Terms & Conditions

I. Special Terms and Conditions for Twispay Services

The following document contains important information for Twispay's merchants and, together with all the other contractual documents the merchant has agreed to sign in order to receive Twispay’s services, determines the terms and conditions applicable to the business relationship between the merchant and Twispay and to the services that Twispay provides to the merchant.

This document was uploaded on 13.05.2019: Special Terms and Conditions for Twispay Services

II. Terms and Conditions for the Twispay Website

Capital Financial Services S.A. (“we”, “us”, “our”), an e-money institution licensed by the National Bank of Romania, provides to you www.twispay.com (“site” or “website”).

The use of this site is governed by the following Terms and Conditions. Accessing www.twispay.com, the materials and information presented on the site, you confirm that you have read, understood, accepted and agreed upon this Terms and Conditions. We may revise such Terms and Conditions at any time and you should periodically check the website to review the then current terms because they are binding on you.

1. Copyright and intellectual property rights

www.twispay.com site content is protected by copyright law. All rights to the information provided on or via this site are reserved twispay.com. This includes, but is not limited to: data, texts, technical sources of web pages, news, graphics, drawings, photos, illustrations, pictures, logos, services, APIs and any other mentions. The content of this site cannot be reproduced, copied, translated or modified in any way, partially or totally without our prior written permission.

We may grant a limited, revocable and non-exclusive license to create a hyperlink to the home page of the site as long as this link does not describe in a false, wrong or offensive manner twispay.com or its partners and affiliates. The license granted for the hyperlink does not allow you to use the Twispay brand without a prior written consent from us.

All intellectual property rights (which include copyright and rights to source code and databases) related to brand, trademarks, logos and all materials on the website are our property or used by us under a licence or with permission, and/or of our third party partners.

Nothing contained on the site should be construed as granting by implication or otherwise, any licence or right to use any trademark displayed on the site without the written permission from us or such third party that may own the trademark.

2. Using the site. Disclaimer

Information and materials presented on this site will not be considered as product offerings and services from twispay.com., its main purpose being to provide a general source of information about our products and services. Any prices presented on the website have an informative role, and it does not represent in any way a commercial binding agreement between us and you.

The information on the website may not tell you all you need to know or is not complete and you can ask us for more details by filling in the contact form.

Though we try and keep the information up to date, there may be a time delay before we can do so. You should not rely solely on the information on this website. You should check details about important things like prices or other fees in any actual agreement you sign as it is the terms in that document that form the agreement between us or by contacting us.

This site can be used by twispay.com. customers or partners and by any others who want to benefit of twispay.com services or wish to inform about them. The products and services presented on the site are not targeted to minors. The site can be accessed by minors only with the consent and under the supervision of parents or legal custodian.

Using this site is entirely the responsibility of the users, twispay.com not being liable for heavy usage, inability to use the site or for direct or indirect damages of any nature arising or related to use of the site or its content. We do not assume any responsibility and will not be liable for damages or viruses that could infect your computer or other property as a result of using this site or downloading of files, text, images or any type of material from the site.

We reserve the right to change the structure, content, location and any other details published on the site, at any time and without informing in advance.

While the website is normally available 24 hours a day, we shall not be liable if for any reason the website is unavailable at any time. Access to the site may be suspended temporarily and without notice in the case of system failure, maintenance or repair or for reasons beyond our control.

3. Privacy

We are committed to respecting your privacy and the personal information of all visitors, users and to ensure that all information required will be stored safely and treated with confidentiality. For more information please check “Our Privacy and Cookie Policy”.

4. Communication

The site visitors can use the contact form to send comments, notes, observations, suggestions, ideas, proposals, etc. related to the site and its content. The communication content is permitted as long as it is not obscene, threatening, illegal, defamatory, do not affect private life of twispay.com employees, do not violate the intellectual property rights of twispay.com or third parties, do not contain viruses or other malware types, carries no political or electoral campaigns, are not chain e-mailing or other forms of spam. Once you fill in the contact form and send it to twispay.com you agree expressly and unequivocally that the information provided will be treated as non-confidential and not protected by intellectual property rights. Therefore, the information provided becomes the property of twispay.com and can be used for any purpose.

Twispay.com is totally against "spam". Spam is defined as the action of sending unsolicited e-mails, usually of commercial nature, with high repetition, to a recipient with no previous correspondence with the sender or who requested not to receive these emails. Therefore, twispay.com will send you via e-mail commercial information only with your permission, giving you the possibility to choose whether you want to receive such electronic messages or not.

5. Links to other sites

The site may contain links to other third party sites which are considered to have a useful related content but are not under our control or guidance. When using these links, the Terms and Conditions that apply are the ones corresponding to those sites. Twispay.com is not responsible for the content and accuracy of these sites and assumes no responsibility regarding the privacy protection system used by them.

Twispay.com can not guarantee or control the truthfulness or up-to-date of the information presented on the sites of third parties which make reference to the site www.twispay.com.

6. Security

Unauthorized actions/attempts will be punished according to the regulations in force. These unauthorized actions/attempts include, but are not limited to, fraudulent use, misuse, unauthorized access, blocking access to other users, modifying, copying information for commercial purposes, IT attacks, etc.

If you have chosen a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential and complying with our instructions. You must not share credentials with anyone else, and you authorize us to act upon instructions and information from any person that enters your credentials.

7. Governing law and jurisdiction

These Terms and Conditions shall be governed by and construed in accordance with Romanian law. Disputes arising in connection with these Terms and Conditions shall be subject to the exclusive jurisdiction of the Romanian courts.

Privacy and Cookie Policy

Being transparent and providing accessible information to individuals about how we will use their personal data is a key element of our organization. Please read the following privacy and cookie policy ("privacy policy") to understand how we use and protect the data obtained from you.

Capital Financial Services S.A. (or " Twispay", "we", "us", "our") is an e-money institution authorised to issue electronic money and to provide payment services under National Bank of Romania authorisation number IEME-RO-0001 of 25 April 2013. See our registration here (NBR Register – E-money Institution).

Together with our partners and affiliates/group companies, we are offering payment services to online merchants, in order for them to accept payments through different payment instruments (like credit or debit cards, or other alternative payment methods) on their websites and to enable their customers to pay for products or services by using such payment instruments.

In this privacy policy, we sometimes refer to " you" / "your(s)"). The term "you" means, depending on the context, a visitor to one of our websites, a prospective client interested in our Services (defined below), a client of our Services ("Merchant"), a customer of a Merchant ("Customer"), a partner of a Merchant that offers marketplace services to such partner or any other person we interact with in connection with the Services.

The collection and use of data from a variety of sources is essential to our ability to provide our payment Services in a safely manner and is helping us to reduce the risk of fraud and money laundering. If you disagree with the practices described in this privacy policy, you should take the necessary steps to remove cookies from your computer/device after leaving our website(s) and not continue to use our Services.

1. Personal data we collect

We process your personal data when you use our Twispay payment page (e.g., www.secure.twipay.com), our payment services or our websites (collectively the " Services") and whenever we interact in connection with the Services. The Services provided by Twispay to our Merchants include card acquiring services, payment gateway services, handling of funds services, funds remittances, fraud control services and other related services such as customer support

The personal data may be collected in different ways, such as when a Merchant registers for a Twispay merchant account by filling in the applicable registration forms, a Customer of a Merchant makes payments or conducts transactions on one of our Merchants' website/platform or application through our Twispay payment page, a partner of a Merchant enrolled in the marketplace platform of the Merchant is approved by Twispay for receiving payments, a prospective client is interested in our Services and/or promotional offers, a person responds to our emails, telephones, questionnaires or surveys or when a Customer uses a recurring payments or pay by click feature of Twispay payment page. We also may receive information from other sources, such as our Merchants, our third-party partners, our financial and payment services providers, identity verification services, fraud and AML/CFT screening agencies and publicly available sources.

Whenever we use your personal data, we will have a legal basis to do this. For example, you have asked us to provide our Services, we have a legal obligation to do so or a legitimate interest in using your personal data, and/or the processing is necessary for the performance of a task carried out in the public interest.

The personal data that we may collect includes:

I. Customer contact details , such as name, e-mail, phone number, address (such data may be collected through our payment page or received from the Merchant from whom you buy goods or services);

II. Customer financial data , such as card number, name on the card, expiration date, card verification value (CVV) (such data is collected through our payment page or, where applicable, merchant's payment page), data in relation to other alternative payment methods and transaction data, such as transaction date, transaction value and a short description of the transaction;

III. Merchant personal data , such as name, address, telephone number, e-mail address, ID/Passport details regarding the Merchant's legal representatives, shareholders, ultimate beneficial owners - natural persons (such data is collected before entering in a contractual relationship with us and during such relationship);

IV. The personal data of the Merchant's partners offering marketplace services, such as, name, address, telephone number, e-mail address, details of ID/passport of the legal representatives, shareholders, ultimate beneficial owners - natural persons of the partners or such personal data of the partner natural person and other financial data such as bank account details for making payments, transaction data, such as the date of the transaction, the value of the transaction and a brief description of the transaction (these data may be collected directly or indirectly from the Merchant).

Also we collect certain information through cookies and other technologies (see section 7 below) that record data about the use of our websites and the use of our Services, including: (i) browser and device data, such as IP address, device type, operating system and Internet browser type, operating system name and version, device manufacturer and model, language, plug-ins, add-ons; (ii) transaction data, such as purchases, purchase amount, date of purchase, and payment method; (iii) cookie and tracking technology data, such as time spent on the Services, pages visited, language preferences, and other anonymous traffic data. In the European Economic Area countries, such information might be treated as "personal data" under applicable data protection laws. Where this is the case, we will process such information only for the same purposes as personal data under this privacy policy.

2. How we use information we collect

In addition to what we have provided elsewhere in this privacy policy, we use information we collect about you to (i) provide you with the Services we offer; (ii) to detect and prevent fraud; (iii) to promote, analyze and improve our products and Services; and to (iv) notify Merchants about changes to our products and Services.

These are examples of how we may use personal data:

  • process payment transactions, funds remittance and provide our Services;
  • verify identity for compliance with the applicable laws regarding the prevention of money laundering and the prevention of terrorist financing;
  • evaluate an application from a prospective Merchant to use our Services;
  • manage risk, or to detect, prevent, and/or mitigate fraud or other potentially illegal or prohibited activities;
  • respond to inquiries and provide customer support (for example in relation to payment refunds/chargebacks);
  • for audits, regulatory purposes, and compliance with industry standards;
  • to send communications regarding new services or products, events, offers and other news regarding our products and services;
  • to develop new products and to improve or modify our Services.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data, like: pubic interest; legal obligation (necessary for compliance with a legal or regulatory obligation); performance of a contract (necessary for the performance of a contract to which you are a party or to take steps at your request prior to entering into a contract); and our legitimate interest.

3. Disclosure of information

Generally, we collect, store and process personal data on servers located in the European Union.

We share your personal data with our partners, including:

I. Twispay group companies/affiliated entities that we control or are under common control, to provide our Services and/or who help us with things like, website hosting, information technology and related infrastructure, customer service, CRM (customer relationship management), marketing services, email delivery, electronic signature, fraud, money laundering, terrorist financing prevention and risk mitigation;

II. Services providers who help us to provide the Services, with things like payment processing and funds settlement (such as, financial institutions, payment method providers, card scheme processors, acquiring banks), website hosting, information technology and related infrastructure, customer service, CRM (customer relationship management), email delivery, electronic signature, fraud, money laundering, terrorist financing prevention and risk mitigation;

III. Card Schemes (e.g., Visa or MasterCard) to provide our Services under the Card Schemes' rules and regulations and entities administering MATCH (MasterCard) and VMAS (Visa) databases where you misuse the Services for payment card transactions or engage in activity the Card Schemes identify as damaging to their brand, or if we required to do so by Card Schemes' rules and regulations; and

IV. Our Merchants , as necessary to process payments or provide the Services (for example transaction information about the purchases made by Customers through our payment processing Services or payments made to the partners of our Merchants providing marketplace services).

We may also disclose your personal data to third parties if we are under a duty to disclose or share your personal data in order to comply with a legal obligation or a court order.

4. Cross-Border transfer

Where we transfer personal data to countries outside of your country of residence, including the United States of America, which may have data protection rules that are different from those of your country, we will take measures to ensure that any such transfers comply with applicable data protection laws and regulations and that your personal data remains protected to the standards described in this privacy policy. These measures may include reviewing third parties' privacy and security standards, verifying if they have certified their compliance with the EU-U.S. Privacy Shield Framework and, where applicable, the Swiss-U.S. Privacy Shield Framework and/or entering into appropriate contracts (on the basis of the template adopted by the EU Commission and available via its homepage).

5. Security

We and our partners maintain appropriate administrative, technical and physical safeguards to protect personal information against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access, use, and all other unlawful forms of processing of the personal data in our possession. When card data is processed, such data will only be processed in accordance with the strict Payment Card Industry Data Security Standards requirements ("PCI-DSS") in an encrypted form. Only by complying with the PCI-DSS requirements we are permitted to provide debit or credit card payment services. For more details please visit: https://www.pcisecuritystandards.org.

6. Data retention period

We will retain personal data for the period necessary to fulfill the purposes outlined in this privacy policy unless a longer retention period is required or permitted by law. Please note that we have a variety of obligations to retain the data that you provide to us, including to ensure that transactions can be appropriately processed, settled, refunded or charged-back, to help identify fraud and to comply with anti-money laundering and other laws and rules that apply to us and to our financial service providers. If your Twispay account is closed, we reserve our ability to retain and access the certain data for so long as required to comply with applicable laws or card scheme rules. Under the current Romanian anti-money laundering regulatory framework, we are required to retain relevant data for a period of five years. Such period may be prolonged in accordance with the Romanian anti-money laundering law no. 129/2019. When we no longer need to retain your personal data, it will be deleted or be anonymised so that you can no longer be identified from it.

7. Cookies

When you access our websites or use our Services, we or our authorised services providers may place small data files on your computer or other device. These data files may be cookies, pixel tags or "flash cookies" (collectively "cookies"). The cookies set may obtain information about you, your computer or device, your use of our website and your general internet usage. These technologies help to make it easier for you to log on and use the websites, to recognize you as a customer, provide feedback to us as to which parts of the website you visit, so we can assess the effectiveness of the site and provide a better, faster, and safer experience, advertising purposes, measure promotional effectiveness, help ensure that your account security is not compromised, mitigate risk and prevent fraud.

The types of cookies that we use generally fall into one of four usage categories:

Strictly Necessary cookies

These cookies are essential and are required for the operation of our website. They enable you to navigate around the website and use its features. They include, for example, cookies that enable users to log into secure areas of our websites.

Performance / Analytical cookies

These cookies collect information about how you use the website, including which pages you go to most often and if you get error messages from certain pages. This assists us to improve the way in which our website works, for example, by ensuring that you can find what you are looking for easily.

Functionality cookies

These cookies allow a website to remember your preferences (for example, your choice of language or region). They are used to recognize you when you return to our website.

Targeting cookies

These cookies record your visit to our website, the individual pages visited and the links followed. These cookies are used to tailor marketing to you and your interests. Information collected by tracking cookies is commonly used to target online advertising. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign.

We may use third parties, such as advertising networks and exchanges, to allow us to serve you advertisements. These third-party ad networks and exchange providers may use third-party cookies, web beacons, or similar technologies to collect information about your visit to our site and elsewhere on the Internet. The information that these third parties collect may be used to provide you with more relevant advertising on our sites or elsewhere on the web. Third party cookies are covered by the third-parties' privacy policies.

Other technologies.

(i) Pixel tags, also known as Web Beacons and clear GIFs, may be used in connection with some Services to, among other things, track the actions of website users (such as email recipients), measure the success of our marketing campaigns and compile statistics about usage of the Services and response rates.

(ii) Third Party Analytics - we use Google Analytics, which uses cookies and similar technologies, to collect and analyze information about use of the Services and report on activities and trends. This service may also collect information regarding the use of other websites, apps and online resources. You can learn about Google's practices on their website

(iii) Flash Cookies - we may use Adobe Flash and other technologies to, among other things, collect and store information about your use of the Services. If you want to block or control flash cookies, you can adjust your settings.

Cookie management and control

Cookies can normally be disabled or deleted from the cookie folder of your browser. You may be able to configure your browser not to accept cookies, although please note that this may affect your ability to use the Services we provide and affect the website's functionality.

8. Third party websites

Our websites may, from time to time, contain links to and from the websites of third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these third-party websites.

9. Your choices and rights

Generally, you have certain rights under the applicable data protection legislation in respect to your personal data:

The right to be informed

You have the right to be provided with clear, transp-arent and easily understandable information about how we use your personal data, and your rights. This is why we are providing you with the information in this Privacy Policy.

The right of access

You have the right to access any personal data we hold about you (subject to certain restrictions). In exceptional circumstances we may charge a reasonable fee for providing such access but only where permitted by law (e.g. where your request is manifestly unfounded or excessive).

The right to rectification

You have the right to have your personal data rectified if it is incorrect or outdated and/or completed if it is incomplete.

The right to erasure/right to be forgotten

In some cases, you have the right to have your personal data erased or deleted. Note this is not an absolute right, as we may have legal or legitimate grounds for retaining your personal data.

The right to object to direct marketing, including profiling

You can unsubscribe or opt out of our direct marketing communication at any time. The easiest way to do this is by clicking on the "unsubscribe" link in any email or communication we send you or follow any other opt-out instructions communicated to you. Please note that if you opt-out of receiving marketing-related emails from us, we may still send you important administrative messages that are required to provide you with our Services.

The right to withdraw consent at any time for and personal data processing based on consent

You can withdraw your consent to our processing of your personal data when such processing is based on consent. Where you withdraw your consent, this does not affect the lawfulness of our processing before your withdrawal.

The right to object to processing based on legitimate interests

You may object at any time to our processing of your personal data when such processing is based on our legitimate interests.

The right not to be subject to a decision based solely on automated decision-making which produces legal effects or similarly significant effects

You may have the right not to be subject to such type of automated decision-making about you, unless: (i) you gave us your explicit consent to use your personal data to make our decision; (ii) we are allowed by law to make our decision; or (iii) our automated decision was necessary to enable us to enter into a contract with you.

The right to lodge a complaint with a supervisory authority

You have the right to contact the data protection authority of your country in order to lodge a complaint against our data protection and privacy practices. Do not hesitate to contact us at the details below before lodging any complaint with the competent data protection authority as we will always seek to resolve your complaint in the first instance.

The right to data portability

You have the right to move, copy or transfer personal data from our database to another. This only applies to personal data that you have provided, where processing is based on a contract or your consent, and the processing is carried out by automated means.

The right to restriction

This right means that our processing of your personal data is restricted, so we can store it, but not use nor process it further.It applies in the following limited circumstances set out in the EU General Data Protection Regulation:• the accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of the personal data;• the processing is unlawful and you object to the erasure of your personal data and request us to restrict the ways in which we processe your personal data;• We no longer need your personal data for the purposes of its processing, but you require the personal data for the establishment, exercise or defence of legal claims;• You object to our processing of your personal data based on our legitimate interests, pending the verification whether our legitimate grounds override your rights and freedoms.

The right to turn on/off cookies

The settings from the Internet browsers are usually programmed by default to accept cookies, but you can easily adjust it by changing the settings of your browser or, where available, by using the tools on our websites.Many cookies are used to enhance the usability or functionality of a website; therefore disabling some types of cookies may prevent you from using certain parts of our websites.If you wish to manage your preferences regarding the cookies which are set by our websites, please use the tool available on the particular website (if applicable), or refer to the Help function within your browser to learn how to manage your settings within your browser. For more information please consult the following links: http://www.aboutcookies.org/.

To answer your request, we may require proof of your identity.


If you have any questions or concerns about how we treat and use your personal data or wish to exercise any of your rights above, please contact us at support@twispay.com, or in writing at the following address : 48 Iancu de Hunedoara Bld.,Crystal Tower, 6th floor, District 1, Bucharest

10. Use of services by minors

The Services are not directed to children we request that they not provide personal data through the Services. We do not knowingly collect information, including personal data, from children or other individuals who are not legally able to use our Services, including our sites.

11. Data processor

We process personal data about Customers and/or partners of Merchants offering marketplace services, when acting as the Merchant's payment service provider. Our Merchants are responsible for making sure that their Customer's and partner's privacy rights are respected, including ensuring appropriate disclosures about third party data collection and use. To the extent that we are acting as a Merchant's data processor, we will process personal data in accordance with the terms of our agreement with the Merchant, the Merchant's lawful instructions and applicable data protection legislation and rules.

12. Changes to our privacy policy

We may amend this privacy policy from time to time. Any changes we may make to our privacy policy in the future will be posted on our website and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.

Latest updated 07.04.2020

Prohibited Product and Services List

The Prohibited Product and Services List ("Prohibited Product List") describes the acceptable use of the services provided to Twispay’s users and customers by Twispay. Twispay may decline, suspend, or terminate your use of Twispay services or reject to onboard you as a client in accordance with the Prohibited Product List. The Prohibited Product List below outlines several categories of services or products that Twispay will not support. Please review this policy and ensure that your business practices, products and services are compliant with this Prohibited Product List. Please note that Twispay has the right to update and modify this list at any time without prior notice. This list is merely representative, but not exhaustive. In other words, your business practices, products and services may not be approved by Twispay regardless of whether they appear below. By signing up for a Twispay account, you agree that you will not use Twispay 's services to accept payments for sale of any Prohibited Products.

Principal member of
Master Card Logo
PCI DSS Compliant
Logos of Plano de Recuperação e resiliência (prr), Republica Portuguesa, Financiado pela Uniao Europeia