- WHO ARE WE?
Ozow, registered as Ozow (Pty) Ltd (Company Registration Number: 2013/214663/07) (“Ozow”) provides an instant Electronic Funds Transfer (“EFT”) payment system (the “Payment System”) to consumers and businesses to perform simple, fast and secure transactions. The Payment System enables easy payment integration with existing merchant solutions, while providing the flexibility of performing secure digital payments in the continuously evolving mobile environment.
Ozow is registered as a Systems Operator and a Third Party Payment Provider with the Payment Association of South Africa.
While the official website operated by Ozow is https://ozow.com/ (the ”Website”), the Payment System is integrated on the various sites operated by our merchants (the “Merchant Websites”).
We care about your privacy. As a responsible payment solutions service, secure processing of your personally identifiable information (“Personal Information”) is of utmost importance to us. As such, we ensure that we collect, use, store and transfer (“process”) your Personal Information in keeping with laws and regulations that are aimed at protecting the integrity of your Personal Information.
You should not be using our Payment System if:
- you are younger than 18 years old and do not have legal capacity to conclude legally binding contracts. We do not have any intention of collecting or processing Personal Information for individuals that do not have the legal capacity to conclude legally binding contracts.
- making transfers of or sharing your Personal Information on Ozow corporate systems, to other entities, agents, Ozow affiliates, subcontractors, or to other relevant business partners, which may in turn store your Personal Information on a “cloud-based” Amazon web platform in South Africa and the European Union. When making such transfers, Ozow will ensure that the necessary protections are in place to safeguard your Personal Information transferred in accordance with applicable laws;
- processing your Personal Information, and in doing so you acknowledge that you understand and accept the purposes for which it is required and for which it will be used as detailed below; and
- WHAT TYPE OF INFORMATION DO WE COLLECT AND WHY?
Currently, we collect the following information:
- As a merchant or customer:
- Your “Personal Information” as defined in POPI and the General Data Protection Regulation, as amended from time to time, which includes but is not limited to: your name, surname, identity number, residential address, company name, company registration number, registered address, VAT number, telephone number, email address and password.
- Any additional Personal Information you wish to provide on a voluntary basis.
- As a customer:
- Payment information, including but not limited to the name of the bank, bank account number, bank account log-in information, the cost of the good or service you are purchasing, and the seller of the goods or services you are purchasing.
- Device information such as the IP address and browser settings. In gaining device information we may use web traffic tools that permit us to analyse user activity.
- Information about how you interact with our Payment System. This includes us collecting any proof of payment documentation issued by the bank that you used to administer the payment, indicating in such terms as the relevant bank necessitates, that payment has been successfully completed by you through the use of Ozow’s EFT payment solution and through your selected bank account.
- Geographical information.
Reason we process your information
Legal basis for processing your information
To provide you with the full scope of our Payment System and appropriately automate your payment.
Fulfill contractual obligations and pursue legitimate interests.
For internal troubleshooting, data analysis, testing, research, and statistical purposes.
Pursue legitimate interests.
To ensure that content is presented in the most effective manner for you and for your device.
Fulfill contractual obligations.
To carry out risk analysis, fraud prevention and risk management.
Comply with laws and pursue legitimate interests.
To improve our Payment System and for general business development purposes.
Pursue legitimate interests.
To comply with applicable laws, such as anti-money laundering and regulatory requirements.
Comply with laws.
To run data analytics and thereby enhance our business offering.
Fulfill contractual obligations and pursue legitimate interests.
We process your data as needed to fulfill our contractual fulfillment towards you and as required by statutory retention periods or necessary to pursue our legitimate interests.
- WHO WILL WE SHARE YOUR INFORMATION WITH?
Credit bureaus and similar providers. Your personal data may be shared with credit bureaus, providers of identity lookups and fraud prevention agencies to comply with our regulatory obligations and to protect you and other customers from fraud.
Ozow group. Your information may be shared with companies within the Ozow group.
Authorities. Ozow may disclose necessary information to authorities, such as regulatory bodies, if we are required by law or you agreed to it (for instance, for anti-money laundry or counter-terrorism).
Divestments. Ozow may transfer any Personal Information we hold about you to any entity involved in a re-organisation of Ozow (where such re-organisation may be by way of a merger, sale, dissolution, disposal of all or part of our assets or similar event).
Business. Ozow may disclose Personal Information to our merchants and distributors for legitimate business purposes.
- WHERE DO WE STORE YOUR PERSONAL INFORMATION?
We strive to process your data within South Africa which data is stored on a virtual machine that could be hosted on a physical server anywhere in the world. Ozow will ensure all reasonable contractual, legal, technical, and organisational measures are taken to adequately secure your Personal Information.
As a customer, if you opt in for Ozow Pin, your bank account log-in information is stored encrypted and securely to prevent unauthorised access or decrypting of this information. In this way, no single party, including Ozow is able to decrypt this information without you, the customer, initiating the payment process.
- HOW DO WE ENSURE THE SECURITY OF INFORMATION?
We are committed to implementing leading data security safeguards.
We have specialised security teams who constantly review and improve our measures to protect your Personal Information from unauthorised access, accidental loss, disclosure or destruction, and ensure that your Personal Information is only utilised and stored by us solely in an authorised manner.
Ozow has taken due cognisance of the Payment Card Industry Data security standard (“PCI DSS”), this being a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment. Given that Ozow does not process credit card payments, PCI DSS certification is not strictly required. However, Ozow has taken an extremely cautious approach to security by being PCI DSS Level 1 compliant, ensuring that it maintains the same security features as industry players that actually process credit card payments.
Ozow has an EV SSL Certificate issued by Thawte under which traffic is encrypted between users and servers so as protect against interception of your sensitive data.
In addition, the internet banking second-factor authentication still applies to you when making a payment using the Payment System, further preventing any fraudulent interception when payment is being made.
If applicable and selected by customers of Ozow, Ozow Pin provides an additional safeguard for customers bank account information. This information is stored using Ozow’s patent pending Ozow Pin method to ensure the safe storage of this information and to prevent unauthorised access to this information. This solution has been audited by a renowned information security company to ensure that this information can only be decrypted when the customer initiates payment.
- YOUR RIGHTS REGARDING THE INFORMATION THAT WE PROCESS
Your legal rights pertaining to your Personal Information will always be respected by us.
In the event that you would like – (i) access to your Personal Information; (ii) to correct or amend your Personal Information; (iii) to request the deletion of your Personal Information; (iv) to object to the processing of your Personal Information; (v) a copy or description of the record containing your Personal Information; (vi) the identity or categories of third parties who have access to your Personal Information, or (vii) to have your Personal Information deleted, you may inform us of your request in writing, using one of the following methods:
- Email: [email protected]; or
- Mail: 30 Melrose Boulevard, Mezzanine Level, Off MO213, Melrose Arch, Melrose North, Johannesburg, Gauteng, South Africa, 2196.
We will attend to requests for access to Personal Information within a reasonable time. You may be required to pay a prescribed fee to receive copies or descriptions of records, or information about third parties. Your request for access may be refused in certain circumstances and access may be limited by certain applicable legislation.
Upon the provision by you of adequate documentation that we deem sufficient to support your identity, we will inform you of the changes that we are legally capable of making to your Personal Information, as permitted by applicable legal and ethical reporting standards imposed on us. The changes in Personal Information will be reflected on our systems as soon as is reasonably possible.
Please refer to Ozow’s PAIA manual for further information on how you can give effect to your legal rights outlined herein. The PAIA manual is located on our Website. This PAIA manual details, amongst other things, the process you should follow to give effect to your rights, the applicable fees and grounds for refusal of access.
A cookie is a small text file that is placed on your hard disk by a web page server. Cookies contain information that can later be read by a web server in the domain that issued the cookie to you. Cookies cannot be used to run programs or deliver viruses to your computer. No Personal Information is stored in cookies.
We may use technologies, such as cookies, to collect information about the pages you view, the links you click and other actions you take on our sites and services. We use the information we collect for statistical purposes and to study how the Website is used so that we may improve and enhance your experience on the Website.
- LINKS TO OTHER WEBSITES
Our Website as well as Merchant Websites may contain hyperlinks to websites that are not operated by us. These hyperlinks are provided for your reference and convenience only and do not imply that we endorse these websites, nor can we confirm the adequacy of the privacy policies of the third parties that operate such websites.
Ensure that you have gained the necessary comfort regarding the legality of such websites, together with their privacy policies prior to your use of such websites.
- GOVERNING LAW
Zero-Rated T's and C's
- Ozow Proprietary Limited (“Ozow”) offers zero-rated billing (“ZR Billing”) on Ozapp, payment requests (sent by Ozow through SMS), QR channels and other services determined from time to time service (e.g. the payment flow on pay.ozow.io and PWA) (“Ozow Services”). The use of ZR Billing essentially means that Ozow will carry certain data consumption charged to you for your use of the Ozow Services: you can therefore access Ozow services free of charge, up to a certain capped amount.
- Ozow provides ZR Billing to customers of the following service providers:
- Cell C; and
- In addition to the consent and general terms and conditions set out below, depending on what service provider you use, there might be additional terms and conditions applicable to you for the use of ZR Billing. Please ensure that you have familiarized yourself with the terms and conditions applicable to your service provider.
- We care about your privacy. As a responsible payment solutions service, secure processing of your personally identifiable information (“Personal Information”) is of utmost importance to us. As such, we ensure that we collect, use, store and transfer (“process”), and as defined in the Protection of Personal Information Act 2013 (“POPI“)) your Personal Information in keeping with laws and regulations that are aimed at protecting the integrity of your Personal Information.
- By continuing use of the Ozow Services, you explicitly confirm that:
- you are older than 18 years old and have legal capacity to conclude legally binding contracts. We do not have any intention of collecting or processing Personal Information for individuals that do not have the legal capacity to conclude legally binding contracts;
- you consent to the processing (as defined in POPI), sharing or transferring of your Personal Information by Ozow, on Ozow corporate systems, to other entities, agents, Ozow affiliates, subcontractors, or to other relevant business partners (including any of the service providers), and that Ozow may store your Personal Information on a “cloud-based” Amazon web platform in South Africa and the European Union. In doing so you acknowledge that you understand and accept the purposes for which your Personal Information is required and for which it will be used. When making such transfers, Ozow will ensure that the necessary protections are in place to safeguard your Personal Information transferred in accordance with applicable laws;
- you consent to Ozow, any of its affiliates and service providers making contact with you using written, electronic or verbal mediums, as regulated by applicable law, using any e-mail address or telephone number provided by or made available by you to Ozow, now or in the future. This consent includes, but is not limited to, contact by manual calling method, pre-recorded or artificial voice messages, text messages, emails, automatic telephone dialing systems, and/or contract by way of social media platforms;
- you consent to receiving any form of advertising, including by way direct or indirect marketing, electronic marketing or tele-marketing in relation to Ozow’s services, products and otherwise; and
- you undertake to provide Ozow with accurate and up to date information, including Personal Information, and will update same if these become outdated or incorrect.
- For further information in relation to the above, or should you wish to opt out of any form of direct or indirect marketing mentioned above, please contact our information officer at [email protected].
- Ozow hereby notifies you that each/any service provider might use and/or process your Personal Information in the following ways:
- Processing Personal Information for maintaining the security, integrity and quality of the telecommunications network and related services, which may include interception, monitoring or recording of communications in accordance with applicable law;
- Processing for the service provider’s own market research and analysis in order to develop and improve its products, services and commercial propositions. Such Processing may include providing your Personal Information to third parties; and
- Disclosing of your Personal Information by the service provider to third parties:
- if required by applicable law, court order or Privacy Authority; or
- where such third parties are sub-contracted processors of the service provider and they provide the service provider with confidentiality undertaking.
- Objections to transfer of Personal Information:
- If at any time you object to the transfer of your Personal Information, the transfer of the Personal Information shall as soon as reasonably practicable be suspended until the dispute is resolved.
- If at any time a service provider receives notice of an objection from a Privacy Authority to the transfer or collection, processing and use of the Personal Information, the service provider shall, as soon as reasonably practicable suspend or cease the transfer or collection, and take such other steps as the Privacy Authority may direct.
The following terms and conditions apply to consumers across all service providers
- ZR Billing are only applicable for use within the South African borders, and if used through one of the service providers listed above.
- ZR Billing will be capped at a certain amount. This means that there will be a monthly limit on the amount of free use of the Ozow Services that will be available to all customers (including you) per month. This could mean that, due the limit being reached in a particular month, you might not benefit from the free use of the Ozow Services, and as such will be liable for any costs related to the accessing or use of the Ozow Services. By continuing use of the Ozow Services, you confirm that you are informed of this limit applied to ZR Billing.
- ZR Billing shall not be available to you whilst roaming internationally. Standard data roaming rates will apply and will be charged as out of bundle usage to you, at the rates communicated by your specific service provider, and not Ozow.
- If you explore the internet in a random and unplanned way that results in you no longer browsing the predefined IP address, Port and URL access URLs, IP addresses and or Ports that are not within provided for the Ozow Services, you will incur the costs thereof.
- Where Ozow provides IPs, URLs and Port information but you have a proxy configured, ZR Billing will not work and thus you will not be able to access the Ozow Services free of charge. To avoid this, please remove any existing proxy settings to make use of ZR Billing. Browsers that utilize encryption and proxy technologies that result in the URLs or IPs of websites being blocked in any manner will not qualify for ZR Billing. Such connections will be subject to standard data costs payable by you.
- Ozow reserves the right to suspend and/or terminate any part of ZR Billing in relation to any/all Ozow Services on any of the service providers at its sole discretion, at any time, and due to any reason. If such occurs, you accept that you will then be liable for all costs associated with using any of the Ozow Services.
MTN terms and conditions
- ZR Billing is only:
- applicable to MTN subscribers within the South African borders who have MTN mobile data network connectivity; and
- available on MTN’s public APN service and is not supported on MTN Private APNs.
- SIM cards in mobile dongles or modems may not be able to receive daily usage notifications.
- Each customer will have 500MB daily limit which is applied across all MTN ZR Billing subscribers (“MTN subscribers”) on a first come first serve basis. This 500MB daily limit does not only apply to ZR Billing, but to all MTN subscribers’ who use other reversed bill URL’s as well, hence the daily limit of an MTN customer could be used up to access other MTN subscribers’ URL services, resulting in the customer being unable to connect free of charge to Ozow’s Services for that particular day. Once the daily limits for the website URL’s and mobile applications are depleted, standard MTN rates will be charged to customers for continued use of the Ozow Services.
- Accessing ZR Billing and Ozow Services will be at your own risk and MTN will not be held liable for any loss or damage suffered in respect to this. This includes you being redirected to a phishing website, and ‘taking the bait’.
Vodacom terms and conditions
- The usage and procurement of SIMs for the ZR Billing is governed by the relevant individual airtime contracts for the SIMs.
- The efficient functioning of ZR Billing is dependent upon the GSM Network availability. The GSM Network may temporarily fail, malfunction, provide limited or no coverage, or there may be reception or other transmission malfunctions, failures or errors of whatsoever nature.
- Whilst Vodacom will use its best efforts to secure the uninterrupted supply of ZR Billing and will use reasonable endeavours to make ZR Billing available at all times, Vodacom does not guarantee that there will be no interruptions or periods of unavailability, nor is any level of availability warranted.
Telkom terms and conditions
- ZR Billing will only be applicable to traffic generated from Telkom mobile subscribers i.e. Telkom SIM cards. Traffic generated from any other operator or medium will not be reverse billed.
Cell C terms and conditions
- Any Cell C SIM card will be able to access the specified Ozow Services.
- Standard RICA rules and processes apply when any SIM card that may make use of the Ozow Service is activated.
- All authorized Cell C SIM cards will be able to access the Ozow Services. Cell C cannot set individual usage limits per MSISDN.
- No usage limits will be enforced on any SIM card that you utilize when accessing the specified IP Range.
- All Cell C SIM card holders will be able to access the IP Range if the IP Range is known or disclosed to other Cell C SIM card users. Cell C will not be liable for any direct or indirect loss or damage due to any unauthorized access of the IP Range by a third party.