Privacy Policy

Introduction:

Welcome to the privacy policy page of the Digital Generation for Information Technology "JeelPay."

JeelPay respects your privacy and is committed to protecting your personal data. Therefore, we present to you the following privacy policy and the methods employed to safeguard your personal data when you visit our application/website (regardless of the location within the application or website you are visiting). We will also inform you of your privacy rights, how we provide legal protection for you, and when you access or use JeelPay services, features, and technologies, including the JeelPay mobile application, you accept this privacy policy.

So please read the privacy policy carefully. This privacy policy does not apply to information provided or collected through websites held by other companies or institutions we may be affiliated with or connected to, so we are not responsible for the privacy practices and policies of third-party websites.

Terms:

Legitimate Interest: This refers to interests related to our business and its management, which enable us to provide the best services and the most secure experiences for you. We ensure to consider any potential impact on you (whether positive or negative), achieve the necessary balance, and respect your rights before processing your personal data to achieve our legitimate interests. We do not use your personal data in activities where we would have to disregard our interests due to their impact on you, unless we receive your consent or have a legal obligation, or the law permits us to do so.

Contractual Performance: This means processing your data if it is necessary to fulfill a contract you are a party to or to take steps at your request before entering into that contract.

Legal Compliance: This refers to processing your personal data when it is necessary to comply with a legal obligation to which we are subject.

Intra-Enterprise Third Parties: These are other companies within JeelPay who act as joint controllers or data processors. These companies are based in Saudi Arabia and provide IT services, systems management, and reporting services.

Outside -Enterprise Third Parties: These are service providers working in data processing at JeelPay, providing IT services and systems management.

Specialized Advisory Entities: These are individuals working as data processors or joint controllers, including lawyers, bankers, auditors, and insurance specialists, offering advisory, banking, legal, insurance, and accounting services.

Governmental and Other Interests and Institutions: These are individuals working as data processors or joint controllers in Saudi Arabia who request reports about processing activities under specific circumstances or conditions.

1- Important Information:

1.1 Purpose of this Privacy Policy:

The purpose of this Privacy Policy is to inform you about how JeelPay collects and processes your personal data that you provide through the use of the website or the mobile application. This includes any data you provide when signing up for newsletters, registering, downloading, or logging into any platform operated by JeelPay or any of our mobile applications, in accordance with the Personal Data Protection System issued on 09/02/1443H, corresponding to 16/09/2021 AD.

It is important to review this Privacy Policy, as well as our terms and conditions when we collect or process your personal data. This will help you understand how your data is used and the methods employed to do so. Please note that this Privacy Policy complements other notices and privacy policies and does not aim to override or nullify them.

1.2 Entity Responsible for Your Personal Data:

JeelPay is the entity responsible for your personal data (referred to in this document as " JeelPay " or "we" in this Privacy Policy). JeelPay is also the supervisory authority responsible for this application or website.

If you have any inquiries or suggestions regarding the Privacy Policy and usage, please feel free to contact us via email ([email protected]).

2- The Data We Collect About You:

The term "data" or "personal information" refers to any information about an individual that can be used to identify that person. This does not include data where the identity has been removed.

We also collect, use, store, and transmit various types of personal data from you, including but not limited to the following:

1. Identity data, including first name, middle name, last name, username, date of birth, gender, and similar identification information.

2. Contact data, including email address and phone numbers.

3. Geographical location information and financial account information, such as credit card numbers.

4. Technical data, including IP address, login data, browser type and version, time zone settings, browser plug-in types and versions, operating system and platform, and other technological data about the devices you use to access the website.

5. Profile data, including your username, password, your interests, and survey responses.

6. Usage data, including information about how you use our website and services.

You can choose to provide us with access to some non-personal information stored by third parties, such as social media platforms (e.g., Facebook, Instagram, and Twitter). The information received varies depending on the site and is controlled by the respective site. By linking a third-party account with your JeelPay account and authorizing JeelPay to access this information, you agree that JeelPay may collect, store, and use this information in accordance with this Privacy Policy.

We also collect, use, and share aggregated data, such as statistical and demographic data, for various purposes. Aggregated data may be derived from your personal data but is not considered personal data under the law, as it does not directly or indirectly identify you. However, when aggregated data is combined with your personal data, it can be used to identify you, and we treat aggregated data as personal data, subject to the terms of this Privacy Policy.

We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, political opinions, health, genetic, or biometric data). We also do not collect any information about criminal convictions or offenses.

3- How We Collect Your Personal Data:

We use various methods to collect data from or about you, including the following:

3.1. Direct Interactions:

You may provide us with your identity data, contact data, and financial data by filling in data forms or by communicating with us via regular mail, phone, email, or other means. This includes your interactions with JeelPay services, your usage of them, or your contact with our customer support team.

3.2 Indirect Interactions:

Through third parties, such as data aggregators, the bank you interact with, or merchants you transact with through our websites, using cookies, web beacons, mobile application add-ons, and similar technologies.

Please note that your data may also be collected indirectly through these external entities, such as data aggregators or the banks and merchants you interact with, using cookies, web beacons, mobile application add-ons, and similar technologies.

4- Failure to Provide Personal Data:

If we need to collect personal data by law or under the terms of a contract we have with you, and you fail to provide that data when requested, we may be unable to perform the contract that is in place or under negotiation with you (for example, providing services to you). In such a case, we may have to cancel the service you receive from us. However, we will notify you if the cancellation is indeed due to this issue. It is also your responsibility to inform us of any changes in your personal data.

5- How We Use Your Personal Data:

We will use your personal data only when the law allows us to do so, and in general, we may use your personal information for the following purposes:

1. Providing JeelPay services and customer support.

2. Processing transactions and sending notifications about your transactions.

3. Resolving disputes, collecting payments, and fees.

4. Verifying the accuracy of your information and authenticating it.

5. Detecting, investigating, and preventing activities that may be prohibited or illegal, such as fraud.

6. Communicating about accounts or transactions and sending information about features and improvements.

7. Contacting you, for example by phone, text messages (SMS), or email.

8. Notifying you of changes to our policies.

9. Personalizing content and experiences, including providing recommendations based on your preferences.

10. Sending offers or promotional offers for JeelPay services.

11. Displaying advertisements, including ads based on your use of JeelPay services or third-party websites.

12. Conducting statistical, demographic, and marketing analytics for users of JeelPay services and their purchasing patterns.

13. Carrying out any other legitimate business activities not prohibited by law, except when it is necessary to achieve our legitimate interests (or the legitimate interests of others), and your fundamental interests and rights do not override or interfere with those interests when we need to fulfill a legal obligation or when we need to create and manage an account for you or when we need to conduct survey operations or when we need personal content or user experiences or business information or when we need to comply with internal regulatory requirements.

In general, we do not rely on your consent or consider it a legal basis for processing your personal data, except for direct marketing messages sent by others to you via your email or text messages. You have the right to withdraw your consent for the mentioned marketing activities at any time by contacting us in this regard.

6- What We Do If Information Is Incorrect:

We conduct checks on the information you provide to identify any errors or deficiencies. You have the right to request the following:

- Correct any personal data associated with you that you believe is Incorrect. This may include completing or providing any missing information. This is known as the right to rectification. If you do not exercise your right to rectification, we will take steps to examine and correct the information if necessary.

7- Personal Information for Individuals Under 18:

We do not intentionally request or collect personal information from anyone under the age of 18. If JeelPay suspects that a user is under 18, we will ask the user to close their account, and they will not be allowed to continue using JeelPay's services. Please inform us if you are aware of any individuals under 18 using JeelPay's services so that we can take appropriate actions.

8- Purposes for Processing Your Personal Data:

We process your personal data on the basis that it is necessary for the performance of a contract in which you are a party or to take steps at your request prior to entering a contract.

8.1 In this regard, we may share or transfer your personal data to the following entities:

1. Independent third parties (data processors) whom we appoint to assist us in providing services to you, subject to your consent.

2. Our specialized consultants, including lawyers, accountants, IT specialists, and public relations consultants, when necessary for advice or assistance.

3. Data storage service providers.

4. Our subsidiaries and related companies.

5. Partners, suppliers, and service providers who assist in our business operations, including fraud prevention, identity verification, payment collection, marketing, customer service, and technology services.

6. Our merchants to provide services, respond to complaints, or help them improve the quality of services they offer.

7. Financial institutions with which we may share information to create and jointly offer a product.

8. Credit reporting agencies and collection agencies, according to the law, for the purpose of credit reporting. We allow them to use this information for their credit reporting services. To request a credit report, we will provide information to the credit reporting agency that identifies you.

9. Banking partners as required by credit card association rules for listing terminated merchants.

10. Companies we plan to merge with, acquire, or invest in.

11. Government agencies or officials pursuant to a subpoena, court order, or any other legal process or requirement applicable to JeelPay when we need to comply with the law or credit card regulations, or when we believe, in our own discretion, that disclosing personal information is necessary to prevent physical harm or financial loss, or to report suspected illegal activity or investigate suspected violations of our user agreement.

12. Any other third parties as intermediaries that we inform you about, provided that we will disclose their identity to you whenever possible before introducing you to them.

13. Any other parties with your consent or upon your direction to do so.

8.2 In this regard, we use your personal data for the following purposes:

1. To prepare recommendations regarding the services we offer to you.

2. To provide services to you within the scope of our services or as agreed with you from time to time.

3. To address any complaints or comments from you.

4. For any other purpose for which you provide us with your personal data.

JeelPay may request your consent to use or disclose your personal information if it needs to use your information for a purpose unrelated to the one for which it was collected. If you do not agree to JeelPay collecting, using, or disclosing your personal information for such other purposes, it may affect JeelPay ability to provide and improve its services to you.

Additionally, please note that merchants from whom you make purchases (even when using JeelPay services) have their own privacy policies, and JeelPay is not responsible for their actions, including their information protection practices.

8.3 Legitimate Interests:

We also process your personal data as necessary for our legitimate interests or sometimes for the legitimate interests of another person. In this regard, we use personal data for the following purposes:

1. For the purpose of managing and organizing our business, including conducting archival or statistical analysis.

2. To obtain legal advice regarding our rights and obligations, such as seeking legal counsel's opinions. In this regard, we may share your personal data with our legal advisors or agents if necessary to obtain their advice or support and with third parties and their legal advisors if such third parties own or are considered to own a part of our business.

8.4 Legal Obligations:

We also process your personal data to fulfill legal obligations that we are required to comply with. In this regard, we will use your personal data for the following purposes:

- To fulfill our regulatory and legal obligations.

- To comply with the requirements of tax authorities, any competent court, or official entity. In this regard, we will share your personal data with the following entities:

1. Our legal advisors, if necessary to obtain their advice or support.

2. Our financial regulators if such information sharing is considered part of their supervisory duties.

3. Third parties who assist us in conducting identity verification processes.

4. Relevant regulatory authorities or law enforcement agencies if required to do so.

9- Short Message Terms and Conditions:

By entering your mobile phone number, you agree to receive text messages for service notifications and verification codes from JeelPay. Message frequency may vary, such as responding with "help" to get assistance or "stop" (or "unsubscribe") to stop. Message and data rates may apply, and JeelPay is not responsible for delayed or undelivered messages.

10- Marketing:

We will send you marketing messages about our services that may be of interest to you. These may include notifications, newsletters, discounts, or tasks that we believe may be relevant or related to you. We may send these through various channels, such as regular mail, phone, email, or other digital communication methods.

If you have registered to receive instant notifications (including marketing notifications) and you would like to stop receiving them, you can unsubscribe at any time through the application's settings. You can also update your push notification preferences at any time within your app profile settings.

11- Promotions and Advertisements from Us:

We may use your identity data, contact data, technical data, usage data, or profile data to configure a vision of what you want or need. Sometimes, we work with online advertising vendors to provide you with relevant and useful advertisements. This may include advertisements on our websites or on other companies' websites. These advertisements may be based on information collected by us or third parties. For example, your postal code might be used to target an ad to people in your area. These ads may also be based on your activities on our websites or on third-party websites.

12- Opt-Out:

If you wish to stop receiving promotional messages, this choice will not apply to personal data you provided as a result of a service or when registering a warranty, or to transaction records.

13- Cookies:

We use cookies and track IP addresses on our websites to enhance our web services and improve your user experience. When you access our websites or use JeelPay services, we, including our partners and collaborating companies, may place small data files on your computer or other devices. These data files may include cookies or pixel tags, also known as "cookies" or other forms of local storage that your browser or associated applications provide.

We use cookies to ensure that we track the pages you visit and how often you visit them. This helps make our websites more user-friendly and provides you with a better experience when returning to our website. We also use cookies to guide relevant advertisements your way, based on what we believe you might be interested in. For instance, cookies allow us to save your password, so you don't have to re-enter it every time you visit our website.

Most web browsers automatically accept cookies, and you can find specific information related to your browser in the "Help" section. You have the freedom to refuse our cookies if your browser or browser extension allows it, unless our cookies are necessary to prevent fraud or ensure the security of websites under our control. However, refusing our cookies may affect your use of our websites and payment services.

You can configure your browser to reject all cookies, some cookies, or to notify you when an application or website places cookies on your device. If you disable or refuse cookies, please note that you may not have access to certain parts of the corresponding website, or these parts may not function correctly.

14- Change in Purpose:

We use your personal data only for the purposes for which we collected it, unless there is a need to use it for a different purpose that is in line with the original purpose, and as long as this change aligns with the original purpose. If you wish to understand how processing for a new purpose aligns with the original purpose, please contact us. If we intend to use your personal data for a purpose unrelated to the original one, we will notify you and explain the legal basis that allows us to do so. Please note that we may process your personal data without your knowledge or consent if required by law.

15- Privacy Policy Changes:

Company [Name] reserves the right to amend these terms of use at any time, with such modifications taking effect as soon as the revised terms are published on the website. It is the user's responsibility to periodically check the website for any changes to the terms of use.

16- Data Disclosure: We are committed to securing your personal data and will not allow third-party service providers to use your personal data for their own purposes. Service providers are only permitted to process your personal data for specific purposes and in accordance with our instructions.

17- Data Security:

1. We have implemented appropriate security measures to prevent loss, unauthorized access, alteration, disclosure, or unauthorized use of your personal data. Only authorized personnel or agents who need to know the data for business purposes are granted access, and they are committed to maintaining its confidentiality.

2. We have procedures in place to address potential breaches of personal data security, and if required, we will notify you and any relevant supervisory authority.

3. We regularly review our security procedures to consider suitable new technologies and updated methods.

4. Access to this information is restricted to individuals who require it for their job, and while we take reasonable precautions, there is no security measure that is completely invulnerable.

18- Links to Third Parties:

Our platform (website, smart device application, customer portal, and monitoring dashboard) may include links to third-party websites, additional electronic components, and other applications. Clicking on these links or allowing them to be activated may enable third parties to collect and share data about you. We do not have control over third-party applications or websites, and we do not take responsibility for their privacy policies. When you leave our application or website, we recommend reviewing the privacy policy of any third-party application or website you visit.

19- Data Retention:

We retain your personal data for the duration necessary to fulfill the purposes for which we collected the data, including purposes related to satisfying any legal, regulatory, tax, accounting, or reporting requirements. We may retain your personal data for a longer period in case of a complaint or if we anticipate potential legal actions related to the relationship with you. To determine an appropriate data retention period, we consider the amount and nature of personal data, its sensitivity, potential harm from unauthorized use or disclosure, purposes for data processing, and whether we can achieve those purposes through other means. If it is no longer necessary to retain your personal data, we will delete it according to Article 18 of the Personal Data Protection Regulation.

20- What We May Need from You:

We may request specific information to help us verify your identity and ensure your right to access your personal data (or exercise any other right). This is a security measure to ensure that your personal data is not disclosed to anyone who has no right to access or obtain it. We may also contact you to request further information related to your request for a prompt response

21- Response Time:

We try to respond to all legitimate requests within one month, but it may take us longer if your request is particularly complex or if you have made multiple requests. In such cases, we will notify you and keep you updated on the progress.

22- Your Legal Rights:

You have the following rights:

1. Request access to your personal data: This is known as the "right to access" and allows you to receive a copy of your personal data and verify that we process it lawfully.

2. Request correction of your personal data that we hold about you: This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

3. Request erasure of your personal data: This is also known as the "right to be forgotten" and allows you to ask us to delete or remove personal data when there is no good reason for us to continue processing it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully, or where we are required to erase your personal data to comply with local law. However, please note that we may not always be able to comply with your request of erasure for specific legal reasons, which we will notify you of if applicable.

4. Object to processing of your personal data: Where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. in some cases, we may need to clarify our commitment, based on legal or legislative principles, to process your personal information. This commitment may override or cancel your mentioned rights and freedoms.

5. Request restriction of processing your personal data: You can use this request to ask us to temporarily stop processing your personal data in the following circumstances:

1. If you want us to verify the accuracy of the data.

2. If our use of the data is unlawful, but you don't want us to erase it.

3. If you object to our use of the data, and we need to verify whether we have legitimate grounds to use it.

6. Request the transfer of your personal data to you or to a third party: We will provide you or the third party you choose with your personal data in a structured, commonly used, machine-readable format. Please note that this right applies to information for which you've provided initial consent to us, and we've used this information to perform a contract with you.

7. Withdraw consent at any time: This pertains to consent we rely on to process your data. However, this action will not affect the legality of any processing carried out before withdrawing the mentioned consent. If you do withdraw your consent, we may be unable to provide specific services, and we will inform you of this when you withdraw your consent.

8. You are not obligated to pay any fee for accessing your personal data (or for exercising any other rights). However, if your request is unfounded, excessive, or repetitive, we may refuse to comply with your request, subject to certain conditions.

23- How do we handle the "right to be forgotten"?

You have the right to request the erasure of personal data we hold about you in certain circumstances. For example, if the information is no longer held for a legal purpose or is no longer necessary for legal reasons. This right is often referred to as the "right to be forgotten." If you request the erasure of your data, we will typically erase it if the data is no longer identifiable, publicly available, or no longer needed for our purposes.

If you have any questions or suggestions regarding the privacy and usage policy, please don't hesitate to contact us via email ([email protected]).