Privacy Policy

1. Information We Collect

We collect various types of information to provide and improve our services. This section comprehensively discloses all data collection practices in compliance with Google Play Store and Apple App Store requirements.

1.1 Personal Information You Provide

When you create an account, use our services, or contact us, we may collect:

• Full name
• Email address
• Phone number
• Date of birth (for age verification purposes only)
• Billing and shipping address
• Payment information (credit/debit card details, processed securely through third-party payment processors - we do not store complete card details on our servers)
• Company information (if applicable)
• Profile photo (optional)

1.2 Information Automatically Collected

When you use our App, we automatically collect certain device and usage information, including:

• Device identifiers (such as mobile device ID, IDFA for iOS, Advertising ID for Android)
• IP address
• Device type, model, and operating system version
• Browser type and version
• App usage data (features used, time spent, frequency of use)
• Crash reports and performance data (diagnostics)
• Network information (mobile carrier, connection type)
• Time zone and language settings

1.3 Location Information

With your explicit permission, we may collect precise location data (GPS coordinates) to provide location-based services. You can enable or disable location services through your device settings at any time. We may also collect approximate location (coarse location) based on your IP address even without GPS permission.

1.4 Camera and Photo Library (with permission)

If you grant permission, we may access your device camera to take photos or scan documents, and access your photo library to upload images. These permissions are used solely for app functionality, such as profile photo uploads or document verification. We do not access your camera or photos without your explicit consent.

1.5 Contacts (with permission)

If you grant permission, we may access your device contacts to help you connect with friends or invite others to use our services. We will not access your contacts without your explicit permission.

1.6 Cookies and Similar Technologies

We use cookies, web beacons, pixels, and similar tracking technologies to collect information about your browsing activities, personalize your experience, and analyze usage patterns. You can control cookie settings through your browser or device preferences.

1.7 Information from Third-Party Sources

We may receive information about you from third-party services such as social media platforms (if you connect your account), analytics providers, advertising partners, and payment processors.

2. How We Use Your Information

We use the collected information for the following purposes:

• App Functionality: To provide, operate, and maintain our App and services
• Account Management: To create and manage your account, authenticate your identity, and provide customer support
• Transaction Processing: To process payments, fulfill orders, and send transaction-related information
• Communications: To send administrative messages, updates, security alerts, and customer support responses
• Personalization: To customize your experience, show relevant content, and provide personalized recommendations
• Analytics and Improvement: To analyze usage patterns, monitor App performance, identify technical issues, and improve our services
• Marketing: To send promotional communications, special offers, and marketing materials (with your consent where required by law)
• Advertising: To display relevant advertisements and measure advertising effectiveness
• Security: To detect, prevent, and address fraud, security threats, technical issues, and violations of our terms
• Legal Compliance: To comply with legal obligations, respond to legal requests, and enforce our terms and policies

3. How We Share Your Information

We share your information only in the following circumstances and with parties that provide equal or greater protection of user data as required by this Privacy Policy:

3.1 Service Providers and Business Partners

We share your information with trusted third-party service providers who perform services on our behalf, including:

• Payment processors (e.g., Stripe, PayPal) for secure payment processing
• Cloud hosting providers (e.g., AWS, Google Cloud) for data storage and infrastructure
• Analytics providers (e.g., Google Analytics, Firebase) for usage analysis and performance monitoring
• Advertising networks (e.g., Google AdMob, Facebook Audience Network) for displaying ads
• Email service providers for sending communications
• Customer support platforms
• Crash reporting and diagnostic services

These service providers are contractually obligated to protect your data, use it only for the purposes specified, and comply with applicable data protection laws. They are not permitted to use your personal information for their own purposes.

3.2 Third-Party SDKs and Code

Our App integrates third-party software development kits (SDKs) that may collect information used to identify you. We ensure that all third-party code providers follow privacy practices consistent with this Privacy Policy and applicable laws. The third-party SDKs we use include analytics, advertising, crash reporting, and other service providers listed in Section 3.1.

3.3 Business Transfers

If we are involved in a merger, acquisition, sale of assets, financing, reorganization, bankruptcy, or other business transaction, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice in our App before your information becomes subject to a different privacy policy.

3.4 Legal Requirements and Protection of Rights

We may disclose your information if required to do so by law, in response to valid legal requests from public authorities (such as courts or government agencies), to comply with legal obligations, or when we believe disclosure is necessary to:

• Protect and defend our rights, property, or safety
• Protect the rights, property, or safety of our users or the public
• Prevent or investigate fraud, security threats, or illegal activities
• Enforce our terms of service and other policies

3.5 With Your Consent

We may share your information for other purposes with your explicit consent or at your direction.

3.6 Aggregated and Anonymized Data

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you for research, analytics, marketing, or other business purposes.

4. Data Security

We implement industry-standard technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, loss, or destruction. Our security measures include:

• Encryption of data in transit using SSL/TLS protocols
• Encryption of sensitive data at rest
• Secure authentication and access controls
• Regular security assessments, audits, and vulnerability testing
• Employee training on data protection and security best practices
• Secure data centers and infrastructure

However, no method of transmission over the internet or electronic storage is completely secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security. Please also take steps to protect your account by choosing a strong password and keeping it confidential.

5. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The retention period depends on:

• The nature of the data and the purposes for which it was collected
• Our legal and regulatory obligations
• Whether we have a legitimate business need to retain the data
• Your consent and requests for deletion

When information is no longer needed, we will securely delete or anonymize it in accordance with our data retention policies and applicable laws. If you request deletion of your account, we will delete or anonymize your personal information within a reasonable timeframe, except for information we are required to retain for legal, regulatory, or security purposes.

6. Marketing Communications

With your consent, we may send you promotional emails, push notifications, and other marketing communications about our products, services, and special offers. You can opt out of marketing communications at any time by:

• Clicking the "unsubscribe" link in marketing emails
• Disabling push notifications in your device settings
• Updating your communication preferences in App settings

Please note that even if you opt out of marketing communications, we will still send you transactional or administrative messages related to your account, purchases, and use of our services.

7. Third-Party Links and Services

Our App and website may contain links to third-party websites, applications, or services that are not owned or controlled by us. This Privacy Policy does not apply to third-party services. We are not responsible for the privacy practices or content of these third parties.

We encourage you to review the privacy policies of any third-party services you access through our App or website. When you click on third-party links, you are subject to the terms and policies of those third parties.

8. Children's Privacy

Our services are not intended for individuals under the age of 18 (or the age of majority in your jurisdiction). We do not knowingly collect personal information from children without parental consent.

If we become aware that we have collected personal information from a child under the applicable age without verified parental consent, we will take steps to delete that information as quickly as possible. If you believe we have collected information from a child, please contact us immediately at privacy@paynest.ae.

9. International Data Transfers

Your information may be transferred to, stored, and processed in countries other than your country of residence, including the United States and other countries where our service providers operate. These countries may have data protection laws that differ from those of your country.

When we transfer your information internationally, we implement appropriate safeguards to protect your data, including standard contractual clauses approved by relevant authorities, Privacy Shield certifications (where applicable), and other lawful transfer mechanisms. By using our services, you consent to the transfer of your information to these countries.

10. UAE-Specific Provisions

As a company operating in the United Arab Emirates, we comply with all applicable UAE data protection laws and regulations, including:

• UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data
• Dubai International Financial Centre (DIFC) Data Protection Law No. 5 of 2020 (if applicable)
• Abu Dhabi Global Market (ADGM) Data Protection Regulations (if applicable)

We ensure that all data processing activities comply with UAE law requirements, including obtaining necessary consents, implementing appropriate security measures, and responding to data subject requests in accordance with local regulations.

11. California Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA), including:

• Right to know what personal information we collect, use, disclose, and sell
• Right to request deletion of your personal information
• Right to opt-out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising your CCPA rights

To exercise these rights, please contact us at privacy@paynest.ae. We will verify your identity before processing your request.

12. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have specific rights under the General Data Protection Regulation (GDPR), including:

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to lodge a complaint with a supervisory authority

Our legal basis for processing your personal data includes: consent, performance of a contract, compliance with legal obligations, and legitimate interests. To exercise your GDPR rights, please contact us at privacy@paynest.ae.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

• Posting the updated Privacy Policy on our website and in the App
• Updating the "Last Updated" date at the top of this Privacy Policy
• Sending you a notification via email or push notification (for material changes)

Your continued use of our App and services after the effective date of the revised Privacy Policy constitutes your acceptance of the changes. If you do not agree to the revised Privacy Policy, please stop using our services and delete your account.

14. Contact Us

If you have any questions, concerns, requests, or complaints regarding this Privacy Policy or our data practices, please contact us at:

We are committed to resolving any privacy concerns you may have and will respond to your inquiries within a reasonable timeframe as required by applicable law (typically within 30 days).