Fonepay Business App - Privacy Policy

By using fonepay, you confirm that you are in agreement with and bound by the Privacy Policy.

Fonepay Payment Service Limited
Pulchowk Road, Lalitpur, Nepal
Effective Date: 02/01/2024
 
This document governs the privacy policy of our Mobile Application; hereinafter referred to as “Mobile App”.
 
This Privacy Policy is acknowledged and consented to by using the Fonepay Business App (Hereinafter “App”). Before using this app, please read this Privacy Statement carefully. By using our app, you acknowledge that you have read, understood, and agree to the terms and conditions of this Policy.

This policy describes how Fonepay collects, stores, uses and otherwise processes your Personal Information through Fonepay websites, Fonepay Applications, chatbots, notifications or any other medium used by Fonepay to provide its services to you (hereinafter referred to as the “Platform”). By visiting, downloading, using Fonepay Platform, and/or, providing your information or availing our product/services, you expressly agree to be bound by this Privacy Policy (“Policy”) and the applicable service/product terms and conditions. We value the trust you place in us and respect your privacy, maintaining the highest standards for secure transactions and protection of your personal information.

Information Collection

We may collect your Personal Information when you use our services or Platform or otherwise interact with us during the course of our relationship. We collect Personal Information which is relevant and absolutely necessary for providing the services requested by you and to continually improve the Fonepay Platform.

Personal and Sensitive Personal Information collected, as applicable, includes, but are not limited to:

  • Name, age, gender, photo, address, phone number, e-mail id, your contacts.
  • KYC-related information such as PAN, income details, your business-related information, videos or other online/ offline verification documents as mandated by relevant regulatory authorities.
  • OTP sent to you by your bank or Fonepay
  • Your device details such as device identifier, internet bandwidth, mobile device model, browser plug-ins, and cookies or similar technologies that may identify your browser/Fonepay Applications and plug-ins, and time spent, IP address and location.
  • Your Short Messaging Service (SMS(es)) that are stored on your device for the purposes of, including but not limited to, registering you and your device for payments or investment services, OTPs for logins and payments, enhancing your security, bill payments and recharge reminders, and any other legitimate uses with your explicit consent

Information may be collected at various stages of your usage of the Fonepay Platform such as:

  • Visiting Fonepay Platform
  • Registering on Fonepay platform as an “merchant” or any other relationship that may be governed by terms and conditions listed on Fonepay Platform
  • Transacting or attempting to transact on Fonepay Platform
  • Accessing links, e-mails, chat conversations, feedback, notifications sent or owned by Fonepay Platform and if you opt to participate in our occasional surveys
  • Otherwise dealing with any of the Fonepay Entities/Subsidiaries

We and our service providers or business partners may also collect your Personal Information from third parties or information made publicly available, as applicable, including but not limited to:

  • Financial history and other information for the purpose of providing you Fonepay services, verifying and authenticating an investment transaction request you place with us to prevent suspicious transactions, or to comply with court judgements and bankruptcies, from credit reference and fraud prevention agencies.
  • Your demographic and photo information including but not limited to Citizenship, address, gender, and date of birth.

Purpose and Use of Information

Fonepay may process your Personal Information for the following purposes:

  • Creation of your account and verification of your identity and access privileges
  • Provide you access to the products and services being offered by us and our business partners
  • Fulfill your service request
  • To conduct the KYC compliance process as a mandatory prerequisite as per the requirements of various regulatory bodies.
  • To validate, process and/or share your KYC information, nominee details with other intermediaries, Regulated Entities (REs) or AMCs or financial institutions or with any other service providers as may be required
  • To process payments on your behalf and on your instructions; communicate with you for your queries, transactions, and/or any other regulatory requirement, etc.
  • To facilitate the offer of services and enable communications to you.
  • Enhancing your user experience in various processes/submission of applications/availment of product/service offerings by analysing user behaviour on an aggregated basis
  • To monitor and review products/services from time to time; customize the services to make your experience safer and easier, and conducting audits
  • To allow third parties to contact you for products and services availed/requested by you on Fonepay Platform or third-party links
  • To carry out credit checks, screenings or due diligence checks as lawfully required by us and detect and protect us against error, fraud, money laundering and other criminal activity 
  • Enforce our terms and conditions
  • To inform you about online and offline offers, products, services, and updates; customizing and improving your experience by marketing, presenting advertising, and offering tailored products and offers
  • To resolve disputes; troubleshoot problems; technical support and fixing bugs; help promote a safe service
  • To identify security breaches and attacks; investigating, preventing, and taking action on illegal or suspected fraud or money laundering activities and conducting forensic audits as part of internal or external audit or investigation by Fonepay or government agencies located within Nepal or outside the Nepal jurisdiction
  • To meet legal obligations

While we may also process your Personal Information for other legitimate business cases, we ensure to take appropriate steps to minimize the processing to the extent possible, making it less intrusive to your privacy.

Please note that when providing you with account aggregator services, we do not store, use, process, or have access to any financial information that you choose to transmit under our services.

Cookies or Similar Technologies

We use data collection devices such as “cookies” or similar technologies on certain pages of the Platform to help analyse our web page flow,da measure promotional effectiveness, and promote trust and safety. “Cookies” are small files placed on your device hard-drive/storage that assist us in providing our services. Cookies do not contain any of your Personal Information. We offer certain features that are only available through the use of a “cookie” or similar technologies. We also use cookies to allow you to enter your password less frequently during a session. Cookies or similar technologies can also help us provide information that is targeted to your interests. Most cookies are “session cookies,” meaning that they are automatically deleted from your device hard-drive/storage at the end of a session. You are always free to decline/delete our cookies or similar technologies if your browser/device permits, although in that case you may not be able to use certain features on the Platform and you may be required to re-enter your password more frequently during a session. Additionally, you may encounter “cookies” or other similar technologies on certain pages of the Platform that are placed by third parties. We do not control the use of cookies by third parties.

Information Sharing and Disclosures

Your Personal Information is shared as allowed under applicable laws, after following due diligence and in line with the purposes set out in this Policy.
We may share your Personal Information with different categories of recipients such as business partners, service providers, sellers, logistic partners, merchants, entities, subsidiaries, legally recognized authorities, regulatory bodies, governmental authorities, financial institutions, internal teams such as marketing, security, investigation team, etc.

Personal Information will be shared, as applicable, on need-to-know basis, for the following purposes, including but not limited to:

  • For enabling the provision of the products/services availed by you and facilitating the services between you and the service provider, sellers, logistic partners, as requested
  • For complying with applicable laws as well as meeting the Know Your Customer (KYC) requirements as mandated by various regulatory bodies, whose regulated service/product you opt through our services/Platforms
  • For the purpose of processing your financial product subscription requests placed with us and ensuring that these requests reach the relevant financial institution whose service/product you have opted for
  • If it is required by financial institutions to verify, mitigate, or prevent fraud or to manage risk or recover funds in accordance with applicable laws/regulations
  • For services related to communication, marketing, data and information storage, transmission, security, analytics, fraud detection, risk assessment and research
  • Enforce our Terms or Privacy Policy;
  • Respond to claims that an advertisement, posting, or other content violates the rights of a third party; or protect the rights, property or personal safety of our users or the general public
  • If required to do so by law or in good faith we believe that such disclosure is reasonably necessary to respond to subpoenas, court orders, or other legal process
  • If requested by government authorities for government initiatives and benefits
  • For grievance redressal and resolution of disputes
  • With the internal investigation department within Fonepay or agencies appointed by Fonepay for investigation purposes located within or outside the Nepal jurisdiction
  • Should we (or our assets) plan to merge with, or be acquired by any business entity, or re-organization, amalgamation, restructuring of our business then with such other business entity

While the information is shared with third parties as per purposes set out in this Policy, processing of your Personal Information is governed by their policies. Fonepay ensures stricter or no less stringent privacy protection obligations are cast on these third-parties, wherever applicable and to the extent possible. However, Fonepay may share Personal Information with third-parties such as legally recognized authorities, regulatory bodies, governmental authorities, and financial institutions as per purposes set out in this Policy or as per applicable laws. We do not accept any responsibility or liability for usage of your Personal Information by these third parties or their policies.

Storage and Retention

To the extent applicable, we store Personal Information within Nepal and retain it in accordance with applicable laws and for a period no longer than it is required for the purpose for which it was collected. However, we may retain Personal Information related to you if we believe it may be necessary to prevent fraud or future abuse or if required by law such as in the event of the pendency of any legal/regulatory proceeding or receipt of any legal and/or regulatory direction to that effect or for other legitimate purposes.

Once the Personal Information has reached its retention period, it shall be deleted in compliance with applicable laws.

Reasonable Security Practices

Fonepay has deployed administrative, technical, and physical security measures to safeguard user’s Personal Information and Sensitive Personal Information. Specifically, to safeguard your information we have implemented applicable security controls as given under and required by the Nepal Rastra Bank Regulations. We understand that as effective as our security measures are, no security system is impenetrable. Hence, as part of our reasonable security practices, we undergo strict internal and external reviews to ensure appropriate information security encryption or controls are placed for both data in motion and data at rest within our network and servers respectively. The database is stored on servers secured behind a firewall; access to the servers is password-protected and is strictly limited.

Further, you are responsible for maintaining the confidentiality and security of your login id and password. Please do not share your Fonepay Business App login, password, and OTP details with anybody. It shall be your responsibility to inform us in case of any actual or suspected compromise to your Personal Information.
We have provided multiple levels of security to safeguard the Fonepay Business App Application by login/logout option and Two-factor Authentication feature that can be enabled by you.

Third-Party Products, Services, or Websites

When you are availing products and services of service providers on Fonepay Busines App Platform, Personal Information may be collected by respective service providers and such Personal Information shall be governed by their privacy policy. You may refer to their privacy policy and terms of service to understand how your Personal Information will be handled by such service providers.

Our services may include links to other websites or applications when you visit our Platform. Such websites or applications are governed by their respective privacy policies, which are beyond our control. Once you leave our servers (you can tell where you are by checking the URL in the location bar on your browser or on the m-site you are redirected to), use of any Personal Information that you provide on these websites or applications is governed by the privacy policy of the operator of the application/website, you are visiting. That policy may differ from ours and you are requested to review those policies or seek access to the policies from the domain owner before proceeding to use those applications or websites. We do not accept any responsibility or liability for usage of your Personal Information by these third parties or their policies.

Your Consent

We process your Personal Information with consent. By using the Fonepay Business App Platform or services and/or by providing your Personal Information, you consent to the processing of your Personal Information by Fonepay in accordance with this Privacy Policy. If you disclose to us any Personal Information relating to other people, you represent that you have the authority to do so and permit us to use the information in accordance with this Privacy Policy.

Choice/Opt-out

We provide all users with the opportunity to opt-out of receiving any of our services or non-essential (promotional, marketing-related) communications from us, after setting up an account. If you want to remove your contact information from all our lists and newsletters or discontinue any our services, please click on the unsubscribe button on the emailers.

Personal Information Access/Rectification and Consent

In adherence to our commitment to user privacy and data security, Fonepay Business App Platform provides a transparent and user-centric process for the Users Withdrawal / Instant Release feature. When a user opts to withdraw from our platform, they can access the designated feature within the app, initiating a seamless and straightforward process. The user's withdrawal request triggers the immediate removal of their personal details from our system, ensuring the utmost privacy. Simultaneously, for users contemplating a transition to another financial institution, Fonepay Business App facilitates a switching option in accordance with our privacy policy. This entails a clearly defined and user-friendly procedure, outlined to guarantee a smooth and secure transition. The platform is committed to offering users flexibility and control over their financial choices, with a robust privacy framework in place to safeguard their sensitive information.

Changes to Policy

Since our business changes constantly, so will our policies. We reserve the right, at our sole discretion, to change, modify, add, or remove portions of this Privacy Policy at any time without any prior written notice to you. We may, however, reasonably endeavor to notify you of the changes, it is your responsibility to review the Privacy Policy periodically for updates/changes. Your continued use of our services/Platform, following the posting of changes, will mean that you accept and agree to the revisions. We will never make changes to policies in order to make it less protective of Personal Information already shared by you.

Contact Us

In case you have any questions, concerns, or complaints regarding the processing of your Personal Information or this Privacy Policy you can send an email to csd@fonepay.com. We are committed to answering your questions within a reasonable time limit. Any delay in the resolution time shall be proactively communicated to you.