Privacy Policy

Purpose

The purpose of this document is to define a broad policy applicable to protection of “Privacy” of individuals whose information is in the hands of the Company.

This policy will also be reflected in the website of the Company when available. It will also be reflected in the Privacy Practice Statement that may be shared with business associates where required.



Scope, Purpose, Nature and period of the data collected

• This Policy applies to all Company’s employees, Customers, Merchants, co-branding or Business Partners, Vendors, Employees of Third Parties and Consultants who share Business data and / or personal information with Transact Bridge

• Transact Bridge may collect any information that is not in the public domain concerning the business and/ or finances of each of the Parties, for the purpose of determining their identity and verifying their background, whether or not reduced to writing and whether or not patentable or protected by copyright or the law of trade secrets including, without prejudice to the generality of the foregoing, reports, interpretations, forecasts, documents and information as required from individuals or other entities under RBI’s Master Directions on KYC, corporate business plans, financial projections, financial details and accounts, products, services, planned products, planned services, marketing and advertising plans, marketing and advertising requirements, budgets, fee levels, customer/ client lists, commissions, commission charges, pricing policies technical know – how concepts and all information about research and development. Transact Bridge may update the KYC records of its customers on a periodic basis to ensure that the documents, data or information collected is kept up-to-date and relevant by undertaking reviews of the existing records once in every two years for high-risk customers, once in every eight years for medium risk customers and once in every ten years for low-risk customers from the date of opening of the account/last KYC update.


Privacy Commitment

Transact Bridge values privacy rights of individuals whose personal information is generated, processed, transmitted, Stored or otherwise accessed by Transact Bridge or any of its employees of the Company as a part of our activities and are committed to protection of the privacy rights of such individuals as required under law.

In particular, Transact Bridge has put in place reasonable managerial, operational, technical, legal, and behavioral control measures to comply with the provisions of the Privacy and Security obligations as required under law.

No personal information is either used or disclosed by Transact Bridge except as required or as permitted or as authorised and this policy is strictly binding on all the employees of the company as well as the business associates.


Sanctions

Any violation of the Privacy or Security Policies of Transact Bridge by its employees will attract appropriate sanctions, including termination as per the procedures laid out in the Sanction Policy.

Any violation of the Privacy or Security Policies of the Company by its business associates will attract appropriate penalties including termination of the contracts.


Changes

Transact Bridge reserves the right to change the privacy practices at its sole discretion. Whenever a material change is made to the privacy practice, a revised Privacy Practice notice will be posted on the website. Where feasible, stakeholders will also be informed through electronic means.

Transact Bridge uses commercially reasonable efforts to ensure that the collection of Personal Information is limited to that which is necessary to fulfil the identified purposes. In case of use of information in a manner different than the purpose for which it is collected, then consent will be obtained prior to such use.


Transfer of Information

Transact Bridge may use and share the user information with a reliable and reputed third-party payment gateway to whom we are associated in order to ensure a swift and comfortable payment mechanism for the individuals.

Transact Bridge ensures that all of the individual’s personally identifiable information will never be disclosed in ways not otherwise described in this Privacy Policy. By way of example (without limiting and foregoing), Transact Bridge may be forced to disclose information to the government, law enforcement agencies or third parties.


Enforcement

Transact Bridge is responsible to facilitating RBI, NPCI, PCI DSS, ISO and other agencies nominated by RBI/ NPCI, to access the data, information, and systems of technology service provider related to Wallet and carry out audits as and when required by RBI and NPCI


Cookies

Transact Bridge may use third-party advertising companies to serve advertisements on our behalf. These companies may employ cookies and action tags (also known as single-pixel gifs or web beacons) to measure advertising effectiveness. Any information that these third parties collect via cookies and action tags is completely anonymous.

Who can access Personal Information? Transact Bridge follows a strategic principle whereby, access to Personal information is restricted only to such of employees who are required to access the information for the purpose of delivering whatever services are committed to be delivered by Transact Bridge

Transact Bridge has not subcontracted any part of the work


Compliance, Grievance and Nodal Officer

The Company has designated the following person as the Privacy and Information Security Compliance, Grievance and Nodal Officer for the implementation of all compliance and grievance requirements under this Information Security Policy.

Name : xxxxx

Email ID : [email protected]


Data Breach Notification

If any employee of Transact Bridge or its business associates becomes aware of a potential breach of Privacy of information entrusted to him or accessed by him, he shall inform the organisation immediately. Any delay in reporting such incidents shall be deemed as a serious breach of the policy.


Confidentiality

Personal Information is regarded as confidential and therefore will not be divulged to any third party except as set forth in this and any other term of use applicable to our services.


How we Secure Personal Information

Data is secured in the facilities of Transact Bridge under a well-developed information security policy as well as an IT Act 2008 compliance policy.

Personal information no longer required is destroyed subject to requirements of archival guided by the Data Archival Policy.

Information in process is closely monitored through appropriate technical means to ensure that there is no accidental or intentional compromise of security.

Any accidental access to personal information is recorded as a security incident and managed as per the Information Security Incident Management Policy.
As per HR policy they are made fully aware that any activity performed with a user id is the sole responsibility of the owner of the ID.


How we use or Disclose Information

Personal information is used or disclosed strictly in accordance with the provisions of law and as authorised by the data owner/customer.

Transact Bridge recognizes the right of an individual to claim access to his information in the possession of Transact Bridge. However, in the absence of any direct prior agreement, disclosures are always routed through the client.

All disclosures and the authorizations for such disclosures are documented as required under law.