In the course of your use of the smart, affordable and convenient #Payless services, we shall mandatorily collect and store your personal data. The policy herein sets out the modalities of how #Payless will collect, use, store, share and protect your personal information in accordance with the Data Protection Act No. 17 of 2019, the regulations thereto and the General data Protection Regulations (GDPR). The policy applies to all #Payless services, affiliated websites, applications, services and tools regardless of how you access or use them.

1. Scope of application and acceptance to be bound.

During your sign up for, access, or use of any of #Payless products, services, content, features, technologies or functions offered on our website and all related sites, applications, and services (collectively “#Payless Services”), you are deemed to have irrevocably given your consent to strictly be bound by the provisions of the policy herein. #Payless reserves the right to amend and/or revise and modify this policy at any time by posting a revised version on our website. The revised version will be effective at the time it is posted on the relevant sites and/or platforms.

2. Personal data collected

2.1 Personal data that we collect automatically

When you visit and/or use any of the #Payless services whether on the #Payless digital application from the Apple store or google playstore or on the #Payless website, we collect information sent to us by your computer, mobile phone or other access device. The information sent to us includes but is not limited to the following: data about the pages you access, Device ID/IP address, or unique identifier, device type and device application version, geo-location information, computer and connection information, mobile network information, statistics on page views, traffic to and from the sites, referral URL, ad data, and standard web log data and other information;

2.2 Personal data you provide to us

We may collect and store any information you enter on the #Payless website or you provide to us in context of using our site, applications, services, or tools. When you visit the #Payless website or use #Payless Services, we also collect information about your transactions and your activities. In addition, if you open a ##Payless e-wallet account or use #Payless services, we may collect the following types of information:I. Contact information, such as your name, address, phone, email and other similar information;II. Financial information, such as the full bank account details and/or credit/debit card details that you use to top up your #Payless e-wallet account when you use #Payless Services;III. Detailed personal information such as your date of birth or national ID number.We may also collect information from or about you in other ways, such as through your contact with our customer care team, your results when you respond to a survey and your interactions with our partners.

2.3 Personal data from other sources

#Payless may equally collect personal data from other third parties such as credit reference bureaus and identity verification services and other necessary associated service providers. You may choose to provide us with access to certain personal information stored by third parties such as social media sites. The information we may receive varies by site and is controlled by that site and/or source. By associating an account managed by a third party with your #Payless e-wallet account and authorizing #Payless to have access to this information, you agree that #Payless may collect, store and use this information in accordance with this Privacy Policy.

3. Authentication and Fraud Detection and Anti-Money laundering

In order to help protect you from fraud and misuse of your personal information, we may collect information about you and your interactions with our website or the #Payless application. These improves our efforts in shielding your data and your personal #Payless Account from fraud and related cyber-attacks. #Payless pledges to continuously update and improve its services in accordance with the existing AML & CFT regulations in place. While we #Payless will continuously

4. Mobile Privacy

We may offer you the ability to connect with our sites, or use of our applications, services, and tools using a mobile device, either through a mobile application or via a mobile optimized website. The provisions of this Privacy Policy apply to all such mobile access and use of mobile devices. This Privacy Policy will be referenced by all such mobile applications or mobile optimized websites. When you download or use our Mobile Applications, or access one of our mobile optimized sites, we may receive information about your location and your mobile device, including a unique identifier for your device. We may use this information to provide you with location-based services, such as advertising, search results, and other personalized content. Most mobile devices allow you to control or disable location services in the device's setting's menu.

Further to the foregoing, any exposure that is a consequence of a customer’s negligence and irregular use of #Payless services on his/her mobile device and the resultant liability therefrom shall not be attributable to #Payless.

5. How We Use the Personal Information We Collect

#Payless collects your personal data and information to enable it to provide you with a secure, smooth, efficient, and customized experience in your use of the #Payless services both on the digital application and the website. #Payless may utilize the personal data collected from you to:I. provide #Payless Services and customer support;II. process transactions and send notices about your transactions;III. resolve disputes, collect fees, and troubleshoot problems;IV. prevent potentially prohibited or illegal activities, and enforce our end user Agreement;V. customize, measure, and improve #Payless Services and the content, layout, and operation of our websites and applications;VI. deliver targeted marketing, service update notices, and promotional offers on #Payless services as well as #Payless affiliated services and services incidental to your subscription;VII. Contact you vide through the available communication channels including your telephone number, through text (SMS), call and email messaging, and in app- communications as authorized by the user Agreement;VIII. Compare information for accuracy and verify it with third parties.

1. Marketing

We may combine your information with information we collect from other companies and use it to improve and personalize #Payless Services, content, and advertising. You accept to receive any promotional materials from us to inform you about services.

If you do not wish to receive marketing communications from us or participate in our loyalty programs, or if you no longer wish to receive notifications, simply communicate with our data Controller team at privacy@Payless.africa;

We may call or send a text message (SMS) to you via a mobile phone number that you have provided to us;

You may opt out of promotional services asper the permitted mobile network operator’s regulations in place.

We do not sell or rent your personal information to third parties for their marketing purposes without your explicit consent, which is hereby given to #Payless by dint of your downloading and installing the #Payless application on your device and subscribing to the services thereto.

7. How We Protect and Store Personal Information

Throughout this policy, we use the term "personal data" to describe information that can be associated with a specific person and can be used to identify that person. We do not consider personal data to include information that has been made anonymous so that it does not identify a specific user.

We may process, store and retain your Personal Data on our servers where the data centers are located, and/or on the servers of third parties having contractual relationships with us.

1. Data Security

#Payless has implemented stringent security measures to safeguard your information including:

• Encryption: Your data is encrypted during transmission and storage.

• Access Controls: Limited access to your data by authorized personnel only.

• Security Audits: Regular assessments to identify and address potential vulnerabilities.

• Employee Training: Our staffs are trained to handle your data securely.

8. Processing of personal data to third parties

I. #Payless does not share, sell and or rent out the personal data collected from you to third parties without your consent. For avoidance of doubt, in cases where such data is shared with third parties, #Payless pledges to handle and/process your personal data with the required threshold of fairness, transparency and lawfulness in accordance with the provisions of the Data Provision act no. 17 of 2019. #Payless may your personal data with;a) Third party stakeholders and/or other related service providers like loyalty, credit and customer support, to help detect and prevent potentially illegal acts and violations of our policies, and to guide decisions about their products, services, and communications. Members of our corporate family will use this information to send you marketing communications;b) Service providers under contract who help with our business operations, such as fraud prevention, bill collection, marketing, and technology services. Our contracts dictate that these service providers only use your information in connection with the services they perform for us and not for their own benefit;c) Financial institutions that we partner with to jointly create and offer a product. These financial institutions may only use this information to market #Payless-related products;d) Credit bureaus and collection agencies to report account information, as permitted by the law;e) Companies that we plan to merge with or are acquired by. (Should such a combination occur, we will require that the new combined entity follow this Privacy Policy with respect to your personal information. If your personal information could be used contrary to this policy, you will receive prior notice.)f) Law enforcement, government officials, or other third parties pursuant to a subpoena, court order, or other legal process or requirement applicable to #Payless or one of its affiliates; when we need to do so to comply with law or credit card rules; or when we believe, in our sole discretion, that the disclosure of personal information is necessary to prevent physical harm or financial loss, to report suspected illegal activity or to investigate violations of our user Agreement.g) Other third parties with your consent or direction to do so.

II. Please note that these third parties may be in other countries where the laws on processing personal information may be less stringent than in your country.

III. If you open a #Payless account directly on a third-party website or via a third-party application, any information that you enter on that website or application (and not directly on a #Payless website) will be shared with the owner of the third-party website or application. These sites are governed by their own privacy policies and you are encouraged to review their privacy policies before providing them with personal information. #Payless is not responsible for the content or information practices of such third parties.

9.1. How You Can Access or Change Your Personal Information

You can review and edit your personal information at any time by logging in to your account and reviewing your account profile. If you close your #Payless account, we will mark your account in our database as `"`Closed`"`, but may retain personal information from your account for a certain period of time to collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigations, prevent fraud, enforce our user Agreement, or take other actions as required or permitted by law.

10. Your Rights

You have the right to:- Be Informed: to be informed that we are collecting personal data about you and how we process it.- Object and Restrict: Object to certain processing activities and request restrictions.- Delete: Request deletion of your data, noting that we may continue to retain your information subject to legal requirements.- Withdraw Consent: If applicable, withdraw your consent for specific processing activities. We may continue to process subject to legal requirements.- Data Portability: Request transfer/Receive a copy of your data in a machine-readable format i.e PDF format.

11. Cookies and Tracking Technologies

#Payless may use cookies and similar technologies to enhance your experience and analyze usage patterns. You can manage your cookie preferences through your device settings. Please note that a “cookie” is a small piece of information stored by a web server on a web browser so it can be later read back from that browser. We may use cookies and tracking technology depending on the features offered. No Personal Data will be collected via cookies and other tracking technology, however, if you previously provided Personal Data, cookies may be tied to such information.

1. Changes to this Policy

#Payless may update this Privacy Policy from time to time. We will notify you of significant changes and provide the revised policy on our website or app or you can click #Payless privacy statement to view the updated one.

1. Statement Effective Date

Sat Mar 02 2024 08:29:23 GMT+0000 (Coordinated Universal Time)

#PAYLESS SOLUTIONS LIMITED
P.O BOX 38532-00623, PARKLANDS,
LEMAC BUILDING, 23RD FLOOR, CHURCH ROAD,
WESTALNDS, NAIROBI
www.payless.africa
support@payless.africa