Apresentamos Stablecoin Full. A velocidade das criptomoedas. A estabilidade do dinheiro fiat. Confira.
Fale com Vendas
Privacy Hub
UK and EEA

Privacy Notice

Last Update: April 2026 Previous version

PRIVACY NOTICE: WEBSITE, CUSTOMERS, PROVIDERS, END-USERS AND SUB-MERCHANTS

THIS IS THE PRIVACY NOTICE OF THE DLOCAL GROUP COMPANIES ESTABLISHED WITHIN THE EEA AND THE UK 

This Privacy Notice explains how we process personal data about (i) visitors to our Website, (ii) representatives of our Customers and other business contacts who use our Merchant Dashboard or interact with us, and (iii) in certain cases, End-Users and Sub-Merchants who benefit from or are involved in the services we provide to our Customers, as well as where Dlocal Opco Ireland Limited acts as an independent merchant-of-record / reseller.

Your privacy is very important to us. We are committed to the protection of your personal data, and the purpose of this Privacy Notice is to inform you about the way we process your personal data, including references to which data we process, how, why, and for how long, together with information about your rights as a Data Subject.

This Privacy Notice (together with our Terms and Conditions available on our website, any product‑specific or service‑specific terms and conditions that may be made available to you from time to time, and any other documents referred to in it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. This Privacy Notice also sets out how you can instruct us if you prefer to limit the use of that personal data, as well as the procedures that we have in place to safeguard your privacy.  

It is important that you read this Privacy Notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you, so that you are fully aware of how and why we are using your personal data. This Privacy Notice supplements the other notices and is not intended to override them.

1. IMPORTANT INFORMATION

The dLocal group provides its services to the Customers via different entities. For more information, please click HERE.

Each of these dLocal Entities are separate data controllers but are collectively referred to in this Privacy Notice as “dLocal”, "we", “our” or “us”. 

In summary, we generally act as a data controller in relation to Website visitors and representatives of our Customers and other business contacts. For most End-User and Sub-Merchant data, we act as a data processor on behalf of the relevant Customer, except for the limited situations described in this Privacy Notice where we act as an independent data controller (for example, for certain fraud-prevention, compliance and dMore merchant-of-record / reseller activities).

Individuals from whomwe collect personal data (the “Data Subjects”)

In this Privacy Notice, “you” or “your” means the individual who is the subject of personal data we process as a data controller, which would typically be: (i) the visitors of our website at www.dlocal.com (our “Website”); (ii) the representatives of merchants and other payment providers (our “Customers”) who interact with us and access our Merchant Dashboard to receive our payment processing services; (iii) representatives of third party service providers who interact with us to fulfil their contractual obligations with us and (iv) representatives of prospective Customers whose business contact details we obtain from third‑party sources such as business‑contact databases, sales intelligence or lead‑generation platforms. 

In addition, we act as a data controller in relation to personal data about buyers or beneficiaries of our Customers (“End-Users”), as well as business customers of our Customers who use our dLocal for Platforms solution (our “Platform product”) (“Sub-Merchants”). Our Platform product enables marketplaces to onboard and manage their own Sub-Merchants while using our services to process payments and payouts for those sellers. We process this personal data only for the limited purposes described in section 3 of this Privacy Notice. References to “Sub-Merchants” in this Privacy Notice should be understood in this sense. 

We also provide “dMore”, our merchant‑of‑record / reseller solution operated by Dlocal Opco Ireland Limited. When products or services are offered through dMore, Dlocal Opco Ireland Limited acts as an independent data controller in relation to certain processing of End‑Users’ personal data, as further explained in sections 3.3 of this Privacy Notice.

Otherwise, as far as End-User and Sub-Merchants’ personal data is concerned, except where Dlocal Opco Ireland Limited acts as an independent data controller as described above, we generally act as a data processor on behalf of our Customers.

For the purpose of this Privacy Notice, “Data Protection Legislation” means: in the EEA: (1) the General Data Protection Regulation (EU) 2016/679) (the “EU GDPR”) and any other data protection legislation applicable within the EEA; (2) in the UK: (i) the UK Data Protection Act 2018; and (ii) the GDPR as amended and adopted by UK law by virtue of section 3 of the European Union (Withdrawal) Act 2018 (the “UK GDPR”). Legal terms related to data protection used in this Privacy Notice follow the definition provided by the above-mentioned legislation.

2. INFORMATION WE MAY COLLECT (OR RECEIVE) ABOUT YOU

How is your personal data collected: 

  1. Direct interactions. You may give us your Identity and Contact Data (as defined below) by filling in forms or by corresponding with us by available channels (for example, by email, through our online contact forms, or via our customer support tools such as Intercom). This includes personal data you provide as a representative of a Customer or a prospective Customer when you: 
    1. apply for or enquire about our products or services;
    2. interact with us in connection with our services or our relationship with the Customer you represent;
    3. create a Customer user account on our payment processing service platform (“Merchant Dashboard”) to receive our services; or
    4. subscribe to our service or publications
  2. Where we contact you as a representative of a prospective Customer and we have not obtained your personal data directly from you, we will usually do so using your business contact details that we have obtained from third‑party sources as described in section 2(f) below and will provide you with this Privacy Notice when we first contact you.
  3. Website and Merchant Dashboard usage. When you browse our Website or our Merchant Dashboard, we process Technical Data (defined below). We use certain strictly necessary Technical Data and cookies on the basis of our legitimate interests in making sure our Website and Merchant Dashboard work properly, including for debugging, DDOS mitigation and security. We may also use other cookies and similar technologies (for example, for analytics or personalisation) where you have given your consent through our cookie banner or preference centre; these help us improve the user experience and perform statistical analyses to optimise the quality of our Website and Merchant Dashboard. Please see our Cookies Policy HERE for further details, including how you can manage your cookie preferences.
  4. SmartFields, Mobile Checkout, Payment Links, Payout Links, Invoice Collection solutions, and our dLocal for Platforms solution (our Platform product). When you purchase goods or services from, or receive payments to or from, dLocal Customers using any of these solutions, you will most likely provide your personal data directly to dLocal, acting on behalf of those Customers.
    In marketplace arrangements, we provide our services through our Platform product in combination with a Customer’s platform. Depending on our agreement with the Customer and the applicable data protection roles, Sub-Merchants and their End-Users may provide their personal data either directly to dLocal (for example, via dLocal-hosted onboarding and KYC/verification flows) or to the Customer’s platform (for example, via the Customer’s own user interfaces and onboarding tools). In the latter case, the Customer then shares that data with us so we can provide our services.
  5. Static Virtual Accounts. In some markets, we also support Static Virtual Accounts (for example, fixed bank or cash virtual account numbers assigned to a particular Customer). In those cases, when you make a payment using a Static Virtual Account that has been allocated by a Customer using our services, we receive payment‑related information (such as the account/reference, amount, and timing of the payment) from the relevant payment channel in order to process and reconcile the transaction.
  6. Due Diligence. When you apply to become a Customer of dLocal, or you operate as a Sub-Merchant under a dLocal Customer, we require that you provide personal data as detailed in this paragraph, but not limited to this description. For regulatory reasons, we may request name, postal address, telephone number, and email address to fulfill our financial partners and regulatory requirements. We may also collect personal data about you, including financial data, such as your ownership interest in the company, your status of director or officer, your date of birth and government identifiers associated with you and your business (such as your social security number, tax number), or bank account information. We may also perform biometric checks (including, where applicable, liveness/face‑verification checks), as further described in any applicable identity-verification or onboarding terms, policies or notices that we may provide to you from time to time (which may be tailored to the relevant product, solution, region or use case)..
  7. Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources , including:
    • providers of business‑contact databases, sales‑intelligence and outreach tools that lawfully collect and provide business contact details for B2B prospecting and outreach purposes; and
    • providers we use to carry out fraud prevention checks, ID checks and other “Know Your Customer” checks we need to perform on our Customers’ representatives, Sub-Merchants and End users to comply with applicable financial services standards and requirements and to comply with applicable laws and regulations.

We may collect, use, store and transfer different kinds of personal data about you, which we have grouped as follows: 

  1. Identity Data includes first name, last name, username, gender, date of birth, place of birth, nationality, job title and qualification, ID number, ID document (including document type and issuing/expiry dates), Income tax number;
  2. Contact Data includes billing address, delivery address, email address and telephone numbers, country and state of residence;
  3. Technical Data includes your internet protocol (IP) address, your login data, Google Analytics ID, internet browser and device type, time zone setting, location data and your use of our website, including which pages you visited, how you got to our Website, the time and length of your visit and your language preferences; it also includes device and online identifiers and related telemetry such as device ID, cookies and similar identifiers, browser user agent, geolocation, advertising ID, vendor ID, Android ID and similar identifiers used to help secure transactions and prevent fraud;
  4. Profile Data includes the username and password of our Customer’s representatives when they log in the Merchant Dashboard; and, for End‑Users and Sub‑Merchants, information about their account and interaction with our services, such as account creation date, purchase or transaction history (including total number and value of orders), first and last purchase dates, internal reputation or risk scores and similar information about how they use our services;
  5. Marketing and Communications Data includes your name, position and business details and includes your preferences in receiving marketing from us and our third parties and your communication preferences (including records of your communications with us, such as when you contact us for support or respond to our campaigns); and
  6. Financial Data includes card data, bank account data, fiscal information and other payment‑instrument and payout information such as virtual or dynamic account numbers, wallet identifiers, payment method identifiers and related metadata, and beneficiary bank details (for example, beneficiary name, document or tax ID, bank name, branch and account number), as well as crypto or digital‑asset wallet addresses where relevant.
  7. Biometric Data includes liveness and face-verification data such as facial images and liveness recordings, which we use to confirm that a live person is present at the moment we are collecting your data and, where applicable, to verify identity in Sub-Merchant and similar due-diligence flows. 

We may collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data, but is not considered personal data in law, as this data will not directly or indirectly reveal your identity. Aggregated data collected include:

  1. Payment volumes and frequency
  2. Performance and risk metrics
  3. Merchant profitability and commercial analytics
  4. Aggregated views for external/merchant‑facing reports
  5. Compliance / AML & Data-Compliance metrics

We may collect Special Categories of personal data about you. In particular, this may include biometric data collected primarily in relation to Sub-Merchants in connection with KYC/KYB and identity-verification flows (for example, liveness / face-verification checks), especially in countries where the collection of biometric identifiers forms part of a legal or regulatory due-diligence requirement (such as to verify identity under local KYC/AML rules) or is otherwise necessary to prevent fraud and financial crime. This may include facial images, liveness recordings and biometric templates generated from those images, processed only on the basis set out in the section “How we use personal data” (for example, compliance with legal obligations, our legitimate interests and, where required, your explicit consent). 

We may also collect information about criminal convictions and offences, but only in the context of fraud or security checks when this is necessary to comply with applicable laws or with any applicable financial services standards or requirements.

3. HOW WE USE PERSONAL DATA

We may process your personal data for one or more lawful bases of processing (“Lawful Basis”), depending on the specific purpose for which we are using your data (see below).

3.1. Overview 

In accordance with this Privacy Notice, dLocal may use your personal data to:

  1. provide the services you request from us (Lawful Basis: to comply with our legal obligations and performance of our contract with you);
  2. verify your identity or conduct appropriate checks for fraud, including, where required by law or where necessary to prevent fraud and financial crime, the use of biometric data (such as liveness / face-verification checks) for Sub-Merchant due-diligence and fraud-prevention purposes (Lawful Basis: to comply with our legal obligations (for example under applicable KYC/AML, sanctions and financial‑services rules) and where necessary for our legitimate interests in detecting, preventing and investigating fraud, financial crime and abuse of our services and in protecting the security and integrity of our payment ecosystem; and, where required for biometric data, your explicit consent);
  3. understand your needs to provide you with the services you require (Lawful Basis: performance of our contract with you);
  4. administer and manage our services, including billing for the services provided (Lawful Basis: performance of our contract with you, to comply with our legal obligations and necessary for our legitimate interests in operating and improving our services, ensuring accurate billing and internal record‑keeping, and pursuing and recovering fees and charges owed to us);
  5. distribute information, newsletters, publications and other communication via various mediums to keep you informed including direct marketing communications about our services that we send to representatives of existing and prospective Customers (which may include contacting you using business contact details obtained from third‑party providers such as business‑contact databases, sales‑intelligence or lead‑generation tools as described in section 2(f) above) (Lawful Basis: where required under applicable law, your consent, and otherwise performance of our contract with you and our legitimate interests in promoting and developing our business and managing our relationship with you and the Customer you represent);
  6. research and develop new services (Lawful Basis: performance of our contract with you and necessary for our legitimate interests in improving, developing and enhancing our products and services, understanding how they are used and ensuring they remain competitive and relevant);
  7. analyse customer and support interactions (including, where relevant, via our customer support tools such as Intercom and AI-powered analytics tools, including large language models) to understand product and support performance, identify common issues and improve our services (Lawful Basis: necessary for our legitimate interests in improving, developing and enhancing our products and services and ensuring good customer support);
  8. manage and conduct our business and the services we provide to our Customers (Lawful Basis: performance of our contract with you and necessary for our legitimate interests in planning, managing and running our business operations efficiently and securely, including internal administration, reporting, supplier management and corporate governance);
  9. make sure our website works properly, including debugging, to be able to deliver you its content, for DDOS mitigation on our website, and improving our website and performing statistical analyses (Lawful Basis: necessary for our legitimate interests in ensuring the security, integrity and availability of our Website and Merchant Dashboard, preventing abuse and cyber‑attacks, and understanding and improving how our services are used);
  10. effectively communicate with third parties (Lawful Basis: performance of our contract with you and necessary for our legitimate interests in managing our relationships and day‑to‑day interactions with Customers, suppliers, partners and other third parties in relation to the services we provide); and
  11. as required or authorised by applicable law (Lawful Basis: to comply with our legal obligations).

3.2. End-Users and Sub-Merchants

As explained above in the section “Individuals from whom we collect personal data (the ‘Data Subjects’)”, our relationship with End-Users and Sub-Merchants is mainly indirect. In most cases, we process their personal data to provide the Services to our Customers and in accordance with our Customers’ instructions. In that context, dLocal acts as a data processor on behalf of the relevant Customer under a written contract, relying on the Customer’s authorisation to process End-User and Sub-Merchant personal data. . 

In selected arrangements, Sub‑Merchants agree to the terms and conditions of our Customer’s platform, which incorporate the payment‑processing terms that govern how we provide our services and how we process End‑User and Sub‑Merchant personal data on behalf of the Customer. Acceptance of those terms is collected through the Customer’s own onboarding and consent flows (for example, via the platform’s online terms or API‑based consent capture), rather than through a separate, dLocal‑hosted interface. Therefore, if you are an End-User or Sub-Merchant who has a relationship with one of our Customers, you should also refer to their privacy notice, as it is likely to be relevant to you and would contain information on how to contact them if you have queries about their use of your personal data or if you wish to exercise your data protection rights.

Notwithstanding our general role as a data processor for our Customers (as described above), there are certain instances where we process End-User and Sub-Merchant personal data as a data controller in our own right, which we do only for the following limited purposes: :

  1. to conduct, as needed, fraud and other risk management and prevention, and to comply with any mandatory reporting related to such activities (Lawful Basis: to comply with our legal obligations or necessary for our legitimate interests in detecting, preventing and investigating fraud, financial crime, abuse of our services and violations of applicable network or scheme rules, and in protecting our Customers, End‑Users, Sub‑Merchants and our business from associated risks);
  2. to comply with our statutory, regulatory and/or professional obligations, including any record-keeping obligations which we may have at law (Lawful Basis: to comply with our legal obligations); and
  3. to ensure the proper provision of the services for which you are either a recipient or beneficiary through our Customer and to exercise, or defend ourselves against, legal claims (Lawful Basis: necessary for our legitimate interests, including as to the reputation of our business or as pertaining to legal claims).     
  4. to carry out identity-verification and due-diligence checks for Sub-Merchants, which may include document verification and biometric data (such as liveness / face-verification checks) where required by law or where necessary to prevent fraud and financial crime (Lawful Basis: to comply with our legal obligations (including KYC/AML, sanctions and other regulatory requirements that apply to us) and where necessary for our legitimate interests in verifying the identity and suitability of Sub‑Merchants, preventing fraud and financial crime, and protecting the integrity and security of our payment ecosystem; and, where required for biometric data, your explicit consent).     

In the context of those limited activities, we act as a data controller, and therefore parts of this Privacy Notice would be relevant to you as an End-User or Sub-Merchant. Information on how to contact us for further information, or exercise your legal rights as a data subject, is set out at the end of this Privacy Notice.     

3.3. dMore 

Where Dlocal Opco Ireland Limited provides our dMore merchant‑of‑record / reseller solution, Dlocal Opco Ireland Limited acts as an independent data controller in respect of certain End‑Users’ personal data. In that capacity, it processes identification, contact and transaction details, together with limited technical and risk‑related information, for the following purposes (and lawful bases):

  1. To issue, store and reconcile sales receipts and other records of resale transactions with End‑Users and our Customers, and to maintain its own ledgers and internal accounting records in relation to those resale transactions (Lawful Basis: performance of contract with our Customers and Dlocal Opco Ireland Limited’s legitimate interests in operating the dMore merchant‑of‑record / reseller model and in maintaining accurate records of those transactions for financial, audit and tax purposes)
  2. To coordinate and record refunds, returns and other post‑sale adjustments between End‑Users and our Customers in connection with those resale transactions (Lawful Basis: performance of contract with our Customers and Dlocal Opco Ireland Limited’s legitimate interests in administering post‑sale events and ensuring a good customer experience under dMore)
  3. To calculate, collect, report and remit applicable transaction taxes on its resale to End‑Users and to comply with related tax audit, invoicing, record‑keeping and reporting obligations (including where it engages third‑party invoicing, tax or accounting service providers) (Lawful Basis: compliance with Dlocal Opco Ireland Limited’s legal obligations and its legitimate interests in correctly managing tax on the dMore resale model)
  4. To comply with laws that apply to Dlocal Opco Ireland Limited in its capacity as merchant of record / reseller, including consumer protection, e‑commerce, anti‑money‑laundering, sanctions, financial crime prevention and record‑keeping requirements, and to cooperate with competent authorities, Payment Networks and other regulated entities in that context (Lawful Basis: compliance with legal obligations and Dlocal Opco Ireland Limited’s legitimate interests in maintaining compliant operations and relationships with regulators and Payment Networks)
  5. To conduct its own internal accounting, financial reporting, audit and risk management in relation to the resale transactions, including monitoring chargebacks, refunds, fraud‑related losses, Payment Network fines and other exposures (Lawful Basis: Dlocal Opco Ireland Limited’s legitimate interests in managing its business, risks and financial position, and, where relevant, compliance with legal obligations)
  6. To ensure the proper provision of the contracted services (including the dMore merchant‑of‑record / reseller service and related payment processing) and to establish, exercise or defend legal claims, including disputes with End‑Users, Customers, Payment Networks, tax authorities or regulators (Lawful Basis: Dlocal Opco Ireland Limited’s legitimate interests in providing and improving its services and in protecting and enforcing its rights, and, where applicable, compliance with legal obligations)

Due to changes in the law or to our business, from time to time, we may need to, as a data controller, process your personal data for additional purposes beyond those set out above. In such case, we will either update this Privacy Notice or issue a dedicated privacy notice covering the specific occasion, depending on what is most appropriate to do in the circumstances.

4. WHEN WE MAY DISCLOSE YOURPERSONAL DATA

Your personal data may, for the purposes set out in this Privacy Notice, be disclosed for processing to:

  1. our employees, our affiliates and their employees. For instance, dLocal will share your information with other dLocal affiliates for the purpose of the provision of our services or when such affiliates provide support services to dLocal;
  2. Dlocal Opco Ireland Limited, which provides our dMore merchant‑of‑record / reseller solution and acts as an independent data controller in respect of certain processing of End‑Users’ and Sub‑Merchants’ personal data as described in sections 3.3 of this Privacy Notice.
  3. our third-party consultants, (sub-)contractors, suppliers and other service providers that may access your personal data when providing services to us (including, without limitation, IT support providers; KYC and identity-verification providers; customer-support and messaging platforms; AI analytics and automation tools (including tools that use machine learning or large language models to analyse customer interactions and help us provide and improve our services); and providers of sales-intelligence, contact-enrichment and lead-generation tools);
  4. auditors, contractors or other advisers auditing, assisting with or advising on any of our business purposes; 
  5. analytics and search engine providers that assist us in the improvement and optimisation of our Website and Merchant Dashboard;
  6. our successors in title, our prospective sellers or buyers of our business or to our Affiliates when we have a merger or re-organisation; 
  7. government bodies and law enforcement agencies, and in response to other legal and regulatory requests; 
  8. protect the rights, property, integrity or security of our company, our customers, or others (including, without limitation, you). This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

Where your personal data are provided to any other party in accordance with an express purpose, we will require such other party to ensure the safety and security of your personal data and only use it for the intended purpose.

5. INTERNATIONAL TRANSFERS

dLocal serves customers globally. Accordingly, your personal data may be shared with other dLocal affiliates outside of the European Economic Area (“EEA”) or the UK, when this is necessary for the purposes mentioned in this Privacy Notice. These countries include the countries in which we have operations. It also includes the countries in which some of our service providers are located.

To protect your personal data when these are transferred to countries outside of the EEA or the UK, we have implemented appropriate safeguards. The transfer of personal data from the EEA or the UK to non-adequate countries is protected by adequate safeguards such as EU and UK-approved Standard Contractual Clauses. 

6. WHAT HAPPENS IF YOU DON’T PROVIDE THE REQUESTED PERSONAL DATA

If we are unable to collect personal data from or about you, or if the personal data provided is incomplete or inaccurate, dLocal may not be able to assist you, including providing the services you are seeking or provide support or assist you with your queries. 

7. SECURITY OF PERSONAL DATA 

We have put in place a range of security procedures, as set out in this Privacy Notice.  Where you have been allocated a profile in the Merchant Dashboard, this area is protected by your username and password, which you should never divulge to anyone else.

Please be aware that communications over the Internet, such as emails/webmails, are not secure unless they have been encrypted. Your communications may route through a number of countries before being delivered. We cannot accept responsibility for any unauthorised access or loss of personal data that is beyond our control.  

We will use reasonable endeavours to implement appropriate policies, rules and technical measures to protect the personal data that we have under our control (having regard to the type and amount of that data) from unauthorised access, improper use or disclosure, unauthorised modification, unlawful destruction or accidental loss.  

We will ensure that your information will not be disclosed to government institutions or authorities except if required by law (e.g., when requested by regulatory bodies or law enforcement organisations in accordance with applicable legislation).  

8. COOKIES

dLocal uses cookies and similar technologies to store and collect information about your use of our Website and Merchant Dashboard. Cookies are small text files stored by the browser on your device. They send information stored on them back to our web server when you access our Website or Merchant Dashboard. We use certain cookies that are strictly necessary for the operation and security of our services, and we use other cookies (such as analytics or personalisation cookies) only where you have given your consent, as recorded through our cookie banner or preference centre. These cookies enable us, for example, to remember your settings and load your personal preferences to improve your experience. You can find out more about cookies at www.allaboutcookies.org, and more about the specific cookies we use and how to manage your choices in our Cookies Policy available on our Website HERE.

9. YOUR RIGHTS

We will take all reasonable steps to ensure that all information we collect, use, or disclose is accurate, complete and up to date. Please contact us if your details change or if you believe the information we have about you is not accurate or complete.

In some instances, you may also have the right to: 

  1. Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  2. Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new information you provide to us.
  3. Request erasure of your Personal Data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. Note, however, that we may not always be able to comply with your request for erasure for specific legal reasons, which will be notified to you.
  4. Object to the processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground, as you feel it impacts on your fundamental rights and freedoms. You can also opt out of receiving direct marketing communications at any time by following the unsubscribe instructions in the relevant communication or by contacting us using the details set out in this Privacy Notice.. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which do not override your rights and freedoms.
  5. Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data's accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
  6. Request the transfer of your Personal Data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
  7. Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case.

How to exercise your rights.

Please click on this LINK and fill out the form to submit your request. This is the preferred channel to submit a request and exercise your rights. Requests submitted through other channels may require you to provide additional information to enable us to deal with the request. If we process your personal data as a data processor on behalf of one of our Customers (for example, where you are an End-User or Sub-Merchant), we may ask you to contact the relevant Customer directly or we may forward your request to them, where this is required or appropriate under Data Protection Legislation..

What we may require from you.

We may need to request specific information from you to help us confirm your identity before starting to work on your request. We may also contact you to ask for further information in relation to your request. 

Time limit to respond.

We try to respond to all legitimate requests within one month, starting from the date your identity is deemed to be confirmed. Occasionally, it may take us longer than a month if your request is particularly complex or you have made several requests. In this case, we will notify you and keep you updated.

No fee is usually required.

All communication and all actions taken by dLocal regarding your rights described above are provided free of charge. dLocal reserves the right, in the case of clearly unfounded or unreasonable requests, to either take out a reasonable fee covering the administrative costs of providing the information or taking the requested action or refusing to fulfil the requested action.

10. HOW LONG WE KEEP PERSONAL DATA

We will only retain your personal data for as long as you have agreed to it or when it is necessary for us to provide you with our services or fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your      personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

We will take reasonable steps to destroy or permanently de-identify personal data that is no longer needed for any purpose that is permitted by Data Protection Legislation. Where destruction is not technically or legally possible, we will minimise the data, logically segregate it and restrict access to it. In particular, biometric data collected for identity-verification purposes are retained only for a limited period strictly necessary for those purposes, unless a shorter period is required or a longer period is permitted and necessary to comply with legal obligations or to establish, exercise or defend legal claims. For instance, by law we have to keep certain basic information about our Customers (including contact, identity, financial and transaction data) for specified minimum retention periods, which may be longer than the periods for which biometric data are retained.     

11. Contact Details

We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this Privacy Notice. If you have any questions about this Privacy Notice, including any requests to exercise your legal rights, please contact us by email: [email protected] 

You have the right to make a complaint at any time to the competent supervisory authority in your country of residence or place of work, including, for example, the Information and Data Protection Commissioner of Malta (https://idpc.org.mt) and the Irish Data Protection Commission (https://www.dataprotection.ie), as well as the Information Commissioner’s Office of the UK ( https://ico.org.uk/) (as applicable). 

We would, however, appreciate the chance to deal with your concerns before you approach the ICO or the IDPC (as applicable), so please contact us in the first instance.

12. CHANGES

We reserve the right to amend or edit this Privacy Notice from time to time to reflect changes in dLocal’s business or practices, and we encourage you to review this Privacy Notice periodically. We may change the Privacy Notice at any time by posting the changed Privacy Notice on the dLocal website. If the changes are material, we will include a notice on the dLocal website homepage indicating that a change has been made.

Escaneie o código QR abaixo com o seu celular para entrar em contato conosco pelo WeChat.

O crescimento global começa nos Mercados Emergentes

Descubra como as pessoas pagam e como alcançá-las com o Manual de Pagamentos para Mercados Emergentes da dLocal.

Baixe sua cópia
Descubra como as pessoas pagam e como alcançá-las com o Manual de Pagamentos para Mercados Emergentes da dLocal.
The emerging market advantage, now with stablecoin rails.

Checkout & Transfer. Crypto <> Local Rails. Treasury & FX. One integration across high-growth regions.

Start moving money

Actualizaciones del aviso de privacidad - Colombia

Le informamos que una versión actualizada del aviso de privacidad entrará en vigor el primero de julio de 2025. Hemos realizado cambios en las siguientes secciones:
4. Cuándo podemos revelar los datos personales;
8. Cookies;
9. Sus derechos;
10. Procedimientos para que los titulares puedan ejercer sus derechos en Colombia;
13. Cambios.

Lea el nuevo aviso de privacidad