Mobile Payments Ltd (“Zaura” or “we”/”us”/”our”) are committed to protecting and respecting your privacy.
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
For the purpose of the EU General Data Protection Regulation 2016/679 (GDPR), the controller of your data is Mobile Payments Ltd, a company registered in England and Wales under company number 12639887 whose registered office is at 4 Goodge Place, Goodge Place, London, England, W1T 4SD.
All your data will be held and used in accordance with the GDPR and any relevant national laws which implement the GDPR and any legislation that replaces it in whole or in part.
Information We May Collect from You
We may collect and process the following data about you:
- Information you give us. You may give us information about you by filling in forms on our site zaura.com (the site), in the Zaura app (“Zaura” or “the app”) or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you create an account on our site, make an enquiry, provide feedback and report a problem with our site. The information you give us may include your name, address, email address and phone number, financial and credit card information or other personal information.
- Information we collect about you. With regard to each of your visits to our site or the app we may automatically collect the following information:
- technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
When you make a payment via Zaura (i.e. when someone shares a Zaura QR Code with you and you complete a payment via that code), we also collect certain information about you, including your name and email address.
- Information we receive from other sources. Zaura uses Stripe as a payment processor and we are subject to the terms and conditions of use of the Stripe platform. Data made available in your Stripe connected account is made available to Zaura. This includes payment information, payee details and other transaction information collected by Stripe. Details of the Stripe connect agreement can be found on the Stripe website at https://stripe.com/gb/connect-account/legal
Uses Made of the Information
We use information held about you in the following ways:
- Information you give to us. We will use this information:
- to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
- to notify you about changes to our service;
- to ensure that content from our site is presented in the most effective manner for you and for your computer.
- Information we collect about you. We will use this information:
- to administer our site and app and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our site and app to ensure that content is presented in the most effective manner for you and for your computer/device;
- to allow you to participate in interactive features of our service, when you choose to do so;
- as part of our efforts to keep our site and app safe and secure; and
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you.
- Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
The Legal Basis for Processing Your Information
In accordance with GDPR, the main grounds that we rely upon in order to process your information are as follows:
- Necessary for entering into or performing a contract. In order to perform obligations which arise under any contract we have entered into with you, it will be necessary for us to process your information.
- Necessary for compliance with a legal obligation. We are subject to certain legal requirements which may require us to process your information. We may also be obliged by law to disclose your information to a regulatory body or law enforcement agency.
- Necessary for the purposes of legitimate interests. Either we or a third party will need to process your information for the purposes of our (or a third party’s) legitimate interests, provided that we have established that those interests are not overridden by your rights and freedoms (including your right to have your information protected). Our legitimate interests include responding to requests and enquiries from you or a third party, optimising our site / app and user experience, informing you about our services and ensuring that our operations are conducted in an appropriate and efficient manner.
- Consent. In some circumstances, we may ask for your consent to process your information in a particular way.
Disclosure of Your Information
We may share your information with selected third parties including:
- Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you.
- Analytics and search engine providers that assist us in the improvement and optimisation of our site.
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If Zaura or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
Where We Store Your Personal Data
To the extent that any of your data is provided to third parties outside the EEA, or accessed by third parties from outside the EEA, we will ensure that appropriate safeguards are in place in accordance with the GDPR (such as the European Commission’s standard contractual clauses, or the EU/US Privacy Shield).
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share any password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
How Long We Hold Your Information
We will only retain your information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements. The criteria that we use to determine retention periods will be determined by the nature of the data and the purposes for which it is kept, the sensitivity of the data and the potential risk of harm from unauthorised use or disclosure.
You have certain rights in relation to the personal data that we hold about you. Details of these rights and how to exercise them are set out below. Please note we will require evidence of your identity before we are able to respond to your request.
You can exercise any of these rights at any time by contacting us at firstname.lastname@example.org.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Right to Withdraw Consent
In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. You can do this by contacting us using the details in the ‘Contact’ section below.
Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
If you are unhappy about our use of your information, you can contact us using the details in the Contact section below. You are also entitled to lodge a complaint with the UK Information Commissioner’s Office using any of the below contact methods:
Telephone: 0303 123 11113
Post: Information Commissioner’s Office
If you live or work outside of the UK or you have a complaint concerning our activities outside of the UK, you may prefer to lodge a complaint with a different supervisory authority. A list of relevant authorities in the EEA can be accessed here.