ONERWAY
Pricing
Log in
Privacy Policy

Privacy Policy

24 March 2026

Controller / responsible Onerway entity

For this United Kingdom version, "Onerway", "we", "our", and "us" means Ronghan International Limited. Where more than one Onerway group company is involved in delivering the Services, the relevant Onerway entity may act as controller, joint controller, processor, or service provider depending on the circumstances and the role it performs.

Regional rights and regulatory note

If you are in the United Kingdom, we process Personal Data in accordance with the UK GDPR, the Data Protection Act 2018, and other applicable UK privacy laws. Subject to applicable law, you may have rights to be informed, access your data, rectify inaccurate data, erase data, restrict processing, object to processing, data portability, and withdraw consent where consent is relied upon. You also have the right to complain to the Information Commissioner's Office (ICO).

Where this UK version applies, any international transfer of Personal Data will be carried out using lawful transfer tools recognised under UK law, which may include adequacy regulations, the UK International Data Transfer Addendum, or other approved safeguards.

1. Scope of this Privacy Policy

This Privacy Policy explains how Onerway collects, uses, shares, stores, and otherwise processes Personal Data when individuals and businesses interact with our websites, platform, products, and related services. It applies to our business-facing services, end-user services where offered, and our public websites, including where we provide payment acceptance, fund collection, payout, merchant onboarding, risk management, and related support services.

Depending on the context, Onerway may act as a data controller, business, or organisation in its own right, and in other cases may process Personal Data on behalf of a merchant, business customer, or other client as a processor, service provider, or intermediary.

2. Key definitions

In this Privacy Policy, "Personal Data" means information relating to an identified or identifiable individual. "Services" means the products, services, devices, applications, websites, dashboards, and related online services we provide. "Business Users" are merchants, platforms, or other business customers using our Services. "End Customers" are individuals whose Personal Data we process in order to provide services to a Business User, such as when they make a payment, receive a refund, or receive a payout. "Representatives" are directors, founders, beneficial owners, employees, administrators, or other individuals acting on behalf of a Business User. "Visitors" are individuals who interact with our websites or communications channels without using an account.

3. Personal Data we collect

We may collect the following categories of Personal Data, depending on how you interact with us:

  • identity and contact data, such as name, email address, telephone number, business address, billing address, shipping address, and account credentials;
  • transaction and payment data, such as payment method details, merchant details, purchase amount, date and time, payout information, and refund or dispute information;
  • onboarding and verification data, such as date of birth, company role, ownership information, government-issued identification details, sanctions- or fraud-screening data, and related due diligence materials;
  • device, technical, and online activity data, such as IP address, browser type, language preference, operating system, site usage, cookies, clickstream data, and fraud signals;
  • communications data, such as support requests, emails, survey responses, webinar registrations, event attendance, and phone or chat records where permitted by law; and
  • any other information you or a Business User provide to us in connection with the Services.

4. How we collect Personal Data

We collect Personal Data directly from you, from Business Users, from your use of our websites and Services, from service providers acting on our behalf, from Financial Partners, and from publicly available or lawfully obtained third-party sources used for identity verification, fraud prevention, compliance, and business due diligence.

5. How we use Personal Data

We use Personal Data to:

  • provide, operate, maintain, and improve the Services;
  • create and manage accounts, onboard customers, and verify identity;
  • process payments, refunds, settlements, and payouts;
  • perform risk assessment, fraud detection, authentication, security monitoring, and loss prevention;
  • comply with anti-money laundering, know-your-customer, sanctions, tax, accounting, and other legal or regulatory obligations;
  • communicate with you about the Services, support matters, policy updates, and important notices;
  • analyse usage, troubleshoot technical issues, and improve user experience, product performance, and business intelligence;
  • market our Services where permitted by applicable law; and
  • enforce our terms, protect our rights, and prevent misuse of the Services.

6. How we share Personal Data

We may share Personal Data with:

  • the relevant Onerway group entity and our affiliates;
  • Business Users and parties they authorise to receive data in connection with the Services;
  • banks, payment method providers, payout providers, card networks, and other Financial Partners involved in processing or settling a transaction;
  • service providers and processors supporting hosting, analytics, security, verification, customer support, communications, auditing, and similar operational functions;
  • professional advisers, auditors, insurers, and financing counterparties where reasonably necessary;
  • competent authorities, regulators, courts, law enforcement agencies, or other third parties where disclosure is required or reasonably necessary for legal compliance, fraud prevention, or protection of rights and safety; and
  • counterparties involved in a merger, financing, restructuring, acquisition, sale, or transfer of all or part of our business, subject to appropriate confidentiality protections.

7. Cookies, analytics, and similar technologies

We and our partners may use cookies, pixels, SDKs, log files, and similar technologies to operate our websites and Services, remember preferences, understand usage patterns, personalise content, support security and fraud detection, and measure the effectiveness of communications and advertising. Where required by law, we will seek your consent before using non-essential cookies or similar technologies. Our cookie banner and cookie settings tools may provide additional controls depending on your region.

8. Marketing communications

Where permitted by applicable law, we may use your contact details and interaction history to send you marketing communications about our Services, events, and partner integrations. You can opt out of marketing emails at any time by using the unsubscribe link in the message or by contacting us. Even if you opt out of marketing communications, we may still send you service-related or legally required notices.

9. Security and retention

We maintain organisational, technical, and administrative safeguards designed to protect Personal Data against unauthorised access, disclosure, alteration, loss, or misuse. We retain Personal Data for as long as reasonably necessary to provide the Services, maintain our business relationship, comply with legal, tax, accounting, payment network, and regulatory obligations, resolve disputes, enforce our agreements, and prevent fraud and misuse. Retention periods may vary based on the type of data, the nature of the Services, and applicable legal requirements.

10. International transfers

Because we operate internationally, Personal Data may be transferred to and processed in countries other than the country where it was collected. Where required by applicable law, we use appropriate safeguards for cross-border transfers, which may include adequacy decisions, standard contractual clauses, contractual confidentiality and security commitments, and other lawful transfer mechanisms recognised by the applicable jurisdiction.

11. Requests made through merchants or business customers

Where we process Personal Data on behalf of a Business User, that Business User is primarily responsible for its own privacy notices, lawful basis, and handling of data subject or consumer requests relating to data it controls. If you are an End Customer interacting with a merchant or other Business User, please consult that business's privacy notice first. Where appropriate, we may direct your request to the relevant Business User.

12. Updates to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our Services, privacy practices, legal requirements, or regulatory expectations. When we make material changes, we will update the "Last Updated" date and provide additional notice where required by law.

13. Contact us

For privacy questions or requests, please contact us at admin@ronhan.com. We may require information reasonably necessary to verify your identity and the scope of your request before responding.

ONERWAY

Get started with us

Follow us on FacebookFollow ONERWAY's Wechat official accountWeChat QR CodeSend email to
EMEAmarketing@onerway.com
Connect us on LinkedIn

Products & Pricing

  • Payments Acceptance
  • Payouts
  • Embedded Finance
  • Card IssuingComing soon
  • SoftPOSComing soon
  • Pricing

Solutions

  • Ecommerce
  • Digital
  • Financial Institution
  • Marketplace
  • SaaS Platform
  • Professional Services
  • Travel

Developers

  • Documentation
  • API Reference

About

  • About us
  • Career
  • Insights
T&CPrivacy policyCookies policy
© Onerway 2026. All rights reserved.

RONGHAN INTERNATIONAL LIMITED, operating under the trading name of ONERWAY, is a company incorporated in the United Kingdom (Company No. 09534814) and a fully authorized Electronic Money Institution licensed by the Financial Conduct Authority of the United Kingdom (Firm Reference No. 937049). Our registered business address is 6 Bevis Marks, London, England, EC3A 7BA, United Kingdom.