Quadient’s website privacy statement
Last Updated: April 14, 2026
Quadient and its affiliates (“Quadient”, “We”, “Our” or “Us”) are committed to respecting your privacy. We recognize that when you choose to provide us with personal information, you trust us to act in a responsibly.
This Quadient website privacy statement (the ‘Privacy statement’) describes our practices regarding the collection, use, and disclosure of information gathered from visitors and users of Quadient websites, products, and services (e.g., Quadient AR by YayPay and Quadient AP by Beanworks), as well as individuals within our former, current, and prospective clients (“Clients”), partners, vendors, consultants, contractors, service providers, and members of the public who communicate with us (“you”). It also explains the privacy rights you may have in relation to these processing activities.
As you read this Privacy statement, please note:
Applicability: Certain sections may not apply to you depending on your location or the type of personal information we maintain about you. Other notices: This Privacy statement may be complemented or supplanted by other privacy policies or notices (e.g., the Privacy Notice for California residents) explaining how your personal information is used or disclosed in specific contexts. Where such policies or notices are provided, posted, and/or referenced, they—not this Privacy Statement—will govern the processing of your personal information for those contexts. Third‑Party Websites: Our websites, web portals, and other digital services (collectively, the “Websites”) may contain links to third‑party websites that Quadient does not operate, control, or endorse. Once you leave our Websites, we are not responsible for the protection and privacy of any information you provide. Please review the privacy policies of those third‑party websites and, if needed, contact them directly about their privacy practices.
The data controller of your personal information (i.e. the entity that determines how your personal data is used) under this Privacy Statement is Quadient SA, unless:
You are interacting with or receiving services from another Quadient entity or; A different entity was identified in another privacy statement. In those Instances, the other entity that was identified or you are interacting with, or provided services by, will be the Controller
Please select a region and country to view the registered address and contact details of the Quadient entity or entities located in each country.
At times we may request that you voluntarily supply us with personal information. Generally, this information is requested when you register for an online service, receiving services from Quadient or in connection with an online transaction.
Personal information collected by Quadient may include, but is not limited to, the following:
Identity data: First name, last name, username or similar identifier, and title. Contact data: Billing information, billing address, email address and telephone numbers. Financial data: Bank account and payment card details. Transaction data: Details about payments to and from you and other details or other offers you have purchased from us. Technical data: Your login data; other data on the devices you use to access this Website and your Internet Protocol (IP) address is identified and logged. Usage data: Website navigation, your interests, preferences, feedback, Web forms such as on contact us pages and survey responses. Marketing and communications data: Your preferences in receiving marketing from us including product demo, register for a webinar or other event, during phone calls with sales representatives, when you contact customer support and our third parties and your communication preferences. Service data: In providing the Services, we process on behalf of our Clients information that our Clients’ customers give when they call, text or Web Chat with our Clients. That data may be transferred to us for processing by our Clients (“Service Data”) following the signature of an appropriate data protection agreement with our Client. Our Clients control the information that they require to enable them to use the Services to manage and collect amounts owed to our Clients by their customers “accounts receivable management”. When a customer’s Service Data is transferred to us for processing, we will only collect the information our Clients have instructed us to collect to enable them to use the Services (eg. enabling revenue collection communications between Clients and their customers). Aggregated Data: We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific Website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy Statement. Internet or other electronic network activity Information: This information is necessary for the proper functioning of our Websites and their services, as well as internal business analytics purposes such as audience measurement. For more information on the cookies and other data collection technologies, please read the Cookies Policy applicable to the Website you are accessing. Examples: IP address, device type, browser type, language, browsing history, information about your interaction with our Websites and their services. Sensitive personal information: We ask that you do not send us, and do not share any sensitive personal information (for example, government-issued IDs, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, genetic, or biometric data, criminal background or trade union membership). Information from Children: Quadient does not knowingly collect or solicit personal information from anyone under the age of 13. If you are under 13, please do not send any personal information about yourself to us. If we learn that we have collected personal information from a child under the age of 13 without verification of parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 13, please contact us contact us.
In most cases, we collect your personal information directly from you, such as when you contact us via phone or in person, complete a form or survey, provide services, register for an account or request to receive marketing materials and information.
Sometimes, we may also obtain personal information about you from other sources who you direct or authorize to share information with us, such as authorized representatives or affiliated organizations, our partners, collaborators, and service providers. We also collect information from publicly accessible sources such as Websites, social media and other digital platforms. In addition, if you use our Websites, we may collect information from your computer or other device through our use of cookies and other data collection technologies. For more information on cookies and other data collection technologies, please read "Our Cookie Policy” later in this document.
Purposes for which we use your personal information for commercial and business purposes are described in this section. You may choose not to provide your personal information to us; however, in doing so, you may not be able to continue your relationship or interactions with us or use certain services. The following points describe in more detail purposes for which Quadient may use your personal information. To provide services for you and to answer your requests from Quadient, for example, product or service, a callback, or specific marketing materials, we will use the personal information you provide to process and deliver your orders. We may use your personal information to support products or services you have purchased from us, such as notifying you of a product update or fix. We may combine your information with information from other interactions with you to provide you with more valuable suggestions in relation to product support. Use of automated and AI-supported tools. Quadient may use automated or AI-supported tools in limited contexts such as service support, analytics, security, content optimisation and internal operations. Where such tools are used in ways that materially affect individuals or trigger legal transparency duties, Quadient should provide additional notices describing the relevant AI use, its purpose, and applicable safeguards. Where users interact directly with an AI-enabled interface, assistant, or chatbot, or where content presented to users is where content presented to users is AI-generated or materially AI-manipulated, Quadient should provide appropriate disclosure or labelling where required by law. Quadient should maintain internal governance processes for website and digital-service AI uses, including staff training, approval processes for new AI features, and escalation procedures for incidents or complaints involving AI-supported outputs. Quadient does not intend to rely solely on automated processing to make decisions that produce legal or similarly significant effects on individuals in the website or digital-services context without appropriate safeguards where required by law. To register you as a new customer or when you enter a contest or other promotional event, we may use your name, address, telephone number and e-mail address so we can administer the program and notify winners. We intend to continue improving the content and function of our Websites. For this reason, we may monitor customer traffic patterns and Website usage to help us improve the design and layout of our Website and provide content of interest to you. We use the IP addresses of all visitors to the Websites to calculate the Websites usage levels, to help diagnose problems with the Website servers, and to administer the Websites. We may also use IP addresses to communicate with or block access by visitors who fail to comply with our Terms of Use. To manage our relationship with you which will include; notifying you about changes to our terms of privacy statement; to ask you to complete a survey. To manage the security of our Websites, networks and systems. To market our products and services or related products and services and to tailor marketing and sales activities. This may include general and personalized electronic direct marketing and targeted advertising concerning our products and services. You may receive marketing communications from Quadient. You can opt-out of these communications by the methods described in YOUR RIGHTS Section of this policy, selecting the Do Not Sell or Share my Personal Information button, or by displaying an opt-out preference signal via the Global Privacy Control, as required by applicable law. You may also receive marketing material if you are on a list that has been lawfully acquired by Quadient or your information has been referred to us by an authorized third party or colleague. When you participate in a referral program, we may use your name, address, telephone number, and e-mail address so we can administer the program, validate eligibility, notify winners, and provide any associated rewards or benefits. Promotional offers from us: We may use your identity, contact, technical, and usage data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you. To comply with applicable laws and regulations.
Quadient may share your personal data with other Quadient Affiliates, third party service providers according to Quadient’s legal and contractual obligations.
Sharing within Quadient:
Duly authorized employees of other Quadient entities may access your personal information for the purposes set forth in this Privacy Statement, only to the extent necessary to serve those purposes and limited to employees who need the information to perform their job functions—including global administrative, operational, product/solution technical support, and marketing activities in the context of Quadient’s worldwide business.
Sharing outside Quadient:
We may share personal information with the following types of third parties for a business purpose:
Third party service providers processing personal data on Quadient’s behalf, for example to process credit cards and payments, shipping and deliveries, manage and service Our data, distribute emails, research and analysis, manage brand and product promotions as well as providing certain services and features. For more information about our Subcontractors used in our Solutions. You can submit a request on privacyteam@quadient.com. Third-party marketing: Where profiling, targeting or other AI-supported decision tools are used, Quadient should implement controls proportionate to the relevant risk, which may include human review where appropriate, testing for material error, records of system changes, and legally required opt-out or transparency mechanisms. Quadient Partner: Personal data collected during your registration and participation in a webinar or event organized by Quadient is processed to manage your participation and provide you with information related to the event. Quadient may share some of this data (such as your name, surname, email address, and job title) with business partners who participate in or co-host the webinar and/or event, in order to ensure proper organization and follow-up. These partners act as data controllers for their own purposes. Open Banking services (UK only): If you connect a UK bank account using our Open Banking integration within the Quadient AP product, this service is provided by Plaid. Quadient CXM UK Ltd is an agent of Plaid Financial Ltd., an authorised payment institution regulated by the Financial Conduct Authority under the Payment Services Regulations 2017 (Firm Reference Number: 804718). Plaid provides you with regulated account information services through Quadient CXM UK Ltd as its agent. Other third parties: (i) as required by law to comply with a government request, subpoenas, a court order or applicable law; (ii) prevent illegal uses of Quadient Websites and apps or violations of our Websites’ and our apps’ Terms of Use and our policies; (iii) Advisors (such as outside auditors, attorneys and similar parties) and defend ourselves against third party claims; and (iv) assist in fraud prevention or investigation (e.g., counterfeiting) (V) reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).
Where we utilize third parties for the processing of any personal information, we implement reasonable contractual and technical protections limiting the use of that information to the purposes specified by Quadient, as explained in our CCPA Privacy Notice.
Quadient’s products and services are primarily intended for companies and businesses. When collecting information, we request that you provide business-related details. Where applicable laws require a lawful basis for processing personal data, we ensure that such data is processed only when a valid legal basis exists. The most common bases for processing are:
Contractual necessity: We need to process your data to perform a contract we are about to enter into or have already entered into with you. Legitimate interests: : Processing is necessary for our legitimate interests, provided that your interests and fundamental rights do not override them. These interests include: • Maintaining accurate records and communicating effectively with you, including responding to your requests. • Managing pre-litigation and litigation processes. • Taking action against identified breaches. • Handling disputes or legal proceedings. • Ensuring the security of our Websites, networks, and systems. • Analyzing, developing, improving, and optimizing the user experience of our Websites, products, and services. • In certain cases, sending marketing communications and newsletters.. Legal or regulatory obligations: We may process personal data to comply with legal requirements, such as responding to subpoenas or other legal processes, or handling opt-out requests. Consent:When obtained from individuals, we rely on consent for specific processing activities. You have the right to withdraw your consent to marketing communications at any time by contacting us. Upon withdrawal, we will retain your data only to respond to queries submitted via Webforms.
At any time, you can choose to opt out from our marketing communications by clicking here or by following the unsubscribe link in any marketing email you have received. If you unsubscribe from marketing, we may still send you email communications that are relationship or transactional in nature.
Under certain laws such as GDPR and UK GDPR, you may have the following rights with respect to your personal information:
• Your right of access. You may have the right to ask us to provide clear, transparent, and understandable information on how we process your personal information, as well as for copies of your personal information. There are some exemptions, which means you may not always receive all the information we process.
• Your right to rectification. You may have the right to ask us to rectify information you think is obsolete or inaccurate and the right to ask us to complete information you think is incomplete.
• Your right to delete your personal information. You may have the right to ask us to delete your personal information in certain circumstances.
• Your right to restriction of processing. You may have the right to ask us to restrict the processing of your personal information, during a limited period, in certain circumstances.
• Your right to object to processing. You may have the right to object to processing, in which case, Quadient will no longer process your personal information unless Quadient demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms, such as compliance with a legal obligation or for the establishment, exercise or defense of legal claims.
• Your right to data portability. You may have the right to ask that we transfer the information you gave us from one organization to another or give it to you.
• Right to withdraw your consent. If we process your personal information based on your consent, you have the right to withdraw your consent, without this withdrawal affecting the lawfulness of the processing operations previously carried out.
• Right to close your account. If you receive our services through online accounts, you have the right to close your accounts. We will then delete or anonymize your personal information associated with your accounts, unless otherwise permitted under applicable laws.
Your California Consumer Privacy Act (CCPA) rights:
The CCPA provides individuals residing in California with certain rights regarding their personal information: Click here for Our CCPA Privacy Notice.
Right to Know. You have the right to request: (1) the specific pieces of personal information we have collected about you; (2) the categories of personal information we have collected about you; (3) the categories of sources from which the personal information is collected; (4) the categories of personal information about you that we have sold or shared and the categories of third parties to whom the personal information was sold or shared; (5) the categories of personal information about you that we disclosed for a business purpose and the categories of third parties to whom the personal information was disclosed for a business purpose; (6) the business or commercial purpose for collecting, disclosing, selling, or sharing personal information; and (7) the categories of third parties to whom we disclose personal information. Our response will cover the 12-month period preceding our receipt of a verifiable request unless a longer period is requested by you. Right to Delete. You have a right to request the erasure/deletion of certain personal information collected or maintained by us. As described herein, we will delete your personal information from our records and direct any service providers (as defined under applicable law) to delete your personal information from their records. However, we are not required to honor a deletion request if an exemption applies under the law. Right to Correct. You have a right to correct inaccuracies in your personal information, taking into account the nature of the personal information and the purposes for which we process the personal information. We will use commercially reasonable efforts to correct the inaccurate personal information as directed by you. Right to Limit Use and Disclosure. You have the right to limit our use and disclosure of your sensitive personal information to that use which is necessary to perform our services and provide our products as requested by you, or as otherwise permitted by law. We only use or disclose sensitive personal information for purposes permitted by the CCPA and to which the right to limit does not apply. Right to Opt Out. A California resident has the right to request Quadient stop sharing personal information with third parties for cross context behavioral advertising. A California resident also has the right to opt-out of such targeted advertising by selecting the Do Not Sell or Share my Personal Information button, or by displaying an opt-out preference signal via the Global Privacy Control. Personal cookie data can be managed through the Quadient Privacy Preference Center accessed through selecting Cookie Settings on the Website. Non-Discrimination. You have the right not to receive discriminatory treatment by us due to your exercise of the above rights. We do not offer financial incentives and price or service differences, and we do not discriminate against consumers, employees, applicants, or independent contractors for exercising their rights under applicable law
Depending on your country of residence and the country where the Quadient entity processing your personal information is established, you may have additional local rights with respect to our processing of your personal information. Please note that some of the personal information that we collect, use and disclose may be exempt from the rights outlined above. To exercise Your rights described above please submit a verifiable access request to us by either:
Using the preference center Emailing Us at: PrivacyTeam@Quadient.com, or Calling Us at +1 800-636-7678
We will respond to your requests within the period prescribed by applicable laws. Under certain circumstances, Quadient may ask you for specific information to confirm your identity and ensure the exercise of your rights. This is a security measure to safeguard personal information. We will notify you when your request is completed, if we deny your request to exercise your rights (because, for example, an exception applies), or if there is a fee associated with processing your request.
You may designate an authorized agent to exercise your rights on your behalf. In such a case, we will also need to verify your agent’s identity and obtain proof of your authorization. We may need to deny a request from an agent whose identity or authorization we cannot verify.
If you believe that Quadient has processed information in a manner that is unlawful or breaches your rights, or has infringed applicable laws, you may have the right to complain directly to your local data protection authority. Without limiting any rights to complain directly to an authority, we are committed to protecting personal information, and complaints may be made directly to us.
Quadient takes appropriate precautions to protect our users' personal information.
Quadient is a company with operations in 29 countries, and your personal information may be accessible to or shared with our affiliates, service providers, partners, collaborators and regulators in various countries for the purposes specified in this Privacy Policy. If personal information is transferred to a Quadient recipient in a country that does not provide an adequate level of protection for personal information, Quadient will take measures designed to adequately protect information about you, such as ensuring that such transfers are subject to the terms of the EU Model Clauses or UK IDTA.
When you place orders or access your account information, we offer the use of a secure server. The secure server software (TLS) encrypts all information you input before it is sent to us. Furthermore, Quadient uses a variety of technical and organizational security measures, including encryption and authentication tools, to maintain the safety of your personal data. Your personal data is processed in secured networks and is only accessible by a limited number of people with special access rights to these systems when necessary to perform their job function.
Quadient complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.
We have certified to the U.S. Department of Commerce that we adhere to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.
We have certified to the U.S. Department of Commerce that we adhere to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this Privacy Policy for Quadient Employees and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Quadient commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF. For any dispute arising under the EU-U.S. DPF program, the UK Extension to DPF and the Swiss-U.S. Data Privacy Framework program that is not resolved through contacting HR or the steps listed above, under certain conditions individuals may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf?tabset-35584=2.
Quadient is subject to the investigatory and enforcement powers of the United States Federal Trade Commission (FTC) in compliance with the Data Privacy Framework.
Quadient is responsible for the processing of personal information we receive or subsequently transfer to a third party acting as an agent on our behalf. We comply with applicable data protection law, including DPF Principles for all onward transfers of personal information from the EEA and Switzerland, including the onward transfer liability provisions in the DPF Principles.
We retain your personal data for as long as necessary to fulfil the purposes for which We collect it, except if required otherwise by law.
Your registration information will be retained for as long as your account is active or as needed to provide you services. If you wish to request that we no longer use your registration information to provide you services, contact us.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
We may update this Privacy Statement from time to time to reflect changes to our data governance practices and to comply with our legal requirements. The revised Privacy Statement will be posted here with an updated revision date. We encourage you to check back periodically for any changes or updates. If we make a material change to our Privacy Statement, we will post a notice at the top of this page for 30 days. By continuing to use our Websites after such revision takes effect, we consider that you have read and understand the changes.
If you have any complaints regarding our compliance with this Privacy Statement, please contact us first. We will investigate and attempt to resolve complaints and disputes regarding the use and disclosure of personal information in accordance with this Privacy Policy and in accordance with applicable law.
You also have the right to file a complaint with a competent data protection authority if you are a resident of a European Union member state; United Kingdom; or a resident in California.
Cookies (Cookies, pixel tags and other trackers) are pieces of data sent to your browser when you visit a Website and stored on your computer’s hard drive. Cookies may store user preferences and other information. Depending on the applicable law, when you first visit our Websites and again if you delete the Cookies or the Cookies expire or change, you will be asked which Cookies you consent to.
We may use the following types of cookies on our Websites:
Strictly Necessary Cookies - Essential for the correct functioning of a Website, strictly necessary cookies allow users to navigate and use Website features. Typically, these cookies cannot be disabled as they are required for basic Website functionality. Functional Cookies – Websites can set functional cookies to remember user preferences to help build a more personalized experience on return visits. This includes information such as language, font size, and other customizable elements. Targeting Cookies – Also known as advertising cookies, cookies of this nature help Website operators to deliver advertisements that are more relevant to the user. Targeting cookies set information that allows advertisers to display content based on a user’s browsing history and online behavior. They are also used to limit the number of times a user sees a particular advertisement and targeting cookies are often set by third-party advertising networks. Social Media Cookies – These cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They can track your browser across other sites and build up a profile of your interests. This may impact the content and messages you see on other Websites you visit. If you do not allow these cookies, you may not be able to use or see these sharing tools. Performance Cookies - These cookies collect information about how users interact with a Website. Performance cookies track which pages have been visited, whether any errors occur, and loading times. These types of cookies are typically used to improve user experience and Website performance. Analytics Cookies are a type of Performance Cookies which are used to improve the Websites by collecting information on how you interact with the Websites; The cookies collect information in a way that does not directly identify anyone, rather they collect information in an aggregated or generalized statistical form, including the number of visitors to the Websites, where visitors have come to the Websites from and the pages they visited. One of the analytic cookies we use is Google Analytics. Google's overview of privacy practices and data safeguards is available at: https://support.google.com/analytics/answer/6004245. To opt out of being tracked by Google Analytics across all Websites, visit http://tools.google.com/dlpage/gaoptou.
Most web browsers allow some control of most cookies through the browser settings. For example, there are simple procedures in most browsers that allow you to delete existing cookies. If you want to set your computer or mobile Web browser to reject all cookies by default, please visit the support page of your browser for instructions. If you reject all Cookies, you may still use our Websites; however, this may affect the functionality of some areas of our Websites.
For California specific information and tracking please check our CCPA privacy Notice.
If you have a question related to this Privacy Statement, please contact us. Your message will be forwarded to the appropriate member of Quadient's Data Privacy Team, such as Data Protection Officers or members of their teams. If you are resident in California:
To exercise Your rights described above please submit a verifiable access request to us by either:
Using the access request form Emailing Us at: PrivacyTeam@Quadient.com, or Calling Us at +1 800-636-7678
In your request, you need to provide enough information that allows us to reasonably verify that you are the consumer that we collected information about.
If you have any other concerns related to data privacy and you want to report it anonymously, please also feel free to report your concern on the Quadient Ethics Line.