Privacy policy
1. Pyypl Ltd (“Pyypl” or “we”) provides various payment options for individuals and merchants. Our objective is providing a convenient and innovative service allowing our customer to save time and money via automated and innovative payment systems which are more convenient and effective.
2. Pyypl is regulated by the Abu Dhabi Global Market (“ADGM”) Financial Services Regulatory Authority and holds a permission to provide Money Services.
(Any undefined capitalised terms herein shall have the same meaning as ascribed to them in the Pyypl Customer Terms of Use)
3. We process, inter alia, the following personal data:
Personal information, such as name, job title, position, occupational identity numbers, citizenship, legal residence, bio-metric data, country of issue of passport/national ID, passport/national ID number, business entity (including contact information collected for verification, including on the actual beneficiary);
Contact information e.g. e-mail address, telephone numbers, IP address;
Payment data, such as the account number, our unique transaction code, transaction information, card information, etc.; and
Bank information, such as bank account number, name of bank, purpose of transaction.
4. Pyypl obtains information about you via our App, Website, or direct contact e.g. when you register on the App and provide identification data like bio-metric data, name, address, telephone number, mobile number, email address and place of residence.
5. We also record details about your Pyypl accounts and transactions with us and usage of your device for Pyypl services as well as additional information provided: (a) via communications with you; and (b) through social networks or online accounts and internet cookie information.
5. We also record details about your Pyypl accounts and transactions with us and usage of your device for Pyypl services as well as additional information provided: (a) via communications with you; and (b) through social networks or online accounts and internet cookie information.
6. Pyypl may also obtain information about you from other sources such as credit checking bureaus, identity verification services, or government authorities.
7. As a processor, we obtain personal data from contractual partners. As a controller, we receive personal data directly from the data subject (“you” or “your”). The controller establishes the purposes and means of processing personal data. As a processor, we process personal data according to the written instructions of a controller.
8. Performance of agreements: The main purpose of Pyypl processing your personal data is to document, execute, and perform our contractual obligation to provide you with our services (e.g. to execute national and international transactions via credit institutions and payment systems).
9. Legal obligations: In order for Pyypl to be able to comply with its legal obligations, we process personal data in accordance with applicable laws (including data protection regulations) (e.g. to prevent, discover, investigate, and report potential money laundering or terrorist financing).
10. Legitimate interest: Pyypl processes your personal data for it’s legitimate interests. We have considered this processing to be necessary for the purposes of the legitimate interests pursued by Pyypl, which we have considered to not override your fundamental rights or freedoms associated with your personal data (e.g. to develop, examine and improve our business and services and you user experience by participating surveys, analyses, or statistics).
11. Consent: Pyypl will in some cases ask for your consent to process personal data. Before giving consent, you will be presented with information on the intended processing. Consent can always be withdrawn, and you will be informed of any consequences of such withdrawal.
12. We routinely use your personal information to help us manage and improve our services and your account usage including, for example, to:
enable/route transactions with third-parties such as financial institutions, correspondents, payment intermediaries, card schemes, or other commercial partners (‘Partners’);
provide you with customer support and troubleshoot problems;
notify you about service updates and faults;
request feedback or participation in online surveys;
verify your identity;
monitor and improve our applications, products and websites;
investigate suspicious transactions (flagged internally or by one of our Partners);
resolve disputes with respect to payments involving our Partners;
protect your privacy and prevent fraud, money laundering and tax evasion; or
invoice you or notify you of the status of any service or product orders.
13. With your permission, we also use your information to market and communicate our products and services and promotional offers, contests and similar events, as well as those of approved partners. You can always stop receiving these if you want to, by email and via the app.
14. Pyypl may use analytics partners such as Google Analytics to track volume of usage on internet sites and to help improve the relevance and features of our services to you.
15. Your personal information may, from time to time, be used to meet our regulatory obligations and those of our Partners (as
mandated under applicable jurisdictions). The collection, use and processing of such information may occur for purposes of, including, but not limited to, AML/KYC requirements at the time of onboarding, ongoing monitoring, and for reporting to authorities.
16. We may also process personal data for other purposes. We will attempt to ensure that you are notified of the purposes of processing at the time of obtaining the personal data. If this is not possible or reasonable, then we will attempt to notify you at the first opportunity after obtaining or otherwise processing the personal data.
17. Please keep in mind that due to legal requirements, we may be obligated to disclose or allow access to your personal data for official and supervisory institutions.
18. We may disclose your personal data to persons in the same group of companies as Pyypl, to our processors, as well as persons who are legally entitled to receive such personal data.
19. If we conclude a contract with a processor for processing personal data then we ensure the presence of suitable contractual measures to protect personal data.
20. The App and Website may contain links that will let you leave Pyypl’s App/Website and access another app or website. Such linked apps or websites are not under the control of Pyypl. This Pyypl Privacy Policy applies solely to personal information that is acquired on the Website or through your use of the App, Pyypl products and/or your relationship with Pyypl. Pyypl urges you to be careful when you enter any personal information online outside of our App or Website.
21. By using the App and/or Website you are giving your consent to the use of cookies. You can choose to reject cookies at any time or by ceasing to use the App and/or Website or by using the applicable opt-out functions. You should be aware that certain features of Pyypl’s services are only available through the use of cookies and will no longer be available if you choose not to accept cookies. For more information on the use of cookies, please refer to the Pyypl Cookie Policy available at www.pyypl.com/cookie-policy.
22. Pyypl may from time to time ask you to voluntarily provide information on your experiences which will be used to measure and improve the quality of the App, products and Website. At the time, we will make it clear that you are not obliged to participate in such surveys.
23. Pyypl may also contact you about faults and service issues or any misuse or claims of violation raised by any third-party.
24. Pyypl may also keep you up to date with news about the Pyypl products that you have purchased and/or to inform you about other Pyypl products or other Pyypl related information. You can opt-out of the receipt of alerts and/or promotional emails.
25. Pyypl will retain your personal data for as long as is necessary to comply with applicable laws, regulations, and relevant orders from government authorities.
26. If requested, Pyypl will do its best to delete obsolete personal data unless it is required to be retained by law or for lawful business purposes.
27. Pyypl may occasionally update this Privacy Policy to reflect: (a) changes in our software and/or products; (b) customer feedback; or (c) legal requirements. The “last revised” version is the one accessible on our App and Website.
28. We will notify you of any material changes to the Privacy Policy.
29. We encourage you to periodically review this Privacy Policy to be informed of how Pyypl is collecting, using, and protecting your information.
30. As a general rule, we process personal data within the ADGM. Pyypl transfers your personal data outside of the ADGM only in exceptional cases and subject to condition that there is a legal basis and one of the following conditions is met:
The country outside of the ADGM where the controller or processor is located has adequate level of data protection as decided by the Commissioner of Data Protection.
The controller or processor has provided appropriate safeguards, for example, the agreement that includes the E.U. Standard Contractual Clauses or other acceptable contractual clauses, approved codes of conduct, or certification mechanisms
There are derogations for specific situations applicable, for example, your explicit consent, performance of a contract with you, conclusion or performance of a contract concluded in your interest, establishment, exercise or defense of legal claims, important reasons of public interest.
Upon request, you can receive further details on your personal data transfers to countries outside of ADGM.
30. As a general rule, we process personal data within the ADGM. Pyypl transfers your personal data outside of the ADGM only in exceptional cases and subject to condition that there is a legal basis and one of the following conditions is met:
The country outside of the ADGM where the controller or processor is located has adequate level of data protection as decided by the Commissioner of Data Protection.
The controller or processor has provided appropriate safeguards, for example, the agreement that includes the E.U. Standard Contractual Clauses or other acceptable contractual clauses, approved codes of conduct, or certification mechanisms
There are derogations for specific situations applicable, for example, your explicit consent, performance of a contract with you, conclusion or performance of a contract concluded in your interest, establishment, exercise or defense of legal claims, important reasons of public interest.
Upon request, you can receive further details on your personal data transfers to countries outside of ADGM.
32. You have the following rights regarding your personal data:
The right to review personal data – You have the right to know which personal data of yours we store and how we process it, including the right to know the purpose of processing, persons to whom personal data is disclosed, information on making automated decisions and the right to request copies of personal data.
The right to amend personal data – You have the right to request that insufficient, incomplete and untrue personal data be amended. Your user profile is the information provided by you at registration which is on the personal details page in your account. You can access and update your user profile from the App or Website.
The right to withdraw consent to process personal data – – You have the right to know which personal data of yours we store and how we process it, including the right to know the purpose of processing, persons to whom personal data is disclosed, information on making automated decisions and the right to request copies of personal data.
The right to deletion of personal data – You have the right to request that we delete your personal data (e.g., if you withdraw consent to processing of personal data or if personal data is no longer needed for the purpose for which it was collected). We have the right to refuse to delete personal data if processing of personal data is necessary to perform our legal obligations, exercise the right to freedom of speech and information, prepare, submit and defend legal claims, or in the public interest.
The right to restrict processing – In certain cases, you have the right to prohibit or restrict the processing of your personal data for a certain period of time (e.g., if you have objected to data processing).
The right to object – You have the right to object to the processing of your personal data if the processing of your data is carried out based on our justified interest or public interest. Processing of data for the purpose of direct marketing may be objected to at any time and we will address the same upon your objection.
The right to transfer of data – – If the processing of your personal data is based on your consent and personal data are processed automatically, then you have the right to obtain personal data concerning you, which you have submitted to us as controller, in a structured, generally used format and machine-readable form, and you have the right to forward personal data to another controller. You also have the right to request that we forward personal data directly to another controller if this is technically viable.
Making automated decisions (including profile analysis) – If we have informed you that we carry out decisions based on automated processing (including profile analysis) which results in legal consequences that concern you or has a significant impact on you, then you may request that an automatic decision not be made based on automated processing alone.
Submitting a complaint. – You have the right to submit a complaint against us regarding the processing of personal data to the Commissioner of Data Protection https://www.adgm.com/operating-in-adgm/office-of-data-protection.
33. If you want to exercise any of your rights with respect to personal data or ask questions about the terms and conditions of data protection, please send us an inquiry by e-mail at dpo@pyypl.com. We will respond to your inquiry by e-mail within one month. Please keep in mind that we have to verify your identity before we can issue any requested information regarding your personal data.
34. The contact information of Pyypl is available at our website.
35. The email address of our data protection officer is dpo@pyypl.com.
© Pyypl – Last revised: January 2023