Privacy Policy
Thank you for using Dibsy!
We created this Privacy Policy (“Policy”) to give you confidence as you visit and use our Service. This Policy covers how we collect, use, store, and share your information when you use our Service. All references to “we”, “us”, “our”, or “Dibsy” refer to Paywise LLC a corporation duly organized and existing under Qatar law. All references to “you”, “your”, or “user” relate to the person or entity who registered an Account on Dibsy to use or access the Services.
Please read this Policy carefully. By clicking the applicable button or checkbox to indicate your acceptance of this Policy and our Terms, or otherwise by creating an Account and using the Service, you represent and agree that you have read, understand, and agree to be bound by both this Policy and our Terms as binding agreements.
We may update this Policy from time to time. If you continue using the Service after we make any changes to this Policy, you accept and agree to be bound by those changes. The most updated version of this Policy will always be posted on the Service, Furthermore, we will be sharing updates with our end user and representative via email and dashboard. In certain situations, we may notify you about material changes to the Policy. You are responsible for ensuring we have an up-to-date, active, and deliverable email address on file for you, and you agree that your use of the Service will be subject to any updated Policy posted on the Service, whether or not you receive notice of such changes.
1. Applicability
This Policy applies to personal information we collect on the Service. It does not apply to any non-personal information, or any information collected by any third party. As used in this Policy, “personal information” means information that can be used to identify any natural person either directly or indirectly.
Moreover, if you are a customer, we may collect Customer Data either directly from you or from the user using our Payment Processing Services.
2. Personal Information We Collect
2.1 Personal Information You Voluntarily Provide to Dibsy
When you register for an Account, we require that you provide us with certain personal information about you. This includes, but is not limited to, your first and last name, e-mail address, and the name of your business. As part of the account registration and verification process, we may also ask you for certain other information, such as your phone number and your tax identification number, as well as documents that include personal information about you. These documents include, but are not limited to, government-issued identification including identification containing photo and signature, bank statements, proof of income, documentation verifying the legal existence of your business and its beneficial owners and principals, bank statements and related banking information, and other financial documents to verify your identity and assess the risk associated with your business. Even if you access and use the Service without registering for an Account, you may choose to provide us with certain personal information about you (for example, you may want to sign up for our newsletters or RSVP for events). The collection of this information is necessary to provide the functionality of the Service and/or to comply with applicable laws and regulations related to the Service’s product offerings.
If you are a customer of merchant register with us, when you make a payment through a user’s website or application in relation to a Transaction, we will receive certain Customer Data. Customer Data may include:
- First and last name.
- Physical and/or mailing address.
- Financial information, including but not limited to credit or debit card numbers or bank account information.
- Email address; and
- Phone number.
The collection of this Customer Data is necessary to provide the functionality of the Service (mainly, to process the Transaction) and/or to comply with applicable laws and regulations related to the Service’s product offerings. We may use Customer Data for the following purposes: (i) providing and improving the Services; (ii) internal usage, including but not limited to, data analytics and metrics so long as such Customer Data has been anonymized and aggregated with other customer data; (iii) complying with applicable legal requirements and assisting law enforcement agencies by responding to requests for the disclosure of information in accordance with applicable law; and (iv) any other purpose for which consent has been provided by the Customer.
2.2 Personal Information We Collect Automatically
We collect certain information about you automatically as you access and use the Service and may similarly collect information from Customers. This includes:
- Device information, such as a unique device identifier; and
- Location information, such as your IP address or geo-location.
This information does not identify you directly but may nevertheless be considered personal information.
2.3 How We Use Personal Information
We use the personal information that we collect to make the Service available to our users, to comply with our legal obligations under Payment Handling and Protection Regulation, Payment Service Regulation and other related laws, to market and promote the Service, to improve the Service, and to protect our legal rights.
Examples of the ways in which we may use your personal information include:
- Allowing you to register for an Account and use the Payment Processing Services.
- Verifying your identity in compliance with our obligations under applicable law.
- Identifying fraudulent or illegal activity.
- Providing you with information, products or services that you request from us.
- Carrying out our obligations and enforcing our rights arising from any contracts entered between you and us, including for billing and collection.
- Notifying you about changes to the Service, such as updates to this Policy; and,
- Understanding how our users interact with the Service to improve the Service and our product offerings.
We may use your personal information to contact you about our products. If you no longer want to receive marketing-related emails from us, you may opt out via the unsubscribed link included in such emails, or by whatever other means we allow you to unsubscribe. We will comply with your request as soon as reasonably practicable. Please note that even if you opt out of marketing emails, we may still send you essential administrative messages related to our Services.
We may also use your personal information for any other purpose with your consent.
2.4 How We Share Personal Information
We may disclose or share personal information that we collect in the following circumstances:
- With our subsidiaries and affiliates (please refer to the List of Third Parties for the list thereof);
- With our contractors and vendors who support aspects of the Service and our business, including services related to website hosting, data analysis, information technology and related infrastructure, bank account identity and authentication, helpdesk and support, user identity verification, screening checks and fraud prevention (please refer to List of Third Parties for the list of said contractors and vendors);
- With our banking partners, including Payment Method Providers and Acquirers, who enable the processing of Transactions via the Payment Processing Services (please refer to the List of Third Parties for the list thereof);
- When we believe, in good faith, that disclosure is necessary to prevent physical harm or financial loss, to report suspected illegal activity, or to investigate violations of our Terms of Service or any other applicable policies; and
- With your express consent.
Any third-party entity to whom we disclose your personal information is contractually required to comply with confidentiality standards and establish adequate safeguards for data privacy, undertake to respect your right to privacy and comply with applicable laws. We also require that these third-party entities use information shared with them only for authorized purposes and follow our reasonable directions with respect to this information.
Additionally, we may share your personal information as required to comply with any subpoena, court order, similar legal process, including to respond to any government or regulatory request. To the extent permitted by law, we will notify you if we receive government requests about your data.
Finally, we may disclose anonymized, non-personal information about the Service and our users without restriction.
If you do not wish any of your personal information to be shared with any third party or for any of the indicated purposes, please contact us immediately on our mail ops@dibsy.one.
2.5 Accessing and Correcting Your Information
You are solely responsible for ensuring that any personal information that you provide to us is accurate. You may be able to view and update certain personal information that we have about you by logging into your Account or by emailing the address provided at the end of this Policy. Please note that we reserve the right to reject any changes you make to your personal information and to reject any requests to change your personal information submitted through inappropriate channels.
3. Data Security
We use commercially reasonable physical, technical, and administrative measures to secure your personal information from accidental loss and from unauthorized access, use, and disclosure. For example, we (i) have implemented a strict data security policy, (ii) restrict access to personal information to employees, contractors, and other service providers on a need-to-know basis, (iii) use industry-standard encryption technology to secure data, (iv) train our personnel on privacy issues and have appointed a data privacy officer, (v) review the privacy practices of new products and services that we integrate into our Service, and (vi) require our personnel to sign confidentiality agreements that extend to your personal information.
Please also keep in mind that the safety and security of your information also depends on you. You are responsible for keeping your account information, including your password, confidential. We ask you not to share your password with anyone. If you have reason to believe that your data is no longer secure, please contact us immediately at the email address, mailing address or telephone number listed at the end of this Policy.
4. Data Retention
We may retain your personal information for the longer of: (i) the length of time required by law; (ii) the length of time required by our compliance program; or (iii) the length of time required by our banking partners, including Payment Method Providers and Acquirers. Please note that if you delete your Account, we may still retain your personal information as explained above. You may delete your Account through the Dashboard, or you may email the address provided at the end of this Policy.
5. Automated Data Collection Technologies
As you navigate through and interact with the Service, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions and patterns, as further described in this Policy.
5.1 Cookies and Analytics
We may use cookies and other technologies to automatically collect information about your use of the Service. You can learn more about these technologies below. We may use this information to provide you with better user experience, to comply with our legal obligations under Payment Handling and Protection Regulation, Payment Service Regulation and related laws, to protect you and detect irregular or fraudulent account activities, to customize our services and content for you, and to better understand how our users interact with the Service.
Cookies. A cookie is a small file placed on your computer when you visit certain websites. Cookies may be either first-party or third-party cookies, and they may be either permanent or temporary (i.e. session) cookies. It may be possible to refuse to accept cookies by activating the appropriate setting within your browser. However, if you disable or refuse cookies, please note that some parts of the Service may be inaccessible or may not function properly.
Other Technologies. We may use other third-party services that automatically collect information about you to better understand how you use and interact with the Service. For example, we may use third-party vendors to provide us with services surrounding analytics, advertising, and cybersecurity. The information collected through this process by the third-party service providers does not enable us or them to identify name, contact details or other personal information that directly identifies you unless you choose to provide these.
5.2 “Do Not Track” Signals
To the extent that we receive any Do-Not-Track signals, we will not comply with them in accordance with AML and KYC guidelines and to mitigate the risk of fraud.
6. Data Protection and GDPR Compliance
6.1. Compliance with GDPR: We are committed to processing personal data in compliance with the General Data Protection Regulation (GDPR) where applicable. By using our services, you acknowledge and agree to our collection, processing, and storage of your personal data as outlined in our Privacy Policy.
6.2. Roles and Responsibilities Under GDPR: As part of our services, Dibsy acts as a Data Processor, and you (merchant) act as the Data Controller. This distinction is important for compliance with the General Data Protection Regulation (GDPR).
As the Data Controller, you are responsible for determining the purposes and legal basis for processing personal data, ensuring compliance with GDPR, and obtaining any necessary consents from data subjects. It is your responsibility to ensure that your use of our services complies with all applicable data protection laws and regulations.
As the Data Processor, we process personal data strictly in accordance with our agreement and according to the prescribed instruction in Payment Handling and Protection Regulation.
6.3. Merchant Obligations: As the Data Controller, you are responsible for ensuring that: i) You have obtained all necessary consents or legal bases for processing personal data, ii) You provide data subjects with adequate notices regarding the processing of their personal data, including its transfer and storage in the Qatar, iii) You comply with all applicable data protection laws, including GDPR, iv) Your instructions to us as the Data Processor comply with applicable laws and regulations.
6.4. Data Subject Rights: You have the following rights regarding your personal data: i) Access: Request access to the personal data we hold about you, ii) Correction: Request correction of any inaccurate or incomplete data, iii) Deletion: Request deletion of your data ("Right to be Forgotten"), subject to applicable legal and contractual obligations, iv) Portability: Request your personal data in a portable format, v) Restriction or Objection: Restrict or object to processing under certain circumstances, as permitted by law. To exercise your rights, please contact us at ops@dibsy.one. Requests will be handled in accordance with GDPR timelines and requirements.
- Limited Liability: While we strive to comply with GDPR and maintain robust data protection measures, we do not guarantee uninterrupted or error-free service. Our liability for any claims arising under GDPR shall be limited to the extent permitted by applicable law.
- Breach Notification: In the event of a data breach involving your personal data, we will notify affected individuals and relevant authorities as required by GDPR, subject to applicable laws and regulations.
- Marketing Communications: We only send marketing communications to users who have provided explicit consent. You may withdraw consent at any time by clicking the "unsubscribe" link in our communications or by contacting us directly.
7. Third-Party Services
Any third-party services integrated with the Service shall be subject to the policies and practices of such third parties, and we are not responsible for how they collect, use, and share your personal information. We encourage you to review the privacy practices and policies of such third parties. We make no guarantees about, and assume no responsibility for the information, services, or data privacy practices of third parties.
8. Contact Us
To ask questions or comment about this Policy and our privacy practices, please contact us at ops@dibsy.one.