PRIVACY POLICY
- Welcome
Kasper Development Technology , Payment Services with the Privacy policy acts as a “data controller” with regards to customers’ payment instrument information, which we receive when a payment is initiated by customers .
Privacy policy for end users
- About this Policy
The Privacy Policy (Policy) describes the “Personal Data” that Kasper Development Technology collects, retains, and uses, the user’s rights with respect to the “Personal data,” and various ways the user can exercise these rights. It further describes how the user can contact Kasper Development Technology or other payment services about the privacy practices.
For the purposes of the policy:
“Kasper Development Technology”, “we”, “our”, “ourselves”, “us,” or “Data Processor” means or refers to the Kasper Development Technology entity that collects the Personal Data from a “Data Subject” and carries out processing of the Personal Data, directly or indirectly.
“Data Subject” is any natural person to whom the personal data relates, his representative, or the person who has legal custody over him or her. These may include the Merchant, the customer, or the Visitor.
Depending on the context, “you” or “your” means or refers to the “Data Subject”.
“Services” means the products and services that Tap indicates are covered by this Policy or in the Master Agreement with the Merchants, Payment Method Holders, Payment schemes, or Marketplaces.
“Payment Method Holder” means the user that got issued the Payment Method or the user who is authorized to use such a payment method.
“Payment Method” means any method that Kasper Development Technology offers for accepting transactions, whether it is through a card, a wallet, or any other means of payment.
“Merchant” means the user of the Payment Acceptor Service.
“Payment Acceptable Service” means the facilitation of payment processing services offered by Kasper Development Technology that provide the merchant with the ability to accept any payment method, whether credit cards or debit cards, on a website, mobile wallet, or mobile application.
“Customer” means the customer of the Merchant.
“Customer Data” means all information the customer provides in the course of making payment to the merchant, including Payment Method Information, transaction data, and/or security-related information.
“Controller” refers to a natural or legal person, public authority, agency, or other body that decides, on their own or in collaboration with others, the purposes and methods for processing personal data. For the purpose of this policy, the Controller is Kasper Development Technology , unless explicitly stated otherwise.
We at Kasper Development Technology strongly believe in fundamental privacy rights, irrespective of where you live. Therefore, we encourage you to read the Policy and know your privacy rights before interacting with us.
- What is “Personal Data”?
“Personal Data” is any information that is directly or indirectly related to an identified or identifiable natural person or that is linked to or linkable to such a person. Personal Data includes information such as name, identification number, geolocation, or any other online data.
- What personal data do we collect?
As a principle, we limit the collection of Personal Data to a minimum that enables the fulfillment of purposes provided in your service agreement(s) or in this Policy.
Below is a table that sets out various categories of personal data we may collect, retain, and use.
| DATA CATEGORY | DESCRIPTIONS |
|---|---|
| Merchant Data | The Merchant is the user of the Payment Acceptance Services. The Merchant can either be the party that is in agreement with us and represented by an authorized signatory or their Clients.We collect personal data to register the Merchant and provide payment services. Examples of Merchant Data include (but are not limited to): Name of business owner(s)National ID detailsCertificate of RegistrationOccupationsContact detailsDate of BirthGenderAgeAddressCountry (Nationality)Bank Account DetailsWe may be required to collect other Merchant Data, depending on the regulatory requirements or need to provide the services. |
| Customer Data | Customer data includes information that the customer provides in the course of making payment to the merchant, including Payment Method Information, transaction data, and/or security-related information. Some of the main examples of customer data collected are:Card details.Contact detailsDevice Fingerprints.Payment Account details |
| Visitor Data | Visitor Data refers to the data we collect when a person who is not logged into the account visits the Tap site. We may collect Visitor data, which includes but is not limited to: Device LocationDevice FingerprintsVisitor’s behavior while using the Tap site |
| Other Identifiers | Kasper Development Technology may collect data related to the Merchant or Customer from other sources, like the government services. Some examples of such data are Tax IDsLicenses DetailsCommercial Registration DetailsCredit Ratings |
- Why is your Personal Data collected?
One of the questions we ask ourselves before collecting or processing personal data is “What is our reason or justification for processing this personal data?”. This is of key importance because any processing of personal data is only lawful where it has what is known as a ‘legal basis’. Data protection laws set out what these potential legal bases are, namely:
- Consent: The data subject has given consent to the processing of his or her personal data for one or more specific purposes.
- Contract: processing is necessary for the performance of a contractual agreement to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into the agreement.
- Legal Obligation: Processing is necessary for compliance with a legal obligation to which the controller is subject.
- Vital Interests: Processing is necessary in order to protect the vital interests of the data subject or of another natural person.
- Public Task: Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
- Legitimate Interests: Processing is required for the purposes of the controller’s or a third party’s legitimate interests, unless those interests conflict with the data subject’s interests or fundamental rights and freedoms, which necessitate the protection of personal data.
We ensure that all Personal Data defined under the mentioned categories is collected, stored, and processed with at least one “Legal Basis”.
The table below sets out:
- Our purpose for processing your personal data (non-exhaustive and examples for demonstration only)
- Our legal justifications (“Legal Basis”) under data protection law for each purpose
| PURPOSE | DESCRIPTION | LEGAL BASES |
|---|---|---|
| Payment Processing | We may use your Personal Data to provide services to the users of our business services, which may include merchants, customers, Payment Method holders, or Marketplaces. The services may include, but are not limited to: Payment services as defined in the Agreement with Credimax payments , TapProvide , or other Banking or other Payment Services , or reporting services like dashboards, etc. on which your details (such as name, etc.) may be displayed.Personalization and messages (like communications related to services, for example, policy updates, awareness messages, etc.)Services required from payment schemes | ConsentContract |
| Compliance and Legal | We may use your Personal Data to comply with a legal obligation that Tap is subject to.This might include, but is not limited to: An obligation under the law of the country or region the merchant or user is located inComply with a request from law enforcement agencies, e.g. courts, police, etc.Establish, exercise, or defend legal claims.Obligations related to Money Laundering, Know-Your-Customer (“KYC”) laws, anti-terrorism, export control, prohibitions on doing business with restricted persons or in certain business areas, and other similar legal obligations | Legal Obligation |
| Fraud Detection and Prevention | We may use your Personal Data to detect and prevent fraud against Kasper Development Technology , its Merchants or customers, including but not limited to: Fraudulent paymentsUnauthorized log-ins using online activity | Public TaskVital InterestLegitimate Interest |
| Development and Improvement | Kasper Development Technology may use the Personal Data to improve the services provided or to develop a new service: Understand, diagnose, troubleshoot, and fix issues.Evaluate and develop new features, technologies, and improvements. | ConsentContract |
| Promotion | We may use your Personal Data to participate in an offer, program, or promotion. We may use the Personal Data you submit to administer the offer, program, or promotion. Based on your consent, we may also use your Personal Data to market to you. Some examples are: Marketing or advertising where the law requires collecting consent.Marketing, promotion, and advertising purposes where the law does not require consent. | Consent |
- Sources of Personal Data Collection
We may collect your personal data under each category from various sources.
The table below provides a non-exhaustive list of sources we may use to collect your data. Other appropriate sources may be engaged to collect the data
| SOURCE | DESCRIPTION | PERSONAL DATA CATEGORY |
|---|---|---|
| Data Subject | Personal Data that the data subject provides for Kasper Development Technology services or when the data subject responds to surveys or takes part in any research | Merchant DataCustomer DataVisitor Data |
| Services | Personal data is collected and processed when the user is accessing or using Kasper Development Technology services or Other Payment portal | Merchant DataCustomer DataVisitor Data |
| Payment Schemes | Personal Data collected from payment schemes like VISA, MasterCard or any other scheme of payment provided by Kasper Development Technology services or Other Payment portal | Merchant DataCustomer DataVisitor Data |
| Third Party | Personal data collected from parties other than those in the contract, for example, Government Institutions, banks, etc | Other Identifiers |
- How your personal data is used and shared
We do not disclose your personal data to anyone except as described in this policy, including:
- Within the Tap entities, which may include any or all our subsidiaries, our ultimate holding company, and/or its subsidiaries,
- Third party credit and financial institutions (where allowed under any Terms and Conditions or other contract): including the credit institution where you or your business maintains its bank account and the card schemes governing the issue and use of credit, debit, charge, purchase or other payment cards, alternative payment schemes and any other financial institutions who may process payments and who are not operating under Kasper Development Technology services or Other Payment portal control, or for whose actions or omissions Kasper Development Technology services or Other Payment portal does not have liability;
- Third-party service providers: suppliers who assist us with the provision of Kasper Development Technology services or Other Payment portal Services, including processing orders, fulfilling orders, processing payments, support desk, security, fraud risk mitigation tools, and marketing, market research and survey activities carried out on behalf of Kasper Development Technology services or Other Payment portal;
- Where we are required or permitted to do so by law, we may be required by law to pass information about you to regulatory authorities and law enforcement bodies worldwide, or we may otherwise determine that it is appropriate or necessary to do so. Such disclosures may also include requests from governmental or public authorities for purposes of litigation or legal process, national security or where we deem it in the national interest or otherwise lawful to do so;
- Business transfers: Kasper Development Technology may buy or sell business units or affiliates. In such circumstances, we may treat customer information as a business asset. Without limiting the foregoing, if our business enters a joint venture with, is sold to or merges with another business entity, your information may be disclosed to our new business partners or owners; and
- With your permission: Your information may also be used for other purposes for which you give your specific permission or when required by law in any relevant jurisdiction. Except where permitted as stated, Kasper Development Technology does not sell, rent, share, or otherwise disclose personal information about its customers to any other parties for commercial purposes.
- Data Retention
Your Personal Data shall be retained for as long as it is necessary, according to defined retention periods, for the purposes for which it was collected and for satisfying any legal, regulatory, accounting, or reporting requirements.
- Cross-border transfers
We may collect or transfer your personal data across borders in a secure and lawful manner, within and external to our entities,including for purposes described in this Policy and as otherwise required or permitted by law.
We take the necessary steps to require entities that deal with your personal data, by written agreement, to comply with similar standards or applicable privacy requirements and to have appropriate safeguards.
- How do we keep your Personal Data safe?
Tap is committed to protecting its users’ Personal Data. Kasper Development Technology puts in place appropriate technical and organizational measures to help protect the security of personal data.
Kasper Development Technology has implemented various safeguards to protect against unauthorized access and unnecessary retention of Personal Data in our systems. These include encryption, access, and retention policies, among others.
We ensure that if your data needs to be destroyed, it is done in a manner that prevents leakage, loss, theft, misuse, or unauthorized access.
- Cookies and Other Technologies
When you access or use our services, we may collect personal data via the use of cookies and other web tracking technology, such as pixels or beacons, in order to take reasonable steps to ensure the security of our systems and to help us deliver, maintain, and improve our services. A cookie is a small text file saved on your computer, mobile device, or browser when you visit us. Your browser may give you the ability to control our use of cookies. If you block all cookies, you may disrupt certain service features and limit the functionality we can provide.
- Your rights and choices
The table below provides details of your rights with respect to your personal data:
| RIGHT TO | DESCRIPTION |
|---|---|
| Withdraw your consent | You have the right to withdraw your consent where we have relied on it. If you withdraw your consent, we may not be able to provide you with certain Services. It will not affect our lawful basis for processing your consent before your withdrawal. |
| Further information | You have the right to inquire further about the personal data we hold about you and how we process it, including across borders. |
| Access | You have the right to request access to your personal data. |
| Correction | You have the right to ask us to correct your personal data, including where you believe it is not accurate, complete, up-to-date, or relevant. |
| Make an enquiry or complaint | You have a right to make an inquiry or complaint, including to lodge a complaint with your local privacy authority. |
| Erasure | You have the right to ask us to erase your personal data and, where personal data is made public, to inform other controllers of your personal data where you have a lawful erasure right. |
| Restrict Processing | You have the right to ask us to restrict the processing of your personal data. |
| Object to processing | You have the right to object to our processing of your personal data. |
| Portability | You have the right to ask us to access or transfer, on your behalf, the personal data we hold about you to a third party. |
You may exercise your rights related to Personal Data by contacting us through the mediums mentioned in this Policy.
The provision of Personal Data is a pre-contractual requirement. As a result, failure to complete personal data collection in accordance with Kasper development technology will affect the delivery of the requested services. This might include the termination of requested services.
- Contact Us
For any questions or concerns about this Policy, contact us at kasper.development.technology@gmail.com
- Changes to this Policy
We may, from time to time, change our privacy policy. If we make material changes to how we treat your information, we will notify you of any revised policy via our website or portal or by any other means deemed appropriate.
A privacy policy is a statement that discloses some or all of the ways a website collects, uses, discloses, and manages the data of its visitors and customers. It fulfills a legal requirement to protect a visitor or client’s privacy.
Countries have their own laws with different requirements per jurisdiction regarding the use of privacy policies. Make sure you are following the legislation relevant to your activities and location.
In general, what should you cover in your Privacy Policy?
- What type of information do you collect?
- How do you collect information?
- Why do you collect such personal information?
- How do you store, use, share and disclose your site visitors’ personal information?
- How (and if) do you communicate with your site visitors?
- Is your service targeting and collecting information from Minors?
- Privacy policy updates
- Contact Information
You can check out this support article to receive more information about how to create a privacy policy.
The explanations and information provided herein are only general explanations, information and samples. You should not rely on this article as legal advice or as recommendations regarding what you should actually do. We recommend that you seek legal advice to help you understand and to assist you in the creation of your cookie policy.