Shop2Shop App Privacy Policy
Shop2Shop (Pty) Ltd registered at 17 New Church Street, Cape Town (“the Responsible Party”) and this notice covers the usage of the Shop2Shop app.
We will only process personal information in accordance with data protection legislation, including the Protection of Personal Information Act (No. 4 of 2013) (“POPIA“), anti-money laundering legislation including FICA and the card association rules and any other applicable data protection legislation and/or regulation applicable to the Services (collectively, the “Data Protection Laws“).
We are committed to protecting the privacy and security of our stakeholder’s personal information. This notice applies to all users of the Shop2Shop app and those who visit our website or use or engage us to use our applications or other services (together, our “Services”). This notice sets out how we collect, use and disclose personal information.
This means we will process personal information. You are under no obligation to provide your personal information to us. However, without certain personal information, we may not be able to provide the Services to you.
This Service is provided by Shop2Shop at no cost and is intended for use as is in conjunction with the Tap2Pay Card Device and the user’s Shop2Shop Account. This app allows users to Top Up their Shop2Shop Trading Account and pay their Suppliers as well as other users into their Shop2Shop Trading Accounts. The app also allows users to share transaction receipts via SMS and Email, though this is done outside of the app and any carrier costs incurred are at the discretion of the user’s own mobile carrier agreements.
What personal information do we collect?
The information that we collect and process depends on your use of the Services, and may include, amongst other things:
- User name, surname, email address and mobile number. This is used to create a unique user profile and to help keep user’s transactional data safe.
- To access additional features we might require the user to provide documentation verifying their identity (South African Passport, ID or Valid Asylum Document, photo of user “selfie”). This is required to legally use features such as using a card device to accept payments and money transfer in South Africa.
- Location or address information – such as your physical or postal address or GPS location;
- Transactional information such as payment details and payment history;
- Log data- include information such as your device Internet Protocol (“IP”) address, device name, operating system version, the configuration of the app when utilising our Service, the time and date of your use of the Service, and other statistics;
The Services makes use of third party services that may collect information used to identify you. Link to privacy policy of third party service providers used by the app.
Sources of the information that we collect
- Your devices for example the Tap2Pay device, computers, mobile phones or tablets when you use the Services or third party providers to verify the information you have provided to us.
Why Do We Process Personal Information?
We may process personal information to meet our regulatory obligations, establish a business relationship with you, deliver the Services and to ensure the best experience when you engage us or use our Services. Specifically we may process personal information to:
- provide you with the Services including information about the Services;
- carry out your instructions and attend to your requests;
- manage an account you have with us;
- prevent fraud, money laundering and/or other criminal activities;
- for operational, auditing, legal and record keeping purposes.
- evaluate and improve our Service offering;
- ensure secure use of our Services;
- any other purpose that is permitted, as set out below.
In addition to the above, we may also process personal information:
- to the extent that we are required by law or to perform our legal obligations. It is our policy to co-operate with relevant authorities or financial institutions, in relation to law enforcement or potential money-laundering or suspected fraud enquiries. You authorise us to disclose any information about you to such authorities or institutions as we, in our sole discretion, believe necessary or appropriate in connection with the investigation of any illegal or purported legal activity;
- in connection with any legal proceedings;
- in order to establish, exercise or defend our legal rights;
- to protect the rights, property and personal safety of another user and/or any member of the public our yourself;
- where we (or a third party) have a legitimate interest to process the information;
- where you have consented to the processing.
Who Do We Share It With
We may also share it with government institutions, law enforcement, regulators, the card associations or financial institutions like banks to meet our legal obligations, for example investigations into suspicious activities/transactions. It may also be shared with third parties during merger and acquisition activities.”
Cookies
Cookies are files with a small amount of data that are commonly used as anonymous unique identifiers. These are sent to your browser from the websites that you visit and are stored on your device’s internal memory.
This Service does not use these “cookies” explicitly. However, the app may use third party code and libraries that use “cookies” to collect information and improve their services. You have the option to either accept or refuse these cookies and know when a cookie is being sent to your device. If you choose to refuse our cookies, you may not be able to use some portions of this Service.
Security
We value your trust in providing us your Personal Information, thus we are striving to use commercially acceptable means of protecting it. But remember that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and we cannot guarantee its absolute security. However, the Services does not store any personal user data nor do we sell your data on to any other entities.
Cross Border Processing:
We access and use your personal information in South Africa. We may process personal information outside South Africa (for example data hosting in the cloud), but only in countries with adequate data protection laws or where we have an agreement with the recipient that contains appropriate data protection measures.
Retention:
We will only retain your personal information for as long as we are required by law or to achieve the purposes for which it was collected and processed. We may de-identify the data and retain it for extended purposes for statistical and research purposes.
Links to Other Sites
Our website and the Services may have links to or from other websites. We recommend that you always read the privacy and security statements on these websites; we are not responsible for the security, privacy practices or content of third-party websites.
Children’s Privacy
These Services do not address anyone under the age of 13. We do not knowingly collect personally identifiable information from children under 13. In the case we discover that a child under 13 has provided us with personal information, we immediately delete this from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we will be able to do necessary actions.
Changes to This Privacy Policy
We may update our Privacy Policy from time to time. Thus, you are advised to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page. These changes are effective immediately after they are posted on this page.
Contact Us
If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us at [email protected].
The Information Regulator can also be contacted by email: [email protected] or [email protected] or post P.O. Box 31533, Braamfontein, Johannesburg, 2017.