Privacy Policy

Effective Date: 01/27/2025

We value and respect your privacy and will take all reasonable steps to protect your and your customers' personal information. This Privacy Policy will help you understand what personal information NjiaPay collects and how we collect, hold, use and disclose that information; as well as the purposes of such collection and disclosure. By accessing our website and/or using our Service, you agree to the collection, use, disclosure, and procedures this Privacy Policy describes. Beyond the Privacy Policy, your use of our Service is also subject to your agreement with us.

Introduction

NjiaPay Group B.V. ("us", "we", or "our") operates www.njiapay.com and the NjiaPay Merchant Portal (hereinafter referred to as "Service").

This Privacy Policy applies to www.njiapay.com, all subpages, our blog (together, the "Website") and governs all software and services that we offer through our Website and our Service. It explains and outlines how we collect, safeguard, and disclose information and data from the use of our Service.

In relation to website visitors and our customers, we process your personal information as "controller". Please note that we will process your customer's personal information (a buyer of your services/goods), such as card information, as part of our provision of our services to you. In these cases where we handle personal information as part of our services to you, you as the Merchant will be the "data controller" as we will be acting as your "processor".

This Privacy Policy does not apply to any website, service or product of any third-party even if such third party links to or is linked from our Website. We do not control or operate those websites, services or products and assume no responsibility for them. You should carefully review the privacy policies of such third party websites, services or products before deciding whether to provide any personal information.

Our Terms of Service ("Terms") govern all use of our Service and together with the Privacy Policy constitutes your agreement with us ("agreement").

Collection and Use of Data

We collect your personal information from yourself and/or from various sources. You may be a website visitor, a user of our Services (a "Merchant"). We will collect and process personal information when you:

Visit our website (including filling in forms on our site, such as when you sign up for an account or a newsletter);
Contact our customer service team or request information from us in any other way;
Participate in our customer satisfaction surveys or other market research;
Communicate with us, including via email or social media;
Apply for or use our Service.

We may also collect information about you from third party sources, for example, our service providers and the third party providers, for example, Know-Your-Customer ("KYC") providers with which our service is integrated with.

Personal information

Merchants

While applying for our Service, you will need to provide us with certain KYC information that is considered personal information, such as the names and identification details of your directors and beneficial owners (date of birth, address, email address). You may further provide us with personal information on your employees that will become users of our Merchant Portal.

If you contact us for customer support or communicate with us through our Services, we may receive the name, email address and phone number of your employee contacting us, the contents of the message and any attachments you send to us, and any other personal information you choose to provide.

Website Visitors

When you fill in the contact request form through the website, we will request your full name, email address, phone number and any other contact information. We may use this information to contact you and to provide further information about our Service.

When you browse the website, we automatically receive your computer's Internet Protocol (IP) addresses, type of browser, type of device used, information about your device's operating system, internet service provider and any other (location) information (about your device or browsing activity) your browser may send to us. We may use this information to analyse and improve accessibility and compatibility of the website, trends, user experience, and gather demographic and statistical information to monitor our website and/or Service and make it better.

To help us understand how you access our website and to help us improve it, we automatically receive information about your interactions with our website, such as referring/exit pages, the pages or other content you view, the searches you conduct, the purchases you make, the products you consider purchasing, and the dates and times of your visits.

If you sign up for our newsletter or to receive updates, news, or other promotional information from us, we will collect certain personal information from you, such as your email address. When we send you emails, we may track whether you open them to learn how to deliver a better customer experience and improve our Service.

Usage data

We may also collect information that your browser sends whenever you visit our website or when you access Service by or through a mobile device ("Usage Data").

This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When you access Service with a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.

Location data

We may use and store information about your location if you give us permission to do so ("Location Data"). We use this data to provide features of our Service, to improve and customise our Service. You can enable or disable location services when you use our Service at any time by way of your device settings.

Tracking cookies data

We may collect information about your computer via the use of Cookies and similar tracking technologies to track the activity on our Service. We may collect information about your computer (including your IP address), operating system and browser type, for system administration purposes.

Cookies do not contain personally identifiable information; however, once you choose to furnish a website with personally identifiable information, this information may be linked to the data stored in the cookie. We use cookies to understand website and internet usage and to improve or customize the content, offerings or advertisements on our website. For example, we may use cookies to personalize your experience at our website. We also may use cookies to help us offer you products or services that may be of interest to you and to deliver relevant advertising.

Cookies are sent to your browser from a website and stored on your device. Other tracking technologies may also be used, such as beacons, tags and scripts to collect and track information and to improve our Service. They help us deliver a better and more personalised Service, identify fraudulent activity, and to analyse the sources of traffic to our Website.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Examples of Cookies we use include:

Session Cookies: We use Session Cookies to operate our Service and Website.
Preference Cookies: We use Preference Cookies to remember your preferences and various settings.
Security Cookies: We use Security Cookies for security purposes.
Advertising Cookies: Advertising Cookies are used to serve you with advertisements that may be relevant to you and your interests.

Purposes of collecting Data and Legal basis

We may process your information for the following purposes:

For website visitors:

To sell our Services
To contact you in case you filled in a contact form on our website;
To communicate with you, provide you with updates and other information relating to our Services, products and services, provide information that you request, respond to comments and questions, and otherwise provide customer support;
For the development and enhancement of our website and Services, including troubleshooting, data analysis, testing, research and statistical purposes; and
Provide you with news, special offers and general information about product, services and general events, unless you have opted not to receive such information;
Other purposes with your consent.

For Merchants:

Provide and maintain our Service;
Notify you about changes to our Service;
Identify you, process your requests, and activate your account;
Comply with applicable laws and regulations, including - but not limited to - performing customer due diligence checks;
Allow you to participate in feedback surveys of our Service when you opt to do so;
Provide customer support, determine what the issues are and how best to resolve them;
Gather analysis or information so that we can improve our Service;
Monitor the usage of our Service and enable us to provide a secure environment;
Detect, prevent and address technical issues and fraud;
Carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
Provide you with notices about your account and/or subscription, including upgrades and updates on products, expiration and renewal notices, email-instructions, and more;
Provide you with news, special offers and general information about product, services and general events, unless you have opted not to receive such information;
Other purposes with your consent.

Information collected by us as set forth above does not include your company's data entered in the course of operating our products or data provided by you while using our services. We will not access this data except in the following limited circumstances:‍

To provide you with technical support, at your request and with your permission;
on a limited-access basis to install updates or hotfixes, troubleshooting, or restore data from backups at your request;
where the inherent purpose of the product or service requires us to provide the data to a third party on your behalf and,
to utilise Aggregate Information derived from this data to help us improve our products and services and in developing additional offerings.

In most cases we need your personal information to provide you with our Services. For example, we may need to process your personal information to respond to your inquiries or requests, and to otherwise manage and provide our Services.

We do not collect and process any personal information for other purposes than as described in this Privacy Policy. If we do intend to process your personal information for any other purpose for which we initially collected it from you, we will provide you all further relevant information on that purpose and obtain your consent. In the event you choose to withdraw your consent to process your personal information for the purposes as laid down in this Privacy Policy, we will no longer be able to provide (a part of) our Service for which consent was obtained.

Data Deletion, Protection and Sharing

Disclosure of Data

We may disclose personal information that we collect, or you provide for the following reasons:

To perform the Services. For this purpose we may share the personal information with your payment service providers.
Disclosure for Law Enforcement. Under certain circumstances, we may be required to disclose your personal data if required to do so by law or regulatory bodies in response to valid requests by public authorities.
Business Transaction. If we or our subsidiaries are involved in a merger, acquisition or asset sale, your personal data may be transferred.

Other cases where we may disclose your information include:

to our subsidiaries and affiliates;
to contractors, service providers, and other third parties we use to provide the Service (a list of which parties is attached to this privacy policy);
to fulfil the purpose for which you provide it;
with your consent in any other cases;
if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of the Company, our customers, or others.

We will not disclose personal information without your written permission and will never sell or rent your personal information to marketers.

Retention of data

We will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your personal information to the extent necessary to comply with our legal and regulatory obligations, if we are required to retain your data to comply with applicable laws, resolve disputes, and enforce our legal agreements and policies.

We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.

Security and Protection of Data

The security of your data is of uttermost importance to us and we have implemented adequate technical and organizational measures to prevent any unauthorized access or loss of your personal information, however, no method of transmission over the internet or method of electronic storage is 100% secure. While we ensure to use commercially acceptable means and follow generally accepted industry standards to ensure that the personal information we hold is protected from misuse, interference, loss, unauthorised access to protect your personal information, by the use of various methods including access limitation, and industry-standard Secure Socket Layer (SSL) encryption technology, and more, we cannot guarantee its absolute security.

You are responsible for the usage and safeguarding of any login credentials that we issue to you regarding the use of the Merchant Portal or our Service. It is important for you to protect against unauthorised access to your login credentials and password, other sensitive data regarding your account with us, and to your computer and systems.

International Transfers of Data

NjiaPay provides some or all of its service from systems located outside of Europe. Accordingly, any European merchants and/or merchants collecting information from European persons by using NjiaPay's service must disclose to their customers that personally identifiable information may be transferred, processed and stored outside of Europe. However, your data protection rights under General Data Protection Regulation (GD

PR) will still apply. We may transfer personal information from Europe to the [X] and other third countries based on approved Standard Contractual Clauses, or otherwise in accordance with the GDPR.

Your Rights as European resident

If you are a resident of the European Union (EU) and European Economic Area(EEA), you have certain data protection rights, covered by GDPR. We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your personal information.

If you wish to be informed what personal information we hold about you and if you want it to be removed from our systems, please email us at support@njiapay.com with the title "personal information". Please note that we may be required to keep certain information in order to comply with applicable laws and regulations.

You have the following data protection rights:

The right to access, update or to delete the information we have on you;
The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete;
The right to object. You have the right to object to our processing of your personal information;
The right of restriction. You have the right to request that we restrict the processing of your personal information;
The right to data portability. You have the right to be provided with a copy of your personal information in a structured, machine-readable and commonly used format;
The right to withdraw consent. You also have the right to withdraw your consent at any time where we rely on your consent to process your personal information.

Where the processing of your personal information is based on your previously given consent, you have the right to withdraw your consent at any time. Please note that we may not be able to provide (a part of) our Service if you withdraw your consent.

In order to exercise your data protection rights, please contact support@njiapay.com.

Please note that we may ask you to verify your identity before responding to such requests.

You have the right to complain to a Data Protection Authority about our collection and use of your personal information.

For more information, please contact your local data protection authority in South Africa.

Retention and Deletion of Data

We will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy, and in accordance with local laws and regulations. We will retain and use your Business and personal information to the extent necessary to comply with our legal obligations, if we are required to retain your data to comply with applicable laws, resolve disputes, and enforce our legal agreements and policies.

If you are an end customer of a NjiaPay customer (for example, if you are making or have made a purchase from a merchant that uses NjiaPay), please direct your requests directly to them.

Policy Updates and Contact Information

Changes to This Privacy Policy

We reserve the right to modify this privacy statement at any time, so please review it occasionally to ensure you're still in agreement with its provisions. If we make material changes to this policy, we will notify you here or by means of a notice on our Website, the Merchant Portal, or other communication methods, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. You agree that electronic disclosures and notices have the same meaning and effect as if we had provided you with a paper copy.

Contact Us

If you have any questions about this Privacy Policy, or would like to access or seek correction of your personal information, or if you have any complaints regarding our privacy practices, please contact us:

By email: support@njiapay.com
By visiting this page on our website: www.njiapay.com/contact-us

Service providers

We may employ third-party companies and individuals to facilitate our Service ("Service Providers"), provide Service on our behalf, perform Service-related services, or assist us in analyzing how our Service is used. Some of these parties hold your personal information. They do so only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Google cloud

Google Cloud is our primary cloud provider. It is used to host our data, run our applications, and store our databases. Google Cloud's infrastructure provides scalability and security for our systems. Your data is encrypted at rest and in transit, ensuring that it remains secure and inaccessible to unauthorized parties. Google Cloud does not have direct access to your data. For more details on Google Cloud's privacy and security practices, please visit their Privacy Policy page: https://sentry.io/privacy/.

Looker studio

Looker Studio is used for creating reports and dashboards to help us visualize and understand our data. The data processed in Looker Studio is restricted to specific reporting purposes

Sentry

Sentry is a monitoring and error-tracking tool used to identify, diagnose, and fix software issues within our applications. It processes application data to help us improve the performance and reliability of our services. For more information, please visit the Sentry Privacy Policy page: https://sentry.io/privacy/.

GitHub

GitHub is provided by GitHub, Inc. GitHub is a development platform to host and review code, manage projects, and build software. For more information on what data GitHub collects for what purpose and how the protection of the data is ensured, please visit GitHub Privacy Policy page: https://help.github.com/en/articles/github-privacy-statement.

Communication tools

Slack

Slack is a messaging platform used for team communication. It allows our team to exchange information quickly and efficiently. Slack may process your data according to its privacy policy, which can be found here: https://slack.com/privacy-policy

Jira

Jira is a project management tool used for issue tracking and agile project management. It helps us track tasks, bugs, and enhancements related to our services. For more information, visit the Jira Privacy Policy page: https://www.atlassian.com/legal/privacy-policy

Confluence

Confluence is a collaboration tool used to create, share, and store documents and knowledge resources. It ensures secure and controlled access to our team's internal documentation. For more details, visit the Confluence Privacy Policy page: https://www.atlassian.com/legal/privacy-policy.