Privacy policy

Our commitment to your privacy

Written by Pomelo Pay
Updated over a week ago

Welcome to the Pomelo Privacy Policy We are Appfleet Limited (referred to as “we” or “us” or “our” or “Pomelo”), trading under the name of Pomelo Pay. We provide services that allow Merchants to offer customers an easy to use payment system that, amongst other things, allows them to scan QR Codes placed on invoices, web pages, emails or other media produced by the Merchant to enable the customers to quickly and easily make payments to the Merchant (the “Services”). Pomelo is registered with the Financial Conduct Authority (“FCA”) under Firm Reference Number 789476. We are committed to protecting and respecting your privacy.  This policy sets out the basis on which any personal information we collect from you, or that you provide to us, will be processed by us for the purposes of any applicable laws. We are the data controller of any personal data you provide to us and are subject to any applicable data protection laws. We are registered with the Information Commissioner’s Office (registration number: ZA300850). Contact details If you have any questions about our privacy policy or your information, or to exercise any of your rights as described in this privacy policy or under any applicable data protection laws, you can contact us:

By post:

Appfleet Limited

71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ

By email:

The best way to contact us in first instance is through the contact form available at

1. General

  • Please read this privacy policy carefully as it sets out the basis on which we collect any personal information from or about you, and how we use it in the operation of POMELOPAY.COM, which is Pomelo’s public website.

  • By visiting our website or by using the Services, you acknowledge the practices described in this privacy policy.

  • This privacy policy covers:anonymous visitors to our website (“Guests”); andour Merchants (and their personnel).

  • Merchants may be limited liability companies, limited liability partnerships, unlimited partnerships, sole traders or unincorporated associations. In these circumstances, this privacy policy will apply to, and “you” and “your” refer to, the individuals who are you as the merchant, if a sole trader, or you as a director, partner, member, guarantor or employee of the merchant as appropriate.

  • It may be that we also seek and obtain personal data about other parties linked financially with you. You should therefore ensure they read this privacy policy and you have their consent to disclose the information about them.

  • If you have any questions about any aspect of this privacy policy or do not agree with it, please contact us at Appfleet Limited, 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ.

  • We may change this privacy policy from time to time by updating this page, and where appropriate we will notify you by email. You should check this page from time to time to ensure you are happy with any changes.


  • Pomelo is committed to safeguarding the privacy and security of your information.

  • We will only collect and use your information where we have lawful legitimate business reasons to do so.

  • We will not ask for more information than we need for the purposes for which we are collecting it.

  • We will update our records when you inform us that your details have changed.

  • We have implemented and adhere to information retention policies relating to your information.

  • We will ensure that your information is securely disposed of at the end of the appropriate retention period.

  • We observe the rights granted to you under applicable privacy and Data Protection laws.

  • We will ensure that queries relating to privacy issues are promptly and courteously dealt with.

  • Our staff are trained on their privacy obligations.

  • We will ensure there are appropriate measures in place to protect your information regardless of where it’s held and ensure that safeguards are in place before transferring your information to other countries.


  • You can browse our website as a guest without giving us any information, and we won’t know who you are. However, even if you are a guest, please bear in mind that we may:record the areas of our website which you visit and at what times;record information about your activities in using our website; andcollect information about your computer, such as which browser you are using, your network location, your operating system, your IP address and the type of connection you are using (e.g. broadband, ADSL etc.).

  • We collect the information above by using cookies. Please see our Cookies Policy below, which explains what cookies we use on our website, why we use them and how you can control them.

  • Additional services are available once you register with us and login to our website. In this case, we will know who you are, your activities on our website and information about your computer may be linked to you on our systems. We may retain copies of any correspondence you send us, details of your registration history and any materials you post or upload on the Pomelo website.

  • We also store data that you submit to us via email, via our optional surveys, and through our contact form and email subscription sign-up form on our website.


  • The types of information we may request from you are:your contact information – including your name, business address, postcode and other contact information such as your business email address and telephone/mobile number;job title;company name;company registration number;information about your activities in using our website; andproof of your identity and address, or the proof of identity and address of ultimate beneficial owners if you are an incorporated entity.


We will also check information about you held on our own records and also obtain information from third party databases and verification services, which can include the following information:

  • whether you have any county court judgements, bankruptcy or insolvency proceedings recorded in your name;

  • whether you or your officers, agents or representatives are sanctioned individuals or potentially exposed persons (as such term is defined in the Money Laundering Regulations 2017);

  • if you are incorporated, your incorporation details including your country of incorporation, and details of your ultimate parent or beneficial owner; and

  • verification information in relation to your identity and any documentation you send us as part of an application to become a Merchant.


  • In completing our job application form or submitting your CV to us by email, you will give us personal information about yourself.

  • We will use your personal data only for the purpose of assessing your suitability for employment by us and in any subsequent interviewing process. Copies of the information you submit and any further correspondence will be retained in order to progress your job application and as a record of our employment and fair access processes.

  • When you apply for a job with Pomelo you will submit your CV to us by email. Your application will only be processed by our HR team based in the UK. The information you provide to us as a jobseeker is supplied in strict confidence and your personal information will be input onto a computer database for internal recruitment purposes only. Only employees of Pomelo who are part of the recruitment and selection processes, or IT support contractors engaged by us, will have access to your information.

  • We will not sell or disclose your personal information to any third party other than as set out in this privacy policy without your consent.

  • We may store and record any telephone calls you have with Pomelo staff for record keeping and quality control purposes.

  • We take all reasonable steps to retain personal information only for as long as we need to process your job application. We may also retain your details after a decision has been reached regarding your suitability for current jobs for vacancies that may become available in the future, or in accordance with our legal obligations.


  • We store and use this information to:provide the Services;make our website available to you and to identify and provide details of the products and services which you may be interested in;enrich your experience and interaction with our website by allowing you to store your details so that your preferences are retained when you revisit our website;analyse site usage and improve our services;deliver to you any administrative notices, alerts and communications relevant to your use of the services;contact you from time to time to inform you about new features, to troubleshoot problems, and to help protect you against fraud or other criminal activity;carry out product development, statistical analysis and market research and to improve our products and services;for customer service, including answering questions and responding to feedback and complaints;comply with our anti-money laundering and know your customer legal and regulatory obligations and internal compliance requirements; andfor any other specific purposes in relation to your activities on the Pomelo website.


  • We won't provide your personal information to other companies for their marketing purposes unless you have given us your consent. However, we may aggregate anonymised information based on your personal information and disclose this to advertisers and other third parties.

  • We may share your personal information with companies and other third parties performing services on our behalf (for example payment service providers, customer relationship management providers or other service providers) who will only use the information to provide that service. We may also share your personal information with other members of our corporate group, or a purchaser or potential purchaser of our business.

  • We undertake searches and checks on third party databases in order to comply with our anti-money laundering and know your customer legal and regulatory obligations, as well as our internal compliance requirements. We may need to share some of your personal data, and/or documents containing such personal data (such as your passport or proof of address) with these third parties in order to undertake these searches and checks. Any personal data we receive from such third parties will be stored by us solely to comply with the purpose set out at paragraph 1.9 above.

  • In some circumstances, we may have to disclose your personal information by law, because a court or the police or other law enforcement agency has asked us for it.

  • We will not sell or disclose your data to any third party other than as set out in this privacy policy.


The data that we collect from you will be stored within the European Economic Area ("EEA") via our third party providers. The personal data that we collect from you will also be copied, transferred to and stored at, a destination outside the EEA by such third-party providers to act as a back-up, should any of your data become lost, damaged or destroyed. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.


  • We would like to provide you with information about our new products, services, promotions, special offers and other information which we think you may find interesting.

  • If you have registered with us or have previously asked us for information on our products or services, provided you have given us your consent in the format set out in Annex 1 to this Privacy Policy, we may send you information on our range of products and services by phone, email and/or SMS.

  • You have the right to object at any time to our processing of your personal information for direct marketing purposes and if you decide at any time that you no longer wish to receive marketing phone calls, emails or SMS from us, please contact us in writing at Appfleet Limited, 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ or at We will always give you an opportunity to unsubscribe from receiving any marketing from us in each communication we send to you.


  • Access to Your Information and Updating Your InformationYou have the right to access information which we hold about you. If you so request, we shall provide you with a copy of your personal information which we are processing. For any further copies which you may request, we may charge a reasonable fee based on administrative costs. Please contact us in writing at Appfleet Limited, 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ or at also have the right to receive your personal information in a structured and commonly used format so that it can be transferred to another data controller (“data portability”).We want to make sure that your personal information is accurate and up to date. If you think any information we have about you is incorrect or incomplete, please contact us in writing at Appfleet Limited, 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ or at as soon as possible. We will correct, delete or update any information as soon as possible.

  • Right to Object

Where we process your information based on our legitimate interests, you also have the right to object, on grounds relating to your particular situation, at any time to processing of your personal information which is based on our legitimate interests. Where you object on this ground, we shall no longer process your personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

  • Your Other RightsYou also have the following rights under any applicable data protection laws to request that we rectify your personal information which is inaccurate or incomplete.In certain circumstances, you have the right to:request the erasure of your personal information erasure (also known as the ‘right to be forgotten’); andrestrict the processing of your personal information to processing to which you have given your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of others.


  • You can exercise any of your rights as described in this privacy policy and under any applicable data protection laws by contacting us as given in “Contacting us” above.

  • Save as described in this privacy policy or provided under any applicable data protection laws, there is no charge for the exercise of your legal rights. However, if your requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may either: (a) charge a reasonable fee taking into account the administrative costs of providing the information or taking the action requested; or (b) refuse to act on the request.

  • Where we have reasonable doubts concerning the identity of the person making the request, we may request additional information necessary to confirm your identity.


We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk.


  • This website makes use of third party solution providers for payment services and provision of servers and internet application services, either via direct sourcing of data or via use of third party applications. Your use of those applications is subject to their own privacy policies, which may be amended from time to time.

  • Once you have left our website, we cannot be responsible for the content of other websites or for the protection and privacy of any information which you provide on these websites. Please note that these websites have their own privacy policies and website terms and conditions. We do not accept any responsibility or liability for these policies. Please check their privacy policies and their website terms and conditions when you visit them and before you submit any personal data to these websites.


We have implemented the following measures to protect your personal information:

  • we use an external PCI compliant payment gateway to handle all credit card transactions, and are not processed by or records stored on our servers;

  • we use regular malware scanning on our systems;

  • your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential;

  • all personal information or financial details you supply is encrypted via secure socket layer (SSL) technology; and

  • we implement a variety of security measures when a user enters, submits, or accesses personal information to maintain the safety and security of your personal information.

  • Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. For instance, we use cookies to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

  • We use cookies to compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf.

  • You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browsers are a little different to each offer, look at your browser’s help menu to learn the correct way to modify your cookies.

  • If you turn cookies off, some of the features that make your site experience more efficient may not function properly. Some of the features that make your site experience more efficient and may not function properly.


You have the right to complain to the Information Commissioner’s Office ( about our data processing activities (helpline on 0303 123 1113). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance. Last updated:   April 2018

Did this answer your question?