of Xuno Inc. (“Company”)
Effective Date: Nov 1, 2022
With relation to the product and services provided under its brands and subsidiaries.
DEFINITION OF TERMS
- Applicable Law
- Customer Data
- You or Your
means any laws, rules, bylaws, regulations, decrees, enactments, orders, mandates, resolutions promulgated by legislative or other authorized entities of government relating to data, data security, data protection, data privacy, data processing that applies to us and our services.
The Customer Data are personal data and other data relating to you as defined in the Applicable Law. Usually, it means any information relating to you including details and information relating to you and your transactions described in this Policy.
means Xuno Inc. and mentions “we”, “our”, “us”.
means visitor to one of our websites, mobile apps; a user of one or more of our services; or a direct or indirect user or recipient of our services.
TYPE OF CUSTOMER DATA WE MAY COLLECT
We collect Customer Data of our users. In this regard, we may collect your Customer Data if you use our services to make payment or you receive payment through our services. This section contains some common non-exhaustive examples of Customer Data we collect subject to the country/region you are in or the Applicable Laws. Some of these data may be sensitive under the laws of some jurisdictions and may not be collected.
- Name, email address and phone number date of birth when you create your account.
- Address, date of birth, and demographic information (such as gender, marital status) when you complete your profile.
- Your photo or image if you opt for biometric identification (optional).
- Username, password, social media profile create your account.
- GPS location automatically when you initiate a transaction.
- Financial information (such as account holder name, account number, credit/debit card information) when you link your bank and/or card account.
- Transaction information (such as payment amount, date, details of recipient, relation to beneficiary, purpose of transaction) when you initiate a transaction.
- Language preference when you complete your profile.
- Device identifier for any device used to access our online services (such as model, serial number, usage tracking) automatically when log-in to your account.
- Cookies and other tracking technologies automatically when visiting our website or app.
- Usage data such as time and duration of use of the online services, error reports, and performance data. Information and data collected include your internet protocol (IP) address and information related to the IP address automatically when log-in to your account.
- Type and version of your device's operating system or web browser automatically when you visit our website/app.
- Hardware model and other unique device identifiers sometimes when log-in to your account.
OUR USE, PROCESSING AND SHARING OF CUSTOMER DATA
- Creation of account
- Origination of payment instruction
- Processing of the payment transaction
- Provide payment service as set out in the contract;
- Maintaining your access to related services and sending you communications regarding the services, maintenance activities, functionality or other matters relating to the services.
- Any other purpose for which we will obtain your prior consent before using the Customer Data for such purpose.
We use, process or share (with affiliated payment processors as well as banks and financial institutions) Customer Data to comply with our regulatory requirements including the following:
- Monitoring, detection, and prevention of fraud;
- Identification, reporting and prevention of illegal activities such as AML (anti-money laundering), CTF (counter terrorist financing), and KYC (know your customer) obligation
Legitimate Business Interest and Improvement of Service:
Subject to the Applicable Law, we are allowed to collect, use, share (with affiliated payment processors as well as banks and financial institutions) and process Customer Data to pursue our legitimate business interests. Our legitimate interests are as follows:
- Monitoring, detection, and prevention of fraud;
- Identification ,reporting and prevention of illegal financial activities;
- Improve our services and systems;
- Update our systems, tools, services;
- Collaborate with our affiliates and third-parties to and to share data including Customer Data to our affiliates and third-parties to operate our business and to achieve the above listed legitimate business interest
- Carry out analysis and studies relating to our business and systems, and to generate resources to achieve the above listed legitimate business interest;
Additionally, the Company may share Customer Data with other third-parties not mentioned in this document for the following purposes:
- Share Customer Data with third-party entities who perform specialized services for the Company whereby the third-party’s use of the Customer Data will be limited by their contract with us;
- Share Customer Data with third-party entities who assist Company in providing the Company’s service to you whereby the third-party’s use of the Customer Data will be limited by their contract with us;
- Share Customer Data with regulators and courts and to comply with Applicable laws, court orders and lawful requests from law enforcement, regulatory and other governmental agencies;
- If, in the future, the Company is sold or transferred or some or all of its business or assets is sold or transferred to a third party (or similar transactions that alters the structure of our business including reorganization and assignment), we may share Customer Data to potential or actual such third-party purchasers. The third-party purchaser will have the right to continue to use Customer Data in compliance with the terms of this Policy.
INTERNATIONAL TRANSFERS OF CUSTOMER DATA
We operate in multiple jurisdictions. So, your Customer Data may be stored and processed in any country where we operate. We may transfer your Customer Data to another country different from the country of your residence or nationality. While carrying out the cross-border transfers of data, we comply with all Applicable Law that applies to such Customer Data. Prior consent and disclosure will be provided
DATA SECURITY AND RETENTION
We may retain the Customer Data for as long as it is necessary to carry out the objectives pursuant to this Policy. In some instances, we may retain the Customer Data to comply with our legal obligation. We may also retain the data longer to comply with our reporting obligations and to carry out investigations towards improving our service and towards strengthening our system’s security.
We will make all reasonable efforts to keep the Customer Data secure from any risk that is associated with our storage, sharing and processing of Customer Data. We have set out all administrative and technological measures in place to keep the Customer Data secure against unauthorized access, loss or misuse. However, it must be noted that nothing can guarantee a 100% security so if you believe that your Customer Data or your interaction is no longer secure, please contact us through the means described in the paragraph titled ‘contact us’ below.
UPDATE TO THIS POLICY
We may update this Policy from time to time for various reasons including to comply with Applicable Law, to reflect the changes in our practice of using, processing and sharing Customer Data, to incorporate needs of our new services that we may add. The date at the top of this document reflects when this Policy was last updated.
We will provide all of our customers (who use our service) an alert stating that this Policy has been updated via email address or physical address you have listed with us. We may also post alerts on our websites and mobile apps to communicate to the visitors that we have updated this Policy.
In case the Applicable Law or the authorities in the country/region require, we will obtain your consent or provide notice in the specified manner prior to making any changes to this Policy that is applicable to your Customer Data.
THIRD PARTY LINKS
DATA OF CHILDREN
Our services are not offered to children and we request them not to use our services or provide any personal data through our Services. We do not sell data of children under the age of 16.
YOUR RIGHTS AND CONTROL OVER YOUR CUSTOMER DATA
You have rights and control over your Customer Data that differs from country/region and Applicable Law. In the European Union, these rights are: right to request a copy of Customer Data we have, right to request correction of Customer Data, to right to request details about the processing of Customer Data and what data we have submitted to data processors. Additionally, in the European Union and some other regions, you may have the right to object to processing of your Customer Data. If the country/region provides these rights and if you wish to exercise these rights, you may do so by contacting us by using the details set out below in the paragraph titled Contact Us.
Additionally, in case of usage, collections or processing that we do based on your consent given to us, you have the right to withdraw your consent at any time. If you wish to withdraw your consent, you may do so by contacting us by using the details set out below in the paragraph titled Contact Us. We will comply with your request as soon as reasonably practicable.
However, we may not be able to comply with your requests if we no longer hold your Customer Data.
In any case, if you are not satisfied with our handling of your requests, you may have the right to reach out to data protection authorities of your jurisdiction subject to the Applicable Laws.
SPECIFIC PROVISIONS FOR SPECIFIC JURISDICTIONS
Some of the jurisdictions we operate in confer some specific provision available to the residents or citizens of the jurisdictions as described below.
Nepal law requires that we disclose to you the purpose for which we collect your Customer Data and not use the Customer Data for any purpose other than what is disclosed to you. Nepal law further requires, for certain types of Customer Data, that we disclose the time, subject, nature of data being collected; the purpose of collection and the provisions relating to security of the data. If you are a customer in Nepal, we will collect and process your Customer Data in compliance with this requirement.
In addition to your rights described in this Policy, California law provides additional rights to California customers regarding their Customer Data. The rights are as follows:
- You may request a description of categories and specific details of Customer Information about you that we have collected;
- You may request a description of the categories of Customer Information about you that we may disclose to third parties for business purpose along with the description of such third-parties;
- You may request that we delete Customer Data relating to you that we have collected (however Customer Data that we need to retain pursuant to Applicable Law may not be deleted).
If you have any questions or complaints, or you wish to exercise any of the rights described in this document, please contact us [here] or send email [here] or call [1-866-356-1201]. You can also contact our data processor [here]or send email [here] or call [1-866-356-1201]. Please note that we might require you to verify your identity before complying with your request. If you wish to use an authorized agent to submit a request, we will also need to verify the authorized agent by verifying that the original requestor has given a written valid permission. We may deny a request if the identity cannot be verified, or if the grant of permission to the agent cannot be verified.
ELECTRONIC FUND TRANSFERS (ETs) AND ACCOUNT BALANCES