferred outside of the European Economic Area to a third counties only if one of the following applies:
  • if the third country provides adequate level of personal data protection (which is provided by the decision adopted by the European Commission)
  • if the Company provides appropriate safeguards to ensure that personal data keep safe and protected (for example, conclude standard contractual clauses (SCC) for data transfers between EU and non-EU countries)
  • if there are any of derogations for specific situations (the transfer is necessary for important reasons of public interest or the Client has given explicitly consent to the processing of his data outside the EEA);

7. Where we store you personal data

All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted with SSl and TLS technology . Where we have given you (or where you have chosen) a password which enables you to access our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. Please, note that unfortunately, the transmission of information via the internet is not completely secure. We will do our best to protect your personal data but we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk.

8. Retention period

The retention period of Personal Data depends on the purposes specified by the Company. In determining the retention period of personal data, the Company takes into account contractual obligations, the legitimate interest of the Company and relevant legal enactments (such as the regulation concerning anti-money laundering and terrorism financing). You can request to remove your personal data at any time but please note that in some cases we are obliged to keep your personal data to be legally compliant.

9. Client’s rights and obligation

    If you are EEA Customers: You have a number of rights in relation to how we process your personal data. These include the right to:
  • upon your request, you may receive a copy of your personal data that is processed by the Company. If such request is unfounded, excessive or repetitive, the Company may refuse to provide you with copy of your personal data and the Company may request a reasonable fee taking into account the necessary resources for preparing such copy;
  • you may request the Company to correct your personal data;
  • you may request the Company to erase your personal data to the extent permitted by law and other regulation applicable to the Company;
  • you may object the processing and restrict the processing of your personal data by the Company to the extent permitted by law and other regulation applicable to the Company;
  • you have the right to receive your personal data in structured, commonly used and electronic format as well as to transmit it to another controller;
  • all aforementioned rights should be exercised in good faith and on written request basis;

For all Customers: You may access and verify your personal data held by the Company by submitting a written request to:

Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

10. Protection of minors

Company Services are not directed to persons under the age of 18, hereinafter “Minors” and we do not knowingly collect personal data from Minors. If we learn that we have inadvertently gathered personal data from a Minor, we will take legally permissible measures to remove that information from our records. Company will require the user to close his or her account and will not allow the use of Company Services. If you are a parent or guardian of a Minor, and you become aware that a Minor has provided personal information to the Company, please contact us at and you may request to exercise your applicable access, rectification, cancellation, and/or objection rights.

11. Changes to our privacy policy

You agree that the Company has the right to change its Policy at any time without prior notice. The Company may freely use its Website to inform the Client about any changes in the Policy. The publishing of an updated version of the Policy on the Company’s website shall be deemed a valid notification of changes to the Client. The Client undertakes to regularly review the Company’s Website and updates to the Policy.

The amendments to the Policy shall become effective on the date specified on the Website here.

12. Contact details

SharkPay OU Vaike-Paala,
2 11415, Tallinn,

Questions, comments and requests regarding this Privacy Policy are welcomed and should be addressed to our Data Protection Officer at

If you are an Arbex services customer and would like to update your personal data, please log into your “My Account” in order to update certain information or contact us through the contact information. From time to time, we may email you or send you with special offers; you may opt-out of those offers by using either the Notification Settings page in “My Account”, the unsubscribe link provided in the email, or by contacting us as noted below.

EEA customers only: If you have any concerns about how we collect and use your personal data, please contact us first at We will try to resolve your concern by making all the necessary steps. As an option, you may submit a complaint to the national supervisory authority within your jurisdiction.

The Data Protection Supervisory Authority in Estonian is the Data Protection Inspectorate.