How Can I Delete My Stored Data?

The simple answer is – we’ll do it for you.

A core concept of the GDPR is the ‘basis for consent’ to process personal data. There are multiple forms of consent and the one CCBill uses for its transaction processing is called ‘contractual obligation’. The basic idea behind this consent is that you, the end-consumer, give us your permission to process your data as part of processing of a transaction on your behalf. This transaction is an explicit contract between us and you.

CCBill is legally bound to store your data securely until certain obligations have been fulfilled:

• While a data owner (customer) has a valid transactional contract with CCBill their data must remain within our system.
• While a data owner (customer) has the potential to chargeback, request a refund, or somehow challenge a financial transaction their data must remain within our system.
• While a data owner’s (customer’s) financial transaction can/could form part of any financial business reporting which CCBill needs to make to any of the government agencies in the jurisdictions which it operates their data must remain in our system.

Once the transaction has been processed your data is stored securely within our systems until all of these obligations under the law have been satisfied. Once our obligations have been met our system automatically performs a process called ‘data anonymization’. This is a technical term that means our system replaces your sensitive data with scrambled and unrecognizable, non-personal information – effectively purging your data from our system.