PaySSD

Privacy Policy

Last updated: December 12, 2024

1. Introduction

PaySSD Limited ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our payment gateway platform.

By using PaySSD, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Personal Information

We collect the following personal information:

  • Name: Full legal name
  • Email Address: For account communication
  • Phone Number: For verification and support
  • Business Information: Business name, type, registration details
  • Bank Account Details: For settlement processing
  • Identification Documents: Government-issued ID for verification
  • Address: Business and personal address

2.2 Transaction Information

  • Transaction amounts and currencies
  • Payment methods used
  • Customer information (name, email, phone)
  • Transaction dates and times
  • Payment status and history
  • Refund and chargeback information

2.3 Technical Information

  • IP address and location data
  • Browser type and version
  • Device information
  • Usage patterns and analytics
  • Cookies and similar technologies

3. How We Use Your Information

We use your information to:

  • Process Payments: Facilitate transactions and settlements
  • Verify Identity: Comply with KYC/AML regulations
  • Prevent Fraud: Detect and prevent fraudulent activities
  • Provide Support: Respond to inquiries and resolve issues
  • Improve Services: Analyze usage and enhance platform features
  • Send Notifications: Transaction confirmations and account updates
  • Comply with Laws: Meet legal and regulatory requirements
  • Marketing: Send promotional materials (with your consent)

4. Information Sharing

We may share your information with:

4.1 Service Providers

  • Paystack: Payment processing partner
  • Banks: For settlement processing
  • Cloud Services: Data storage and hosting (Supabase, Vercel)
  • Email Services: Notification delivery (Resend)

4.2 Legal Requirements

  • Law enforcement agencies when required by law
  • Regulatory authorities for compliance
  • Courts and legal proceedings
  • Government agencies as mandated

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

5. Data Security

We implement industry-standard security measures:

  • Encryption: Bank-level SSL/TLS encryption for data transmission
  • Secure Storage: Encrypted data at rest
  • Access Controls: Role-based access and authentication
  • Regular Audits: Security assessments and penetration testing
  • PCI Compliance: Payment Card Industry standards
  • Monitoring: 24/7 security monitoring and alerts

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your information for:

  • Active Accounts: Duration of account activity
  • Transaction Records: 7 years (regulatory requirement)
  • Closed Accounts: Minimum period required by law
  • Marketing Data: Until you opt-out or withdraw consent

7. Your Rights

You have the right to:

  • Access: Request copies of your personal data
  • Correction: Update inaccurate or incomplete information
  • Deletion: Request deletion of your data (subject to legal requirements)
  • Portability: Receive your data in a structured format
  • Opt-Out: Unsubscribe from marketing communications
  • Object: Object to certain data processing activities
  • Withdraw Consent: Withdraw previously given consent

To exercise these rights, contact us at privacy@payssd.com

8. Cookies and Tracking

We use cookies and similar technologies for:

8.1 Essential Cookies

  • Authentication and session management
  • Security and fraud prevention
  • Load balancing and performance

8.2 Analytics Cookies

  • Usage statistics and patterns
  • Performance monitoring
  • Feature optimization

You can control cookies through your browser settings. Disabling essential cookies may affect platform functionality.

9. Third-Party Links

Our platform may contain links to third-party websites. We are not responsible for their privacy practices. Please review their privacy policies.

10. Children's Privacy

PaySSD is not intended for users under 18 years of age. We do not knowingly collect information from children. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.

11. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process your data based on:

  • Contractual Necessity: Processing required to provide our services
  • Legal Obligation: Compliance with KYC/AML and financial regulations
  • Legitimate Interests: Fraud prevention, security, and service improvement
  • Consent: Marketing communications and optional features

12. International Transfers

Your information may be transferred to and processed in countries outside South Sudan, including Kenya where our servers are located. We ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by relevant authorities
  • Data processing agreements with all service providers
  • Encryption of data in transit and at rest
  • Regular security assessments of third-party processors

13. Automated Decision Making

We may use automated systems for fraud detection and risk assessment. These systems analyze transaction patterns and may automatically flag or block suspicious activities. You have the right to:

  • Request human review of automated decisions
  • Express your point of view regarding the decision
  • Contest decisions that significantly affect you

14. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

  • Notify affected users within 72 hours of becoming aware of the breach
  • Report to relevant supervisory authorities as required by law
  • Provide information about the nature of the breach and steps taken
  • Offer guidance on protective measures you can take

15. Changes to Privacy Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or platform notification. Continued use after changes constitutes acceptance.

16. Contact Us

For privacy-related questions or requests, contact us at:

By using PaySSD, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your information as described herein.