Privacy Policy

Introduction

Welcome to the https://saobarterpay.com Website (the “Site”).

This Privacy Policy describes the ways Barterpay LTD (“Barterpay”, “we”, “us”, “our”) collects, uses, shares, and protects Personal Information you provide us during the usage of saobarterpay.com website (the “Website”) or our products. It governs the rules of personal data processing of our clients, their partners representatives and all other Website visitors.

We understand that privacy online is important to our users, especially when conducting business. We obtain Personal Data about you from various sources to provide our Service and to manage our Sites. “You” may be a visitor on our website, a user of our services (“User”), or a customer of a User (“Customer”).

The purpose of this Notice is to inform you about the processing of personal data by us and to inform you of your rights.

By visiting www.saobarterpay.com you are accepting and consenting to the practices described in this policy.

Information we collect:

Personal and non-personal data

Personal information is information that can be used to uniquely identify a single person, which includes but is not limited to:

  • Contact details (email, telephone number or messenger ID)
  • Details of your identity document
  • Residence address
  • Financial information
  • Employment details
  • Geolocation details
  • History of your logs and activity on the Website
  • IP address, browser and operating system information, device fingerprint.

We also collect non-personal information, or may anonymize personal information in order to make it non-personal. Non-personal information is information that will not allow a specific individual to be identified. We may collect, store, use, transfer and disclose non-personal information for any purpose; for example, the use of aggregated transactional information for commercial purposes.

How we obtain personal data

Most information we collect is provided by you directly for example, if you contact us, sign up for our newsletter, or provide information to us in the course of using our Services. When you provide personal data to “Barterpay”, please do not provide information that is irrelevant, inaccurate, and/or unnecessary for the provision of Services.

We could also receive some information from publicly available sources (for example, on ID verification, anti-fraud and transaction monitoring services.

We obtain some information automatically when you visit our Sites, for example, via cookies (more information regarding cookies see below).

We may also obtain information from third parties, such as our Merchants with which you do business.

Cookies

We use cookies to provide us with usage data regarding user’s activities on saobarterpay.com and provide a better more personalized experience.

Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer’s hard drive. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our site.

How we use your data

We will use your personal data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you (for example, to provide you with any products and/or services which you have requested);
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (for example, undertaking analysis and research for the purposes of improving our website user experience); and
  • Where we need to comply with a legal or regulatory obligation (for example, equal opportunities monitoring).

Legal basis of using your data:

  • Consent. For some processing activities, we require your prior consent. This applies for example to some of our direct marketing activities which fall under the scope of the GDPR and ePrivacy rules. You may withdraw your consent at any time (see below). Performance of a contract. Some personal data we process about you is for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract with us.
  • Legal obligation. In some cases, we have to process your personal data to comply with legal obligations, including those applicable to financial services institutions, such as under the Bank Secrecy Act and other anti-money laundering laws.
  • Legitimate interest. In most cases where we process personal data in the context of our Services we rely on our legitimate interests in conducting our normal business as an online payments company as a legal basis for such processing.
  • Where we process personal data relating to criminal convictions and offenses, we will ensure that we have a lawful basis to do so.

How we protect and store your personal information

We take the security of our data seriously. We use administrative, technical, and physical security designed to safeguard personal data in our possession, and we maintain internal policies and procedures to address our data security. However, we cannot guarantee the security of the data that we collect and store. We will notify relevant supervisory authorities and data subjects in the event of a data breach, if required under applicable law.

To whom we share your personal information:

  • Other entities, including to help detect and prevent potentially illegal acts and violations of our policies, and to guide decisions about our products, services and communications;
  • Service providers who help with our business operations and to deliver our Services, such as:
  • Cloud service providers providing cloud infrastructure;
  • Providers of ID verification solutions and other due diligence solutions (such as KYC and anti-money laundering);
  • Providers of website analytics;
  • Providers of customer service solutions outside of the EEA;
  • Law enforcement, government officials, regulatory agencies, our banks, and other third parties pursuant to a subpoena, court order or other legal process or requirement if applicable to “Barterpay”; or when we believe, in our sole discretion, that the disclosure of data is necessary to report suspected illegal or fraudulent activity or to investigate violations of our Terms of Use;

We may transfer your Personal Information outside of the European Economic Area only if it falls within the scope of the GDPR, in the following cases:

  • if the country where we transfer your Personal Information provides adequate level of personal data protection (based on the relevant decision of European Commission);
  • if we take appropriate safeguards to ensure that your rights as a data subject are protected (e.g., conclude standard contractual clauses or ask for your consent for such transfer);
  • if any derogations for specific situations apply (for instance, if such transfer is necessary for the establishment, exercise or defense of legal claims or for important reason of public interest).

We may use specific contracts, including Standard Contractual Clauses (also known as EU Model Clauses). In particular, we offer Standard Contractual Clauses to meet data transfer requirements in respect of our Merchants or third parties such as service providers. You can obtain a copy of such contracts by contacting us. Please find our contact details below.

Privacy Shield disclosures

Consistent with the Principles, “Barterpay” will only disclose an individual’s non-public personal data to third parties under one or more of the following conditions:

  • The disclosure is to a third party providing services to “Barterpay”, or to the individual, in connection with the operation of our business, and as consistent with the purpose for which the personal information was collected. We maintain contracts with these third parties and require that they provide at least the same level of privacy protection and security as required by the Principles. To the extent provided by the Principles, we remain responsible and liable under the Principles if a third party that we engage to process personal information on our behalf does so in a manner inconsistent with the Principles, unless we prove that we are not responsible for the matter giving rise to the damage;
  • With the individual’s permission to make the disclosure;
  • Where required to the extent necessary to meet a legal obligation to which we are subject, including a lawful request by authorities, national security or law enforcement obligations, and applicable law, regulations, subpoenas, court order, or other legal requirement;
  • Where reasonably necessary for compliance or regulatory purposes, or for the establishment of legal claims.

Controller and data protection officer

Barterpay is the data controller for your personal data. We have appointed a Data Protection Officer (“DPO”). The DPO is contactable by email at dpo@saobarterpay.com The DPO will monitor our compliance with the GDPR. If you have any questions about this policy please send them to the DPO in the first instance.

Your Rights:

Under the GDPR and relevant implementation acts, individuals have statutory rights related to their personal data. Please note that rights are not absolute and may be subject to conditions.

One key right is the Right to object

You have the right to object to processing of your personal data where we are relying on legitimate interests as our legal basis (see above). Under certain circumstances, we may have compelling legitimate grounds that allow us to continue processing your personal data. Insofar as the processing of your personal data takes place for direct marketing purposes, including profiling for direct marketing, we will always honor your request.

Other rights are as follows:

  • Right to withdraw consent. Insofar as our processing of your personal data is based on your consent (see above), you have the right to withdraw consent at any time
  • Right of access. You have the right to request access to your personal data.
  • Right to rectification. You have the right to request rectification of the personal data that we hold about you.
  • Right to erasure. You have the right to request erasure of your personal data. This enables you to ask us to delete or remove personal data in certain circumstances.
  • Right to restriction. You have the right to request restriction of processing of your personal data.
  • Right to data portability. In some cases, you have the right to request to transfer your personal data to you or to a third party of your choice.

Personal data retention

You have the right to object to processing of your personal data where we are relying on legitimate interests as our legal basis (see above). Under certain circumstances, we may have compelling legitimate grounds that allow us to continue processing your personal data. Insofar as the processing of your personal data takes place for direct marketing purposes, including profiling for direct marketing, we will always honor your request.

Marketing

We may send you email marketing communications about our products and services, invite you to participate in our events or surveys, or otherwise communicate with you for marketing purposes, provided that we do so in accordance with the consent requirements that are imposed by applicable law.

Opting Out

We may send you email marketing communications about our products and services, invite you to participate in our events or surveys, or otherwise communicate with you for marketing purposes, provided that we do so in accordance with the consent requirements that are imposed by applicable law.

Updates to this Privacy Policy and Notifications

We may update this privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on the Site. You are advised to review this privacy policy periodically for any changes.

This Privacy Policy was last updated: 5th February, 2024

Contact Us

If You have any questions or complaints about this Privacy Policy, please contact us electronically or send mail to: dpo@saobarterpay.com