Privacy Policy

Last Updated: August 29, 2022

PaceGateway is a data processor where it is facilitating payment transactions on behalf of and at the direction of a PaceGateway User. Our Users direct us to take payment from cardholders—PaceGateway is a processor when directed to process payments—about whom to pay, how much to pay, when to pay.

As a platform provider, we need to make sure our platform is consistent and includes clear information about how we operate PaceGateway.

This policy describes the types of information we may collect from you or that you may provide when you visit the website or mobile application (collectively, the “Services”) and our practices for collecting, using, maintaining, protecting, and disclosing that information.

This policy applies to information we collect:

  • On the Services.
  • In email, text, and other electronic messages between you and the Services.
  • Through mobile and desktop applications you download from the Services, which provide dedicated non-browser-based interaction between you and the Services.
  • When you interact with our advertising and applications on third-party websites and services, if those applications or advertising include links to this policy.

It does not apply to information collected by:

  • Us offline or through any other means, including on any other website operated by Company or any third party (including our affiliates and subsidiaries); or
  • Any third party (including our affiliates and subsidiaries), including through any application or content (including advertising) that may link to or be accessible from or through the Services.

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Services. By accessing or using the Services, you agree to this privacy policy. This policy may change from time to time. Your continued use of the Services after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

Legitimate business interests

Where allowed under applicable law, we rely on our legitimate business interests to process Personal Data about you. For example, we:

  • Detect, monitor and prevent fraud and unauthorized payment transactions;
  • Mitigate financial loss, claims, liabilities or other harm to Customers, Users and PaceGateway;
  • Determine eligibility for and offer new PaceGateway products and services;
  • Respond to inquiries, send Service notices and provide customer support;
  • Promote, analyze, modify and improve our Services, systems, and tools, and develop new products and services, including reliability of the Services;
  • Manage, operate and improve the performance of our Sites and Services by understanding their effectiveness and optimizing our digital assets;
  • Analyze and advertise our Services;
  • Conduct aggregate analysis and develop business intelligence that enable us to operate, protect, make informed decisions, and report on the performance of, our business;
  • Share Personal Data with third party service providers that provide services on our behalf and business partners which help us operate and improve our business;
  • Provide you with information, products, or services that you request from us.
  • Fulfill any other purpose for which you provide it.
  • Carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection
  • Notify you about changes to our Services or any products or services we offer or provide though them
  • Enable network and information security throughout PaceGateway and our Services; and
  • Share Personal Data among our affiliates for administrative purposes.
  • Payment transactions and related services (PaceGateway as a data processor)
  • We use Personal Data of Customers to provide our Services to Users, including to process online payment transactions and authenticate Customers on behalf of our Users.
  • We may use Personal Data for any other purpose with your consent.

Marketing and events-related communication

We may send you email or SMS marketing communications about PaceGateway products and services, maintenance windows, emergency fixes, terminal updates and education/best practices; invite you to participate in our events or surveys; or otherwise communicate with you for marketing purposes, provided that we do so in accordance with applicable law, including any consent requirements.


When you visit our Sites, we (and our service providers) may use Personal Data collected from you and your device to target advertisements for PaceGateway Services to you on our Sites and other sites you visit (interest-based advertising), where allowed by applicable law, including any consent requirements. We do not use, share, rent or sell the Personal Data of our Users’ Customers for interest-based advertising. We do not sell or rent the Personal Data of our Users, their Customers or our Site Visitors.

What are your data controller activities?

  • Providing the PaceGateway products and services to PaceGateway users, including determining the third parties (banks and payment method providers) to be utilized;
  • Monitoring, preventing and detecting fraudulent payment transactions and other fraudulent activity on the PaceGateway platform;
  • Complying with legal or regulatory obligations applicable to the financial sector to which PaceGateway is subject, including applicable anti-money laundering screening and compliance with know-your-customer obligations; and
  • Analyzing, developing and improving PaceGateway’s products and services.

In addition, as data controller, you are responsible for the relationship with the data subject (i.e., your end customer). You may instruct a third party (like PaceGateway) to process the data but it is your job to set the purpose (or objectives) and legal basis for the processing.

Personal Data

The personal data transmitted to PaceGateway usually involves first name, last name, address, identification number, email address, IP address, telephone number, payment information, transaction records, and other data necessary for payment processing.

We collect this Personal Data:

  • Directly from you when you provide it to us.
  • Automatically as you navigate through the site. Information collected automatically may include usage details, IP addresses, and information collected through cookies, web beacons, and other tracking technologies.
  • From our third party business partners and service providers.


The transmission of the data is aimed at payment processing, ledger management, and fraud prevention. The PaceGateway User or Platform will transfer personal data to PaceGateway. The personal data exchanged between PaceGateway and the User/Platform may be transmitted to verification agencies and User data may be shared with Platforms. This transmission is intended for the Platform to manage its ledger and for PaceGateway to conduct identity and credit checks.

Transfer and Disclosure

PaceGateway will pass on personal data to affiliates and service providers or sub-processors, if deemed necessary to carry out contractual obligations or for the data to be processed.

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.

We may disclose Personal Data that we collect or you provide as described in this privacy policy:

  • To our subsidiaries and affiliates.
  • To contractors, service providers, and other third parties we use to support our business.
  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of PaceGateway’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by PaceGateway about our Services users is among the assets transferred.
  • To fulfill the purpose for which you provide it.
  • For any other purpose disclosed by us when you provide the information.
  • With your consent.

We may also disclose your Personal Data:

  • To comply with any court order, law, or legal process, including to respond to any government or regulatory request.
  • To enforce or apply our Terms of Use and other agreements, including for billing and collection purposes.
  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of PaceGateway our customers, or others.

Changes to Our Privacy Policy

It is our policy to post any changes we make to our privacy policy on this page. If we make material changes to how we treat our users’ personal information, we will notify you through a notice on the Services. The date the privacy policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Services and this privacy policy to check for any changes.

Children Under the Age of 13

Our Services are not intended for children under 13 years of age. No one under age 13 may provide any information to the Services. We do not knowingly collect personal information from children under 13. If you are under 13, do not use or provide any information on this Services. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at

Contact Information

To ask questions or comment about this privacy policy and our privacy practices, contact us at:

17330 W Center Road
Ste 110, #305
Omaha, NE 68130

or via email:

or via our toll-free number:

844-722-3489 (844-PACE-GTY)

Frequently Asked Questions

Does PaceGateway share my personal data with other Merchants?

No. PaceGateway does not share personal data collected in connection with purchases (or attempted purchases) from one merchant’s checkout with another merchant.

How do I stop promotional emails from a merchant?

Any offers or promotional emails that you receive as a result of a merchant’s use of the Promotional Emails feature are sent by merchants (or others identified in the message), and not by PaceGateway. We think that you may find value in receiving these emails, but if you do not, please contact the merchant you are receiving the messages from. PaceGateway requires that merchants that choose to implement the Promotional Email feature also provide the option to unsubscribe or opt-out of receiving further promotional messages. It would be a breach of PaceGateway’s Terms of Use for a merchant to not promptly comply with opt-out requests.

How do I stop the sale of my personal data?

PaceGateway does not sell your personal data.

Security controls

PaceGateway employs security controls and maintains and enforces a security program that addresses the management of security. We also perform risk assessments and implement and maintain controls for risk identification, analysis, monitoring, reporting, and corrective action. PaceGateway maintains and enforces an asset management program that appropriately classifies and controls hardware and software assets throughout their life cycle. In addition, PaceGateway employees, agents, and contractors acknowledge their data security and privacy responsibilities under PaceGateway’s policies.

PaceGateway applies technical and organizational measures that include the following:

  • Physical access control to prevent unauthorized persons from gaining access to the data processing systems available at premises and facilities (including databases, application servers, and related hardware), where Personal Data are processed.
  • Virtual access control to prevent data processing systems from being used by unauthorized persons.
  • Data access control to ensure that persons entitled to use a data processing system gain access only to such Personal Data in accordance with their access rights, and that Personal Data cannot be read, copied, modified or deleted without authorization.
  • Disclosure control to ensure that Personal Data cannot be read, copied, modified or deleted without authorization during electronic transmission, transport or storage on storage media (manual or electronic), and that it can be verified to which companies or other legal entities Personal Data are disclosed.
  • Entry control to audit whether data have been entered, changed or removed (deleted), and by whom, from data processing systems.
  • Availability control to ensure that Personal Data are protected against accidental destruction or loss (physical/logical).
  • Separation control to ensure that Personal Data collected for different purposes can be processed separately.
  • By default, PaceGateway encrypts data at rest and data in transit. We further protect your data with tools like audit logs, access management policies and certifications. Security controls implemented at PaceGateway include TLS and/or SSL encryption for HTTPS and regular testing of infrastructure components.

The safety and security of your Personal Data also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. Unfortunately, the transmission of Personal Data via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Services. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Services.

Retention of User Records

As a provider of payment services, PaceGateway is required by law to comply with various federal and state regulations, including anti-terrorism and anti-money laundering laws. These regulations and laws may require PaceGateway to retain transactional records associated with PaceGateway Users for a period of time after the close of the customer relationship.

Data Privacy Laws and Regulations; Data Subject Access Requests

PaceGateway is not subject to the EU or UK General Data Protection Regulation (“GDPR”); the California Consumer Privacy Act (“CCPA”) or California Privacy Rights Act (“CPRA”); the Colorado Privacy Act; the Connecticut Data Privacy Act; the Virginia Consumer Data Protection Act; or the Utah Consumer Privacy Act.

However, users may request that PaceGateway delete or refrain from using their personal data by emailing

PaceGateway does not sell personal data.

Cookies & Other Technology

We use cookies to make sure our Services function properly, to prevent and detect fraud and violations of our terms of service, understand how visitors use and engage with our Services and analyze and improve our Services. Depending on your relationship with PaceGateway and the domain you are visiting, different cookies apply: for instance some cookies are set on the public PaceGateway domain, some on the PaceGateway Dashboard when you are logged in as a PaceGateway user, and some on the payment page available to customers who make payments and use the Services PaceGateway provides.

Cookies help PaceGateway provide personal, effective and safe services. We change the cookies periodically as we improve our Services. For more information, please see our Cookie Policy.