Privacy Policy

PayMate Payments Services Provider LLC [ “PayMate” ‚ “we” or “us” ] is committed to protecting your Personal Data and privacy. This Privacy Policy is designed to help you understand how we may collect, Process, store and use the Personal Data you provide to us and to assist you in making informed decision while using our Services.

This Privacy Policy has been developed for purposes of compliance with Federal Decree-Law No. 45 of 2021 on Personal Data Protection (PDPL), and the Personal Data protection-oriented provisions present in the Consumer Protection Regulation and Consumer Protection Standards, as far as applicable. The Privacy Policy shall serve as part of your initial customer relationship with us and our ongoing commitments to you.

Without information about you, we may not be able to provide you with the Services or the support you request or require. Some of the information we obtain is collected to comply with applicable laws and regulations, including anti-money laundering laws. This Policy explains:

• The types of Personal Data we collect about you;
• How we use Personal Data about you;
• Types of third parties with whom Personal Data is disclosed; and
• How we protect your Personal Data.

The details of what Personal Data will be Processed and which method will be used depend significantly on the Services applied for or agreed upon. We therefore ask you to familiarize yourself with this Privacy Policy, which shall also serve as a data privacy notice.

PayMate Associates shall mean such entities that provide joint services with PayMate, including banks and third-party service providers such as operators of payment gateways or such other vendors engaged by PayMate to provides its services. Please note that any reference made to “third parties” in this Privacy Policy includes such entities.

Services means any services, and all related PayMate platforms, applications and services offered to you by PayMate in connection with your PayMate account.

Personal Data/Personal Data means any information relating to an identified natural person or identifiable natural person. An identifiable natural person is defined as a natural person who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to their biological, physical, biometric, physiological, mental, economic, cultural or social identity. “Personal Data” can include name, postal address (including billing and shipping addresses), telephone number, email address, credit card number, bank account number, other financial account information, date of birth, and government-issued credentials (e.g., driver’s license number, passport etc.). Personal Data does not include information that does not identify a specific natural person.

Process/Processing means any operation or set of operations which are performed on Personal Data including the collection, storage, recording, organisation, adaptation, modification, circulation, alternation, retrieval, exchanging, sharing, use, characterisation, disclosure by transmission, dissemination, distribution, or otherwise making available, alignment or combination, restriction, withholding, erasure, destruction, or creating models of Personal Data.

Sites means PayMate’s Platform, official social media portals, or other online properties through which PayMate offers the Services. This includes online properties that have posted this Privacy Policy or have made any reference to this Privacy Policy.

Your Personal Data is collected and Processed in accordance with the relevant data protection principles, including: lawfulness, fairness and transparency; purpose limitation; collection limitation; data minimization; accuracy; rectification measures; storage limitation; integrity and confidentiality (security); with all relevant laws and regulations considered; and however applicable.

You are advised to read this Privacy Policy carefully. By accepting this Privacy Policy and the Terms and Conditions of Use, you expressly consent to our collection, storage, Processing, use and disclosure of your Personal Data as described herein. If you do not feel comfortable with any part of this Privacy Policy, or our Terms and Conditions of Use (here), you must not use or access our Platform.

By applying or signing up for our Services, you authorize and consent to our obtaining from, and disclosing to, third parties any Personal Data about you in connection with identity/account verification, fraud detection, or as may otherwise be allowed or required by applicable law. You hereby represent that you possess the legal authority to enter into these terms on your behalf or on your organization’s behalf (if applicable) and to provide Personal Data pertaining to your organization’s directors/principals and beneficial owners, as required under applicable law. The collection of information pertaining to natural persons such as directors and beneficial owners is necessary for us to comply with the applicable anti-money laundering legislation and regulations.

You can withdraw your consent. Such withdrawal will not affect the lawfulness of Processing based on previously recorded consent. Such withdrawal will take effect within 30 calendar days of submission of the request. If you wish to submit such a request, please contact us at  support@paymate.ae. Please note that the withdrawal of your consent may hinder our ability to provide our Services to you. Therefore, at PayMate’s discretion, withdrawal of consent may be permitted by PayMate only after the closure of your PayMate account.

The specific Personal Data we collect, the method by which we collect such data, the purposes for which we collect such data, how we share such data, and how long we retain such data is explained individually, specifically for your clear, simple, and withdrawable consent below in this Privacy Policy.

We may revise this Privacy Policy from time to time to reflect changes to our business, the Sites/Services, or laws that may be applicable from time to time. The revised Privacy Policy will be effective as of the published ‘Effective Date’. If any material changes are made to this Policy, the changes may be prominently posted on the affected or relevant Platform. Further, the revised terms will be notified once you log in to our Sites. The onus is on you to occasionally familiarize yourself with the contents of this Privacy Policy, for your own information.

We collect the following Personal Data about you:

1. When you set up an account on the Platform, avail any Service or download/access any component of our Platform, we shall collect the following Personal Data: name, postal address, age, mobile/telephone number, email address, and other identification information necessary to set up the account. Since PayMate primarily operates in the B2B segment, in addition to the aforementioned Personal Data, we also collect information that does not directly relate to an identifiable natural person. This information includes financial statements, bank statements, your bank account details, tax returns, communication address and other information pertaining to the organisation (legal person) that is being registered by you. We also collect Personal Data pertaining to directors and ultimate beneficial owners of the organisation being registered.
2. After obtaining your consent at the time of registration, we also access the following information: Device ID for mapping the application to the device on which it is registered; SMS for entering the activation code directly in the application during the activation; details of the browser, operating system, domain name, IP address and mobile application version; and gallery and camera input while uploading KYC documents and when you upload an invoice.
3. When you access our Platform, to receive money, to process payments, or to send money, we may collect information about the transaction, as well as other information associated with the transaction. This includes the amount sent or requested, amount paid for products or services, merchant information, information about any funding instruments used to complete the transaction, device information, technical usage data, and geolocation information.
4. When you use our Services, we shall collect Personal Data that you provide about the other participants associated with a transaction, including name, postal address, telephone number, and financial account information about the payee/payer who is receiving money from or sending money to you/your organization (as applicable).
5. We may collect additional information from or about you or your organization when you communicate with us, contact our customer support teams or respond to a survey.
6. We may also collect and retain or use information relating to the supplier or vendor, which may contain their Personal Data as may be required. You shall ensure that the supplier or vendor has provided requisite prior written consent to share the same. We shall not be legally liable for any failure to take such consent on your part.
7. By choosing to provide this Personal Data, you expressly consent to the transfer and storage of that Personal Data on PayMate/ PayMate Associate servers.

When you register for an account, we collect basic Personal Data about you. You may also upload data or post various queries. Further, if you correspond with us via email, we may gather in a file specific to you/your organization the information that you submit. This includes information, that may include Personal Data, provided for support purposes. This includes the information mentioned under paragraph 9(d) (Personal Data we collect) of this Privacy Policy.

We also may receive and store certain Personal Data about you and your device(s) automatically when you access or use our Services on your behalf or your organization’s behalf. This Personal Data may include:

1. Technical information: We collect technical information associated with your activity on our Sites and may include information related to your browser and operating system, IP address (the internet address of your computer) unique device identifiers, and other information such as your device type.
2. Site usage information: We collect information to better understand customer traffic patterns and site usage. This may include the webpage that you were visiting before accessing our Platform and the pages or features of our Platform you browsed. This information is collected to inform us which part of our Platform you visit and how much time you spend there.

Third parties: We collect information which may include Personal Data from third-party partners who have your consent to provide us this information, and if you have given us consent to collect such information. We will gather information from third parties and PayMate Associates who you have authorized to collect, Process and share your Personal Data.

Proprietors, directors, and beneficial owners of registered businesses: If you are a proprietor, director, or beneficial owner of an organization that is using our Services, your Personal Data has been collected from the person registering your organization on your behalf. This Personal Data is Processed by us for anti-money laundering.

We shall retain Personal Data to fulfil our legal or regulatory obligations and to enable us to provide you and your organization seamless Services. PayMate may retain Personal Data for longer periods than you consent for if permitted by law. If your/your organization’s account is closed, we may take steps to mask Personal Data and other information, but we reserve our ability to retain and access the Personal Data for compliance with applicable law. We will continue to use and disclose such Personal Data in accordance with this Privacy Policy, if so required, and permitted by applicable law.

We use Personal Data for varied reasons:

1. to provide and improve the Services you and your organization request;
2. to perform creditworthiness and other financial standing checks, evaluate applications, and compare information for accuracy and verification purposes;
3. to tailor and customize the experience at our Platform.
4. to provide you and your organization with content that we think you might be interested in and to display content according to your and your organization’s preferences.
5. to resolve disputes;
6. to troubleshoot problems;
7. to promote safe Service;
8. to measure consumer interest in our Services;
9. to inform you and your organization about online and offline offers, products, services, and updates;
10. to detect and protect us against error, fraud and other criminal activity;
11. to comply with the relevant laws and regulations and enforce the terms of use;
12. for other reasons mentioned in paragraph 9 (Personal Data we collect) of this Privacy Policy.

When you utilize our Platform or send emails or other data, information or communication to PayMate or any PayMate Associates, you agree and understand that such information and data may be communicated through a third-party portal controlled by a PayMate Associate through electronic records. You hereby consent to receive communications via electronic records from such PayMate Associates periodically. Upon registration with PayMate, you agree that you shall be contacted on your mobile or e-mail address for authentication of a transaction, for updating your content to provide features which PayMate believes may benefit you or for the purpose of receiving promotional messages.

Your Personal Data shall remain with PayMate and PayMate Associates. We do not sell or rent Personal Data to anyone. We may also collect and retain or use information relating to the supplier or vendor as may be required. You shall ensure that the supplier or vendor has provided requisite prior written consent to the same. We shall not be legally liable for any abstinence to take such consent on your part.

We may also create, Process, collect, use, and share aggregated, anonymized, or de-identified data such as statistical or demographic data for any purpose which may be derived from your Personal Data. We may use this data to comply with legal or regulatory obligations.

We may share such data with members of our group, service providers and our key partners. Some of these third parties may be in a jurisdiction outside the laws as stated in this Privacy Policy, in which case we will take all necessary steps to ensure that your Personal Data is treated securely and that such transfers are permitted under the applicable Personal Data protection laws.

We may also use any or all such data to administer and manage our business in general, to detect and prevent misuse of our Services (including fraud and unauthorized payments), and to enforce our Terms and Conditions of Use or any other contract to which we may be a party to.

If you fail, neglect and/ or refuse to, or are unable to provide us any Personal Data which we necessarily need to provide you with Services, or which we need to collect by law (for example: identification information for anti-money laundering obligations), we may not be able to provide you Services. In this case, we have the right to discontinue the provision of Services to you and/or close your account. In such a situation, we will notify you at the earliest.

We provide all cardholders with the opportunity to opt-out of receiving non-essential (promotional, marketing-related) communications from us on behalf of our partners, and from us in general, after setting up an account. If you want We may collect and Process some of your Personal Data without your consent; and only where this is required or permitted by law (for example: data pertaining to proprietors, directors, and beneficial owners of registered businesses to comply with AML/CFT requirements). We may be compelled to surrender your Personal Data to legal authorities without your express consent, if presented with a court order or similar legal or administrative order, or as necessarily required or permitted by the laws, rules and regulations of any nation, state, or other applicable jurisdiction (for example: anti-money laundering obligations and requirements). Other situations where your Personal Data may be Processed without your express consent include without limitation:

• Where Processing is related to Personal Data made publicly available by you;
• Where Processing is necessary to initiate or defend procedures relating to claim of rights and legal actions or are associated with legal or judicial procedures;
• Where Processing is necessary for the performance of any contract entered into where you are a party or for taking any action upon your request for concluding, amending or terminating such contract; and
• Where Processing is necessary for public interest.

to remove your contact information from all our lists and newsletters, please visit unsubscribe.

Any third-party that receives or has access to Personal Data is required to protect such Personal Data and use it only to carry out the services they are performing for you or for PayMate, unless otherwise required or permitted by law. We shall ensure any such third-party is aware of our obligations under this Privacy Policy. Further, we enter into contracts with such third parties by which they are bound by terms no less protective of any Personal Data disclosed to them than the obligations we undertake to you under this Privacy Policy or which are imposed on us under applicable Personal Data protection laws. In case of termination of our business relationships with such third parties we shall ensure that all your Personal Data is either retrieved from such third-party or is destroyed. We shall also confirm in our contracts with such third parties that the third-party does not have the right to use such data for unauthorized purposes.

With your prior consent, we may disclose relevant Personal Data:

• to PayMate Associates and our suppliers or subcontractors as reasonably necessary for providing our Services to you.
• where we are legally required to do so, to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order (including in response to public authorities to meet national security or law enforcement requirements), or where we find it is necessary to investigate, prevent or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved disclose your Personal Data. Additionally, we may disclose your Personal Data to enforce our Terms and Conditions of Use, or to protect our rights, safety, and security, and that of our users, other persons or the public. In this regard, Personal Data may be disclosed to a quasi-judicial authority, law enforcement agency, relevant wing of the government, credit rating agency, PayMate’s Associates, or your employer.
• where it is considered necessary to do so for proper management of credit or business risk.
• in connection with, or during negotiations of, any merger, sale of PayMate’s assets, financing, acquisition of all or a portion of our business to another company, any dissolution transaction or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business or assets. In the event of an insolvency, bankruptcy, or receivership, your Personal Data may also be transferred as a business asset forming part of our good will. If another company acquires us, our business or assets, that company will possess the Personal Data collected by us and will assume the rights and obligations held by us regarding your Personal Data.
• where we use third-party advertising companies to serve ads when you visit the Platform or use the Services. These companies may use Personal Data about your visits to our Platform to provide advertisements about Services of interest to you, provided you have consented to the same.
• governmental bodies and regulatory authorities, judicial bodies, our associates, agents, attorneys, or other representatives for compliance with legal obligations to which we are subject or for the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. Such Personal Data may be shared even without your prior consent;
• our group companies, including our affiliates, for rendering our Services, compliance with applicable laws and improving the quality of our Services;
• other users of our Services with whom you interact through your own use of our Services. For example, we may share Personal Data when you make a transaction.

PayMate will not sell or rent your Personal Data to third parties for their marketing purposes without your explicit consent. PayMate will only disclose your Personal Data in accordance with this Privacy Policy. If there is a requirement to use it for any other purpose, your express consent will be obtained.

Your Personal Data is stored and transferred in compliance with the applicable legislation or regulations of every jurisdiction in which we operate. Further, we will comply with GDPR requirements as applicable. PayMate is a fast-growing international company with various global partnerships. You should be aware that certain PayMate Associates, such as payment gateways and other payment transaction processors, may be located in, or have facilities that are located in, a different jurisdiction than either you or us. If you wish to procure specific information about the PayMate Associate with whom your Personal Data has been shared, please contact us at support@paymate.ae. Therefore, if you elect to proceed with a transaction that involves the services of a PayMate Associate, then your Personal Data may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located. For example, if you are located in the UAE and your transaction is processed by a payment gateway located in India, then your Personal Data used in completing that transaction may be subject to disclosure under Indian legislation. For these providers, we recommend that you read their privacy policies, so you can understand the manner in which your Personal Data will be handled by these providers. Please note that all Personal Data relating to customers that are individual persons or sole proprietorships shall primarily be stored in in the UAE.

We may allow certain PayMate Associates to deliver content and advertisements in connection with our Services and to provide anonymous site metrics and other analytics services. These third parties may use cookies, web beacons, and other technologies to collect Personal Data, such as your IP address, identifiers associated with your device, other applications on your device, the browsers you use to access our Services, webpages viewed, time spent on webpages, links clicked, and conversion information (e.g., transactions entered into). This Personal Data may be used by us and PayMate Associates on our behalf to analyze and track usage of our Services, determine the popularity of certain content, deliver advertising and content targeted to your interests, and better understand how you use our Services. PayMate Associates are bound by confidentiality obligations and applicable laws with respect to their use and collection of your Personal Data. This Privacy Policy does not apply to, and we are not responsible for, third-party cookies, web beacons, or other tracking technologies, which are covered by such third parties’ privacy policies. For more information, we encourage you to check the privacy policies of these third parties to learn about their privacy practices.

Our Platform and communications may contain links to other third-party websites which are not owned or operated by us and are regulated by their own privacy policies. If you click on a third-party link, you will be directed to that third-party’s platform. We strongly advise you to review the privacy policy of every platform you visit.

This Privacy Policy does not apply to, and we are not responsible for the privacy policies of these third-party websites regardless of whether they were accessed while using links from our Platform or communications. These platforms are typically used for the following:

• Advertising, direct marketing, lead generation and other marketing service providers;
• SMS and email notification service providers;
• International payment networks;
• Foreign and domestic financial and credit institutions; and
• Auditors.

You have the following rights with respect to your Personal Data:

If you are a citizen of a European Union member state, you have a right to know:

• Our identity and the contact details and those of our European representative;
• The contact details of our data privacy officer;
• The purposes of the Processing your Personal Data as well as the legal basis for the Processing;
• The legitimate interests pursued by us or by a third party who Processes your Personal Data;
• The recipients or categories of recipients of your Personal Data;
• Our intention to transfer your Personal Data to a third country or international organization and the existence or absence of an adequacy decision by the relevant supervisory authority, or where applicable, reference to the appropriate safeguards and the means to obtain their copy;
• The period for which your Personal Data will be stored, or if that is not possible, the criteria used to determine that period;
• The existence of your right to withdraw consent for Processing based on such consent;
• The existence of your right to request from us access to and rectification or erasure of Personal Data or restriction of Processing concerning you or to stop/object to Processing as well as the right to data portability;
• The existence of your right to lodge a complaint with a supervisory authority;
• Whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obligated to provide the Personal Data and of the possible consequences of failure to provide such data;
• The existence of automated decision-making, including profiling and meaningful information about the logic involved; and
• Where we intend to further Process your Personal Data for a purpose other than that for which the Personal Data was collected for, we must apprise you, prior to such further Processing, with information on those other purposes and with any other relevant information.

You have the right to request and obtain the following Personal Data:

• The categories of Personal Data Processed;
• The purpose of the Processing;
• Automated decision making on your Personal Data;
• Target sectors or enterprises with whom your Personal Data is shared;
• Controls or standards relating to storage of your Personal Data;
• Actions for rectification, restriction, or erasure of your Personal Data;
• Safeguards in case of cross border Personal Data transfer;
• The existence of your right to request from us rectification or erasure of Personal Data or restriction of Processing concerning you or to stop/object to Processing (if you are a citizen of a European Union member state);
• Details pertaining to the source of Personal Data, where such Personal Data has not been collected from you (if you are a citizen of a European Union member state);
• Copy of the Personal Data undergoing Processing (if you are a citizen of a European Union member state);
• Actions to be taken in case of Personal Data breach where such breach affects you; and
• Procedure to lodge a complaint with the supervisory authority.

We may refuse your demand if request is excessively repeated, is in contravention of judicial proceeding or investigations, negatively impacts our endeavors to maintain Personal Data security, or relates to the privacy of a third-party.

You have the right to rectify any inaccurate Personal Data about you and to complete any incomplete Personal Data about you.

You have the right to demand erasure of your Personal Data with us if:

• the Personal Data is no longer necessary in relation to the purposes for which it was collected or otherwise Processed;
• you withdraw consent to consent-based Processing;
• you object to the Processing of your Personal Data under the applicable law;
• your Personal Data has been unlawfully Processed; and
• your Personal Data must be erased for compliance with legal obligations (if you are a citizen of a European Union member state).

We may refuse your demand if your Personal Data is Processed for compliance with a legal obligation; or establishment or exercise or defense of legal claims.

You have the right to restrict Processing of your Personal Data if:

• you contest the accuracy of the Personal Data;
• Processing is unlawful;
• we no longer need the Personal Data for the purposes of our Processing, but you require Personal Data for the establishment, exercise or defense of legal claims; and
• you have objected to Processing, pending the verification of that objection, in which case we may continue to store your Personal Data, but we will only otherwise Process it: (i) where aforementioned Processing is restricted only to storage of said information; (ii) with your consent; (iii) for the establishment, exercise or defense of legal claims; (iv) for the protection of the rights of another natural or legal person; or (v) for reasons of important public interest.

You have the right to object to our Processing of your Personal Data and stop the Processing of said Personal Data in the following cases:

• if such Processing was done for direct marketing purposes (please see paragraph 23 – Choice of opt in/opt out);
• if such Processing was done for statistical survey purposes, unless such Processing is necessary for public interest; and
• where such Processing is in contravention of Personal Data protection controls as envisaged by the PDPL and mentioned under paragraph 6 (Personal Data protection principles).

You have the right to Personal Data portability to the extent that:

• the legal basis for our Processing of your Personal Data is your consent, or is a necessity to perform a contract to which you are party; or
• such Processing is carried out by automated means.

You have the right to receive your Personal Data from us in a structured, commonly used and machine- readable format. Where technically feasible, you may also request us to transmit your Personal Data directly to another entity.

You have the right to object to automated decision making (if any) if it has legal or serious consequences that affect you. Such requests may be refused by us if such automated Processing is performed in accordance to any contract between you and PayMate, is necessary for compliance with other legislation, or you have specifically provided consent for such practices.

If you are based in the UAE, you have the right to make a complaint at any time to a supervisory or regulatory authority. Such authorities include the UAE Data Office and the Consumer Protection Department at CBUAE, in so far as their respective regulations will have application to your rights.

We aim to respond to all legitimate requests without undue delay and within 2 calendar months of receipt of any request from you. Occasionally it may take us longer than 2 calendar months, if your request is particularly complex, or if you have made duplicated or numerous requests. In this case, we will notify you of receipt of such request(s) and keep you updated as to the status of progress concerning such request(s).

If you wish to exercise any of the rights mentioned under paragraph 20 (Your rights in relation to your Personal Data), please contact us at support@paymate.ae. We may need to request specific information from you to help us confirm your identity and ensure your entitlement to such rights. This security measure is to ensure that your Personal Data is not disclosed to any person who has no right to receive it.

Our Platform has stringent security measures in place to protect the loss, misuse, and alteration of the Personal Data under our control. Whenever you change or access your account information, we offer the use of a secure server. Once your Personal Data is in our possession we adhere to strict security guidelines, protecting it against unauthorized access.

While we are dedicated to securing our systems and Services, you are responsible for securing and maintaining the privacy of your password(s) and account/profile registration information and verifying that the Personal Data we maintain about you is accurate and current. We are not responsible for protecting any Personal Data that we share with a third-party based on an account connection that you have authorized (excluding PayMate Associates).

All information gathered on the PayMate platform is securely stored and access to such information is strictly limited on a need-to-know basis. In addition, details of credit/ debit card numbers, PIN details for payment or for verification purposes, password and account information are encrypted in accordance with the requirements of the Central Bank of UAE.

You are aware that as robust and effective as the security measures are, no security system is impenetrable. You hereby acknowledge that you are aware of all security risks, including possible third-party interception of any of your transactions and statements of account on the internet and the content of your transactions or statements of account becoming known to third-parties. You agree and undertake that you shall not hold PayMate/ PayMate Associates liable for such breaches of security in any way. The use and storage of any information, including without limitation, the credit card number, PIN, password, account information, transaction activity, account balances and any other information available on your internet access device or computer or mobile phone is at your own risk and responsibility. You furthermore acknowledge and accept that, without prejudice to paragraph 20 (Personal Data security), PayMate may not encrypt all content or communications from and to their Platform.

We provide all our users with the opportunity to opt-out of receiving non-essential (promotional, marketing-related) communications from us on behalf of our partners, and from us in general, after setting up an account. If you want to remove your contact information from all our lists and newsletters, please visit unsubscribe.

This Policy does not apply to the practices of companies that PayMate does not own or control, or to people that PayMate does not employ or manage.

If you have any questions you may write to PayMate Customer Support at  support@paymate.ae

© 2022 PayMate Payment Services Provider LLC