Europe's leading funding solution for e-commerce

About

Connect Accounts

Join Newsletter

Privacy Policy

Version 2.0

Last updated: June 27, 2025

Introduction

Mxney Finance ApS (“Mxney,” “we,” “us,” or “our”) is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our revenue-based financing platform and related services.

As a financial technology company operating in the European Union, we comply with the General Data Protection Regulation (GDPR) and Danish data protection laws. We process your data lawfully, fairly, and transparently, collecting only what is necessary for our legitimate business purposes.

Data Controller: Mads Høgholm Lauritzen
CVR Number: 43390821
Contact: connect@mxney.io

Information We Collect

Personal Information You Provide

We collect information that you voluntarily provide when creating an account, applying for funding, or communicating with us:

Identity Data: Full name, date of birth, nationality, government-issued ID
Contact Data: Email address, phone number, business address, billing address
Business Data: Company name, CVR number, business type, ownership structure
Financial Data: Bank account details, revenue information, tax records
Transaction Data: Details about payments to and from your account
Communication Data: Support tickets, emails, chat messages, phone recordings

Information We Collect Automatically

When you use our platform, we automatically collect certain technical information:

Device Data: IP address, browser type, operating system, device identifiers
Usage Data: Pages visited, features used, click patterns, session duration
Location Data: Approximate location based on IP address
Cookie Data: Preferences, authentication tokens, analytics identifiers

Information from Third Parties

With your consent, we collect information from third-party sources:

E-commerce Platforms: Sales data, inventory, customer information
Banking Partners: Account balances, transaction history, creditworthiness
Payment Processors: Payment method details, transaction confirmations
Identity Verification Services: KYC/AML check results
Credit Reference Agencies: Credit scores, financial history

Legal Basis for Processing

We process your personal data only when we have a valid legal basis under GDPR Article 6:

Contract Performance

Processing necessary to fulfill our funding agreement with you, including application assessment, fund disbursement, and repayment collection.

Legal Obligations

Processing required by law, including anti-money laundering (AML) checks, tax reporting, and regulatory compliance.

Legitimate Interests

Processing for our legitimate business interests, such as fraud prevention, platform security, and service improvements, balanced against your rights.

Consent

Processing based on your explicit consent, which you may withdraw at any time for marketing communications and optional features.

How We Use Your Information

We use your personal data for the following purposes:

Service Delivery

Process funding applications
Perform creditworthiness assessments
Disburse funds and collect repayments
Provide customer support
Manage your account

Risk & Compliance

Verify identity (KYC)
Prevent fraud and money laundering
Comply with regulatory requirements
Manage credit risk
Enforce terms of service

Business Operations

Analyze platform usage
Improve our algorithms
Develop new features
Conduct market research
Train our team

Communications

Send service notifications
Provide funding updates
Share educational content
Marketing (with consent)
Respond to inquiries

Data Sharing and Disclosure

We do not sell your personal data. We share your information only in the following circumstances:

Service Providers

We share data with carefully selected third parties who help us operate our business:

Cloud infrastructure providers (AWS, Google Cloud)
Payment processors (Stripe, GoCardless)
Banking partners (for fund transfers)
Identity verification services
Customer support tools
Analytics and monitoring services

Legal Requirements

We may disclose your information when required by law, including to tax authorities, financial regulators, law enforcement agencies, or in response to valid legal processes.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, subject to the same privacy protections.

With Your Consent

We may share your information with other parties when you explicitly consent, such as when you authorize us to share data with your accountant or financial advisor.

Data Processing Agreements: All our service providers sign strict data processing agreements ensuring they protect your data according to GDPR standards.

International Data Transfers

As we operate primarily within the European Union, most data processing occurs within the EEA. However, some of our service providers may process data outside the EEA. When this happens, we ensure appropriate safeguards are in place:

EU-approved Standard Contractual Clauses (SCCs)
Adequacy decisions by the European Commission
Binding Corporate Rules for intra-group transfers
Your explicit consent for specific transfers

We regularly review our international data transfers and update our safeguards to ensure continuous compliance with GDPR requirements.

Data Security

We implement comprehensive technical and organizational measures to protect your personal data:

Technical Measures

End-to-end encryption for data in transit
AES-256 encryption for data at rest
Multi-factor authentication (MFA)
Regular security audits and penetration testing
Intrusion detection and prevention systems
Secure development lifecycle (SDLC)
Regular software updates and patches

Organizational Measures

Access control on need-to-know basis
Employee security training
Confidentiality agreements
Incident response procedures
Data protection impact assessments
Regular security reviews
Vendor security assessments

Security Incident Response: In the unlikely event of a data breach, we will notify affected users and relevant authorities within 72 hours, as required by GDPR.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal obligations:

Active Accounts

Personal data is retained for the duration of your business relationship with us plus any outstanding repayment periods.

Financial Records

Transaction data and financial records are retained for 5 years after account closure to comply with tax and accounting regulations.

Legal Compliance

KYC/AML data is retained for 5 years after the end of the business relationship as required by anti-money laundering regulations.

Marketing Data

Marketing preferences and communications are retained until you withdraw consent or request deletion, whichever comes first.

Your Rights Under GDPR

As a data subject under GDPR, you have the following rights regarding your personal data:

Right to Access

Request a copy of your personal data and information about how we process it.

Right to Rectification

Request correction of inaccurate or incomplete personal data.

Right to Erasure

Request deletion of your data when no longer necessary or when you withdraw consent.

Right to Restrict

Request limitation of processing while we verify data accuracy or assess objections.

Right to Portability

Receive your data in a structured, machine-readable format for transfer to another service.

Right to Object

Object to processing based on legitimate interests or for direct marketing purposes.

How to Exercise Your Rights

To exercise any of these rights, please contact our Data Protection Officer:

Email: connect@mxney.io
Phone: +45 44 10 50 30
Post: Erik Husfeldts Vej 7, 2630 Taastrup, Denmark

We will respond to your request within one month, free of charge. For complex requests, we may extend this period by two months with notice.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our platform. Our use of cookies is detailed in our separate Cookie Policy, but here's a summary:

Essential Cookies

Required for platform functionality, security, and authentication. Cannot be disabled.

Analytics Cookies

Help us understand platform usage to improve our services. Can be opted out.

Marketing Cookies

Used to deliver relevant advertisements. Only set with your explicit consent.

Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without parental consent, we will delete that information immediately.

Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make material changes:

We will update the “Last Updated” date at the top of this policy
We will notify you via email or platform notification
We will obtain your consent if required by law
Changes will be effective 30 days after notification unless otherwise stated

How to File a Complaint

If you believe we have not handled your personal data correctly, you have the right to file a complaint:

Contact Us First

We encourage you to contact us directly so we can address your concerns:

Email: connect@mxney.io
Phone: +45 44 10 50 30

Supervisory Authority

You also have the right to lodge a complaint with the Danish Data Protection Agency:

Danish Data Protection Agency (Datatilsynet)
Carl Jacobsens Vej 35
2500 Valby, Denmark
Email: dt@datatilsynet.dk
Phone: +45 33 19 32 00

Contact Our Data Protection Team

For any questions, concerns, or requests regarding this Privacy Policy or our data practices:

Data Protection Officer

Mads Høgholm Lauritzen
Email: connect@mxney.io
Phone: +45 44 10 50 30

Postal Address

Mxney Finance ApS
Erik Husfeldts Vej 7
2630 Taastrup
Denmark

We aim to respond to all privacy-related inquiries within 72 hours during business days.