Last updated: 1 February 2023

1. Introduction

This Privacy Policy explains what you can expect from us and what we need from you in relation to your personal data. 

If your data is processed by us in the Dubai International Finance Centre (“DIFC”), the data controller is Taptap Send (DIFC) Limited.

We have appointed a Data Protection Officer (“DPO”) to oversee compliance with this Privacy Policy. If you have any questions over how we protect or use your data, please email our DPO at privacy@taptapsend.com.

‍

Taptap Send DIFC (“Taptap Send”) offers a software platform and services to help individuals send money to emerging markets. We collect data about our customers and their payees (“Data”) when they use our platform, our services, and our websites (collectively, “Services”). This privacy policy describes how we collect, use and disclose Data.

‍

In this Privacy Policy, we sometimes refer to “you”. “You” may be a visitor to our website, a customer of one or more of our Services (“Customer”), or a payor / payee of a Customer (“Payee”). This Privacy Policy does not apply to third-party websites, products, or services even if they link to our Services, and you should consider the privacy practices of those third-parties carefully. If you object to the practices described in this Privacy Policy, you should (a) remove cookies from your computer after leaving our website, and (b) discontinue your use of our Services.

‍

We may change this Privacy Policy from time to time. We will post any changes, and such changes will become effective when they are posted. Where applicable, your continued use of our Services following the posting of any changes will mean you accept those changes. We encourage you to review the Privacy Policy whenever you interact with us to stay informed about our information practices and the ways you can help protect your privacy.

2. How we handle your data‍

We receive Data from visitors to our website, and Customers using our Services. The collection and use of data is crucial to providing our Services and keeping the Services safe. Data helps us increase the safety of your online payments, while reducing the risk of fraud, money laundering and other harmful activity. Generally, Data can be categorized into data that directly identifies you individually (“Personal Information”) and data associated with your activities (“Activity Information”).

‍

All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using Transport Layer Security technology. You are responsible for keeping confidential any passwords we give you. We ask you not to share this password with anyone else and not to use this password for other services or products

‍

‍3. Collecting Personal Information

You may have to provide us with Personal Information to sign up for, or make use of, our Services. This data includes the following, for yourself and your recipient:

• Name
• Address
• Date of birth
• Place of birth
• E-mail address
• Demographic information (e.g., gender)
• Phone number
• Evidence of your identity (for example, passport information)
• Financial information (including credit card, debit card, or bank account information, and proof of wealth),
• Payment reason
• Geographical location
• Government ID number and/or a copy of government issued photo ID
• Personal description (incl. professional status and occupation)
• Photograph (e.g., selfie)
• IP address
• Device ID
• Device settings (e.g., language preference, time zone)
  

‍

If you do not provide us with this requested data, we may not be able to provide our Services to you.

We may collect Personal Information about you from other sources. For example, we may:

• Retrieve names associated with particular phone numbers from our payment service providers; and
• Verify your identity against third party databases (e.g., politically exposed persons (PEP) or sanctions databases) for anti-money laundering and fraud purposes.

4. Collecting Activity Information‍

We also automatically collect Activity Information based on your use of our Services. This data would include your activities on our website, or actions performed on our payment platform. For example, we may collect:

• Details of the transactions you carry out when using our Services, including geographic location from which the transaction originates;
• Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
• Information about your visit, including the full URL clickstream to, through and from our Website or App (including date and time); page response times, download errors, length of visits to certain pages, page interaction information, methods used to browse away from the page, and audit trail of login attempts; and 
• Any phone number used to call our customer support center, as well as a recording of that call. By continuing to speak to a customer support agent after calling our customer support center, you are agreeing to our collection of this data. 
  

Our Website and App also use cookies to distinguish you from other users. This helps us to provide you with a good experience when you use our Website or App, and also allows us to improve our Website or App. We also use cookies for marketing/retargeting purposes (i.e., to show you more relevant ads). By continuing to use our Website and/or App, you are agreeing to our use of cookies.

Personal Information and Activity Information we collect is stored in compliance with our various regulatory obligations for anti-money laundering and fraud purposes.

‍

5. Data Use

When you sign up to make payments through our Service, you enter into a contract with us to make these payments on your behalf. We must process your Data to fulfil this contract. Further, we are required by law to collect, process, and retain your Data, in fulfilment of our anti-money laundering regulatory obligations. We use your Data in the following ways:

• Carry out our obligations relating to your contracts with us and to provide you with the information, products and services that you request from us;
• Provide, maintain, personalize, optimize, and improve the Services, including research and analytics regarding use of the Services, or to remember you when you leave and return to the Services;
• Provide and improve our products and services;
• Provide you with more relevant content in marketing, promotional or other communications to which you may be subscribed; and
• Detect, investigate, and prevent activities that may violate our policies or be fraudulent or illegal.

We may combine information from the Services together and with other information we obtain from our business records or from third party sources.

‍

Taptap Send will only use your Data for marketing and promotional purposes if you "opt in" to such uses, and you can withdraw this permission at any time. You have the right to ask us not to contact you for marketing purposes by contacting us at privacy@taptapsend.com.

‍

As a regulated financial institution, we are required by law to store some of your Data beyond the termination of your relationship with us. After such time, your Data will only be accessed or processed if absolutely necessary. We will always delete Data that is no longer required by relevant legislation.

6. Data Sharing

We may share Data to ensure that we can continue providing you with the Services you have contracted.

Taptap Send may share your Personal Information and Activity Information with:

• Taptap Send Group Affiliates. We share Data with members of the Taptap Send Group (i.e., entities that are under common control of Taptap Send Inc.) to provide our Services;
  

• Taptap Send Service Providers. We share Data with trusted service providers who help us provide the Services and provide you with more relevant content in marketing, promotional or other communications to which you may be subscribed. Service providers help us with things like payment processing (i.e., banks, mobile network operators), website hosting, data analysis, information technology and related infrastructure, customer service, email delivery, auditing, marketing and customer outreach, and identity verification. For example, we may share Data with service providers in order to verify your identity based on a comparison of a selfie and photo ID.
  

• Third Parties Authorized by You. We share Data with parties directly authorized by a Customer to receive Data, such as when a Customer authorizes a third party application provider to access the Customer’s Taptap Send information through the third party’s own system or software. The use of Data by an authorized third party is subject to the third party’s privacy policy and any agreements the Customer has with the third party.
  

• Authorized Financial Institution(s). We share Data with the financial institution that holds the account you have designated for the sending or receiving transaction. By requesting a payment, you are consenting to sharing of Data by and between both Taptap Send and the relevant Financial Institution(s) as necessary for the provision of payment services.
  

• Successors-in-Interest. We will share Data with third parties in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings); and
  

• Safety, Legal Purposes and Law Enforcement. We use and disclose Data as we believe necessary: (i) under applicable law, or payment method rules; (ii) to enforce our terms and conditions; (iii) to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others; and (iv) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include authorities outside your country of residence.

‍

Taptap Send may share only Activity Information (and not Personal Information) with:

• Advertisers and advertising networks solely to select and serve relevant adverts to you and others; and
  

• Analytics and search engine providers that assist us in the improvement and optimisation of our site.

Your Data may be processed by us, members of the Taptap Send Group and those other parties described above, outside the country in which you are based. Where the DIFC has not issued an adequacy decision in relation to the jurisdiction where your personal information is processed, we will ensure that there are adequate mechanisms in place to protect your personal information in accordance with applicable data protection and privacy law. We will do this through use of data transfer agreements implementing standard data protection clauses. You can receive further information about the data transfer agreements that concern your Data by contacting us at privacy@taptapsend.com.

7. How We Protect Your Data

All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using Transport Layer Security technology. We take reasonable measures to help protect information about you from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction. If you feel your interaction with us is no longer secure (e.g., you believe your log in or other security credentials have been compromised), please contact us immediately.

8. Your Rights‍

If your data is processed by us in the DIFC, the following information applies to your Personal Information that we have processed or collected.

Purposes of processing and legal basis for processing: As explained above, we process Personal Information in various ways depending upon your use of our Services.  We process Personal Information on the following legal bases: (1) with your consent; (2) as necessary to perform our agreement to provide Services; and (3) as necessary for our legitimate interests in providing the Services where those interests do not override your fundamental rights and freedom related to data privacy.  Where we process Personal Information that is special category data (i.e., biometric data or data which may reveal political opinions), we process Personal Information on the additional legal basis that such processing is necessary for substantial public interest reasons (e.g., to prevent or detect unlawful acts).

‍

Right to lodge a complaint: Users who have their data processed by us in the DIFC have the right to lodge a complaint about our data collection and processing actions with the supervisory authority concerned. Contact details for data protection authorities are available below.

‍

Personal Information that we collect may be transferred to, and stored and processed in, the United States or any other country in which we or our affiliates, subcontractors, or partner payment processors maintain facilities. The laws in the U.S. and other countries regarding personal information may be different from the laws of your state or country.  Any such transfers will comply with safeguards as required by relevant law. It may also be processed by staff operating outside the DIFC who work for us or for one of our payment processors. Such staff may be engaged in, among other things, the fulfilment of your payment order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing.

Individual Rights: If your data is processed by us in the DIFC you are entitled to certain rights under the DIFC Data Protection Regulations over Personal Information that we have processed or collected. We have listed below how these rights operate in the context of using Taptap Send’s Services. You may contact us at privacy@taptapsend.com to request the exercise of these rights. We will make every effort to respond promptly, and in any case within 30 days of your request. We may take measures to verify your identity before processing a request.

• Your right of access. Upon request, Taptap Send will provide you with information about whether we hold any of your Personal Information. We will also provide access to one copy of your Personal Information that we may hold free of charge.
  

• Your right of rectification. You may request to review, delete or update your Personal Information to ensure it is accurate. You may update or change certain of your Personal Information by logging into the App and directly making the desired changes. You may also contact us and notify us of the Personal Information you wish changed.
  

• Your right to be forgotten. You may request to have us erase your Personal Information that we may hold if the data is no longer necessary for the purpose for which it was collected, you withdraw consent and no other legal basis for processing exists, or you believe your fundamental rights to data privacy and protection outweigh our legitimate interest in continuing the processing. We will inform you which of your Personal Information may be erased without violating our legal obligations.
  

• Your right to restrict or object to our processing. You have the right to ask us not to process your Personal Information if we are processing your data based on legitimate interests or the performance of a task in the public interest as an exercise of official authority (including profiling); using your data for direct marketing (including profiling); or processing your Personal Information for purposes of scientific or historical research and statistics. You also have the right to ask us not to process your Personal Information while a rectification request is pending.
  

• Your right to data portability. You have the right to request a copy of your Personal Information, including your transaction history. Your transaction history is downloadable in machine-readable format from the App
  

• Your rights related to automated decision making and profiling. Taptap Send does not subject you to significant solely automated decisions, as explained in the Data Use section above. However, if you disagree with our decisions with respect to you you may request a review by contacting us.

9. Our Partners‍

Our Services may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates.  If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility for them.  Please check these policies before you submit any personal data to these websites.‍

‍

10. Changes to this Policy
Any changes we may make to our Privacy Policy will be posted on this page and, where appropriate, notified to you by e-mail or in the App. Please check back frequently to see any updates or changes to our privacy policy.

Contact us

If you have any questions about this Privacy Policy, please contact our DPO at privacy@taptapsend.com. If you feel that we have not addressed your questions or concerns adequately, you may make a complaint with the Data Protection Commissioner in the DIFC. You may access their details via www.difc.ae.

‍