What payment models are available?

Recurring payments (fixed monthly fee), prepaid (term agreement with price guarantee), installments (use today, pay later in 4 instalments), and variable fees (access + variable fee based on usage).

Can I support different payment intervals?

Yes. Define daily, weekly, monthly and custom cycles. Combine intervals within a single product.

Does Zevio support variable invoice amounts?

Yes. Ideal for consumption-based billing such as utilities. Automatic collection after invoice issuance.

Do I need my own mobile app?

No. Use Zevio via QR, email or website. Zevio app handles the wallet. API/SDK available.

Does the user have full control over subscriptions?

Yes. Users see all cycles/history and can pause/resume instantly.

Can I test the system before going live?

Yes. Full access to test environment with API documentation.

Privacy policy

1. Data controller

The personal data controller is:

ZEVIO SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ

ul. Szlak 77 / 222

31-153 Kraków

KRS: 0001224773

NIP: 6762713546

REGON: 544029502

Sąd Rejonowy dla Krakowa-Śródmieścia w Krakowie, XI Wydział Gospodarczy Krajowego Rejestru Sądowego

Kapitał zakładowy: 250 000 zł

Contact for data protection matters: contact@zevio.io

2. Scope of data processed

Depending on how you use the Platform, we process in particular:

account data (first name, last name, email address),
organisation data (name, registration details, NIP, address),
transaction data (amount, currency, status, transaction ID),
subscription-related data,
technical data (IP address, device identifiers, system logs, session data).

For BLIK recurring payments, the following may also be processed:

Payer consent identifier,
subscription parameters (amount, frequency, validity date),
consent status for initiating transactions,
history of recurring payment attempts.

Zevio does not store payment card data - it is processed solely by external payment operators in accordance with applicable security standards (PCI DSS).

3. Purposes of processing

Data is processed for:

performance of services under the Platform,
handling one-off and recurring payments,
execution of recurring payments initiated by the Merchant on the basis of the Payer's consent,
handling complaints related to transactions, including Recurring Transactions,
fulfilment of accounting and tax obligations,
ensuring system security and preventing abuse,
technical and statistical analysis of the Platform's operation.

4. Legal basis for processing

Data is processed on the basis of:

Article 6(1)(b) GDPR - performance of a contract or steps prior to entering into a contract,
Article 6(1)(c) GDPR - compliance with legal obligations of the Controller,
Article 6(1)(f) GDPR - legitimate interest of the Controller (e.g. security, pursuing claims, preventing abuse).

5. Recipients and processors

Data may be disclosed to:

1) Payment operators

In particular: Krajowy Integrator Płatności S.A. (Tpay) - for handling and settling transactions (including BLIK and recurring payments).

For Recurring Payments, data is disclosed to the payment operator, payment service provider (PSP) and the Issuer (Payer's bank) in accordance with BLIK system rules.

2) Cloud infrastructure providers

The Zevio Platform is hosted on Google Cloud Platform (GCP) in the European region (EU).

Data is processed in Google cloud services, including:

server environment (Google Cloud - App Engine / Cloud Run),
databases,
Google Cloud Storage (file and asset storage).

Google acts as a processor under data processing agreements in accordance with the GDPR.

3) IT and communications service providers

email service providers (e.g. transactional emails),
analytics and monitoring tools,
entities supporting system maintenance and development.

All entities process data under appropriate data processing agreements.

6. Transfer of data outside the EEA

Data is as a rule processed within the European Economic Area (EEA).

Any transfer outside the EEA is carried out only on the basis of appropriate safeguards under the GDPR (e.g. standard contractual clauses).

7. User rights

You have the right to:

access your data,
rectification,
erasure,
restriction of processing,
data portability,
object to processing,
lodge a complaint with the President of the Personal Data Protection Office.

To exercise your rights, please contact the Controller at the email address provided.

8. Data retention

Data is retained:

for the duration of the agreement and use of the Platform,
for the period required by law (e.g. tax and accounting),
for the period necessary to establish, pursue or defend claims.

9. Security

The Controller implements appropriate technical and organisational measures to protect the data processed, including:

data transmission encryption (HTTPS / TLS),
access control (roles, authorisation),
authentication and session management,
event logging (system logs, audit),
safeguards against abuse and attacks.

10. Cookies

The Platform uses cookies to:

ensure proper operation of the service,
maintain user sessions,
improve security,
conduct statistical analyses (where analytics features are enabled).

Details on cookies may be set out in a separate Cookie Policy.

Zevio Privacy Policy