Privacy Policy
1. About this privacy statement
This is the privacy statement of CauriPAY. (“CauriPAY.” or “we”). It applies to all CauriPAY subsidiaries and branches to the extent that they process personal data.
CauriPAY treats the personal data it receives through its websites, portals, applications and any other means with due care and is committed to protecting all personal data it receives. CauriPAY is bound by the General Regulations on Electronic Data Protection, the Cameroonian Data Protection and Electronic Commerce Law and the Cameroonian Telecommunications Law.
This privacy statement is designed to inform you about the type of information that CauriPAY collects and the purposes for which this information is processed, used, retained and disclosed.
This privacy statement aims to explain in a simple and transparent manner what personal data we collect about you and how we process it. It applies to the following persons:
• legal representatives and ultimate beneficial owners of all past, present and potential CauriPAY merchants and users and other commercial contracting parties such as independent sales agents. We are legally obliged to retain the personal data of these persons, also for a certain period after the end of the relationship, in accordance with the “Know Your Customer” (“KYC”) regulations; • any person involved in any transaction with our payment institution, including non-CauriPAY customers such as consumers/beneficiaries of CauriPAY merchants; and • any person visiting the CauriPAY website.
We may change this privacy statement to remain compliant with any changes in law and/or to reflect how our company processes personal data. This version was created on February 5, 2024.
2. Personal data
Personal data refers to any information that tells us something about you or that we can link to you. CauriPAY processes any information we receive from you, including personal and financial information you provide to us, including when you or your business: make a payment, request or apply for CauriPAY services, register to use and/or use any of our services and when you communicate with us by email, SMS, WhatsApp, website or portal, telephone or any other means of electronic communication.
This information may include you or your customer: • your name including first and last name, date of birth, email address, billing address, username, password and/or photograph, address, nationality and country of residence; • card account number, card expiry date, CVC details, bank details and/or issuer; and/or • information relating to any item purchased, including location of purchase, value, time and any feedback given in connection with that purchase or transaction.
By processing we mean anything we can do with this data, such as collecting, recording, storing, processing, organizing, using, disclosing, transferring or deleting. For more information on how we use your personal data, please refer to section 4 (“What we do with your personal data”).
You share personal information with us, for example when you: visit our website, fill out (online) form(s), sign a contract, make a payment or use our payment services, or contact us via the one of our channels.
We also use legally available data from public sources such as commercial registers, debtor registers and the media, or data legitimately provided by other companies within CauriPAY or by third parties.
3. Sensitive data
We do not record sensitive data relating to your health, ethnicity, religious or political beliefs unless strictly necessary. Where we do this, it is limited to specific circumstances, for example if you, as a customer of a CauriPAY merchant, make a payment for a membership fee to a political party or religious organisation.
4. What do we do with your personal data
We use your personal data only for legitimate business reasons. This includes:
▪ Administration: When you open a user or merchant account, we are legally required to collect personal data that verifies your identity (such as a copy of your ID card or passport) and assess whether we can accept you , you or your company, as a customer. We also need to know your address or telephone number.
▪ Customer relationship management : We may ask you for feedback on our products and services and share it with certain members of our staff to improve our offering. We may also use notes from conversations we have with you online, by telephone or in person to personalize products and services for you.
▪ Personalized marketing: We may send you letters, emails or SMS messages offering you a product or service based on your personal circumstances, or show you such an offer when you log in to our website or mobile applications . You can unsubscribe from these personalized offers. You have the right not to consent to or object to personalized direct marketing or commercial activities, including profiling related to such activities.
▪ Providing you with the most suitable products and services: When you visit our website, use our applications, call our customer service center or visit a branch, we collect information about you. We analyze this information to identify your potential needs and evaluate the suitability of the products or services.
▪ Improve and develop products and services: Analyzing how you use our products and services helps us know you better and shows us where we can improve. For example, when you open a user or merchant account, we measure the time until your first transaction to understand how quickly you can use your account. We analyze data about transactions between you and our business customers (merchants) to provide information services. When CauriPAY processes personal data for this purpose, aggregated data may be made available to the CauriPAY merchant (Any offline business or online store/online retailer). This merchant cannot identify you from this aggregated data. We analyze the results of our marketing activities to measure their effectiveness and the relevance of our campaigns.
▪ Fraud Prevention and Detection and Data Security: We have a duty to protect your personal data and to prevent, detect and contain data breaches. This includes information that we are required to collect about you, for example to comply with regulations against money laundering, terrorist financing and tax fraud. We may process your personal information to protect you and your assets from fraudulent activity, for example if you are a victim of identity theft, if your personal data has been disclosed, or if you are hacked. We may use certain information about you for profiling purposes (e.g. name, account number, age, nationality, IP address, etc.) in order to quickly and effectively detect a particular crime and the person behind it. here, at the request of the competent authorities.
▪ Internal and external reporting: We process your data for our payment operations and to help our management make better decisions regarding our operations and services. Comply with a number of legal obligations and legal requirements (e.g. anti-money laundering legislation and tax legislation).
Data that we process for any other reason is anonymized or we remove as much personal information as possible.
5. Who do we share your data with and why
Whenever we share personal data internally or with third parties in other countries, we ensure that the necessary safeguards are in place to protect it. To do this, CauriPAY relies on: • EU model clauses, which are standardized contractual clauses used in agreements with service providers to ensure that personal data transferred outside the African and European Economic Area comply with data protection legislation. • Privacy Shield framework that protects personal data transferred to the United States.
In order to be able to offer you the best possible services and remain competitive in our business, we share certain data both internally and outside CauriPAY. This includes:
CauriPAY Entities
We transfer data between CauriPAY businesses and branches for operational, regulatory or reporting purposes, for example to comply with certain laws, secure IT systems or provide certain services (see section 4 (“What we do with your personal data "). We may also transfer data to centralized storage systems or process it globally for greater efficiency.
Independent sales agents
We may share information with independent sales agents (referral partners) who act on our behalf.
Government authorities
To comply with our regulatory obligations, we may disclose data to relevant authorities, for example to combat terrorism and prevent money laundering.
In some cases, we are required by law to share your data with external parties, including: • public authorities, regulators and supervisory bodies such as fraud protection agencies and central banks of countries in which we carry out our activities • judicial/investigative authorities such as the police, prosecutors, courts and arbitration/mediation bodies at their express and legal request • lawyers, for example in the event of a claim or bankruptcy, trustees who ensure the interests of others and company auditors.
Financial institutions
When funds are transferred from a payer to a payee, the transaction involves other financial institutions, banks or a specialist financial company. CauriPAY may process payments through these other financial institutions. These external organizations may process and store your personal information abroad and we and they may disclose your information to foreign authorities to assist them in their fight against crime and terrorism. To process payments, we must share transaction information with another financial institution, such as your name and account number. We also share information with financial industry specialists who help us with financial services such as: • payment and credit transactions worldwide • electronic transaction processing worldwide • security transaction settlement and domestic and cross-border payment transactions.
Sometimes we share information with banks or financial institutions in other countries, for example when you make or receive a payment abroad.
Third-party service providers
When we use other service providers, we only share the personal data necessary for the particular task for which we are using the service provider. Service providers support us in activities such as: • carrying out certain services and operations • designing and maintaining Internet-based tools and applications • marketing activities or events and managing communications with clients • preparation of reports and statistics, printing of materials and product design • placement of advertisements on applications, websites and social networks.
Business transfers
CauriPAY may buy or sell business units or affiliated companies. In such circumstances, we may transfer customer information as a business asset. Without limiting the foregoing, if our business enters into a joint venture with, is sold to, or merges with another business entity, your information may be disclosed to our new business partners or owners.
With your permission
Your information may also be used for other purposes for which you give your specific authorization, or where required by law or where the terms of the laws of the relevant jurisdiction permit.
6. Cookie policy
CauriPAY uses cookies and similar technologies across our websites and apps to ensure that your experience runs smoothly and improves.
1 Functional cookies – These cookies may store the name of your browser, the type of computer and technical information about your means of connection to our system, such as the operating system and the Internet service providers used and other similar information. This information is used to technically facilitate the navigation and use of our platforms. In addition, functional cookies may be used to store personal settings, such as language, chosen theme or to remember your information on future visits, if requested.
2 Analytics cookies – CauriPAY also uses analytics cookies placed by Google Analytics (including Google Tag Manager) to measure the number of visits and which parts of the platform are most popular among visitors, as well as for other purposes comparative analysis. This information is used to provide aggregated and statistical information about the use of our applications and is used to improve the content, in order to improve your user experience. CauriPAY has followed the Cameroonian Data Protection Authority's manual to ensure that Google Analytics is used in a privacy-respecting manner. This means that we have asked Google to remove the last three digits of your IP address ("Anonymize IP") and have disabled the standard setting for sharing data with Google. Furthermore, CauriPAY does not use other Google services in combination with Google Analytics cookies.
Are you opposed to cookies?
Cookies generally process your IP address but do not record your personal information such as your email address or telephone number. If you do not want cookies to be stored on your computer or if you want to delete cookies already stored, you can do this through your browser settings.
Right to object to processing – You can object to CauriPAY using your personal data for its own legitimate interests. You will find a list of contact details at the end of this privacy statement. We will review your objection and determine whether processing your information has an undue impact on you that would require us to stop doing so.
You can also opt out of receiving personalized commercial messages from us. You cannot object to the processing of your personal data if we are legally required to do so, even if you have chosen to no longer receive personalized commercial messages.
Right to object to automated decisions – We sometimes use systems to make automated decisions based on your personal information if this is necessary to perform a contract with you, or if you have given us your consent to do so. You have the right to object to such automated decisions (for example by requesting a new copy of your passport if the one we have on file for you as a representative of your company is no longer valid) and to request that 'a real person makes the decision instead.
Right to restrict processing You have the right to ask us to restrict the use of your personal data if:
has you believe the information is inaccurate;
b we process data illegally;
vs CauriPAY no longer needs the data, but you want us to keep it for use in legal action; and or
d you have objected to the processing of your data for our own legitimate interests.
Right to object – If for any reason you are unhappy with how CauriPAY processes your personal data, you can file a complaint with CauriPAY's Compliance Officer via support@cauripay.com. You can also contact the data protection authority in your country.
Exercising your rights – How you can exercise your rights depends on the type of personal data processed by CauriPAY. This can be done through our website, by fulfilling our KYC obligations or by processing a transaction. We strive to respond to your request as quickly as possible.
In certain cases, we may refuse your request. If this is legally permitted, we will let you know within a reasonable time why we have refused it.
If you would like to exercise your rights or file a complaint, please contact us via the email address provided below.
8. Your obligation to provide data
We need to know certain information about you in order to begin and carry out our functions and fulfill our associated obligations. There is also information that we are legally required to collect. Without this data, we may, for example, not be able to open a payment processing account for your business.
9. How we protect your personal data
We apply an internal framework of policies and minimum standards to ensure the security of your data. These policies and standards are periodically updated to keep them abreast of regulations and market developments. More specifically and in accordance with the law, we take appropriate technical and organizational measures (policies and procedures, IT security, etc.) to guarantee the confidentiality and integrity of your personal data as well as the way in which they are processed.
Additionally, CauriPAY employees are subject to confidentiality and may not disclose your personal data in an illegal or unnecessary manner.
10. What can you do to help us keep your data secure
Unfortunately, the transmission of information via the Internet in general is not always completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our site; any transmission is at your own risk. Once we receive your information, we will use strict procedures and security features to attempt to prevent unauthorized access.
We do everything we can to protect your data, but there are also things you can do:
▪ install antivirus software, anti-spyware software and a firewall on your computer and keep them up to date;
▪ do not leave verification tokens or your credit card unattended;
▪ keep your passwords strictly confidential and use strong passwords, i.e. avoid obvious combinations of letters and numbers; and • be vigilant online and learn to spot unusual activity, such as a new website address or phishing emails asking for personal information.
11. How long do we keep your personal data
Once you are no longer a customer, we will retain your personal information for a reasonable period, or as permitted or required by law.
12. Contact us
If you would like to know more about CauriPAY's data policies and how we use your personal data, you can email us at the following dedicated email address: support@cauripay.com
