PRIVACY POLICY

1. WHO ARE WE?

Ozow, registered as Ozow (Pty) Ltd (Company Reg. Number: 2013/214663/07) (“Ozow”) provides an instant Electronic Funds Transfer (“EFT”) payment system (the “Payment System”) to consumers and businesses to perform simple, fast and secure transactions. The Payment System enables easy payment integration with existing merchant solutions, while providing the flexibility of performing secure digital payments in the continuously evolving mobile environment.

Ozow is registered as a Systems Operator and a Third Party Payment Provider with the Payment Association of South Africa.

While the official website operated by Ozow is https://ozow.com/ (the “Website”), the Payment System is integrated on the various sites operated by our merchants (the“Merchant Websites”).

We will update this policy with any updates to our security protocol and processing methods. If we do, we will notify you next time to visit this site, and we also encourage you to check this page regularly. 

2. WHY DO WE HAVE A PRIVACY POLICY?

We care about your privacy. As a responsible payment solutions service, secure processing of your personal information is of utmost importance to us.  As such, we ensure that we process your personal information in keeping with laws and regulations that are aimed at protecting the integrity of your personal information.

Our Privacy Policy will assist you in understanding the manner in which your personal information is processed by us. Therefore it is necessary to read it carefully before you use our Payment System.  You should not be using our Payment System if:

  • you do not agree with any of the terms of our Privacy Policy stated below, or
  • you are younger than 18 years old and do not have legal capacity to conclude legally binding contracts. We do not have any intention of collecting or processing personal information for individuals that do not have the legal capacity to conclude legally binding contracts.

By communicating electronically with us through the use of our Payment System, you confirm that you have read this Privacy Policy and that you consent to the manner in which we process your personal information as set out in this Privacy Policy.   

3. WHAT TYPE OF INFORMATION DO WE COLLECT AND WHY?

Currently, we collect the following information:

  • Payment information – the name of the bank; bank account number; the cost of the good / service you are purchasing; and the seller of the goods /services you are purchasing.
  • Device information – such as the IP address; and browser settings. In gaining device information we may use web traffic tools that permit us to analyse user activity.
  • Information about how you interact with our Payment System.
  • Geographical information.
Reason we process your information Legal basis for processing your information
To provide you with the full scope of our Payment System and appropriately automate your payment   Fulfill contractual obligations and pursue legitimate interests  
For internal troubleshooting, data analysis, testing, research, and statistical purposes. Pursue legitimate interests  
To ensure that content is presented in the most effective manner for you and for your device.   Fulfill contractual obligations  
To carry out risk analysis, fraud prevention and risk management.   Comply with laws and pursue legitimate interests  
To improve our Payment System and for general business development purposes   Pursue legitimate interests  
To comply with applicable laws, such as anti-money laundering and regulatory requirements. Comply with laws  

We process your data as needed to fulfill our contractual fulfillment towards you and as required by statutory retention periods or necessary to pursue our legitimate interests.

4. WHO WILL WE SHARE YOUR INFORMATION WITH?

Credit bureaus and similar providers. Your personal data may be shared with credit bureaus, providers of identity lookups and fraud prevention agencies to comply with our regulatory obligations and to protect you and other customers from fraud.

Ozow group. Your information may be shared with companies within the Ozow group.

Authorities. Ozow may disclose necessary information to authorities, such as regulatory bodies, if we are required by law or you agreed to it (for instance, for anti-money laundry or counter-terrorism).

Divestments. Ozow may transfer any personal information we hold about you to any entity involved in a re-organisation of Ozow (where such re-organisation may be by way of a merger, sale, dissolution, disposal of all or part of our assets or similar event).

5. WHERE DO WE STORE YOUR PERSONAL INFORMATION?

We strive to process your data within South Africa. The data may however in certain situations be transferred to, and processed in, a destination outside of South Africa by an Ozow group company, partner, supplier or subcontractor. Ozow will ensure all reasonable contractual, legal, technical, and organisational measures are taken to adequately secure your personal information.

6. HOW DO YOU ENSURE THE SECURITY OF INFORMATION?

We are committed to implementing leading data security safeguards.

We have specialised security teams who constantly review and improve our measures to protect your personal information from unauthorised access, accidental loss, disclosure or destruction, and ensure that your personal information is only utilised and stored by us solely in an authorised manner.

Ozow has taken due cognisance of the Payment Card Industry Data security standard (PCI DSS), this being a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment. Given that Ozow does not effect credit card payments, PCI DSS certification is not strictly required.  However, Ozow has taken an extremely cautious approach to security by being PCI DSS Level 1 compliant, ensuring that it maintains the same security features as industry players that actually effect credit card payments.

Ozow has an EV SSLCertificate issued by Thawte under which traffic is encrypted between users and servers so as protect against interception of your sensitive data.

In addition, the internet banking second-factor authentication still applies to you when making a payment using the Payment System, further preventing any fraudulent interception when payment is being made

7. YOUR RIGHTS REGARDING THE INFORMATION THAT WE PROCESS?

Your legal rights pertaining to your personal information will always be respected by us.

In the event that you would like – (i) access to your personal information; (ii) to correct or amend your personal information; (iii) to request the deletion of your personal information; (iv) to object to the processing of your personal information; or (v) to have your personal information deleted, you may contact us using one of the following methods:

Email: [email protected]

Written request: 30 Melrose Boulevard, Mezzanine Level, Off MO213, Melrose Arch, Melrose North, Johannesburg, Gauteng, South Africa, 2196.

Telephone request: 011 054 4744

Upon the provision by you of adequate documentation that we deem sufficient to support your identity, we will inform you of the changes that we are legally capable of making to your personal information, as permitted by applicable legal and ethical reporting standards imposed on us. 

8. Links to other websites

Our Website as well as Merchant Websites may contain hyperlinks to websites that are not operated by us. These hyperlinks are provided for your reference and convenience only and do not imply that we endorse these websites, nor can we confirm the adequacy of the privacy policies of the third parties that operate such websites.

Ensure that you have gained the necessary comfort regarding the legality of such websites, together with their privacy policies prior to your use of such websites.

9. QUERIES

Any queries regarding this Privacy Policy or any aspects of our Payment System may be made by emailing [email protected] or sending a written letter to the address set out in Item 7 above.  We will store any correspondence from you at our offices.   

10. Governing Law

This Privacy Policy and all disputes and claims arising from it shall be governed by and construed in accordance with South African law.