UNIPaaS Privacy Policy
This privacy policy (“Privacy Policy”) details how your personal data (as defined below) is collected via the Services (as defined below), is used and processed by UNIPaaS Payments Technologies Ltd., and its affiliates ("Company" or "us" or "we" or "our").
Important: when you visit our website, all main domains and subdomains, including portal and documentation (“Website”), use any of our applications or technology on the Website, or provide information to us via the Website or via any of our related applications or technology (collectively "Services"), you ("you") give your consent to the terms and conditions of this Privacy Policy, our cookie policy at cookie policy, our terms of use at terms. This is in addition to any other contract we may have with you including, without limitation, a platform agreement, a sponsored merchant services agreement, or a payments gateway services agreement, and their related privacy agreements, and you consent that certain personal data that you submit or that is processed, used or collected through the Services, may be processed, used or collected by the Company in the manner and for the purposes described in this Privacy Policy.
Note: if you have signed with us a platform agreement or a merchant services agreement or a gateway services agreement and you have visited and shared information on the Website (or via our related applications or technology), you shall be bound by the privacy terms in those agreements and by the privacy addendum and/or data processing agreement that you have signed with us in addition to this Privacy Policy, as applicable.
We define "Personal Data" to mean any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, economic or social identity of that natural person.
You are not legally required to provide us with personal data, however, due to regulatory and legal obligations, our Services require you to do so pursuant to this Privacy Policy (depending on the services and type of personal data). In these cases, if you choose to withhold or delete any personal data requested by us, we may not be able to provide you with our Services or allow you to access our Services. If you do not agree to the terms and conditions set forth herein please do not use the Services.
Our Services may involve a transfer of data across international borders, as well backing up of data at our secured data centers in the EU & UK. This means that data may be transferred, processed and stored outside the EU, the European Economic Area (EEA) and Switzerland. By submitting your data directly or through a third party such as a digital platform you are agreeing to such transfer, processing and storage.
We act as a technology provider supplying secure online and mobile digital payment gateway and processing services to individuals and businesses known as merchants for the purpose of directly selling their goods and services to their customers or through other digital platforms such as marketplaces and software providers (“Payment Services”).
We recognize that privacy is important. This Privacy Policy applies to all of the software, services, information, tools, features, data and functionality available on the Services and covers how Personal Data that the Company collects and receives, including in respect of any use of the Services, is treated. If you have any questions about this Privacy Policy, please feel free to contact us at: legal@unipaas.com.
- Personal Data We Collect and How We Use It. The personal information collected by us depends on how you are using our Services. To provide and improve our Services and to comply with regulatory requirements, we collect and process Personal Data, including the types of Personal Data described below.
Summary: We collect personal data about our customers and their customers. We also collect personal data provided by our customers.
We use Personal Data to provide and improve our Services, and to meet our contractual, ethical and legal obligations.
1.1. Information You Provide
1.1.1. When you signin/signup/login to the Website (portal) we ask you to provide Personal Data, which may include: shareholder information, email address, mailing address, bank account number, first name, last name, passport copy or other ID (as a driver's license), date of birth, etc. We ask this to allow you to test our Payment Services and/or to satisfy Company's regulatory requirements. From time to time based on specific regulations, we may request such additional information as prescribed by such regulation.
1.1.2. If you are a payer (customer) utilizing the Payment Services, we may ask you to provide the following Personal Data in order for the Company to provide the Payment Services: credit card number, name, home address, billing address, shipping address, location, email address, type of bank, bank account and sort code , and transaction logs.
1.1.3. You may provide us with Personal Data such as your name, email, job title, phone number, when you fill out any of our online forms.
1.1.4. You may provide us Personal Data as a career candidate if you applied to any of the open positions published on the Website by email or otherwise. We are committed to keep candidates Personal Data private and use it solely for our internal recruitment purposes, which may include, identifying candidates, evaluating applications, making hiring and employment decisions, and contacting candidates by phone or by other means. If you previously submitted your Personal Data to us, and now wish to access it, update it or have it deleted from our systems, please contact us at legal@unipaas.com.
1.2. Third Parties. We sometimes supplement the information that you provide with information that is received from the Services through an application programming interface. If you provide your Personal Data to Company’s customers (e.g. merchants and digital platforms) we may receive information from these respective customers, including, device details, browser details, IP address, expiration date of credit card, and cardholder name.
1.3. User Information. When you use our Services, we may automatically receive and record information from your browser, including without limitation information and statistics about your online status, your IP address, internet service provider, search history, type of browser, location, device details, browser ID, device ID, cookie information, regional and language settings and software and hardware attributes, network status, and operating system information. Our systems may automatically record and store technical information regarding the method and nature of your use of the Services. An IP address is a numeric code that identifies your device on a network, or in this case, the Internet. Your IP address is also used to gather broad demographic information.
User communications. When you send an email or other communication to the Company, we may retain those communications to process your inquiries, respond to your requests and improve our Services. We may send you push notifications to send you news and updates related emails and notifications in respect of the Services. We may also send you newsletters and promotional communications if you joined our mailing list, you may opt out of this service at any time by submitting a request at the following link: contact@unipaas.com.
1.4. Aggregate and Analytical Data. In an ongoing effort to better understand and serve the customers of the Services, we often conduct research on our customer demographics, interests and behavior, use of the Services, and other statistics, based on the Personal Data and other information provided to us. This research may be compiled and analyzed on an aggregate basis, and we may share this aggregate data with our affiliates, agents, and business partners. This aggregate information does not identify you or any other individual personally. We may also disclose aggregated user statistics to describe our Services to current and prospective business partners, and to other third parties for other lawful purposes.
- Our Lawful basis for processing
To enable our processing of your Personal Data we rely upon a number of legal bases.
2.1. Contract. Processing Personal Data for performance of a contract with data subjects, including prospective clients, for pre-contractual and contractual obligations. This may include evaluation of clients or other data subjects applications; forming an account with us; conduct auditing, accounting and billing activities; expanding our Services use, processing of payments (including fraud detection and prevention) and related payment Services and communications regarding such payments.
2.2. Compliance with Legal Obligation. Processing Personal Data to comply with laws regarding identification and reporting of unlawful and illegal activity, such as Anti-Money Laundering and Know-Your-Customer obligations, financial reporting, fraud monitoring, prevention and detection obligations. These may apply to us by law and/or regulations and by third parties as they are required by law. In this regard, we may be required to provide compliance reports and audits to third parties.
2.3. Legitimate Interests. Processing Personal Data based on our legitimate business interests, as long as its allowed under applicable law, for the following purposes: evaluation of suitability for current and new products and services; monitoring, detection and prevention of fraud and/or unlawful transactions; evaluation and mitigation of liabilities financial loss, claims, or any other harm to UNIPaaS; response to inquiries; customer support; service notices; analyzing and advertising the Services; improvement of our services, systems and tools and their reliability; develop new products and services; optimizing digital assets; operation and improvement of performance of our service and the Website; analysis and development of business intelligence based on aggregate data to improve decisions and performance of the business; sharing of Personal Data with third parties for operating our services; share Personal Data among our affiliates; applying network and information security to data and services; and Share Personal Data among our affiliates
2.4. Consent. Processing Personal Data to communicate with you and for the provision of our services. If the processing is based on your consent, you have the right to withdraw your consent at any time. The withdrawal will not affect the lawfulness of use based on consent before its withdrawal. In this regard please see your rights further below.
- Cookies and Web Beacons
Summary: We use cookies and similar technologies on our Services. You can disable cookies but then your online experience on our Services will be limited.
To collect or use the data described herein, we may use temporary cookies that remain on your browser for a limited period of time. We may also use persistent cookies that remain on your browser until the cookies are removed via your browser's settings, to manage and maintain the Services, record your use of the Services and content you may have gained access to, and to understand the usage trends and preferences of our users. Cookies by themselves cannot be used to discover the identity of the user. A cookie is a small piece of information which is sent to and stored on your browser. Cookies do not damage your browser. Most browsers enable you to block cookies but you may not be able to use some features on the Services if you block them. You may set most browsers to notify you if you receive a cookie (this enables you to decide if you want to accept it or not). We may also use web beacons via the Services to collect information. Web beacons or "gifs", are electronic images that may be used in our Services or in our emails. We use web beacons to deliver cookies, count visits and to tell if an email has been opened and acted upon. We may use third-party cookies.
- Links. Links to third-party services, widgets, features, sites, and applications may be provided by the Company as a convenience to our users. The Company is not responsible for the privacy practices of other sites and applications and you visit them at your own risk. This Privacy Policy applies solely to Personal Data collected or used by us.
- Age Restriction. If you are a minor under the age of 18, you must obtain parental consent prior to using our Services. The Company will not knowingly market, contact, or engage with minors under the age of 18 without said parental consent and does not intentionally gather, collect/use or share Personal Data from minors under the age of 18 without such consent. If you have reason to believe that a child has provided us with their Personal Data, please contact us at the address provided herein and we will endeavor to delete that Personal Data from our databases.
- Personal Data Sharing
Summary: We may transfer your Personal Data to third parties who assist us in providing the Services. We have a contract with those third parties to govern their processing on our behalf. We may also transfer and share all or part of the Personal Data to comply with legal and regulatory requirements which apply to us. We may also transfer Personal Data to comply with any obligations by which we are bound to an investor, a shareholder, or in connection with a merger or acquisition or similar transaction. As part of providing the Services, our affiliates, agents, representatives, and third party providers may have access to your Personal Data in the following circumstances: (a) as required for the provision, maintenance and improvement of the Services; (b) when permitted by you; (c) if we become involved in a reorganization, merger, consolidation, acquisition, or any form of sale of some or all of our assets, whether to a foreign, local, public or private entity; (d) to satisfy applicable law or prevention of fraud, harm, security or technical issues, to enforce applicable agreements and/or their terms, including investigation of potential violations thereof or in response to a court order, judicial or administrative subpoena or warrant, or to otherwise cooperate with law enforcement investigations; and/or (e) to our affiliates, customers or other third-party service providers for the purpose of processing Personal Data on our behalf, storage, and fraud detection. We require that these parties agree to process such Personal Data based on our instructions and in compliance with this Privacy Policy and any other appropriate confidentiality and security measures.
- Data Security. We follow generally accepted industry standards to protect against unauthorized access to or unauthorized alteration, disclosure, or destruction of Personal Data. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security. We retain your Personal Data only for as long as reasonably necessary for the purposes for which it was collected or to comply with any applicable legal or ethical reporting or document retention requirements.
- Data Retention
We retain Personal Data only for as long as necessary to meet our legal and regulatory obligations, which for different types of Personal Data, may be different periods.
8.1. Company will retain Personal Data in accordance with its record retention policy. Personal Data associated with Company's customers will be retained for the duration required by Company to comply with regulatory requirements. Company performs periodic reviews of its databases and has established specific time limits for data retention, based on the criticality of the Personal Data and the purposes of the data processing. We will also retain Personal Data to meet any legal, regulatory, commercial audit, commercial or legal compliance requirement, and business best practices.
8.2. Personal Data with respect to which Company is the processor will be deleted only on instruction of the controller, except where such data must be retained by Company, in Company’s judgment, as above.
8.3. Personal Data that is no longer retained will be anonymized or deleted. Non-personal, non-identifiable, metadata, and statistical information concerning the use of our Services are retained by the Company indefinitely. Some Personal Data may also be retained on our third-party service providers' servers until deleted in accordance with their privacy policy and their retention policy.
- Data Integrity. The Company processes Personal Data only for the purposes for which it was collected or used and in accordance with this Privacy Policy or any other applicable agreements. We review our data collection, usage, storage, and processing practices to ensure that we only collect, use, store and process the Personal Data needed to provide or improve our services. We take reasonable steps to ensure that the Personal Data we process is accurate, complete, and current, but we depend on our users to update or correct their Personal Data whenever necessary. Nothing in this Privacy Policy is interpreted as an obligation to store Personal Data, and we may, at our own discretion, delete or avoid from recording and storing any and all information.
- Your Rights
10.1. Right of Access and Rectification. You have the right to know what Personal Data we collect about you and to ensure that such data is accurate and relevant for the purposes for which we collected it. We allow our users the option to access and obtain a copy of their Personal Data and to rectify such Personal Data if it is not accurate, complete or updated. However, we may first ask you to provide us with certain credentials to permit us to identify your Personal Data.
10.2. Right to Delete Personal Data or Restrict Processing. You have the right to delete your Personal Data or restrict its processing. We may postpone or deny your request if your Personal Data is in current use for the purposes for which it was collected or for other legitimate purposes such as compliance with legal obligations.
10.3. Right to Withdraw Consent. You have the right to withdraw your consent to the processing of your Personal Data. Exercising this right will not affect the lawfulness of processing your Personal Data based on your consent before its withdrawal.
10.4. Right of Data Portability. Where technically feasible, you have the right to ask to transfer your Personal Data in accordance with your right to data portability.
You may exercise the above rights by sending a request to legal@unipaas.com.
10.5. Right to Lodge Complaint. You also have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your Personal Data.
- Enforcement. The Company regularly reviews its compliance with this Privacy Policy. Please feel free to direct any questions or concerns regarding this Privacy Policy or our treatment of Personal Data by contacting us as provided above. When we receive formal written complaints, it is the Company's policy to contact the complaining user regarding his or her concerns. We will cooperate with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of Personal Data that cannot be resolved between the Company and an individual.
- Changes to This Privacy Policy. The Company may update this Privacy Policy. We will notify you about significant changes in the way we treat Personal Data by sending a notice to the primary email address specified in your account or by placing a prominent notice on the Services, or by means of a notice on Website. We encourage you to periodically review this Privacy Policy for the latest information about our privacy practices.
- Consent to Processing. By providing any Personal Data to us pursuant to this Privacy Policy, You (including customers/payers), including, without limitation, in the United Kingdom, United States, Israel, and member states of the European Union, fully understand and unambiguously consent to this Privacy Policy and to the collection, usage, and/or processing of such Personal Data abroad. The server on which the Services are hosted and/or through which the Services are processed may be outside the country from which you access the Services and may be outside your country of residence. Some of the uses and disclosures mentioned in this Privacy Policy may involve the transfer of your Personal Data to various countries around the world that may have different levels of privacy protection than your country and may be transferred outside of the European Economic Area (EEA). If there is a transfer of your Personal Data outside the EEA, the relevant EC Adequacy decision or the UK International Data Transfer Agreement; or/and UK Addendum to the new EU Model Clauses; or any replacement standard contractual clauses (or equivalent) adopted by the UK, shall apply and they are incorporated herein. In absence of such decision/clauses/agreement/addendum relevant to the destination country or to the transfer, the Company shall seek to rely on appropriate safeguards such as appropriate EC approved standard contractual clauses (see http://ec.europa.eu/justice/data-protection/international-transfers/transfer/index_en.htm), or other measures. You hereby acknowledge, and agree that we may collect, use, transfer, and disclose your Personal Data as described in this Privacy Policy.
- Questions. If you have any questions about this Privacy Policy or concerns about the way we process your Personal Data, please contact us at legal@unipaas.com.
Last Date Updated: October 25, 2022.