PRIVACY POLICY

1. WHO ARE WE?

Ozow, soon to be registered as Ozow (Pty) Ltd (Company Reg. Number: 2013/214663/07) (“Ozow”) provides an instant Electronic Funds Transfer (“EFT”) payment system (the “Payment System”) to consumers and businesses to perform simple, fast and secure transactions. The Payment System enables easy payment integration with existing merchant solutions, while providing the flexibility of performing secure digital payments in the continuously evolving mobile environment.

Ozow is registered as a Systems Operator and a Third Party Payment Provider with the Payment Association of South Africa.

While the official website operated by Ozow is https://ozow.com/ (the “Website”), the Payment System is integrated on the various sites operated by our merchants (the“Merchant Websites”).

We will update this policy with any updates to our security protocol and processing methods. If we do, we will notify you next time to visit this site, and we also encourage you to check this page regularly. 

2. WHY DO WE HAVE A PRIVACY POLICY?

We care about your privacy. As a responsible payment solutions service, secure processing of your personal information is of utmost importance to us.  As such, we ensure that we process your personal information in keeping with laws and regulations that are aimed at protecting the integrity of your personal information.

Our Privacy Policy will assist you in understanding the manner in which your personal information is processed by us. Therefore it is necessary to read it carefully before you use our Payment System.  You should not be using our Payment System if:

  • you do not agree with any of the terms of our Privacy Policy stated below; or
  • you are younger than 18 years old or do not have legal capacity to conclude legally binding contracts. We do not have any intention of collecting or processing personal information for individuals that do not have the legal capacity to conclude legally binding contracts.

By communicating electronically with us through the use of our Payment System, you confirm that you have read this Privacy Policy and that you consent to the manner in which we process your personal information as set out in this Privacy Policy. 

3. WHAT TYPE OF INFORMATION DO WE COLLECT AND WHY?

Depending on the type of transaction you perform, we may collect the following information:

  • Personal and contact information (natural person) – ID number; address; gender; full name and surname; date of birth; tax number/passport number; phone number; physical address; postal address; and email address.
  • Personal and contact information (juristic person) – legal entity name; entity trading name; address; name and surname of the contact person; email address of the contact person; phone number of the contact person; industrial classification number; and CIPC registration number.
  • Payment information – the name of the bank; bank account number; the nature of the good or service you are purchasing; the cost of the good / service you are purchasing; and the seller of the goods /services you are purchasing.
  • Device information – such as the IP address; language settings; browser settings; time zone settings; operating system; and platform and screen resolution. In gaining device information we may –
    • Recognise your device through cookies.  Cookies are not harmful to your computer/device, nor are they able to be utilised to discover your identity. You are welcome to set your browser to notify you when you receive a cookie in order to allow you to decide if you want to accept the cookie or not, however, if you choose not to accept cookies from us, this may limit the full functionality of our PaymentSystem.
    • use web traffic tools that permit us to analyse user activity.
  • Information about how you interact with our PaymentSystem.
  • Geographical information.
Reason we process your information Legal basis for processing your information
To provide you with the full scope of our Payment System and appropriately automate your payment   Fulfil contractual obligations and pursue legitimate interests  
To confirm your identity and verify your personal and contact details. Fulfil contractual obligations and comply with laws  
For internal troubleshooting, data analysis, testing, research, and statistical purposes.   Pursue legitimate interests  
To ensure that content is presented in the most effective manner for you and for your device.   Fulfil contractual obligations  
To carry out risk analysis, fraud prevention and risk management.   Comply with laws and pursue legitimate interests  
To improve our Payment System and for general business development purposes Pursue legitimate interests  
To comply with applicable laws, such as anti-money laundering and regulatory requirements.   Comply with laws  

We process your data as needed to fulfil our contractual fulfilment towards you and as required by statutory retention periods or necessary to pursue our legitimate interests.

4. WHO WILL WE SHARE YOUR INFORMATION WITH?

Credit bureaus and similar providers. Your personal data may be shared with credit bureaus, providers ofidentity lookups and fraud prevention agencies to comply with our regulatory obligations and to protect you and other customers from fraud.

Ozow group. Your information may be shared with companies within the Ozow group.

Authorities. Ozow may disclose necessary information to authorities, such as regulatory bodies, if we are required by law or you agreed to it (for instance, for anti-money laundry or counter-terrorism).

Divestments. Ozow may transfer any personal information we hold about you to any entity involved in a re-organisation of Ozow (where such reorganisation may be by way of a merger, sale, dissolution, disposal of all or part of our assets or similar event). 

5. WHERE DO WE STORE YOUR PERSONAL INFORMATION?

We strive to process your data within South Africa. The data may however in certain situations be transferred to, and processed in, a destination outside of South Africa by an Ozow group company, partner, supplier or subcontractor. Ozow will ensure all reasonable contractual, legal, technical, and organisational measures are taken to adequately secure your personal information.

6. HOW DO YOU ENSURE THE SECURITY OF INFORMATION?

We are committed to implementing leading data security safeguards.

We have specialised security teams who constantly review and improve our measures to protect your personal information from unauthorised access, accidental loss, disclosure or destruction, and ensure that your personal information is only utilised and stored by us solely in an authorised manner.

Ozow has taken due cognisance of the Payment Card Industry Data security standard (PCI DSS), this being a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment. Given that Ozow does not effect credit card payments, PCI DSS certification is not strictly required.  However, Ozow has taken an extremely cautious approach to security by being PCI DSS Level 1 compliant, ensuring that it maintains the same security features as industry players that actually effect credit card payments. 

Ozow has an EV SSLCertificate issued by Thawte under which traffic is encrypted between users and servers so as protect against interception of your sensitive data.

In addition, the internet banking second factor authentication still applies to you when making a payment using the Payment System, further preventing any fraudulent interception when payment is being made.

7. YOUR RIGHTS REGARDING THE INFORMATION THAT WE PROCESS?

Your legal rights pertaining to your personal information will always be respected by us.

In the event that you would like – (i) access to your personal information; (ii) to correct or amend your personal information; (iii) to request the deletion of your personal information; (iv) to object to the processing of your personal information; or (v) to have your personal information deleted, you may contact us using one of the following methods:

Email: [email protected]

Written request: 30 Melrose Boulevard, Mezzanine Level, Off MO213, Melrose Arch, Melrose North, Johannesburg, Gauteng, South Africa, 2196.

Telephone request: 011 054 4744

Upon the provision by you of adequate documentation that we deem sufficient to support your identity, we will inform you of the changes that we are legally capable of making to your personal information, as permitted by applicable legal and ethical reporting standards imposed on us. 

8. Links to other websites

Our Website as well as Merchant Websites may contain hyperlinks to websites that are not operated by us. These hyperlinks areprovided for your reference and convenience only and do not imply that we endorsethese websites, nor can we confirm the adequacy of the privacy policies of the third parties that operate such websites.

Ensure that you have gained the necessary comfort regarding the legality of such websites, together with their privacy policies prior to your use of such websites.

9. QUERIES

Any queries regarding this Privacy Policy or any aspects of our Payment System may be made by emailing [email protected] or sending a written letter to the address set out in Item 7 above.  We will store any correspondence from you at our offices. 

10. Governing Law

This Privacy Policy and all disputes and claims arising from it shall be governed by and construed in accordance with South African law.