top of page

Privacy Policy

Effective Date: 18th September 2025

Data Protection General Statement

MyPA is a website and app provided by Revoke Limited.

This Data Protection Policy outlines MyPA commitment to its customers and other individuals to operate its business activities in a manner that meets the compliance obligations of the Data Protection (Jersey) 2018 Law (“DPJL”), the Data Protection (Bailiwick of Guernsey) Law 2017, Data Protection Act 2018 (UK), and the General Data Protection Regulation (EU) 2016/679.

MyPA understands and respects your right to privacy, and we are committed to ensuring the confidentiality and security of your personal data and the personal data processing activities within our organisation by applying the appropriate technical and organisational measures required to achieve this objective.

This document covers the policies and procedures for processing personal data in a compliant manner and outlines the rights of the data subjects in respect of that data. The Privacy Notice below explains how we may use, process, and store your personal data.

When you create an Account with us or use our Services, you enter into an agreement with us and are directed to this Privacy Policy and the Terms and Conditions which form part of that agreement. Each time you use your Account or our Services, or provide us with information, the processing of your Personal Data will be governed by the current version of this Privacy Policy and Terms and Conditions.

If you do not agree with the terms of this Privacy Policy or the Terms and Conditions, please refrain from creating an Account or using our Services.

Data Controller

Revoke Limited is the data controller of all personal data and data processing activities of its apps and websites. The company runs the MyPA website, apps and associated services. It also operates the Revoke.com, B2.AI, and BLOKKapp.com websites and apps. The company’s head office and Registered Office is located at Ground Floor, 5 Bond Street, St Helier, Jersey, JE2 3NP.

Revoke Limited is registered as a data controller with the Jersey Office of the Information Commissioner and its number is 61116.

Reference Documents

  • Data Protection (Jersey) Law 2018

  • Data Protection (Registration and Charges) (Jersey) Regulations 2018

  • Data Protection (Bailiwick of Guernsey) Law 2017

  • Data Protection Act 2018, (UK)

  • EU General Data Protection Regulation 2016/679

Special Notice Regarding Children

MyPA does not knowingly collect personal information from children. In all countries not listed below, the minimum age to use the MyPA app is 13. However, certain jurisdictions impose higher minimum age requirements, which are detailed below:

  • Aruba: 16+

  • Austria: 14+

  • Bulgaria: 16+

  • Caribbean Netherlands: 16+

  • Chile: 14+

  • Colombia: 14+

  • Croatia: 16+

  • Curaçao: 16+

  • Cyprus: 14+

  • Czech Republic: 15+

  • Denmark: 15+

  • France: 15+

  • Germany: 16+

  • Greece: 15+

  • Hungary: 16+

  • Ireland: 16+

  • Italy: 14+

  • Lithuania: 14+

  • Luxembourg: 16+

  • Netherlands: 16+

  • Peru: 14+

  • Poland: 16+

  • Romania: 16+

  • San Marino: 16+

  • Serbia: 15+

  • Sint Maarten: 16+

  • Slovakia: 16+

​If you become aware that a child has provided us with Personal Data without the proper consent, please contact us at dpo@revoke.com and we will take steps to remove such information and terminate the account as necessary.

Privacy Policy

Scope of Application

This policy applies to our business activities and the personal data processing of the data subjects within the European Economic Area (EEA), UK, Jersey, and Guernsey in the Channel Islands.

Personal Data

Personal data means any information relating to an identified or identifiable natural person. Revoke collects the following categories of personal information:

From Customers:

What Information will we collect about you?

When you set up an account with MyPA website or register for one of our services, we may receive personal information about you. This may include:

  • Your personal data: name, email address, postal address, telephone/mobile number, age, payment processors you utilise, and the company/verifier of your personal data

  • Your Emails, Calendar, Calls and Text

  • The websites, apps, products, services, ads, offers and promotions you have signed up for, download, viewed, visited, liked, and disliked, ordered, enquired about or shown an interest in.

  • Details provided by other companies who have obtained your permission through their own privacy policies to share information about you, including from specialist data companies, or companies you authorise to share their data with Revoke and MyPA.

  • Your interaction with websites, mobile apps and other products and services, including news articles, adverts, promotions, purchases and offers

  • Data we may collect when using our OPTIONAL on-device VPN, when you link your email accounts ,when you link your social media accounts, link to your smart glasses, link to your online supermarket account, link to your bank transaction history via open banking, or when verifying your personal data by photo ID and cookies stored on your device, and websites, apps and/or selected third party websites you use.

  • Information we collect/remember using technologies similar to cookies, such as device identifiers on your mobile device.

  • Your IP address

  • Technical information from your device relating to the service you receive Information relating to the location of your device.

How will we use the information we collect?

We will use it for several purposes including the following:

  • To provide our services, and to deal with your requests and enquiries.

  • To administer our services

  • To contact you.

  • To provide you with information on our services.

  • To personalise the way our age-appropriate services are provided to you, and the AI responses, advertising, promotions and offers you receive.

  • To enable you to share our content with business and other people e.g. using “Email a friend” and “Share this article” or “Share Personal Information”

  • To inform you if you have been successful in any competitions or promotions.

  • To compile customer reviews and conduct marketing research.

  • To understand more about you, such as your location and demographic information.

  • To use IP addresses to block disruptive use, or to gather data as to how our services are being used so that we can report back to advertisers.

  • To analyse and improve the services we offer.

  • To maintain records of our communications with you if you get in contact with us.

  • To provide you with location-based services such as directions, weather information based on your location and advertising, offers and promotions relevant to your location and previous locations.

  • To block disruptive use and ensuring the security of our products and services.

  • To ensure the integrity of votes, competitions and polls.

Will you sell my personal information to anyone else without my authorisation?

No, we do NOT sell, or give, or exchange any personal identifiable information without your explicit consent.

MyPA Website & App utilise Revoke, BLOKK and B2 Software when you create an Account

When you create an Account with the MyPA, we use Revoke software to provide you with fast, seamless age verified, browsing, shopping, payment, purchase, 2FA authorisation, and sign-up experience, on websites and apps.

Once you've created an account with MyPA, any website or app that has implemented Revoke, MyPA, or B2 JavaScript software can automatically verify your age status (e.g., 13+ to 17+, 18+, or 21+) in the background. This eliminates the need for manual age verification. While these sites and apps may request additional information, no personally identifiable data will be shared without your explicit consent.

Websites and apps can request different data per web page, for example:

  • Age: This information is available without interaction with the you, 13+ to 18+ years, or 21+ years: Yes/No/Unknown

  • Data Available: This information is also available without interaction with you and provides the website with a list of the data that is encrypted and available on your device, which will normally include, name, address, email address, contact number, and payment gateways you use; it does NOT transfer your personal data.

  • Data Request: This is when your data is transferred, and MUST be authorised by YOU via Face ID, Touch ID or PIN on your devices or by physically agreeing to the transfer by clicking on “Yes” button to agree to transfer the data, the data transferred includes your verified name, address, email address, and contact number, and cannot be changed by yourself.

From a technical point of view, when you visit a website that has installed the Revoke, MyPA, or B2 JavaScript, you are momentarily redirected to a Revoke, MyPA, or B2 website for the Bank, Telco or KYC company that verified your data, this should not be visible or noticeable by you and takes place in milliseconds.

If YOU authorise the transfer of your encrypted verified personal data stored on your device, is securely transferred data, from a technical point of view, during this process the website passes their Revoke, MyPA, or B2 public key to the browser which decrypts the your data and re-encrypts it with merchant’s B2 public key all within the secure environment of the browser and then passes the data back to the merchant. The merchant can then decrypt your data using their Revoke, MyPA, or B2 private key.

In the case of the “Age and Data Availability” request, these only return true or false and do NOT include your actual personal data.

When a website makes a “Data Get” request which includes sensitive information such as your name, address, email address and contact number, the same process takes place, but the request must firstly be authorised by YOU via Face ID, Touch ID or PIN on your device or by physically agreeing to the transfer by clicking on “Yes” button to agree to transfer the data.

If you have not already signed up for this service, there are various ways in which you can sign up, through participating Banks, Telcos and other organisation, or by verifying yourself with government issued photo ID for free.

Will you share my personal information with anyone else?

No, we do NOT share any personal identifiable information without your explicit consent or required to do so by law.

For providing our services, advertising, promotions and offers, and access to age restricted content to work, the following information is sometimes shared:

  • Your country, location and or IP address

  • Your age, for example 13+ to 18+ or 21+ [Your DOB is never shared]

  • The verified data we hold, including name, address, email address, contact number, but the actual data itself is not shared without your explicit convent

  • Mobile phone operating system, type of mobile device, application version

  • Connection information, browser type and version, operating system.

How Long will you keep my personal information

We will hold your personal information on our systems for as long as is necessary to provide our services to you. Once you notify us that you no longer wish to receive those services, we will delete your information from our system. We will delete that information within 7 working days.

Cookies

Our websites use ‘Cookies’ to record information about your online preferences and allow us to tailor our services accordingly. For example, they may allow us to see whether the device (and probably its user) has visited the website before and so help us to provide you with a better user experience.

This information is not provided to any third party.

You can change your settings and block cookies, but this means that certain personalized features cannot then be provided.

Third-party links

Our Sites may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you.

We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Sites, we encourage you to read the privacy notice of every website you visit.

Third Party Services Working on Our Behalf

We may pass your information to our third-party service providers, or other associated organisations for the purposes of completing tasks and providing services to you on our behalf (for example processing payments and providing technical support).

However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service, and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes.

Please be reassured that we will not release your information to third parties beyond the Revoke group for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.

When you are using our secure online payment system, your payment is processed by a third-party processor, who specialises in the secure online capture and processing of credit/debit card transactions. If you have any questions regarding secure transactions, please contact us.

Revoke’s infrastructure is managed by multiple service providers (For example, Amazon Web Services). However, they do not have access to any personal information and are prohibited to selling or passing on any stored data.

Security Features

MyPA is committed to ensuring the security of your personal data and has implemented appropriate commercially reasonable technical, physical, and organisational measures to prevent unauthorised or unlawful processing of your personal data or accidental loss or destruction of your personal data.

Our website is encrypted using HTTPS (Hypertext Transfer Protocol Secure). In HTTPS, the communication protocol is encrypted using Transport Layer Security (TLS). This provides a secure method of communication with us, and any personal data uploaded onto our website is securely managed by our website data processor services.

Email communications are scanned using the latest version of anti-virus and malware software deployed by our business.

Our computer systems have secure audit trails, and we have robust backup capabilities in place to ensure that our services can continue uninterrupted for our customers.

Management and employees are trained in their data protection responsibilities and obligation to handle personal data in a confidential manner.

Change to This Notice

MyPA may update this Privacy Notice at any time.

Contact Details

EU and UK Representative:

 

If you have any questions, concerns, or complaints with respect to this Privacy Policy or the handling of your privacy or personal information, please contact our data protection manager at dpo@revoke.com

Ground Floor, 5 Bond Street, St Helier, Jersey, JE2 3NP

Registered with the Jersey Financial Services Commission, Registration Number 124314

Making a complaint

The Jersey Office of the Information Commissioner (“JOIC”), Channel Islands, is an independent statutory authority where you can make a complaint or learn more about data protection in Jersey. Their office is located at 2nd Floor, 5 Castle Street, St. Helier, Jersey, JE2 3BT. Their website is  Jersey Office of the Information Commissioner - Home and their telephone number is 01534 716530.

© Revoke Limited 2026

© Revoke Limited 2026

Ground Floor, 5 Bond Street, St Helier, Jersey, JE2 3NP.

 

Registered with the Jersey Financial Services Commission, Registration Number 124314

Navigation

Home

About

Privacy Policy

Terms & Conditions

bottom of page