1. WHO ARE WE?
Ozow, registered as Ozow (Pty) Ltd (Company Registration Number: 2013/214663/07) (“Ozow”) provides an instant Electronic Funds Transfer (“EFT”) payment system (the “Payment System”) to consumers and businesses to perform simple, fast and secure transactions. The Payment System enables easy payment integration with existing merchant solutions, while providing the flexibility of performing secure digital payments in the continuously evolving mobile environment.
Ozow is registered as a Systems Operator and a Third Party Payment Provider with the Payment Association of South Africa.
While the official website operated by Ozow is https://ozow.com/ (the “Website”), the Payment System is integrated on the various sites operated by our merchants (the “Merchant Websites”) and the various products which Ozow may make available to its merchants in which the Payment System is utilised, or directly to consumers (such as through OZOW ME).
We care about your privacy. As a responsible payment solutions service, secure processing of your personally identifiable information (“Personal Information” or “PI”) and “special personal information” (as defined in POPIA) is of utmost importance to us. As such, we ensure that we collect, use, store and transfer (“process”) your Personal Information and special personal information (as the case may be) in keeping with laws and regulations that are aimed at protecting the integrity of your Personal Information and special personal information (as the case may be).
You should not be using our Payment System if:
- you are younger than 18 years old and do not have legal capacity to conclude legally binding contracts. We do not have any intention of collecting or processing Personal Information or special personal information (as the case may be) for individuals that do not have the legal capacity to conclude legally binding contracts.
- making transfers of or sharing your Personal Information and special personal information (as the case may be) on Ozow corporate systems or its other relevant systems, to other entities, agents, Ozow affiliates, subcontractors, or to other relevant business service providers (“partners”), which may in turn store your Personal Information and special personal information (as the case may be) outside of the jurisdiction of South Africa and in accordance with the relevant regulatory standards of such jurisdiction in keeping with POPIA or the General Data Protection Regulations (“GDPR”). When making such transfers, Ozow will ensure that the necessary protections are in place to safeguard your Personal Information and special personal information (as the case may be) transferred in accordance with applicable laws;
- processing your Personal Information and special personal information (as the case may be), and in doing so you acknowledge that you understand and accept the purposes for which it is required and for which it will be used as detailed below; and
3. WHAT TYPE OF INFORMATION DO WE COLLECT AND WHY?
Currently, we collect the following information:
- As a merchant or customer:
o Your “Personal Information” as defined in POPIA and the General Data Protection Regulation, as amended from time to time, which includes but is not limited to: your name, surname, identity number, residential address, company name, company registration number, registered address, VAT number, bank account information, telephone number, email address and password.
o Any additional Personal Information you wish to provide on a voluntary basis.
- As a current employee, prospective employee or any person or entity who applies to Ozow for a bursary, grant, sponsorship or any other financial (or contribution in kind) assistance:
o Your Personal Information and “special personal information” as defined in POPIA, as amended from time to time, which information includes but is not limited to: your name, surname, identity number, residential address, company name, company registration number, registered address, VAT number, bank account information, telephone number, email address and password, race, gender, disability status.
o Any additional Personal Information or special personal information you wish to provide on a voluntary basis.
- As a customer:
o Payment information, including but not limited to the name of the bank, bank account number, bank account log-in information, the cost of the good or service you are purchasing, and the seller of the goods or services you are purchasing.
o Device information such as the IP address and browser settings. In gaining device information we may use web traffic tools that permit us to analyse user activity.
o Information about how you interact with our Payment System. This includes us collecting any payment documentation issued by the bank that you used to administer the payment, indicating in such terms as the relevant bank necessitates,
that payment has been successfully completed by you through the use of Ozow’s EFT payment solution and through your selected bank account.
o Geographical information.
Reason we process your information
Legal basis for processing your information
To provide you with the full scope of our Payment System and appropriately automate your payment.
Fulfil contractual obligations and pursue legitimate interests.
For internal troubleshooting, data analysis, testing, research, and statistical purposes.
Pursue legitimate interests.
To ensure that content is presented in the most effective manner for you and for your device.
Fulfil contractual obligations.
To carry out risk analysis, fraud prevention and risk management.
Comply with applicable laws and pursue legitimate interests.
To improve our Payment System and for general business development purposes.
Pursue legitimate interests.
To comply with applicable laws, such as anti-money laundering and regulatory requirements.
Comply with applicable laws.
To run data analytics and thereby enhance our business offering.
Fulfil contractual obligations and pursue legitimate interests.
To conduct human resources enquiries and implement related processes.
Comply with applicable laws, fulfil contractual obligations and pursue legitimate interests.
We process your data as needed to fulfil our contractual fulfilment towards you and as required by
statutory retention periods or necessary to pursue our legitimate interests.
You warrant that the information that you have provided to Ozow is accurate, current, true and correct and that it does not impersonate or misrepresent any person or entity or falsely state or otherwise misrepresent your affiliation with anyone or anything. You undertake to advise Ozow should your information change in this respect and undertake to fully indemnify Ozow in the event that Ozow suffers any losses whatsoever as a result of your breach of this warranty.
Where applicable and should you provide Ozow with your customer’s PI or PI that you do not own, you further warrant that you have obtained the requisite consent in compliance with applicable laws, particularly POPIA, and if applicable the Regulation 6 Form 4 consent in line with section 69 of POPIA, from the relevant customers and owners of the PI for the processing, cross border transfer, marketing and other relevant processing and use of their PI, as determined by the merchant sharing the PI and Ozow, on a case by case basis. In such instances, you agree to promptly notify Ozow should any of your customers or the owner of the PI inform you of its decision to revoke consent in any manner and you undertake to keep records of the consent, which records Ozow may request from time to time.
Ozow confirms that any processing of PI in respect of the aforementioned will be carried out in accordance with the relevant applicable laws.
4. WHO WILL WE SHARE YOUR INFORMATION WITH?
Credit bureaus and similar providers. Your Personal Information and special personal information may be shared with credit bureaus, providers of identity lookups, fraud prevention agencies and any other third parties to comply with our regulatory obligations and/or to protect you and other customers from fraud and other criminal offences, and to investigate any suspected or alleged fraud and other criminal offences.
Ozow group. Your Personal Information and special personal information may be shared with companies within the Ozow group.
Authorities. Ozow may disclose necessary Personal Information and special personal information to authorities, such as regulatory bodies, if we are required by law or you agreed to it (for instance, for anti-money laundry or counter-terrorism).
Divestments. Ozow may transfer any Personal Information and special personal information we hold about you to any entity involved in a re-organisation of Ozow (where such re-organisation may be by way of a merger, sale, dissolution, disposal of all or part of our assets or similar event).
Business. Ozow may disclose Personal Information and special personal information to our merchant and distributors for legitimate business purposes and competitions.
Third party service providers. Ozow may disclose Personal Information and special personal information securely and in accordance with applicable data protection legislation to third party service providers including but not limited to, data analytics providers, customer support service providers, cloud service providers, BEE consultants and other similar technical service providers.
Other third parties. Ozow may share Personal Information or special personal information, as the case may be, with other third parties for purposes of data matching and related services.
5. WHERE AND FOR HOW LONG DO WE STORE YOUR PERSONAL INFORMATION AND SPECIAL
We strive to process your data within South Africa which data is stored on a virtual machine that could be hosted on a physical server anywhere in the world. Ozow will ensure all reasonable contractual, legal, technical, and organisational measures are taken to adequately secure your Personal Information.
As a customer, if you opt in for Ozow Pin, your bank account log-in information is stored encrypted and securely to prevent unauthorised access or decrypting of this information. In this way, no single party, including Ozow is able to decrypt this information without you, the customer, initiating the payment process.
We may store your Personal Information or special personal information indefinitely, however, we will only store it if there is a lawful purpose to do so.
6. HOW DO WE ENSURE THE SECURITY OF INFORMATION?
We are committed to implementing leading data security safeguards.
We have specialised security teams who constantly review and improve our measures to protect your Personal Information from unauthorised access, accidental loss, disclosure or destruction, and ensure that your Personal Information is only utilised and stored by us solely in an authorised manner.
Ozow has taken due cognisance of the Payment Card Industry Data security standard (“PCI DSS”), this being a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment. Given that Ozow does not process credit card payments, PCI DSS certification is not strictly required. However, Ozow has taken an extremely cautious approach to security by being PCI DSS Level 1 compliant, ensuring that it maintains the same security features as industry players that actually process credit card payments.
All traffic between the users and servers is encrypted using SSL to protect against interception of your sensitive data.
In addition, the internet banking second-factor authentication still applies to you when making a payment using the Payment System, further preventing any fraudulent interception when payment is being made.
If applicable and selected by customers of Ozow, Ozow Pin provides an additional safeguard for customers bank account information. This information is stored using Ozow’s patent pending Ozow Pin method to ensure the safe storage of this information and to prevent unauthorised access to this information. This solution has been audited by a renowned information security company to ensure that this information can only be decrypted when the customer initiates payment.
7. YOUR RIGHTS REGARDING THE INFORMATION THAT WE PROCESS
Your legal rights pertaining to your Personal Information will always be respected by us.
In the event that you would like – (i) access to your Personal Information; (ii) to correct or amend your Personal Information; (iii) to request the deletion of your Personal Information; (iv) to object to the processing of your Personal Information; (v) a copy or description of the record containing your Personal Information; (vi) the identity or categories of third parties who have access to your Personal Information, or (vii) to have your Personal Information deleted, you may inform us of your request in writing, using one of the following methods:
- Email: [email protected]; or
- Mail: 1st floor, Green Point, 39 Main Road, Western Cape, Cape Town, South Africa,8051.
We will attend to requests for access to Personal Information within a reasonable time. You may be required to pay a prescribed fee to receive copies or descriptions of records, or information about third parties. Your request for access may be refused in certain circumstances and access may be limited by certain applicable legislation.
Upon the provision by you of adequate documentation that we deem sufficient to support your identity, we will inform you of the changes that we are legally capable of making to your Personal Information, as permitted by applicable legal and ethical reporting standards imposed on us. The changes in Personal Information will be reflected on our systems as soon as is reasonably possible.
Please refer to Ozow’s PAIA manual for further information on how you can give effect to your legal rights outlined herein. The PAIA manual is located on our Website. This PAIA manual details, amongst other things, the process you should follow to give effect to your rights, the applicable fees and grounds for refusal of access.
A cookie is a small text file that is placed on your hard disk by a web page server. Cookies contain information that can later be read by a web server in the domain that issued the cookie to you. Cookies cannot be used to run programs or deliver viruses to your computer. No Personal Information is stored in cookies.
We may use technologies, such as cookies, to collect information about the pages you view, the links you click and other actions you take on our sites and services. We use the information we collect for statistical purposes and to study how the Website is used so that we may improve and enhance your experience on the Website.
9. LINKS TO OTHER WEBSITES
Our Website as well as Merchant Websites may contain hyperlinks to websites that are not operated by us. These hyperlinks are provided for your reference and convenience only and do not imply that we endorse these websites, nor can we confirm the adequacy of the privacy policies of the third parties that operate such websites.
Ensure that you have gained the necessary comfort regarding the legality of such websites, together with their privacy policies prior to your use of such websites.
11. GOVERNING LAW
12. HOW TO LODGE A COMPLAINT WITH THE INFORMATION REGULATOR
You may also lodge a complaint with the Information Regulator. The contact details of the Information Regulator are available on its website at https://justice.gov.za/inforeg/.
1.1. Ozow Proprietary Limited (“Ozow”) offers zero-rated billing (“ZR Billing”) on Ozow ME, payment requests (sent by Ozow through SMS), QR channels and other services determined from time to time service (e.g. the payment flow on pay.ozow.io and PWA) (“Ozow Services”). The use of ZR Billing essentially means that Ozow will carry certain data consumption charged to you for your use of the Ozow Services: you can therefore access Ozow services free of charge, up to a certain capped amount.
1.2. Ozow provides ZR Billing to customers of the following service providers:
1.2.3. Cell C; and
1.3. In addition to the consent and general terms and conditions set out below, depending on what service provider you use, there might be additional terms and conditions applicable to you for the use of ZR Billing. Please ensure that you have familiarized yourself with the terms and conditions applicable to your service provider.2. Consent
2.1. We care about your privacy. As a responsible payment solutions service, secure processing of your personally identifiable information (“Personal Information”) is of utmost importance to us. As such, we ensure that we collect, use, store and transfer (“process”), and as defined in the Protection of Personal Information Act 2013 (“POPI")) your Personal Information in keeping with laws and regulations that are aimed at protecting the integrity of your Personal Information.
2.2. By continuing use of the Ozow Services, you explicitly confirm that:
2.2.2. you are older than 18 years old and have legal capacity to conclude legally binding contracts. We do not have any intention of collecting or processing Personal Information for individuals that do not have the legal capacity to conclude legally binding contracts;
2.2.3. you consent to the processing (as defined in POPI), sharing or transferring of your Personal Information by Ozow, on Ozow corporate systems, to other entities, agents, Ozow affiliates, subcontractors, or to other relevant business partners (including any of the service providers), and that Ozow may store your Personal Information on a “cloud-based” Amazon web platform in South Africa and the European Union. In doing so you acknowledge that you understand and accept the purposes for which your Personal Information is required and for which it will be used. When making such transfers, Ozow will ensure that the necessary protections are in place to safeguard your Personal Information transferred in accordance with applicable laws;
2.2.4. you consent to Ozow, any of its affiliates and service providers making contact with you using written, electronic or verbal mediums, as regulated by applicable law, using any e-mail address or telephone number provided by or made available by you to Ozow, now or in the future. This consent includes, but is not limited to, contact by manual calling method, pre-recorded or artificial voice messages, text messages, emails, automatic telephone dialling systems, and/or contract by way of social media platforms;
2.2.5. you consent to receiving any form of advertising, including by way direct or indirect marketing, electronic marketing or tele-marketing in relation to Ozow’s services, products and otherwise; and
2.2.6. you undertake to provide Ozow with accurate and up to date information, including Personal Information, and will update same if these become outdated or incorrect.
2.4. For further information in relation to the above, or should you wish to opt out of any form of direct or indirect marketing mentioned above, please contact our information officer at [email protected]
2.5. Ozow hereby notifies you that each/any service provider might use and/or process your Personal Information in the following ways:
2.5.1. Processing Personal Information for maintaining the security, integrity and quality of the telecommunications network and related services, which may include interception, monitoring or recording of communications in accordance with applicable law;
2.5.2. Processing for the service provider’s own market research and analysis in order to develop and improve its products, services and commercial propositions. Such Processing may include providing your Personal Information to third parties; and
2.5.3. Disclosing of your Personal Information by the service provider to third parties:
184.108.40.206. if required by applicable law, court order or Privacy Authority; or
220.127.116.11. where such third parties are sub-contracted processors of the service provider and they provide the service provider with confidentiality undertaking.
2.6. Objections to transfer of Personal Information:
2.6.1. If at any time you object to the transfer of your Personal Information, the transfer of the Personal Information shall as soon as reasonably practicable be suspended until the dispute is resolved.
2.6.2. If at any time a service provider receives notice of an objection from a Privacy Authority to the transfer or collection, processing and use of the Personal Information, the service provider shall, as soon as reasonably practicable suspend or cease the transfer or collection, and take such other steps as the Privacy Authority may direct.3. The following terms and conditions apply to consumers across all service providers
3.1. ZR Billing are only applicable for use within the South African borders, and if used through one of the service providers listed above.
3.2. ZR Billing will be capped at a certain amount. This means that there will be a monthly limit on the amount of free use of the Ozow Services that will be available to all customers (including you) per month. This could mean that, due the limit being reached in a particular month, you might not benefit from the free use of the Ozow Services, and as such will be liable for any costs related to the accessing or use of the Ozow Services. By continuing use of the Ozow Services, you confirm that you are informed of this limit applied to ZR Billing.
3.3. ZR Billing shall not be available to you whilst roaming internationally. Standard data roaming rates will apply and will be charged as out of bundle usage to you, at the rates communicated by your specific service provider, and not Ozow.
3.4. If you explore the internet in a random and unplanned way that results in you no longer browsing the predefined IP address, Port and URL access URLs, IP addresses and or Ports that are not within provided for the Ozow Services, you will incur the costs thereof.
3.5. Where Ozow provides IPs, URLs and Port information but you have a proxy configured, ZR Billing will not work and thus you will not be able to access the Ozow Services free of charge. To avoid this, please remove any existing proxy settings to make use of ZR Billing. Browsers that utilize encryption and proxy technologies that result in the URLs or IPs of websites being blocked in any manner will not qualify for ZR Billing. Such connections will be subject to standard data costs payable by you.
3.6. Ozow reserves the right to suspend and/or terminate any part of ZR Billing in relation to any/all Ozow Services on any of the service providers at its sole discretion, at any time, and due to any reason. If such occurs, you accept that you will then be liable for all costs associated with using any of the Ozow Services.4. MTN terms and conditions
4.1. ZR Billing is only:
4.1.1. applicable to MTN subscribers within the South African borders who have MTN mobile data network connectivity; and
4.1.2. available on MTN’s public APN service and is not supported on MTN Private APNs.
4.2. SIM cards in mobile dongles or modems may not be able to receive daily usage notifications.
4.3. Each customer will have 500MB daily limit which is applied across all MTN ZR Billing subscribers (“MTN subscribers”) on a first come first serve basis. This 500MB daily limit does not only apply to ZR Billing, but to all MTN subscribers’ who use other reversed bill URL’s as well, hence the daily limit of an MTN customer could be used up to access other MTN subscribers’ URL services, resulting in the customer being unable to connect free of charge to Ozow’s Services for that particular day. Once the daily limits for the website URL’s and mobile applications are depleted, standard MTN rates will be charged to customers for continued use of the Ozow Services.
4.4. Accessing ZR Billing and Ozow Services will be at your own risk and MTN will not be held liable for any loss or damage suffered in respect to this. This includes you being redirected to a phishing website, and ‘taking the bait’.5. Vodacom terms and conditions
5.1. The usage and procurement of SIMs for the ZR Billing is governed by the relevant individual airtime contracts for the SIMs.
5.2. The efficient functioning of ZR Billing is dependent upon the GSM Network availability. The GSM Network may temporarily fail, malfunction, provide limited or no coverage, or there may be reception or other transmission malfunctions, failures or errors of whatsoever nature.
5.3. Whilst Vodacom will use its best efforts to secure the uninterrupted supply of ZR Billing and will use reasonable endeavours to make ZR Billing available at all times, Vodacom does not guarantee that there will be no interruptions or periods of unavailability, nor is any level of availability warranted.6. Telkom terms and conditions
ZR Billing will only be applicable to traffic generated from Telkom mobile subscribers i.e. Telkom SIM cards. Traffic generated from any other operator or medium will not be reverse billed.
7. Cell C terms and conditions
7.1. Any Cell C SIM card will be able to access the specified Ozow Services.
7.2. Standard RICA rules and processes apply when any SIM card that may make use of the Ozow Service is activated.
7.3. All authorized Cell C SIM cards will be able to access the Ozow Services. Cell C cannot set individual usage limits per MSISDN.
7.4. No usage limits will be enforced on any SIM card that you utilize when accessing the specified IP Range.
7.5. All Cell C SIM card holders will be able to access the IP Range if the IP Range is known or disclosed to other Cell C SIM card users. Cell C will not be liable for any direct or indirect loss or damage due to any unauthorized access of the IP Range by a third party.
2. Limits on transactions
You are able to receive payments using Ozow ME up to any of the following limits:
- R10,000 per day; or
- R30,000 per month.
As a user of Ozow ME, you warrant that:
- The payment you have requested and/or made complies with all applicable laws;
- you will not engage in any conduct that brings or is likely to bring the reputation of Ozow into disrepute;
- all information to be provided by you to Ozow in connection with your use of Ozow ME and the performance of your obligations hereunder is and shall remain true and correct in all respects;
- you will, for purposes of receiving funds using Ozow ME, only receive funds in your South African resident bank account and that you do not utilise any non-resident bank account for purposes of Ozow ME;
- you will, as soon as reasonably practicable and at no cost to Ozow give to Ozow (in writing if so requested) all such information and reports as Ozow may reasonably require in connection with your use of Ozow ME; and
- you will not take any action (or, as the case may be, omit to take any action) which may directly or indirectly cause Ozow to infringe or misappropriate the intellectual property of any third party.
You acknowledge that Ozow shall not be responsible for instances that are outside of its control, which include:
- Any actions or inactions by you that result in a loss of service;
- any inaccuracies in amounts paid as a result of the information provided by you;
- any events or outages affecting the Ozow system and Ozow service that are outside of the authority, control and / or responsibility of Ozow;
- any delays in the settlement of transaction funds; and/or
- non-settlement of transaction funds.
You agree to indemnify Ozow, its directors, officers, employees and agents against all losses which may directly or indirectly arise out of or in connection with:
- A breach by you of any of your obligations under these Terms and Conditions;
- the negligent, wilful or fraudulent act or omission by you in carrying out or failing to carry out your obligations under these Ozow ME Ts and Cs; and/or.
- for any claims arising against Ozow from a customer or any third party in relation to your use of Ozow ME.
You agree to comply with POPIA in the event that you are a responsible party as defined therein. In your use of Ozow ME, in the event that you are an operator in terms of POPIA, you agree to:
- Process PI in such a manner that is reasonable, adequate, relevant, non-excessive, purpose-specific and non-infringing of the relevant individual's privacy;
- secure the integrity and confidentiality of PI in your possession or under your control by taking appropriate, reasonable technical and organisational measures to prevent (a) loss of, damage to or unauthorised destruction of PI and (b) unlawful access to or processing of PI;
- take reasonable measures to (a) identify all reasonably foreseeable internal and external risks to such PI; (b) establish and maintain appropriate safeguards against such risks; (c) regularly verify that the safeguards are effectively implemented, and (d) ensure that the safeguards are continually updated in response to new risks or deficiencies in previously implemented safeguards;
- have due regard to generally accepted information security practices and procedures which may apply to you generally or be required in terms of the specific industry or professional rules and regulations;
- immediately notify Ozow if there are reasonable grounds to believe that any PI has been accessed or acquired by an unauthorised person; and
- take appropriate security safeguards against the unauthorised or unlawful processing of PI obtained from the other party and against the accidental loss or destruction of, or damage to, such PI to ensure a level of security appropriate to the harm that might result therefrom.
You agree that any dispute arising from these Ozow ME Ts and Cs shall be submitted to mediation, failing which, the dispute shall be submitted to binding arbitration governed by the Arbitration Act, 1965, or any replacement Act and shall take place in accordance with the Commercial Arbitration Rules of the Arbitration Foundation of Southern Africa (“AFSA”). The arbitration proceeding shall be conducted by a mutually agreed upon arbitrator of AFSA and shall be held in Johannesburg, South Africa and the judgment upon the award rendered may be entered and enforced in any court of competent jurisdiction. Nothing contained in this paragraph 7 shall prohibit a party from approaching any court of competent jurisdiction for urgent interim relief pending determination of the dispute by arbitration, and for this purpose the parties consent to the non-exclusive jurisdiction of the Gauteng Local Division of the High Court of South Africa, Johannesburg