Privacy Policy

This Privacy Policy shall be effective starting on May 25th, 2018.
Last updated: May 24, 2018

CapriPay Limited, ("the Company", "CapriPay", "we", "us" and "our") respect and protect the privacy of visitors to our websites and our customers who use our services. To ensure transparency, this Privacy Policy describes our information handling practices when you access content we own or operate on the websites located at capripay.com (the "Website") and/or when you use the CapriPay mobile app, any CapriPay API or third party applications relying on such an API, and related services (referred to collectively hereinafter as "Services").

Please take a moment to read this Privacy Policy carefully. If you have any questions about this Privacy Notice, please contact us at privacy@capripay.com

Aim of this Privacy Policy is to ensure that you understand what personal data we collect about you, the reasons why we collect and use it, and who we share it with; explain the way we use the personal data that you share with us in order to give you a great experience when you are using the CapriPay Service; and explain your rights and choices in relation to the personal data we collect and process about you and how we will protect your privacy.

By accessing and using our Services, you signify acceptance to the terms of this Privacy Policy. Where we require your consent to process your personal information, we will ask for your consent to the collection, use, and disclosure of your personal information as described further below. CapriPay may provide additional information about the data collection, use and sharing practices of specific Services.

If you do not agree with or you are not comfortable with any aspect of this Privacy Policy, you should immediately discontinue access or use of our Services.

We reserve the right to modify this Privacy Policy at any time, and when required by law, we will notify you of changes to this Privacy Policy. If we make any material changes we will notify you by email address specified in your account.

You are free to choose whether to provide us with the types of personal information requested, but we may not be able to serve you as effectively or offer you all of our Services when you do choose not to share certain information with us.

EEA users and Personal Data

If you are a resident of the EEA, Gemini Software Systems Corp., is data Controller with respect to your personal information.

Our legal bases for processing under EEA Data Protection Law are described below in the sections entitled "Usage of Data from Individuals" and "Share of Personal Data to third parties". We may process your personal information if you consent to the processing, to satisfy our legal obligations, if it is necessary to carry out our obligations arising from any contracts we entered with you, or to take steps at your request prior to entering into a contract with you, or for our legitimate interests to protect our property, rights or safety of CapriPay, our customers or others.

Individual Rights

EEA Residents have the following rights, which can be exercised by going to your CapriPay Account or contacting us at privacy@capripay.com so that we may consider your request under applicable law. As available and except as limited under applicable law, the rights afforded to individuals are:

Right of Access - the right to be informed of and request access to the personal data we process about you;

Right to Rectification - the right to request that we amend or update your personal data where it is inaccurate or incomplete;

Right to Erasure - the right to request that we delete your personal data;

Right to Restrict - the right to request that we temporarily or permanently stop processing all or some of your personal data;

Right to Object -
the right, at any time, to object to us processing your personal data on grounds relating to your particular situation;
the right to object to your personal data being processed for direct marketing purposes;

Right to Data Portability - the right to request a copy of your personal data in electronic format and the right to transmit that personal data for use in another party’s service; and

Right not to be subject to Automated Decision-making - the right to not be subject to a decision based solely on automated decision making, including profiling, where the decision would have a legal effect on you or produce a similarly significant effect.

Data we collect from individuals

We collect personal information to provide you with our Services. When we require certain personal information from users it is because we are required by law to collect this information or it is relevant for specified purposes.

We collect or may collect the following types of information:

Personal Identification Information: Full name, date of birth, phone number, utility bills, photographs, home address, preferred language and email.

Formal Identification Information for KYC: Proof of your ID, utility bill, passport details, driver’s license details, national identity card details, photograph identification cards, and/or visa information.

Transaction Information: Information about the transactions you make on our Services.

Online Identifiers: username, location/tracking details, browser fingerprint, OS, browser name and version, login history and IP addresses.

Usage Data: Information provided to our support team, public social networking posts, security questions, user ID, click-stream data and other data collected via cookies and similar technologies.

Usage of Data from Individuals

Our primary purpose in collecting personal information is to provide you with a secure, smooth, efficient, and customised experience. In general, we use personal information to create, develop, operate, deliver, and improve our Services, content and advertising, and for loss prevention and anti-fraud purposes. We may use this information in the following ways:

To maintain legal and regulatory compliance. Some of our core Services are subject to laws and regulations requiring us to collect and use your personal identification information, formal identification information, financial information, transaction information, online identifiers, and/or usage data in certain ways.

Activity Description Type of Data Legal basis
To enforce our terms in our user agreement and other agreements It is very important for us and our members that we are actively monitoring, investigating, preventing and mitigating any potentially prohibited or illegal activities. We may need to collect fees based on your use of our Services. Identity, Contract Performance of a contract with you
To provide CapriPay Services We process your personal information in order to provide the Services to you. For example, when you want to buy/sell on CapriPay Identity, Contract Performance of a contract with you
To provide Service communications We send administrative or account-related information to you to keep you updated about our Services, inform you of relevant security issues or updates, or provide other transaction-related information Identity, Contract Performance of a contract with you
To provide customer service We process your personal information when you contact us to resolve any questions, disputes, collect fees, or to troubleshoot problems Identity, Contract Performance of a contract with you
To ensure quality control We process your personal information for quality control and staff training to make sure we continue to provide you with accurate information Identity, Contract Performance of a contract with you
To ensure network and information security We process your personal information in order to enhance security, monitor and verify identity or service access, combat spam or other malware or security risks and to comply with applicable security laws and regulations. Identity, Contract, Technical Necessary to comply with a legal obligation
For research and development purposes and To enhance your website experience We process your personal information to better understand the way you use and interact with CapriPay Services Technical, Usage Necessary to comply with a legal obligation
To engage in marketing activities Based on your communication preferences, we may send you marketing communications to inform you about our events or our partner events Marketing Necessary to satisfy on your consent.

Data we collect from Merchants

We collect personal information to provide you with our Services. When we require certain personal information from Merchants it is because we are required by law to collect this information or it is relevant for specified purposes.

We collect or may collect the following types of information:

Personal Identification Information: Full name, date of birth, phone number, photographs, company name, home and/or business address, preferred language and email.

Formal Identification Information for KYM: Proof of your business ID, utility bills, photograph identification cards, and/or visa information.

Transaction Information: Information about the transactions you make on our Services.

Online Identifiers: username, location/tracking details, browser fingerprint, OS, browser name and version, login history and IP addresses.

Usage Data: Information provided to our support team, public social networking posts, security questions, user ID, click-stream data and other data collected via cookies and similar technologies.

Usage of Data from Merchants

Our primary purpose in collecting personal information is to provide you with a secure, smooth, efficient, and customised experience. In general, we use personal information to create, develop, operate, deliver, and improve our Services, content and advertising, and for loss prevention and anti-fraud purposes. We may use this information in the following ways

Activity Description Type of Data Legal basis
To enforce our terms in our user agreement and other agreements It is very important for us and our Merchants that we are actively monitoring, investigating, preventing and mitigating any potentially prohibited or illegal activities. We may need to collect fees based on your use of our Services. Identity, Contract Performance of a contract with you
To provide CapriPay Services We process your personal information in order to provide the Services to you. For example, when you want to buy/sell on CapriPay Identity, Contract Performance of a contract with you
To provide Service communications We send administrative or account-related information to you to keep you updated about our Services, inform you of relevant security issues or updates, or provide other transaction-related information Identity, Contract Performance of a contract with you
To provide customer service We process your Merchant information when you contact us to resolve any questions, disputes, collect fees, or to troubleshoot problems Identity, Contract Performance of a contract with you
To ensure quality control We process your Merchant information for quality control and staff training to make sure we continue to provide you with accurate information Identity, Contract Performance of a contract with you
To ensure network and information security We process your Merchant information in order to enhance security, monitor and verify identity or service access, combat spam or other malware or security risks and to comply with applicable security laws and regulations. Identity, Contract, Technical Necessary to comply with a legal obligation
For research and development purposes and To enhance your website experience We process your Merchant information to better understand the way you use and interact with CapriPay Services. We also use your information to communicate with you. We may send certain mandatory communications such as welcome letters, information on your merchant profile, merchant requirements and technical issues. Technical, Usage Necessary to comply with a legal obligation
To engage in marketing activities Based on your communication preferences, we may send you marketing communications to inform you about our events or our partner events Marketing Necessary to satisfy on your consent.

Revocation

We will not use your personal information for purposes other than those purposes we have disclosed to you, without your permission. You may opt out of having your personal information shared with third parties, or allowing us to use your personal information for any purpose that is incompatible with the purposes for which we originally collected it or subsequently obtained your authorisation. If you choose to so limit the use of your personal information, certain features or CapriPay Services may not be available to you.

Information collected automatically and use of it

We receive and store certain types of information automatically, such as whenever you interact with the Sites or use the Services. This information does not necessarily reveal your identity directly but may include information about the specific device you are using, such as the hardware model, device ID, operating system version, web-browser software and your IP address/MAC address/device identifier.

Share of Personal Data to Third parties

We take care to allow your personal data to be accessed only by those who really need to in order to perform their tasks and duties, and to share with third parties who have a legitimate purpose for accessing it. CapriPay will never sell or rent your personal information. We will only share your information in the following circumstances:

We share your information with third party identity verification services in order to prevent fraud. These service providers may create derivative data based on your personal information that can be used solely in connection with provision of identity verification and fraud prevention services.

We share your data exclusively for the purpose of processing your orders and/or giving you access to the infrastructure (e.g. servers, IT services, web hosting) of service providers commissioned by us. These service providers will process your data strictly in compliance with our instructions and will be supervised by us. Such service providers are strictly prohibited from using the data collected and processed through the CapriPay website for their own purposes.

We may share your information with service providers under contract who help with parts of our business operations such as technology services (including email gateway and send SMS gateway providers) and marketing services. Our contracts require these service providers to only use your information in connection with the services they perform for us, and prohibit them from selling your information to anyone else.

We share your information with financial institutions with which we partner to process payments you have authorised.

We may share your information with law enforcement, officials, or other third parties when we are compelled to do so by a subpoena, court order, or similar legal procedure, or when we believe in good faith that the disclosure of personal information is necessary to prevent physical harm or financial loss, to report suspected illegal activity or to investigate violations of our Privacy and Procedures or any other applicable policies.

Safeguarding Personal Data

We understand how important your privacy is, which is why CapriPay maintains (and requires its service providers to maintain) appropriate physical, technical and administrative safeguards to protect the security and confidentiality of the personal information you entrust to us.

For example, we use computer safeguards such as firewalls and data encryption, we enforce physical access controls to our buildings and files, and we authorise access to personal information only for those employees who require it to fulfill their job responsibilities.

Full credit card data is securely transferred and hosted off-site by a payment vendors in compliance with Payment Card Industry Data Security Standards (PCI DSS). This information is not accessible to CapriPay staff.

We cannot guarantee that loss, misuse, unauthorised acquisition, or alteration of your data will not occur. Please protect your own personal information. When registering with our Services, it is important to choose a password of sufficient length and complexity, to not reveal this password to any third-parties, and to immediately notify us if you become aware of any unauthorised access to or use of your account.

We cannot ensure or warrant the security or confidentiality of information you transmit to us or receive from us by Internet or wireless connection, including email, phone, or SMS, since we have no way of protecting that information once it leaves and until it reaches us. If you have reason to believe that your data is no longer secure, please contact us at the email privacy@capripay.com

Access to Personal Data

You are entitled to review, correct, or amend your personal information, or to delete that information where it is inaccurate. You may do this at any time by logging in to your account and clicking the Account tab, where you can edit Profile.

Rights to access, correction and deletion and right to object

You have a right of access to the personal information that we hold about you under European data protection legislation, and to some related information. You can access your Personal Data by logging on your account. You can also require any inaccurate personal information to be corrected or deleted.

You can object to our use of your personal information for direct marketing purposes at any time and you may have the right to object to our processing of some or all of your personal information (and require them to be deleted) in some other circumstances. Please email that you would like to opt-out to privacy@capripay.com

Contact

If you believe that we have infringed your rights, we encourage you to contact us first at dpo@capripay.com so that we can try to resolve the issue or dispute informally. You can also complain about our processing of your personal information to the relevant data protection authority. You can complain in the EU member state where you live or work, or in the place where the alleged breach of data protection law has taken place.

Storage of your personal information. CapriPay will try to limit the storage of your personal information to the extent that storage is necessary to serve the purpose(s) for which the personal information was processed, to resolve disputes, enforce our agreements, and as required or permitted by law.

You may reach Data Protection Officer at dpo@capripay.com

If you have any questions regarding this Privacy Policy or the scope of personal data, please contact us under the following email address: privacy@capripay.com