Last updated: 29 September 2023

Privacy Policy

This policy (which does not apply to our employees) was last updated on the 29th of September 2023.

1. Introduction

This Privacy Policy explains what you can expect from us and what we need from you in relation to your personal data.

In this Privacy Policy, we sometimes refer to “you”. “You” may be a visitor to our website, a customer of one or more of our Services (“Customer”), or a payor / payee of a Customer (“Payee”). This Privacy Policy does not apply to third-party websites, products, or services even if they link to our Services, and you should consider the privacy practices of those third-parties carefully. If you object to the practices described in this Privacy Policy, you should (a) remove cookies from your computer after leaving our website, and (b) discontinue your use of our Services.

We may change this Privacy Policy from time to time. We will post any changes, and such changes will become effective when they are posted. Where applicable, your continued use of our Services following the posting of any changes will mean you accept those changes. We encourage you to review the Privacy Policy whenever you interact with us to stay informed about our information practices and the ways you can help protect your privacy.

2. How we handle your data

We receive Data from visitors to our website, and Customers using our Services. The collection and use of data is crucial to providing our Services and keeping the Services safe. Data helps us increase the safety, while reducing the risk of fraud and other harmful activity. Generally, Data can be categorized into data that directly identifies you individually (“Personal Information”) and data associated with your activities (“Activity Information”).

All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted. You are responsible for keeping confidential any passwords we give you. We ask you not to share this password with anyone else and not to use this password for other services or products.

3. Collecting Personal Information

You may have to provide us with Personal Information to sign up for, or make use of, our Services. This data includes the following, for yourself and your recipient:

  • Name
  • Address
  • Date of birth
  • E-mail address
  • Demographic information (e.g., gender)
  • Phone number
  • Evidence of your identity (for example, passport information)
  • Financial information (including credit card, debit card, or bank account information, and proof of wealth)
  • Payment reason
  • Geographical location
  • Personal description (including professional status and occupation)
  • IP address
  • Device ID
  • Device settings (e.g., language preference, time zone)

If you do not provide us with this requested data, we may not be able to provide our Services to you.

4. Collecting Activity Information

We also automatically collect Activity Information based on your use of our Services. This data would include your activities on our website, or actions performed on our payment platform. For example, we may collect:

  • Details of the transactions you carry out when using our Services, including geographic location from which the transaction originates.
  • Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
  • Information about your visit, including the full URL clickstream to, through and from our Website or App (including date and time); page response times, download errors, length of visits to certain pages, page interaction information, methods used to browse away from the page, and audit trail of login attempts.
  • Any phone number used to call our customer support center, as well as a recording of that call. By continuing to speak to a customer support agent after calling our customer support center, you are agreeing to our collection of this data.

Our Website and App also use cookies to distinguish you from other users. This helps us to provide you with a good experience when you use our Website or App, and also allows us to improve our Website or App. We also use cookies for marketing/retargeting purposes (i.e., to show you more relevant ads). By continuing to use our Website and/or App, you are agreeing to our use of cookies.

Personal Information and Activity Information we collect is stored in compliance with our various regulatory obligations for anti-money laundering and fraud purposes.

5. Data Use

When you sign up to make payments through our Service, you enter into a contract with us to make these payments on your behalf. We must process your Data to fulfil this contract. Further, we are required by law to collect, process, and retain your Data, in fulfilment of our anti-money laundering regulatory obligations. We use your Data in the following ways:

  • Carry out our obligations relating to your contracts with us and to provide you with the information, products and services that you request from us.
  • Provide, maintain, personalize, optimize, and improve the Services, including research and analytics regarding use of the Services, or to remember you when you leave and return to the Services.
  • Provide and improve our products and services.
  • Provide you with more relevant content in marketing, promotional or other communications to which you may be subscribed.
  • Detect, investigate, and prevent activities that may violate our policies or be fraudulent or illegal.

We may combine information from the Services together and with other information we obtain from our business records or from third party sources.

IMMUDAT will only use your Data for marketing and promotional purposes if you "opt in" to such uses, and you can withdraw this permission at any time. You have the right to ask us not to contact you for marketing purposes by contacting us at privacy@taptapsend.com.

As a regulated financial institution, we are required by law to store some of your Data beyond the termination of your relationship with us. After such time, your Data will only be accessed or processed if absolutely necessary. We will always delete Data that is no longer required by relevant legislation.

6. Data Sharing

We may share Data to ensure that we can continue providing you with the Services you have contracted.

IMMUDAT may share your Personal Information and Activity Information with the following parties:

  • IMMUDAT Group Affiliates (entities under common control of IMMUDAT Inc.).
  • Trusted service providers who help us deliver the Services (e.g., payment processing, hosting, analytics, customer support, identity verification).
  • Third parties authorized by you, such as applications you connect to IMMUDAT.
  • Authorized financial institutions involved in your sending or receiving transactions.
  • Successors-in-interest (for example in the event of a reorganization, merger, or sale).
  • Law enforcement, regulators, and government authorities when required to comply with law or protect rights and safety.
  • Advertisers and advertising networks (Activity Information only).
  • Analytics and search-engine providers that assist us in improving and optimizing our site (Activity Information only).

Your Data may be processed by us, members of the IMMUDAT Group, and those other parties described above, outside the country in which you are based. Where the DIFC has not issued an adequacy decision in relation to the jurisdiction where your personal information is processed, we will ensure that there are adequate mechanisms in place to protect your personal information in accordance with applicable data protection and privacy law.

We will do this through use of data transfer agreements implementing standard data protection clauses. You can receive further information about the data transfer agreements that concern your Data by contacting us at privacy@taptapsend.com.

7. How We Protect Your Data

All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using Transport Layer Security technology. We take reasonable measures to help protect information about you from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction. If you feel your interaction with us is no longer secure (e.g., you believe your log in or other security credentials have been compromised), please contact us immediately.

8. Your Rights

If your data is processed by us, the following information applies to your Personal Information that we have processed or collected. We process Personal Information on the following legal bases: (1) with your consent; (2) as necessary to perform our agreement to provide Services; and (3) as necessary for our legitimate interests in providing the Services where those interests do not override your fundamental rights and freedom related to data privacy. Where we process Personal Information that is special category data, we process Personal Information on the additional legal basis that such processing is necessary for substantial public interest reasons (e.g., to prevent or detect unlawful acts).

Users who have their data processed by us in the DIFC have the right to lodge a complaint about our data collection and processing actions with the supervisory authority concerned.

Personal Information that we collect may be transferred to, and stored and processed in, the United States or any other country in which we or our affiliates, subcontractors, or partner payment processors maintain facilities. Any such transfers will comply with safeguards as required by relevant law.

You are entitled to the following rights over Personal Information that we have processed or collected:

  • Right of access – receive confirmation and a copy of Personal Information we hold about you.
  • Right of rectification – request corrections to ensure your Personal Information is accurate.
  • Right to be forgotten – ask us to erase Personal Information when it is no longer necessary for the purpose collected or you withdraw consent.
  • Right to restrict or object to processing – request that we stop processing your Personal Information under certain circumstances.
  • Right to data portability – request a copy of your Personal Information, including transaction history, in machine-readable format.
  • Rights related to automated decision making and profiling – request a review if you disagree with automated decisions made about you.

9. Our Partners

Our Services may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility for them. Please check these policies before you submit any personal data to these websites.

10. Changes to this Policy

Any changes we may make to our Privacy Policy will be posted on this page and, where appropriate, notified to you by e-mail or in the App. Please check back frequently to see any updates or changes to our privacy policy.