Privacy Policy
Purpose
The purpose of this document is to define a broad policy applicable to protection of “Privacy” of
individuals whose information is in the hands of the Company.
This policy will also be reflected in the website of the Company when available. It will also be
reflected in the Privacy Practice Statement that may be shared with business associates where
required.
Scope, Purpose, Nature and period of the data collected
• This Policy applies to all Company’s employees, Customers, Merchants, co-branding or
Business Partners, Vendors, Employees of Third Parties and Consultants who share Business data and /
or personal information with Transact Bridge
• Transact Bridge may collect any information that is not in the public domain concerning the
business and/ or finances of each of the Parties, for the purpose of determining their identity and
verifying their background, whether or not reduced to writing and whether or not patentable or
protected by copyright or the law of trade secrets including, without prejudice to the generality of
the foregoing, reports, interpretations, forecasts, documents and information as required from
individuals or other entities under RBI’s Master Directions on KYC, corporate business plans,
financial projections, financial details and accounts, products, services, planned products, planned
services, marketing and advertising plans, marketing and advertising requirements, budgets, fee
levels, customer/ client lists, commissions, commission charges, pricing policies technical know –
how concepts and all information about research and development. Transact Bridge may update the KYC
records of its customers on a periodic basis to ensure that the documents, data or information
collected is kept up-to-date and relevant by undertaking reviews of the existing records once in
every two years for high-risk customers, once in every eight years for medium risk customers and
once in every ten years for low-risk customers from the date of opening of the account/last KYC
update.
Privacy Commitment
Transact Bridge values privacy rights of individuals whose personal information is
generated, processed, transmitted, Stored or otherwise accessed by Transact Bridge or any of its
employees of the Company as a part of our activities and are committed to protection of the privacy
rights of such individuals as required under law.
In particular, Transact Bridge has put in place reasonable managerial, operational, technical,
legal, and behavioral control measures to comply with the provisions of the Privacy and Security
obligations as required under law.
No personal information is either used or disclosed by Transact Bridge except as required or as
permitted or as authorised and this policy is strictly binding on all the employees of the company
as well as the business associates.
Sanctions
Any violation of the Privacy or Security Policies of Transact Bridge by its employees will
attract appropriate sanctions, including termination as per the procedures laid out in the Sanction
Policy.
Any violation of the Privacy or Security Policies of the Company by its business associates will
attract appropriate penalties including termination of the contracts.
Changes
Transact Bridge reserves the right to change the privacy practices at its sole discretion. Whenever
a material change is made to the privacy practice, a revised Privacy Practice notice will be posted
on the website. Where feasible, stakeholders will also be informed through electronic means.
Transact Bridge uses commercially reasonable efforts to ensure that the collection of Personal
Information is limited to that which is necessary to fulfil the identified purposes. In case of use
of information in a manner different than the purpose for which it is collected, then consent will
be obtained prior to such use.
Transfer of Information
Transact Bridge may use and share the user information with a reliable and reputed
third-party payment gateway to whom we are associated in order to ensure a swift and comfortable
payment mechanism for the individuals.
Transact Bridge ensures that all of the individual’s personally identifiable information will never
be disclosed in ways not otherwise described in this Privacy Policy. By way of example (without
limiting and foregoing), Transact Bridge may be forced to disclose information to the government,
law enforcement agencies or third parties.
Enforcement
Transact Bridge is responsible to facilitating RBI, NPCI, PCI DSS, ISO and
other agencies nominated by RBI/ NPCI, to access the data, information, and systems of technology
service provider related to Wallet and carry out audits as and when required by RBI and NPCI
Cookies
Transact Bridge may use third-party advertising companies to serve advertisements on our
behalf. These companies may employ cookies and action tags (also known as single-pixel gifs or web
beacons) to measure advertising effectiveness. Any information that these third parties collect via
cookies and action tags is completely anonymous.
Who can access Personal Information?
Transact Bridge follows a strategic principle whereby, access to Personal information is restricted
only to such of employees who are required to access the information for the purpose of delivering
whatever services are committed to be delivered by Transact Bridge
Transact Bridge has not subcontracted any part of
the work
Compliance, Grievance and Nodal Officer
The Company has designated the following person as the Privacy and Information Security
Compliance, Grievance and Nodal Officer for the implementation of all compliance and grievance
requirements under this Information Security Policy.
Name : xxxxx
Email ID : [email protected]
Data Breach Notification
If any employee of Transact Bridge or its business associates becomes aware of a potential
breach of Privacy of information entrusted to him or accessed by him, he shall inform the
organisation immediately. Any delay in reporting such incidents shall be deemed as a serious breach
of the policy.
Confidentiality
Personal Information is regarded as confidential and therefore will not be divulged to any
third party except as set forth in this and any other term of use applicable to our services.
How we Secure Personal Information
Data is secured in the facilities of Transact Bridge under a well-developed information
security policy as well as an IT Act 2008 compliance policy.
Personal information no longer required is destroyed subject to requirements of archival guided by
the Data Archival Policy.
Information in process is closely monitored through appropriate technical means to ensure that there
is no accidental or intentional compromise of security.
Any accidental access to personal information is recorded as a security incident and managed as per
the Information Security Incident Management Policy.
As per HR policy they are made fully aware that any activity performed with a user id is the
sole responsibility of the owner of the ID.
How we use or Disclose Information
Personal information is used or disclosed strictly in accordance with the provisions of law
and as authorised by the data owner/customer.
Transact Bridge recognizes the right of an individual to claim access to his information in the
possession of Transact Bridge. However, in the absence of any direct prior agreement, disclosures
are always routed through the client.
All disclosures and the authorizations for such disclosures are documented as required under law.