Posted: 28th November 2022
Effective as of 28th November 2022
At Ziina, we respect your privacy and want to give you the best possible experience to ensure that you enjoy our Services. Your privacy and the security of your Personal Data are, and will always be, enormously important to us. So, we want to transparently explain how and why we collect, store, share and use your Personal Data – as well as outlining the controls and choices you have in respect of Personal Data we hold about you.
a. “Bank Card” means a debit card, credit card or prepaid card;
b. “BankCard Details” means cardholder name, card number, Tokenized card number, card scheme (Visa/Mastercard), card type (debit/credit/prepaid/unknown), card country, card expiry date, Card Fingerprint and/or CVV of a Bank Card;
c. “Card Fingerprint” means a unique identifier of a Bank Card which we typically use to group transactions received from the same non-Users who use the same Bank Card via ZiiLink;
d. “comply with a legal or regulatory obligation” means processing your Personal Data where it is necessary for compliance with a legal or regulatory obligation that we are subject to;
e. “Data” means personal and non-personal User’s data that is submitted, generated, featured and displayed through the Platform, collected from the use of the Services and stored on Ziina’s servers.
f. “legitimate interest” means the interest of our business in conducting and managing our Services to enable us to give you the best Services and the best and most secure experience. We consider and balance any potential impact on you and your rights before we process your Personal Data for our legitimate interests;
g. “Performance of our Services” means processing your Data where it is necessary for the performance of our Services;
h. “Personal Data” means any information that specifically identifies an individual (such as a name, address, photo, telephone number, mobile number, e-mail address, birthday, office location, professional and personal interests, company name, title, department, spoken languages) or information about that individual that is directly linked to personally identifiable information;
i. “Platform” means any online tool provided, processed and/or maintained by Ziina (including, but not limited to, all subpages and subdomains, all Content, Services, and products available at or through Ziina’s website located at https://ziina.com/business/, Ziina’s mobile application and/or any other related domain offering access to, or facilitating the provision of, the Services);
k. “Services” means any online and/or offline services provided to Users by Ziina as set out in Ziina Payment LLC’s General Terms and Conditions;
l. “Tokenization” means the process of replacing sensitive data with a non-sensitive placeholder called a token, which are randomly generated into data of the same format and have no intrinsic value and “Tokenized” shall be construed accordingly;
m. “User”, “you” and “your” collectively mean the person that has visited or is using the Platform and/or the Service. A User may be a Sender, a Recipient, a ZiiLink User, all or neither;
n. “Ziina”, “we”, “our” and “us” means Ziina Payment LLC, license number 1112672;
o. “Ziina Payment LLC’s General Terms and Conditions” means all of the terms, conditions and notices contained or referenced in Ziina Payment LLC’s General Terms and Conditions and all other Ziina rules and policies available at https://ziina.com/business/, as amended from time to time.
p. “ZiiLink” means a QR code or payment link generated for a User by Ziina to allow that User to receive payments;
q. “ZiiLink User” means a legal or natural person that sends payment to a User using a ZiiLink.
1. Important Information
1.3 Your Duty to Inform Us of Any Changes in Your Personal Data
Please note that it is crucial to the Performance of our Services and correct working of the Platform that the Personal Data we hold about you is accurate and current. Please keep us informed and updated if your Personal Data changes during your relationship with us. Depending on the type of Personal Data, you may review and update your Personal Data in your Account settings at any time by logging in to your Account or by contacting us at [email protected].
1.4 Third-Party Links
2. The Data We Collect About You
2.1 Depending on which of our Services you use and how you interact with our Platform, we collect different kinds of information from or about you. We may collect, use, store, share, transfer or otherwise process different kinds of Personal Data about you which we have grouped together as follows:
a. Identity Data includes first name, last name, gender, Emirates ID details (such as ID number, nationality and expiry date), date of birth, photograph and face biometrics. If you have a business Account, we may collect, process and store additional information such as a copy of the company’s license, the company’s email, website URL and Instagram username.
b. Contact Data includes physical address, email address, and mobile number. For instance, we may collect mobile numbers of non-Users who use ZiiLink if they optionally decide to join any waitlist or otherwise provide these details.
c. Financial Data includes bank account details (such as name of bank, SWIFT code, branch name and branch address, account number, account name, type of account, IBAN number, currency, and account balance) and Bank Card Details which you link to your Ziina Account or which you use to make a payment via ZiiLink. Ziina does not collect, store or maintain your bank account credentials (username and password).
Our third-party payment gateway service providers and processors may store or otherwise process your Bank Card Details in accordance with their privacy practices, and we may share some of your Bank Card Details with them. For instance, if you are a non-User who uses a ZiiLink, we may share your cardholder name, Tokenized card number, card expiry date and Tokenized CVV number with them. In addition, our third-party PCI compliant data security providers may store or otherwise process your Bank Card number and CVV number in accordance with their privacy practices.
d. Transaction Data includes details about payment transfers to and from you such as a description of the transaction, the transaction amount, transaction currency, names of the Sender and Recipient, transaction date and time, devices and payment methods used to complete the transactions and any photo or GIF attached to the transaction.
e. Technical Data includes internet protocol (IP) address, your login data, browser type and version, model of your mobile phones and computers and their device identification number, operating system, hardware version, device settings and other technology identification on the devices used to access our Platform, file and software names and types, time zone setting, device locations such as through GPS, Bluetooth or Wi-Fi signals, browser plug-in types and versions, connection information such as the name of your mobile operator or ISP, or language setting.
f. Account Data includes User Account information such as Ziiname, pin code, privacy settings, notification settings, profile picture, if any, or transaction history.
g. Usage Data includes information about how you use our Platform, products and Services and how you use your devices to access our Platform, including the pages you visit and searches you make.
h. Marketing and Communications Data includes your preferences in receiving marketing from us and your communication preferences.
i. Contacts Data includes information that we collect from your contacts when you grant us access to your phonebook contacts. This includes your contacts’ names and phone numbers.
j. Other Personal Data includes:
(i) any other data uploaded onto our Platform by you or shared with other Users of our Platform by you via our Platform;
(ii) communications with us via social media platforms, email, electronic messages and other electronic and non-electronic communications;
(iii) third-party partner information related to how you use our third-party partners, such as your reviews of our partners or other service providers;
(iv) your networks and connections made available to us, depending on the permissions you have granted, from your mobile and desktop devices' address book contacts, and other social media such as Facebook, Instagram and Twitter.
2.2 We also collect, use and share aggregated Data such as statistical or demographic Data for any purpose. Aggregated Data may be derived from your Personal Data but is not considered Personal Data as this Data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of Users accessing a specific Platform feature.
2.3 We are dedicated to providing safe and secure Services. Therefore, before permitting you to use the Services, we may require additional information from you which we can use to verify your identity or other information or to manage risk and compliance throughout our relationship.
2.4 We may also collect additional information from or about you in other ways. For example, we may collect information related to your contact with our customer support team or store results when you respond to a survey or provide us with your feedback.
2.5 We do not collect any Personal Data about racial or ethnic origin, communal origin, political affiliations or opinions, religious or philosophical beliefs, trade-union membership, health, sex life or genetic data. Please note however that in order to verify your identity, maintain the security features of the Services and comply with the applicable laws and regulations, we may need to process your face biometric data.
2.6 Where we need to collect Personal Data by law, or under the terms of a contract we have with you and you fail to provide that Personal Data when requested, we may not be able to perform our Services. In this case, we may have to cancel the Service which you have with us and/or terminate your Account. We will notify you if this is the case at any time.
3. How Is Your Personal Data Collected?
We use different methods to collect Personal Data from and about you through the following categories of sources:
3.1 When you communicate with us in writing, by telephone, fax, email or through the Platform or other forms of electronic communication or when you submit information to us or allow us to access information;
3.2 From publicly available sources or from third-parties, most commonly where we need to conduct background checks about you. This may include third-party verification services;
3.3 From merchants/vendors that use our Platform to receive and/or request payments from their customers. This may include the customer’s name, phone number, transaction value and order completion details, as well as a note, image, and/or GIF sent by merchants/vendors;
3.4 Your devices and how you interact with our Services. You may give us your Personal Data by filling in forms on the Platform. This includes Personal Data you provide when you:
3.4.1 enter data for installing or using any Ziina powered application;
3.4.2 open a Ziina Account or provide Ziina Account information;
3.4.3 apply for our Services;
3.4.4 link your Bank Card to your Ziina Account;
3.4.5 use your Ziina Account to send or receive payments;
3.4.6 issue/use a ZiiLink to receive or send payments;
3.4.7 subscribe to our publications;
3.4.8 sign up for any waitlist or otherwise give us your contact information;
3.4.9 enter a competition, promotion or survey;
3.4.10 correspond with us (online or offline including via email addresses and phone numbers), if you contact us;
3.4.11 create, share or post Content on our Platform, as applicable; or
3.4.12 give us feedback and/or review our Services.
3.5 Automated technologies. As you interact with our Platform, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this Personal Data by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies;
3.6 Our group companies or affiliates;
3.7 Technical Data from the following parties:
3.7.1 analytics providers such as Google;
3.7.2 advertising networks/agencies;
3.7.3 search information providers.
3.8 Financial and Transaction Data from payment service providers, financial API providers, banks and financial institutions.
4. How Do We Share Your Information?
4.1 Information Shared with Everyone in The Community: We may publicly share some of your Data on the Platform such as your Ziiname or profile photo. Such Data may be visible to all Users on the Platform and may be seen by anyone on the Internet, whether or not they have a Ziina Account. Public information may also be seen, accessed, or used through third-party services that integrate with our Services.
4.2 Information Shared with Other Ziina Users: We may share Personal Data with the Users that you transact with when you make or accept a payment using our Services. Your Ziiname, the description of the transaction, the transaction date and time, and the payment amount and method may be provided to the other Users you transact with through Ziina. User transactions will always be private and we will not share the transaction information anywhere other than the User’s personal transaction history. However, if the transaction is a payment to another User, the transaction information will also be displayed on the personal transaction history of and be available to the Recipient.
4.3 Information Shared with Nominated Bank: In order to provide our Services, we may share your Personal Data with our Nominated Bank.
4.4 Information Shared with Merchants/Vendors: In order to enable vendors to accept payments from you using Ziina, we may share your Personal Data with them, such as your Ziiname, profile picture, transaction details (such as invoice number, transaction description, value, any image, note or GIF) and phone number. In case of payments made via ZiiLink, we may share your name, the relevant invoice number, transaction value, transaction timestamp, card scheme (whether Visa or Mastercard) you used to make the payment, last four digits of your card, and history of previous payments made from the same card to the relevant merchant.
4.5 Information Shared with our Affiliates and Group Companies: We may share your Personal Data with our affiliates and group companies to understand how you engage with Ziina products, to improve our Services, and to help us build Services tailored to your preferences.
4.7 Information Shared with our Service Providers: We may share your Personal Data with:
4.7.1 Third party service providers that assist us in providing our Services to you (for example, fraud prevention, anti-money laundering, identity verification, know your client or know your business checks, payment processing, or technology services);
4.7.2 Our professional advisers where it is necessary for us to obtain their advice or assistance, including compliance consultants, lawyers, accountants, IT or public relations advisers;
4.7.3 Banks that you have any accounts with, as well as financial institutions, payment networks, payment card associations, credit bureaus, and other entities in connection with your payment, money transfer process;
4.7.4 Service providers that help us run our marketing and advertising campaigns, contests, special offers, or other events or activities;
4.9 Protection of Ziina and Others: We may release Personal Data when we believe that disclosure is reasonably necessary (i) to comply with any applicable law, regulation, legal process or governmental request; (ii) to exercise or defend our legal rights; (iii) to enforce or comply with Ziina Payment LLC’s General Terms and Conditions or other applicable agreements or policies; (iv) to protect our or our customers’ or the public rights or property, or the security or integrity of our Services from harm, fraud, or potentially prohibited or illegal activities or otherwise; or (v) for an investigation of suspected or actual illegal activity.
4.10 Aggregated and Anonymized Information: We may share aggregated and anonymized information that does not specifically identify you or any User of our Services with service providers or other third parties.
5. How We Use Your Personal Data
We may collect, use and share your Personal Data for the following reasons:
5.1 Performance of our Services: We process your Personal Data because it is necessary for the Performance of our Services. In this respect, we use your Personal Data for the following:
5.1.1 To verify your identity (e.g., through government-issued identification numbers and facial recognition software);
5.1.2 To enable you to set up a Ziina Account;
5.1.3 To determine whether our Services are available in your country;
5.1.4 To connect you with other Users (including vendors);
5.1.5 To assist you in sending and/or requesting payments;
5.1.6 To record payment transactions and provide you with your historical transaction information;
5.1.7 To provide you with Ziina products and features you wish to use;
5.1.8 To identify and fix errors that impair how our Services function;
5.1.9 To answer any questions you may have;
5.1.10 To deal with any complaints you may have;
5.1.11 To send you surveys and collect any feedback you may have or to send you information we think you may find useful or which you have requested from us about our Services. For avoidance of doubt, you agree that we may communicate with you in a number of ways for the purpose of collecting your feedback, including through the Platform, by email, telephone, WhatsApp or through other digital channels. Please contact us at [email protected]if you wish to withdraw your consent to receive communications from us seeking feedback;
5.1.12 To provide, maintain, improve, personalize and facilitate our Services, Content, products and features;
5.1.13 To develop new products and services (such as machine learning based tools) to better serve you;
5.1.14 To track and analyze usage in connection with your use or the Performance of our Services; and
5.1.15 To issue reports/analytics on a no name basis for business and marketing purposes.
5.2 Legitimate interests: We also process your Personal Data because it is necessary for our legitimate interests, or sometimes where it is necessary for the legitimate interests of another person. In this respect, we use your Personal Data for:
5.2.1 The administration and management of our business, including recovering any money you may owe to us;
5.2.2 Seeking advice on our rights and obligations, such as where we require legal advice;
5.2.3 Contacting you to resolve disputes;
5.2.4 Investigating, detecting, preventing, recovering from, or reporting fraud, misrepresentations, security breaches or incidents, other potentially prohibited, malicious, or illegal activities, or to otherwise help protect your account;
5.2.5 Protecting your, our, or our other Users' rights or property, or the security or integrity of our Services; and
5.2.6 Verifying or maintaining the quality and safety of our Services.
5.3 Legal obligations We also process your Personal Data for our compliance with legal obligations which we are under. In this respect, we will use your Personal Data for the following:
5.3.1 Meeting our compliance and regulatory obligations, enforcing any applicable laws, regulations, legal requirements, and industry standards (such as compliance with anti-money laundering laws) and responding to lawful requests for information from the government or in relation to any legal process; and
5.3.2 As required by tax authorities or any competent court or legal authority.
5.4 Marketing:We may send you marketing about the Services we provide which may be of interest to you, as well as other information in the form of alerts, newsletters and invitations to the events or functions which we believe might be of interest to you or in order to update you with information (such as legal or commercial news) which we believe may be relevant to you. We may communicate this to you in a number of ways including through the Platform, telephone, SMS, email, post or other digital channels. You have the right to withdraw/unsubscribe your consent to marketing emails/newsletters at any time by contacting us at [email protected].
5.5 Promotional offers from us: We may use your Identity Data, Contact Data, Technical Data, Usage Data and Account Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which Services and offers may be relevant for you. You may receive promotional marketing communications from us if you have requested information from us or used our Services and, in each case, you have not opted out of receiving that promotional marketing communication.
5.6 Other reasons: For any other reason for which you provide us with your Personal Data and/or we may tell you about from time to time.
6.1 Our website uses web technologies such as cookies to distinguish you from other users of our site. This helps us to provide you with a good experience when you use our Platform. We use the following cookies:
6.1.1 Strictly necessary cookies. These are cookies that are required for the operation of our Platform. They include, for example, cookies that enable you to log into secure areas of our Platform.
6.1.2 Analytical/performance cookies. They allow us to recognise and count the number of Users and to see how Users move around our Platform when they are using it. This helps us to improve the way our Platform works, for example, by ensuring that Users are easily finding what they are looking for.
6.1.3 Functionality cookies. These are used to recognise you when you return to our Platform. This enables us to personalise our content for you, greet you by your name and remember your preferences (for example, your choice of language or region).
6.1.4 Targeting cookies. These cookies record your visit to our Platform, the pages you have visited and the links you have followed. We will use this information to make our Platform and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
6.2 While we set some of these automated technologies ourselves, some of them are set by third parties who provide services to us. For example, we may use other companies’ web analytics services such as Google Analytics, which use automated technologies to help us evaluate how our Users use our Platform.
7. Change of Purpose
8. Data Security
Your data security is important to us, and we take reasonable steps to ensure that your Personal Data is treated securely and to prevent unauthorised access, collection, use, disclosure, or similar risks.
We have put in place appropriate security measures to limit the possibility of your Personal Data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions and they are subject to a duty of confidentiality.
Although we aim to create a safe and secure environment, we cannot guarantee absolute security of the transmission or storage of your information. To the extent permitted by applicable law, we expressly exclude any liability arising from any unauthorised access to your Personal Data.
We have put in place procedures to deal with any suspected Personal Data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Please contact us at [email protected]immediately if you become aware of any unauthorised use of your Account by anyone else or any other breach of security.
9. Your Choices
9.1 You May Change Your Personal Information
Depending on the type of the information, you may access, review, change, or correct such information by logging into your Ziina account (in your Account settings) at any time or by making a request to us by contacting us at [email protected]. We may require additional information to verify your identity before granting access or otherwise changing or correcting your information.
9.2 You May Deactivating Your Account
If you wish to deactivate your Account, you can do so by emailing us at [email protected].
9.3 You May Cease Our Collection of Location Information
In order to provide certain Services, we may need to access to your location information, including precise geolocation information collected from your device. If you do not consent to collection of this information, certain Services may not function properly and you may not be able to use those Services. You can stop our collection of location information at any time via the settings on the Platform. If you do so, some of our Services may cease to function.
9.4 You May Opt Out of Promotional Notifications
You can opt out of receiving push notifications containing certain information from us by disabling “Notifications on Promotions” and/or “Notifications on Transactions” under the notification settings on the Platform or by following the instructions in those notifications, if applicable. If you decide to opt out, we may still send you non-promotional communications via in-app or push notifications or via email and SMS, such as messages about your Account.
10. Data Transfers
The Personal Data we collect from you may be transferred to, and stored at, a destination outside the UAE as it may be processed by our affiliates and group companies, or by our service providers when they are located outside of the UAE.
Where required for certain matters, we may use service providers located outside the UAE and transfer Personal Data to such service providers (for example, fraud prevention, anti-money laundering, know your client or know your business checks, payment processing, client verification services or technology services).
Depending on the circumstances we may also need to transfer Personal Data to other kinds of third parties, for example regulators, government authorities, law enforcement authorities (such as police) as necessary.
11. Data Retention
We will only retain your Personal Data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances, we may anonymize your Personal Data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
12. Information from Children
Our Platform is not intended for children and we do not knowingly collect Data relating to children. If we obtain actual knowledge that we have collected personal information from a child, we will promptly delete it, unless we are legally obligated to retain such data. Please contact us at [email protected]if you believe that we have mistakenly or unintentionally collected information from a child.
13. How to Contact Us