پرائیویسی پالیسی
بے رکاوٹ منتقلی، مضبوط سیکیورٹی اور آسان بل کی ادائیگیاں کا تجربہ کریں
1. INTRODUCTION
At Payments Arabia we look after your personal data carefully. This Privacy Notice together with our Cookie Policy and Terms and Conditions, which may be found on our website describes how we collect, use, process and store the data that you provide to us or that is generated or collected when you use our online services (via our website or our App).
Please take a moment to read our Privacy Notice and any other privacy information we provide you when we are collecting or processing your data, so you know what choices you have about your personal data. By “you”, we mean the customer who contracts with us, the person we communicate with or a visitor to our website and/or App. It is important that the personal data we hold about you is accurate. Please keep us informed if your personal data changes.
1.1. DEFINITIONS
(i) App: The Payments Arabia app. A mobile application that allows users to register with us as customers and then perform a range of payments transactions including sending money overseas, paying bills issued in Oman, sending and receiving funds using their Payments Arabia electronic wallet and paying retailers in Oman.
(ii) Contact Data: As defined in Section 2(ii) of this notice.
(iii) Data Breach: Any incident that leads to unauthorized disclosure, destruction, or access to Personal Data, whether intentional or accidental, and by any means, whether automated or manual.
(iv) Data Controller: The entity (Payments Arabia in this case) that determines the purposes and means of processing personal data.
(v) Data Processor: A third party that processes personal data on behalf of and under the instructions of the data controller.
(vi) Data Subject: The individual to whom the personal data relates.
(vii) Group Companies: The companies or organisations that are part of the Beyond One corporate family and share common ownership or control.
(viii) Identity Data: As defined in Section 2(i) of this notice.
(ix) Lawful Basis: The legal grounds under which we process personal data, which may include consent, contract, legitimate interest, public interest or legal obligation, amongst any other lawful basis applicable in your jurisdiction.
(x) Marketing Communications: Any communication we send to you that promotes our products or services, or the products or services of third parties we work with. You can control your marketing preferences by updating the appropriate settings in our Mobile app.
(xi) Marketing and Communications Data: As defined in Section 2(v) of this notice.
(xii) Personal Data: Any data, regardless of its source or form, that identifies or makes it possible to identify a natural person, either directly or indirectly, by referencing one or more identifiers such as a name, civil number, electronic identifiers, or location data, or by referencing one or more factors specific to the physical, genetic, mental, psychological, social, or cultural identity of that person.
(xiii) Sensitive Personal Data: This includes any personal data of high degree of sensitivity for the data subject, which could include information such as any personal data revealing racial or ethnic origin, religious, intellectual, or political beliefs, criminal offenses or security-related data, biometric data (for identification purposes), genetic data, health data, or data indicating if one or both parents are unknown, as well as any other data that may pose a significant risk to the individual's privacy and security if disclosed or processed improperly.
(xiv) Services and Financial data: As defined in Section 2(iii) of this notice.
(xv) Technical Data: As defined in Section 2(vi) of this notice.
(xvi) Third-Party Partners: External companies or organisations we collaborate with to provide you with our services or to enhance your experience. These may include infrastructure providers, payment processors, and marketing partners.
(xvii) Third-Party Services: Any websites, services, or applications that are not owned or controlled by Payments Arabia and are accessed through our services.
(xviii) Usage Data: As defined in Section 2(iv) of this notice.
INFORMATION WE COLLECT ABOUT YOU
We may collect personal data about you from you directly, for example, when you provide information on the website or order or use our products or services, request more information on our contact us page, respond to a survey or questionnaire or from third parties, for example, partners who help provide our products and services, or for instance, from cookies when you use our website or App. We may collect information from you even if you’re not yet a customer, for example, if you provide information via our website or App.
Some of the types of personally identifiable data, as defined in applicable law, that we may collect about you could include the following:
(i) Identity Data: name; title; date of birth; place of birth; gender; passport; mother name, mother’s maiden name, ID number; driving license number; photographic image; insurance information and employment information.
(ii) Contact Data: billing address; delivery address; email; mobile number, location pin.
(iii) Services and Financial data: bank account details; payment card details; payment history, consumer account status, credit rating, customer assert information.
(iv) Usage data: Website browsing information; usage of any other product or service; IMSI; MSISDN. We do not collect the content of your calls or messages.
(v) Marketing and Communications data: marketing preferences; queries / complaints; interests, preferences; survey responses.
(vi) Technical data: IP address; login data; time zone setting; location; browser information; operating system and platform details; system logs; other technology on the devices used to access the website; cookies; device identifier; device type.
HOW WE USE THE DATA WE COLLECT ABOUT YOU AND THE LEGAL BASIS FOR USING YOUR DATA
We will only use your personal data for the purposes we collected it or other reasons compatible with the original purpose.
We need a legal basis to use your personal data. For most uses of personal data, we will need your consent. However, we may use other legal bases strictly to the extent permitted by local privacy laws, such as:
(i) When you enter a contract with us for the provision of services to you, we may use your personal data to perform that contract, for example, to process your order or provide you with the services.
(ii) We may rely on our “legitimate interests” to use your personal data where permitted by Oman’s Data Privacy laws.
(iii) Some uses of your personal data are required to comply with a legal obligation, for example, tax or accounting requirements or co-operating with law enforcement agencies.
WHOM WE SHARE YOUR DATA WITH
We may share your personal data with the following:
(i) Our group companies.
(ii) Partners acting as data processors who help us provide our services to you or to supply their services to you, for example,
(a) Infrastructure and software suppliers and managed service partners who may, for example, provide support and maintenance services to support the services we provide to you.
(b) Our customer care centre provider.
(c) Sales partners; content providers; advertising agencies who help us with our marketing to you; and survey companies who help us run customer surveys.
(d) Payment processing agents.
(e) Debt recovery or fraud agencies.
(f) Law enforcement agencies or other public or regulatory bodies where required by law or to protect our or third party’s rights, business or assets.
(g) Our host mobile network operator, for example, to provide emergency services, including your location information; and,
(h) Some of our mobile financial service partners.
(iii) Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, personal data may be transferred to the acquiring entity, provided that the recipient agrees to protect personal data in a manner consistent with this Privacy Notice.
(iv) Consent: We may share personal data with third parties where we have obtained the data subject's explicit consent to do so. This consent will be specific, informed, and freely given.
(v) Cross-Border Transfers: By using our services, you acknowledge that transferring your data outside of Oman may be necessary for us to provide the services you have requested. These transfers comply with Oman’s PDPL requirements, and we will ensure that adequate protection levels are in place in the receiving country. If you do not consent to such transfers, we advise you not to use our services.
HOW WE PROTECT YOUR DATA
We use industry-standard technologies and processes to:
(i) check your identity when you contact us, but remember you are responsible for keeping your personal and account information secure and not sharing it, including passwords.
(ii) protect your personal data from unauthorised access and accidental loss, disclosure, or destruction, while in storage or transit. For example, we use data encryption. However, we cannot guarantee the security of the personal data that you transfer to us over the Internet.
(iii) limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. Where appropriate, they will only process your personal data on our instructions and are subject to a duty of confidentiality.
Please remember that third-party websites are outside our control and operate in line with their privacy policies. Your personal data entered in such websites, or your communications sent over the internet may therefore be at risk of unauthorised access or use.
We take the security of your personal data very seriously. In the event of a data breach that may compromise your personal data, we are committed to notifying both you and the relevant Omani data protection authorities within 72 hours of becoming aware of the breach, in accordance with the regulation.
We will provide you with clear information regarding the nature of the breach, the data affected, the potential consequences, and the measures taken or proposed to mitigate any potential risks.
HOW LONG WE HOLD ONTO YOUR DATA
We will hold personal data for a specific period of time for as long as reasonably necessary to fulfil the purpose we collected it for and in line with any legal obligations. In some circumstances we may store your personal information for longer periods of time, for example, where we are required to do so in accordance with legal, regulatory, tax, or accounting requirements, so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings.
YOUR RIGHTS CONCERNING THE DATA WE HOLD ABOUT YOU
Payments Arabia respect your rights concerning your personal data. This section outlines your rights under applicable data protection laws, and how to exercise them. To exercise any of these rights, please contact us through the channels provided below. We will respond to your request within 45 days required by applicable law. Please note that we may need to verify your identity before processing your request.
(i) Right to be Informed.
You have the right to clear, easily understandable, accessible information about the collection and use of your personal data, your rights and our contact details. This is set out in this Privacy Notice and any relevant privacy information given to you when we collect or process your personal data.
(ii) Right to Access
You can ask us to send you a copy of the personal data we hold about you. We shall provide you with the copy of your data within the timeline prescribed in the applicable law.
(iii) Right to Correction
You can request that we correct personal data about you that we hold where it is incomplete, inaccurate or obsolete. We may need to verify the accuracy of the new data you provide to us.
(iv) Right to Destruction
As per the relevant applicable law, in some situations, you can request we destroy personal data we hold about you, for example, where you no longer consent to our use of your personal data or there is no longer a compelling purpose for us to hold it.
(v) Right to be Notified in Case of a Data Breach
Your security is our priority. If we discover a data breach that compromises your personal information, we are committed to notifying you promptly and transparently, in accordance with applicable legal requirements.
(vi) Right to Data Portability.
You can ask us to provide your personal information to you in a structured, commonly used, machine readable format, or you can ask to have it transferred directly to another data controller, but in each case only where:
(a) the processing is based on your consent or on the performance of a contract with you; and
(b) the processing is carried out by automated means
(vii) The right to object to processing.
You can request that we stop using your personal data for certain purposes as per the applicable law unless an exception is applicable for us to continue processing your data for such purposes.
(viii) Right to Withdraw Consent
If we process your personal data based on your consent, you can withdraw it at any time. However, this will not affect the lawfulness of any processing based on your consent before its withdrawal.
(ix) Right not to be subject to automated decision-making.
If we make decisions using automated means, in some situations, you can object to such decisions being made solely by automated means and requests, for example, that we use human intervention in the decision-making.
(x) Right to limit or refuse processing
Based on your relevant jurisdiction, this right allows you to restrict or deny the processing of your personal data under certain circumstances, ensuring more control over how their information is use.
CHANGES TO OUR PRIVACY NOTICE
This Privacy Notice may change from time to time. Any changes we make will be posted on this page. We will notify you of any significant changes to this Privacy Notice by appropriate means.
CONTACTING US
If you have any comments or queries regarding our products or services, please e-mail the Customer Services team at 79-525252. If you have any questions or concerns about our use of your personal data or this Privacy Notice, please contact our data protection team at [email protected]
1. INTRODUCTION
At Payments Arabia we look after your personal data carefully. This Privacy Notice together with our Cookie Policy and Terms and Conditions, which may be found on our website describes how we collect, use, process and store the data that you provide to us or that is generated or collected when you use our online services (via our website or our App).
Please take a moment to read our Privacy Notice and any other privacy information we provide you when we are collecting or processing your data, so you know what choices you have about your personal data. By “you”, we mean the customer who contracts with us, the person we communicate with or a visitor to our website and/or App. It is important that the personal data we hold about you is accurate. Please keep us informed if your personal data changes.
1.1. DEFINITIONS
(i) App: The Payments Arabia app. A mobile application that allows users to register with us as customers and then perform a range of payments transactions including sending money overseas, paying bills issued in Oman, sending and receiving funds using their Payments Arabia electronic wallet and paying retailers in Oman.
(ii) Contact Data: As defined in Section 2(ii) of this notice.
(iii) Data Breach: Any incident that leads to unauthorized disclosure, destruction, or access to Personal Data, whether intentional or accidental, and by any means, whether automated or manual.
(iv) Data Controller: The entity (Payments Arabia in this case) that determines the purposes and means of processing personal data.
(v) Data Processor: A third party that processes personal data on behalf of and under the instructions of the data controller.
(vi) Data Subject: The individual to whom the personal data relates.
(vii) Group Companies: The companies or organisations that are part of the Beyond One corporate family and share common ownership or control.
(viii) Identity Data: As defined in Section 2(i) of this notice.
(ix) Lawful Basis: The legal grounds under which we process personal data, which may include consent, contract, legitimate interest, public interest or legal obligation, amongst any other lawful basis applicable in your jurisdiction.
(x) Marketing Communications: Any communication we send to you that promotes our products or services, or the products or services of third parties we work with. You can control your marketing preferences by updating the appropriate settings in our Mobile app.
(xi) Marketing and Communications Data: As defined in Section 2(v) of this notice.
(xii) Personal Data: Any data, regardless of its source or form, that identifies or makes it possible to identify a natural person, either directly or indirectly, by referencing one or more identifiers such as a name, civil number, electronic identifiers, or location data, or by referencing one or more factors specific to the physical, genetic, mental, psychological, social, or cultural identity of that person.
(xiii) Sensitive Personal Data: This includes any personal data of high degree of sensitivity for the data subject, which could include information such as any personal data revealing racial or ethnic origin, religious, intellectual, or political beliefs, criminal offenses or security-related data, biometric data (for identification purposes), genetic data, health data, or data indicating if one or both parents are unknown, as well as any other data that may pose a significant risk to the individual's privacy and security if disclosed or processed improperly.
(xiv) Services and Financial data: As defined in Section 2(iii) of this notice.
(xv) Technical Data: As defined in Section 2(vi) of this notice.
(xvi) Third-Party Partners: External companies or organisations we collaborate with to provide you with our services or to enhance your experience. These may include infrastructure providers, payment processors, and marketing partners.
(xvii) Third-Party Services: Any websites, services, or applications that are not owned or controlled by Payments Arabia and are accessed through our services.
(xviii) Usage Data: As defined in Section 2(iv) of this notice.
INFORMATION WE COLLECT ABOUT YOU
We may collect personal data about you from you directly, for example, when you provide information on the website or order or use our products or services, request more information on our contact us page, respond to a survey or questionnaire or from third parties, for example, partners who help provide our products and services, or for instance, from cookies when you use our website or App. We may collect information from you even if you’re not yet a customer, for example, if you provide information via our website or App.
Some of the types of personally identifiable data, as defined in applicable law, that we may collect about you could include the following:
(i) Identity Data: name; title; date of birth; place of birth; gender; passport; mother name, mother’s maiden name, ID number; driving license number; photographic image; insurance information and employment information.
(ii) Contact Data: billing address; delivery address; email; mobile number, location pin.
(iii) Services and Financial data: bank account details; payment card details; payment history, consumer account status, credit rating, customer assert information.
(iv) Usage data: Website browsing information; usage of any other product or service; IMSI; MSISDN. We do not collect the content of your calls or messages.
(v) Marketing and Communications data: marketing preferences; queries / complaints; interests, preferences; survey responses.
(vi) Technical data: IP address; login data; time zone setting; location; browser information; operating system and platform details; system logs; other technology on the devices used to access the website; cookies; device identifier; device type.
HOW WE USE THE DATA WE COLLECT ABOUT YOU AND THE LEGAL BASIS FOR USING YOUR DATA
We will only use your personal data for the purposes we collected it or other reasons compatible with the original purpose.
We need a legal basis to use your personal data. For most uses of personal data, we will need your consent. However, we may use other legal bases strictly to the extent permitted by local privacy laws, such as:
(i) When you enter a contract with us for the provision of services to you, we may use your personal data to perform that contract, for example, to process your order or provide you with the services.
(ii) We may rely on our “legitimate interests” to use your personal data where permitted by Oman’s Data Privacy laws.
(iii) Some uses of your personal data are required to comply with a legal obligation, for example, tax or accounting requirements or co-operating with law enforcement agencies.
WHOM WE SHARE YOUR DATA WITH
We may share your personal data with the following:
(i) Our group companies.
(ii) Partners acting as data processors who help us provide our services to you or to supply their services to you, for example,
(a) Infrastructure and software suppliers and managed service partners who may, for example, provide support and maintenance services to support the services we provide to you.
(b) Our customer care centre provider.
(c) Sales partners; content providers; advertising agencies who help us with our marketing to you; and survey companies who help us run customer surveys.
(d) Payment processing agents.
(e) Debt recovery or fraud agencies.
(f) Law enforcement agencies or other public or regulatory bodies where required by law or to protect our or third party’s rights, business or assets.
(g) Our host mobile network operator, for example, to provide emergency services, including your location information; and,
(h) Some of our mobile financial service partners.
(iii) Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, personal data may be transferred to the acquiring entity, provided that the recipient agrees to protect personal data in a manner consistent with this Privacy Notice.
(iv) Consent: We may share personal data with third parties where we have obtained the data subject's explicit consent to do so. This consent will be specific, informed, and freely given.
(v) Cross-Border Transfers: By using our services, you acknowledge that transferring your data outside of Oman may be necessary for us to provide the services you have requested. These transfers comply with Oman’s PDPL requirements, and we will ensure that adequate protection levels are in place in the receiving country. If you do not consent to such transfers, we advise you not to use our services.
HOW WE PROTECT YOUR DATA
We use industry-standard technologies and processes to:
(i) check your identity when you contact us, but remember you are responsible for keeping your personal and account information secure and not sharing it, including passwords.
(ii) protect your personal data from unauthorised access and accidental loss, disclosure, or destruction, while in storage or transit. For example, we use data encryption. However, we cannot guarantee the security of the personal data that you transfer to us over the Internet.
(iii) limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. Where appropriate, they will only process your personal data on our instructions and are subject to a duty of confidentiality.
Please remember that third-party websites are outside our control and operate in line with their privacy policies. Your personal data entered in such websites, or your communications sent over the internet may therefore be at risk of unauthorised access or use.
We take the security of your personal data very seriously. In the event of a data breach that may compromise your personal data, we are committed to notifying both you and the relevant Omani data protection authorities within 72 hours of becoming aware of the breach, in accordance with the regulation.
We will provide you with clear information regarding the nature of the breach, the data affected, the potential consequences, and the measures taken or proposed to mitigate any potential risks.
HOW LONG WE HOLD ONTO YOUR DATA
We will hold personal data for a specific period of time for as long as reasonably necessary to fulfil the purpose we collected it for and in line with any legal obligations. In some circumstances we may store your personal information for longer periods of time, for example, where we are required to do so in accordance with legal, regulatory, tax, or accounting requirements, so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings.
YOUR RIGHTS CONCERNING THE DATA WE HOLD ABOUT YOU
Payments Arabia respect your rights concerning your personal data. This section outlines your rights under applicable data protection laws, and how to exercise them. To exercise any of these rights, please contact us through the channels provided below. We will respond to your request within 45 days required by applicable law. Please note that we may need to verify your identity before processing your request.
(i) Right to be Informed.
You have the right to clear, easily understandable, accessible information about the collection and use of your personal data, your rights and our contact details. This is set out in this Privacy Notice and any relevant privacy information given to you when we collect or process your personal data.
(ii) Right to Access
You can ask us to send you a copy of the personal data we hold about you. We shall provide you with the copy of your data within the timeline prescribed in the applicable law.
(iii) Right to Correction
You can request that we correct personal data about you that we hold where it is incomplete, inaccurate or obsolete. We may need to verify the accuracy of the new data you provide to us.
(iv) Right to Destruction
As per the relevant applicable law, in some situations, you can request we destroy personal data we hold about you, for example, where you no longer consent to our use of your personal data or there is no longer a compelling purpose for us to hold it.
(v) Right to be Notified in Case of a Data Breach
Your security is our priority. If we discover a data breach that compromises your personal information, we are committed to notifying you promptly and transparently, in accordance with applicable legal requirements.
(vi) Right to Data Portability.
You can ask us to provide your personal information to you in a structured, commonly used, machine readable format, or you can ask to have it transferred directly to another data controller, but in each case only where:
(a) the processing is based on your consent or on the performance of a contract with you; and
(b) the processing is carried out by automated means
(vii) The right to object to processing.
You can request that we stop using your personal data for certain purposes as per the applicable law unless an exception is applicable for us to continue processing your data for such purposes.
(viii) Right to Withdraw Consent
If we process your personal data based on your consent, you can withdraw it at any time. However, this will not affect the lawfulness of any processing based on your consent before its withdrawal.
(ix) Right not to be subject to automated decision-making.
If we make decisions using automated means, in some situations, you can object to such decisions being made solely by automated means and requests, for example, that we use human intervention in the decision-making.
(x) Right to limit or refuse processing
Based on your relevant jurisdiction, this right allows you to restrict or deny the processing of your personal data under certain circumstances, ensuring more control over how their information is use.
CHANGES TO OUR PRIVACY NOTICE
This Privacy Notice may change from time to time. Any changes we make will be posted on this page. We will notify you of any significant changes to this Privacy Notice by appropriate means.
CONTACTING US
If you have any comments or queries regarding our products or services, please e-mail the Customer Services team at 79-525252. If you have any questions or concerns about our use of your personal data or this Privacy Notice, please contact our data protection team at [email protected]
1. INTRODUCTION
At Payments Arabia we look after your personal data carefully. This Privacy Notice together with our Cookie Policy and Terms and Conditions, which may be found on our website describes how we collect, use, process and store the data that you provide to us or that is generated or collected when you use our online services (via our website or our App).
Please take a moment to read our Privacy Notice and any other privacy information we provide you when we are collecting or processing your data, so you know what choices you have about your personal data. By “you”, we mean the customer who contracts with us, the person we communicate with or a visitor to our website and/or App. It is important that the personal data we hold about you is accurate. Please keep us informed if your personal data changes.
1.1. DEFINITIONS
(i) App: The Payments Arabia app. A mobile application that allows users to register with us as customers and then perform a range of payments transactions including sending money overseas, paying bills issued in Oman, sending and receiving funds using their Payments Arabia electronic wallet and paying retailers in Oman.
(ii) Contact Data: As defined in Section 2(ii) of this notice.
(iii) Data Breach: Any incident that leads to unauthorized disclosure, destruction, or access to Personal Data, whether intentional or accidental, and by any means, whether automated or manual.
(iv) Data Controller: The entity (Payments Arabia in this case) that determines the purposes and means of processing personal data.
(v) Data Processor: A third party that processes personal data on behalf of and under the instructions of the data controller.
(vi) Data Subject: The individual to whom the personal data relates.
(vii) Group Companies: The companies or organisations that are part of the Beyond One corporate family and share common ownership or control.
(viii) Identity Data: As defined in Section 2(i) of this notice.
(ix) Lawful Basis: The legal grounds under which we process personal data, which may include consent, contract, legitimate interest, public interest or legal obligation, amongst any other lawful basis applicable in your jurisdiction.
(x) Marketing Communications: Any communication we send to you that promotes our products or services, or the products or services of third parties we work with. You can control your marketing preferences by updating the appropriate settings in our Mobile app.
(xi) Marketing and Communications Data: As defined in Section 2(v) of this notice.
(xii) Personal Data: Any data, regardless of its source or form, that identifies or makes it possible to identify a natural person, either directly or indirectly, by referencing one or more identifiers such as a name, civil number, electronic identifiers, or location data, or by referencing one or more factors specific to the physical, genetic, mental, psychological, social, or cultural identity of that person.
(xiii) Sensitive Personal Data: This includes any personal data of high degree of sensitivity for the data subject, which could include information such as any personal data revealing racial or ethnic origin, religious, intellectual, or political beliefs, criminal offenses or security-related data, biometric data (for identification purposes), genetic data, health data, or data indicating if one or both parents are unknown, as well as any other data that may pose a significant risk to the individual's privacy and security if disclosed or processed improperly.
(xiv) Services and Financial data: As defined in Section 2(iii) of this notice.
(xv) Technical Data: As defined in Section 2(vi) of this notice.
(xvi) Third-Party Partners: External companies or organisations we collaborate with to provide you with our services or to enhance your experience. These may include infrastructure providers, payment processors, and marketing partners.
(xvii) Third-Party Services: Any websites, services, or applications that are not owned or controlled by Payments Arabia and are accessed through our services.
(xviii) Usage Data: As defined in Section 2(iv) of this notice.
INFORMATION WE COLLECT ABOUT YOU
We may collect personal data about you from you directly, for example, when you provide information on the website or order or use our products or services, request more information on our contact us page, respond to a survey or questionnaire or from third parties, for example, partners who help provide our products and services, or for instance, from cookies when you use our website or App. We may collect information from you even if you’re not yet a customer, for example, if you provide information via our website or App.
Some of the types of personally identifiable data, as defined in applicable law, that we may collect about you could include the following:
(i) Identity Data: name; title; date of birth; place of birth; gender; passport; mother name, mother’s maiden name, ID number; driving license number; photographic image; insurance information and employment information.
(ii) Contact Data: billing address; delivery address; email; mobile number, location pin.
(iii) Services and Financial data: bank account details; payment card details; payment history, consumer account status, credit rating, customer assert information.
(iv) Usage data: Website browsing information; usage of any other product or service; IMSI; MSISDN. We do not collect the content of your calls or messages.
(v) Marketing and Communications data: marketing preferences; queries / complaints; interests, preferences; survey responses.
(vi) Technical data: IP address; login data; time zone setting; location; browser information; operating system and platform details; system logs; other technology on the devices used to access the website; cookies; device identifier; device type.
HOW WE USE THE DATA WE COLLECT ABOUT YOU AND THE LEGAL BASIS FOR USING YOUR DATA
We will only use your personal data for the purposes we collected it or other reasons compatible with the original purpose.
We need a legal basis to use your personal data. For most uses of personal data, we will need your consent. However, we may use other legal bases strictly to the extent permitted by local privacy laws, such as:
(i) When you enter a contract with us for the provision of services to you, we may use your personal data to perform that contract, for example, to process your order or provide you with the services.
(ii) We may rely on our “legitimate interests” to use your personal data where permitted by Oman’s Data Privacy laws.
(iii) Some uses of your personal data are required to comply with a legal obligation, for example, tax or accounting requirements or co-operating with law enforcement agencies.
WHOM WE SHARE YOUR DATA WITH
We may share your personal data with the following:
(i) Our group companies.
(ii) Partners acting as data processors who help us provide our services to you or to supply their services to you, for example,
(a) Infrastructure and software suppliers and managed service partners who may, for example, provide support and maintenance services to support the services we provide to you.
(b) Our customer care centre provider.
(c) Sales partners; content providers; advertising agencies who help us with our marketing to you; and survey companies who help us run customer surveys.
(d) Payment processing agents.
(e) Debt recovery or fraud agencies.
(f) Law enforcement agencies or other public or regulatory bodies where required by law or to protect our or third party’s rights, business or assets.
(g) Our host mobile network operator, for example, to provide emergency services, including your location information; and,
(h) Some of our mobile financial service partners.
(iii) Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, personal data may be transferred to the acquiring entity, provided that the recipient agrees to protect personal data in a manner consistent with this Privacy Notice.
(iv) Consent: We may share personal data with third parties where we have obtained the data subject's explicit consent to do so. This consent will be specific, informed, and freely given.
(v) Cross-Border Transfers: By using our services, you acknowledge that transferring your data outside of Oman may be necessary for us to provide the services you have requested. These transfers comply with Oman’s PDPL requirements, and we will ensure that adequate protection levels are in place in the receiving country. If you do not consent to such transfers, we advise you not to use our services.
HOW WE PROTECT YOUR DATA
We use industry-standard technologies and processes to:
(i) check your identity when you contact us, but remember you are responsible for keeping your personal and account information secure and not sharing it, including passwords.
(ii) protect your personal data from unauthorised access and accidental loss, disclosure, or destruction, while in storage or transit. For example, we use data encryption. However, we cannot guarantee the security of the personal data that you transfer to us over the Internet.
(iii) limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. Where appropriate, they will only process your personal data on our instructions and are subject to a duty of confidentiality.
Please remember that third-party websites are outside our control and operate in line with their privacy policies. Your personal data entered in such websites, or your communications sent over the internet may therefore be at risk of unauthorised access or use.
We take the security of your personal data very seriously. In the event of a data breach that may compromise your personal data, we are committed to notifying both you and the relevant Omani data protection authorities within 72 hours of becoming aware of the breach, in accordance with the regulation.
We will provide you with clear information regarding the nature of the breach, the data affected, the potential consequences, and the measures taken or proposed to mitigate any potential risks.
HOW LONG WE HOLD ONTO YOUR DATA
We will hold personal data for a specific period of time for as long as reasonably necessary to fulfil the purpose we collected it for and in line with any legal obligations. In some circumstances we may store your personal information for longer periods of time, for example, where we are required to do so in accordance with legal, regulatory, tax, or accounting requirements, so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings.
YOUR RIGHTS CONCERNING THE DATA WE HOLD ABOUT YOU
Payments Arabia respect your rights concerning your personal data. This section outlines your rights under applicable data protection laws, and how to exercise them. To exercise any of these rights, please contact us through the channels provided below. We will respond to your request within 45 days required by applicable law. Please note that we may need to verify your identity before processing your request.
(i) Right to be Informed.
You have the right to clear, easily understandable, accessible information about the collection and use of your personal data, your rights and our contact details. This is set out in this Privacy Notice and any relevant privacy information given to you when we collect or process your personal data.
(ii) Right to Access
You can ask us to send you a copy of the personal data we hold about you. We shall provide you with the copy of your data within the timeline prescribed in the applicable law.
(iii) Right to Correction
You can request that we correct personal data about you that we hold where it is incomplete, inaccurate or obsolete. We may need to verify the accuracy of the new data you provide to us.
(iv) Right to Destruction
As per the relevant applicable law, in some situations, you can request we destroy personal data we hold about you, for example, where you no longer consent to our use of your personal data or there is no longer a compelling purpose for us to hold it.
(v) Right to be Notified in Case of a Data Breach
Your security is our priority. If we discover a data breach that compromises your personal information, we are committed to notifying you promptly and transparently, in accordance with applicable legal requirements.
(vi) Right to Data Portability.
You can ask us to provide your personal information to you in a structured, commonly used, machine readable format, or you can ask to have it transferred directly to another data controller, but in each case only where:
(a) the processing is based on your consent or on the performance of a contract with you; and
(b) the processing is carried out by automated means
(vii) The right to object to processing.
You can request that we stop using your personal data for certain purposes as per the applicable law unless an exception is applicable for us to continue processing your data for such purposes.
(viii) Right to Withdraw Consent
If we process your personal data based on your consent, you can withdraw it at any time. However, this will not affect the lawfulness of any processing based on your consent before its withdrawal.
(ix) Right not to be subject to automated decision-making.
If we make decisions using automated means, in some situations, you can object to such decisions being made solely by automated means and requests, for example, that we use human intervention in the decision-making.
(x) Right to limit or refuse processing
Based on your relevant jurisdiction, this right allows you to restrict or deny the processing of your personal data under certain circumstances, ensuring more control over how their information is use.
CHANGES TO OUR PRIVACY NOTICE
This Privacy Notice may change from time to time. Any changes we make will be posted on this page. We will notify you of any significant changes to this Privacy Notice by appropriate means.
CONTACTING US
If you have any comments or queries regarding our products or services, please e-mail the Customer Services team at 79-525252. If you have any questions or concerns about our use of your personal data or this Privacy Notice, please contact our data protection team at [email protected]
شرائط و ضوابط اور رازداری
مدد اور حمایت
اب حاصل کریں
اپنی زندگی کو Friendi Pay کے ساتھ آسان بنائیں – آج ہی ڈاؤن لوڈ کریں اور سائن اپ کریں!
شرائط و ضوابط اور رازداری
مدد اور حمایت
اب حاصل کریں
اپنی زندگی کو Friendi Pay کے ساتھ آسان بنائیں – آج ہی ڈاؤن لوڈ کریں اور سائن اپ کریں!
شرائط و ضوابط اور رازداری
مدد اور حمایت
اب حاصل کریں
اپنی زندگی کو Friendi Pay کے ساتھ آسان بنائیں – آج ہی ڈاؤن لوڈ کریں اور سائن اپ کریں!