Information on the protection of personal data for QPAY Checkout Page

Information on the Protection of Personal Data for QPAY Checkout Page

This chapter provides information on all data that are processed by our solution QPAY Checkout Page.

When ordering QPAY Checkout Page, the merchant may acquire:

  • 1 basic solution, optionally extendable with

  • 1 to N payment methods, and/or

  • 0 to N optional and additional features

For any further questions regarding data protection details and individual parameters, e.g. data subjects, categories of data, etc., consult Datenschutzhinweise zu einzelnen Parametern for additional information.

Basic Solution

Go to section “Payment method selection” to simulate the processing of data (parameters) for a given payment transaction and the selected payment method. The displayed data refer to

  • data, which the merchant or consumer sends to the QENTA payment interface (so-called input data),

  • data, which QENTA returns to the merchant or consumer (so-called output data).

All indicated parameters need to be processed to ensure that the solution QPAY Checkout Page, basic version, meets our contractual obligations to the merchant (purpose of the processing of data):

The displayed parameters are subdivided into

  • parameters processed irrespectively of the payment method (standard)

  • parameters processed dependent on the respective payment method (payment method)

  • parameters entered by the consumer (consumer interaction)

Select payment method

Select a payment method:

Credit Card

Table 1. Input Data
Parameter Type Processed data

Required Request Parameters (payment method)

Optional Request Parameters (payment method)

Info

Additional Request Parameters (payment method)

Info

Additional Request Parameters B2B (payment method)

Required Request Parameters (Standard)

Info

Additional Required Request Parameter (Standard)

Info

Optional Request Parameters (Standard)

Info

1 to N Optional Custom Parameters (Standard)

Info

Plugin-Specific Data (Standard)

-

Table 2. Output Data
Parameter Type Processed data

Parameters regarding the status of a payment (Standard)

Info

1 to N Optional Custom Parameters (Standard)

Info

Table 3. Data entered by the consumer
Parameter type Processed data

Exclusively external payment page

No

Exclusively QENTA payment page

No

Entry of data partially in QENTA payment page

Yes

Entry of data in QENTA payment page

PAN, CVC, Name, Expiry Date, Issue Date, Cardholder Name

eps-Überweisung

Table 4. Input Data
Parameter Type Processed data

Required Request Parameters (payment method)

Info

Optional Request Parameters (payment method)

Info

Additional Request Parameters (payment method)

Additional Request Parameters B2B (payment method)

Required Request Parameters (Standard)

Info

Additional Required Request Parameter (Standard)

Info

Optional Request Parameters (Standard)

Info

1 to N Optional Custom Parameters (Standard)

Info

Plugin-Specific Data (Standard)

-

Table 5. Output Data
Parameter Type Processed data

Parameters regarding the status of a payment (Standard)

Info

1 to N Optional Custom Parameters (Standard)

Info

Table 6. Data entered by the consumer
Parameter type Processed data

Exclusively external payment page

No

Exclusively QENTA payment page

No

Entry of data partially in QENTA payment page

Yes

Entry of data in QENTA payment page

Bank

Giropay

Table 7. Input Data
Parameter Type Processed data

Required Request Parameters (payment method)

Info

Optional Request Parameters (payment method)

Info

Additional Request Parameters (payment method)

Additional Request Parameters B2B (payment method)

Required Request Parameters (Standard)

Info

Additional Required Request Parameter (Standard)

Info

Optional Request Parameters (Standard)

Info

1 to N Optional Custom Parameters (Standard)

Info

Plugin-Specific Data (Standard)

-

Table 8. Output Data
Parameter Type Proce ssed data

Parameters regarding the status of a payment (Standard)

Info

1 to N Optional Custom Parameters (Standard)

Info

Table 9. Data entered by the consumer
Parameter type Processed data

Exclusively external payment page

No

Exclusively QENTA payment page

No

Entry of data partially in QENTA payment page

Yes

Entry of data in QENTA payment page

Bank, Account number, Account owner

Przelewy24

Table 10. Input Data
Parameter Type Processed data

Required Request Parameters (payment method)

Info

Optional Request Parameters (payment method)

Info

Additional Request Parameters (payment method)

Additional Request Parameters B2B (payment method)

Required Request Parameters (Standard)

Info

Additional Required Request Parameter (Standard)

Info

Optional Request Parameters (Standard)

Info

1 to N Optional Custom Parameters (Standard)

Info

Plugin-Specific Data (Standard)

-

Table 11. Output Data
Parameter Type Processed data

Parameters regarding the status of a payment (Standard)

Info

1 to N Optional Custom Parameters (Standard)

Info

Table 12. Data entered by the consumer
Parameter type Processed data

Exclusively external payment page

Yes

Exclusively QENTA payment page

No

Entry of data partially in QENTA payment page

No

Entry of data in QENTA payment page

-

Sofort

Table 13. Input Data
Parameter type Processed data

Required Request Parameters (payment method)

Optional Request Parameters (payment method)

Info

Additional Request Parameters (payment method)

Additional Request Parameters B2B (payment method)

Required Request Parameters (Standard)

Info

Additional Required Request Parameter (Standard)

Optional Request Parameters (Standard)

Info

1 to N Optional Custom Parameters (Standard)

Info

Plugin-Specific Data (Standard)

-

Table 14. Output Data
Parameter type Processed data

Parameters regarding the status of a payment (standard)

Info

1 to N Optional Custom Parameters (Standard)

Info

Table 15. Data entered by the consumer
Parameter type Processed data

Exclusively external payment page

Yes

Exclusively QENTA payment page

No

Entry of data partially in QENTA payment page

No

Entry of data in QENTA payment page

-

Unresolved include directive in modules/ROOT/pages/protection-personal-data/protection-personal-data-page-en.adoc - include::partial$privacy_qpay/paypal-new.adoc[] :leveloffset: 1

Paysafecard

Table 16. Input Data
Parameter type Processed data

Required Request Parameters (payment method)

Info

Optional Request Parameters (payment method)

Info

Additional Request Parameters (payment method)

Additional Request Parameters B2B (payment method)

Required Request Parameters (Standard)

Info

Additional Required Request Parameter (Standard)

Optional Request Parameters (Standard)

Info

1 to N Optional Custom Parameters (Standard)

Info

Plugin-Specific Data (Standard)

-

Table 17. Output Data
Parameter type Processed data

Parameters regarding the status of a payment (standard)

Info

1 to N Optional Custom Parameters (Standard)

Info

Table 18. Data entered by the consumer
Parameter type Processed data

Exclusively external payment page

Yes

Exclusively QENTA payment page

No

Entry of data partially in QENTA payment page

No

Entry of data in QENTA payment page

-

Invoice by Payolution

Table 19. Input Data
Parameter Type Processed data

Required Request Parameters (payment method)

Info

Optional Request Parameters (payment method)

Info

Additional Request Parameters (payment method)

Additional Request Parameters B2B (payment method)

Info

Required Request Parameters (Standard)

Info

Additional Required Request Parameter (Standard)

Info

Optional Request Parameters (Standard)

Info

1 to N Optional Custom Parameters (Standard)

Info

Plugin-Specific Data (Standard)

-

Table 20. Output Data
Parameter Type Processed data

Parameters regarding the status of a payment (Standard)

Info

Table 21. Data entered by the consumer
Parameter type Processed data

Exclusively external payment page

Yes

Exclusively QENTA payment page

No

Entry of data partially in QENTA payment page

No

Entry of data in QENTA payment page

-

SEPA Direct Debit by Hobex

Table 22. Input Data
Parameter Type Processed data

Required Request Parameters (payment method)

Optional Request Parameters (payment method)

Info

Additional Request Parameters (payment method)

Info

Additional Request Parameters B2B (payment method)

Required Request Parameters (Standard)

Info

Additional Required Request Parameter (Standard)

Info

Optional Request Parameters (Standard)

Info

1 to N Optional Custom Parameters (Standard)

Info

Plugin-Specific Data (Standard)

-

Table 23. Output Data
Parameter Type Processed data

Additonal Response Parameters

Info

Parameters regarding the status of a payment (Standard)

Info

1 to N Optional Custom Parameters (Standard)

Info

Table 24. Data entered by the consumer
Parameter type Processed data

Exclusively external payment page

No

Exclusively QENTA payment page

Yes

Entry of data partially in QENTA payment page

No

Entry of data in QENTA payment page

Account owner, BIC, IBAN

SEPA Direct Debit by b4Payment

Table 25. Input Data
Parameter Type Processed data

Required Request Parameters (payment method)

Optional Request Parameters (payment method)

Info

Additional Request Parameters (payment method)

Info

Additional Request Parameters B2B (payment method)

Required Request Parameters (Standard)

Info

Additional Required Request Parameter (Standard)

Info

Optional Request Parameters (Standard)

Info

1 to N Optional Custom Parameters (Standard)

Info

Plugin-Specific Data (Standard)

-

Table 26. Output Data
Parameter Type Processed data

Additonal Response Parameters

Info

Parameters regarding the status of a payment (Standard)

Info

1 to N Optional Custom Parameters (Standard)

Info

Table 27. Data entered by the consumer
Parameter type Processed data

Exclusively external payment page

No

Exclusively QENTA payment page

Yes

Entry of data partially in QENTA payment page

No

Entry of data in QENTA payment page

Account owner, BIC, IBAN

Additional Features

This chapter provides information on the data processed for each feature that has been added to the basic QPAY Checkout Page solution.

All parameters indicated for the respective feature need to be processed to ensure our solution meets the contractual obligations to the merchant (purpose of the processing of data).

Table 28. Optimization of Usability
Feature Processing of data and information on the protection of personal data

1. Customizable layout for QPAY Checkout Page

This feature allows the merchant to align QPAY Checkout Page with a given corporate design. The layout adaptation is carried out via a predefined CSS-Template, which is assigned to the merchant’s shopId. Thus, no additional processing of personal data takes place.

2. Payment method sort order

This feature allows the merchant to define the sort order of the payment methods offered in QPAY Checkout Page. This configuration setting is done via parameter paymenttypeSortOrder. Thus, no additional processing of personal data takes place.

3. Additional languages

In order to display the payment window in the language preferred by the consumer, the merchant retrieves the consumer browser language settings, which are forwarded to QENTA via parameter language. Thus, processing of personal data involves the consumer’s language, although the consumer remains unknown because the personal data are not known.

4. Additional currencies

Depending on the merchant’s product portfolio, certain products may be paid in 1 to N currencies. Depending on the product and consumer’s choice, QENTA is informed on the currency via parameter currency. Thus, processing of personal data involves the currency of the merchant’s processed payment transaction.

Table 29. Optimization of Internal Processes
Feature Processing of data and information on the protection of personal data

5. Recurring payment

This feature allows the merchant to carry out recurring payments via parameter recurPayment. Thus, no additional processing of personal data takes place.

6. Additional access to the QPC Payment Center

For the web application of the Merchant Login a new access is set up which does not involve any personal data. A username and password are required for the access. Thus, no additional processing of personal data takes place.

7. This feature involves the processing of personal data, i.e. cardholder as the card holder information is sent to the merchant.

8. Return of masked credit card number

This feature involves the processing of personal data, i.e. maskedPan as 10 of a total of 16 to 19 digits of the credit card number are sent to the merchant.

9. Return of transaction reference number

This feature allows the merchant to obtain a unique reference number of the transaction via parameter gatewayReferenceNumber. Thus, no additional processing of personal data takes place.

10. Return of iDEAL consumer data

This feature allows the merchant to obtain detailed information on the consumer, all of which are considered personal data: idealConsumerData.

11. Return of PayPal consumer data

This feature allows the merchant to obtain detailed information on the consumer, all of which are considered personal data: paypalConsumerData.

12. Return of Sofort. consumer data

This feature allows the merchant to obtain detailed information on the consumer, all of which are considered personal data: sofortConsumerData.

13. Return of contract number associated with transaction

This feature allows the merchant’s system to obtain the contract number of the processor/acquirer via parameter gatewayContractNumber. Thus, no additional processing of personal data takes place.

14. Return of instrument country

This feature allows the merchant to obtain personal data on the country in which the consumer’s payment method was issued via parameter instrumentCountry. However, the consumer remains unknown because the personal data are not known.

15. Return of SEPA consumer data

This feature allows the merchant to obtain detailed information on the consumer, all of which are considered personal data: SepaConsumerData.

16. This feature allows to verify consumer-specific personal data (name, address, etc.), which were forwarded by the merchant, and to inform the merchant of the verification result avsResponseParameters.

17. Display of 3-D Secure transaction for credit card

This feature allows the merchant to display to the consumer information regarding 3-D Secure transaction for the relevant payment on the payment page. This configuration setting on part of QPAY does not imply any additional processing of personal data.

18. Return of credit card expiration date

This feature allows the merchant to obtain the expiration date of the used credit card via parameter expiry. However, this mere date does not permit any conclusions to be drawn as to the person it relates.

19. Return of hashed credit card number

This feature allows the merchant to obtain the random value hashedPAN, which provides information as to whether the same credit card number has been used for different payment transactions. However, these data don’t permit any conclusions to be drawn as to the person they relate, e.g. card holder.

20. Selective automatic deposit

Via parameter autodeposit the merchant may define the time of deposit for each individual transaction. This is a configuration setting relating to a decision which has to be made anyway during payment processing. The parameter only defines the time of deposit. Thus, no additional processing of personal data takes place.

21. Selection of credit card brand

This feature allows the merchant to define via the additional parameter financialInstitution which card brands are allowed for payment. Thus, no additional processing of personal data takes place.

22. Maximum number of unsuccessful payment attempts

This feature allows the merchant to define the permitted number of unsuccessful payment attempts. This configuration setting is done via parameter maxRetries. Thus, no additional processing of personal data takes place.

23. Unique order number

The parameter orderNumber allows the merchant to unequivocally assign each transaction in order to fulfill organizational requirements. However, these data don’t permit any conclusions to be drawn as to the person they relate.

24. Extension of QPAY Checkout Page for back office use

This feature allows the merchant to trigger payment instead of the consumer. However, no further processing of data categories takes place.

Table 30. Security Features
Feature Processing of data and information on the protection of personal data

25. Confirmation notification by e-mail

This feature allows the merchant to obtain, via e-mail sent to the specified e-mail address, all response parameters that would otherwise be received via the confirmUrl. Thus, no additional processing of personal data takes place. To view the respective response information click confirmUrl.

26. Confirmation notification re-delivery attempts

If the merchant’s server is not accessible, this feature allows several re-delivery attempts in order to send the confirmation notification. However, this configuration setting does not imply any additional processing of personal data.