Privacy Policy
WIBMO PRIVACY STATEMENT
1. WHO IS WIBMO AND HOW DOES THE WIBMO PRIVACY STATEMENT WORK?
2. WHAT IS PERSONAL INFORMATION AND WHAT TYPES OF PERSONAL INFORMATION DO WE COLLECT OR RECIEVE ABOUT YOU?
3. HOW DO WE COLLECT PERSONAL INFORMATION?
4. WHAT ARE THE LAWFUL GROUNDS THAT WE RELY ON TO PROCESS SENSITIVE PERSONAL INFORMATION?
5. THE PURPOSES FOR WHICH WE PROCESS PERSONAL INFORMATION
6. WHEN AND TO WHOM DO WE DISCLOSE PERSONAL INFORMATION
7. INTERNATIONAL DATA TRANSFERS
8. HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION?
9. PRIVACY RIGHTS
10. SECURITY: HOW WE PROTECT & STORE PERSONAL INFORMATION
11. COOKIES AND OTHER TECHNOLOGIES
12. MINORS
13. CHANGES TO WIBMO PRIVACY STATEMENT
14. HOW TO CONTACT US
1. WHO IS WIBMO AND HOW DOES THE WIBMO PRIVACY STATEMENT WORK?
enStage Software Private Limited, (“Wibmo”, “we”, “our”, “us”) is a company incorporated in India having its registered office at No 25, Shankaranarayana Building 1 First Floor, East Wing, M G Road Bangalore 560 001 India, with CIN no. U72200KA2000PTC028279. Wibmo is in the business of providing various digital technology solutions to various banks, financial institutions and merchants (“Clients”) which includes, amongst others, authentication services, payment gateway solutions, fraud and risk management tools, technology solutions relating to pre-paid products, and digital platforms etc. (‘Services’). Wibmo belongs to the PayU group of companies and you can learn more about PayU here [https://corporate.payu.com/investments/]. PayU belongs to the Prosus Group of companies i.e. Prosus N.V, a company registered with the Trade Registry for Amsterdam under 34099856 and its affiliates.
The purpose of this privacy statement (“Wibmo Privacy Statement“) is to give you information on how and to what extent Wibmo collects, stores, uses, discloses, transfers and processes Personal Information (explained in section 2 below ) including Sensitive Personal Information (explained in section 2 below) when you create an account or make a transaction or raise a request with any of our Clients to whom we are providing Services (“Transaction”) and the steps we take to protect your Personal Information including Sensitive Personal Information. The term Transaction means any request or interaction you have made with the Client, including creating an account or raising a request etc., when Wibmo is providing Services to the Client to process or store such request. We may further collect Personal Information about you when you enter into a direct arrangement with us to provide Services.
By entering into a direct arrangement with us as a bank or merchant or any other recipient of service, to provide Services or making a Transaction through the Client, directly or indirectly, you agree that you have read and understood and agree to be bound by this Wibmo Privacy Statement. By making a Transaction, directly or indirectly, in the past, present or future, you give your express consent to our use and disclosure of your Personal Information and Sensitive Personal Information received by us as explained in this Wibmo Privacy Statement.
When you use services provided by Wibmo as bank or merchant, Wibmo provides its Services to you and processes your Personal Information, including Sensitive Personal Information, in capacity of a data controller. By using Wibmo’s Services, directly or indirectly, in the past, present or future, you give your express consent to our use and disclosure of your Personal Information and Sensitive Personal Information submitted to us in accordance with this Wibmo’s Privacy Statement and as per the terms of the Services contract you have entered into with Wibmo to use our Services.
While providing Services to the Client in accordance with our contract, Wibmo processes your Personal Information including Sensitive Personal Information in capacity of a data processor in accordance with the instructions of the Client. The Client is the controller who is responsible to make necessary disclosures and collect the Personal Information and Sensitive Personal Information from you in accordance with their Client’s privacy statement and as per applicable laws.
We recommend that you return to this page to review the most current version of this Wibmo Privacy Statement which may be mended by us from time to time.
2. WHAT IS PERSONAL INFORMATION AND WHAT TYPES OF PERSONAL INFORMATION DO WE COLLECT OR RECIEVE ABOUT YOU?
“Personal information”: means any information that relates to an individual, which directly or indirectly, in combination with other information available or likely to be available with us, is capable of identifying such individual.
“Sensitive Personal Information”: means any Personal Information of an individual, which consists of information relating to financial information such as bank account, credit card, debit card or other payment instrument details; passwords; biometric information; sexual orientation; physical, physiological and mental health condition; and medical records and history. Information freely available or accessible in public domain is not treated as Sensitive Personal Information
Depending on who you are (e.g., a merchant, customer, cardholder, consumer, supplier or business partner) and how you interact with us (either directly or through the Client) (e.g., telephone, IVR, API, online or offline), we may collect, use, receive, store, analyze, combine, transfer or otherwise process different categories of your Personal Information (including Sensitive Personal Information) in order to provide our Services in accordance with the contract with the Client and this Wibmo Privacy Statement.
Below is a table of the categories of Personal Information and Sensitive Personal Information which we may receive from the Client or collect about you:
| Categories of Personal Information | Which includes information such as: |
| “Identity and Account Log- In Information” | Full name(s), title, age, user ID, gender and date of birth. |
| “Contact Information” | Telephone/mobile number(s), permanent and current address(es), state/city of residence, country, pin code, email address(es), and chosen billing address(es). |
| “Financial Information” | Personal bank account numbers and bank account data including e-nach, NEFT, IMPS and UPI ID details, credit or debit card information, including the credit or debit card number, card type, expiry date on the credit or debit card, and name on the card. |
| “Identification Information” | Know Your Customer (KYC) documents including all proofs of identity and address, photograph, Permanent Account Number (PAN), GST Number, etc. |
| “Payment Information” (transactional information) | Payment gateway ID, name of issuing bank, merchant’s name, category and other dentifiers along with the details of products or services purchased or paid for, mode of payment, the date, currency and amount of the transaction(s), whether the payment was successful, and other information provided by you directly or indirectly to us or provided to us by banks, merchants or other service providers or business partners. |
| “Usage and Technical Information” | IP addresses, application, device or browser type, versions and configurations, operating systems, device brand and model, time zone setting, geo-location information, content, unique identifiers associated with your device(s) and pages that you access on the website(s), apps or platforms, and the dates and times that you visit the websites, apps or platforms, and paths taken. |
| “Credit related Information” | Credit or affluence related information or assessment provided by third parties such as financial institutions or account aggregators or similar third parties as permitted under applicable laws of India including our business partners, independent service providers and our group entities. |
| “Marketing and Communications Information” | Communications with customer service support, behavioural data (for example, data collected using cookies), information about promotions, surveys, promotional campaigns and records of your decision(s) to subscribe or to withdraw from receiving marketing materials, if any. |
| “Information in your device(s)” | We may also access your contact list, call records, SMS, media files and location data in your devices to enable you to access our services after seeking necessary permissions. |
We may also collect, use and/or share non-Personal Information or anonymized data such as statistical or demographic data in accordance with this Wibmo Privacy Statement.
As a matter of principle, we do not collect certain special categories of Personal Information about you (such as details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health or any genetic and biometric information). However, we may collect certain Sensitive Personal Information in order to provide Services to our Clients, such as some categories of Financial Information including bank account number and number on credit or debit cards. In such cases, we ensure that such Sensitive Personal Information is used, processed, stored and/or disclosed in accordance with this Wibmo Privacy Statement and in compliance with applicable laws of India.
To the extent the Services include links to third-party websites, plug-ins and applications (including cookies, tracking technologies and widgets by third party advertisers), it is important that you understand that by clicking on those links or enabling those connections, you may allow third parties to collect or share data about you. Wibmo does not have oversight of these third-party websites, plug-ins and applications and we are not responsible for their processing or using of your Personal Information or Sensitive Personal Information. Any information collected by a third party in this manner is subject to that third party’s own data collection, use and disclosure policies and we recommend that you review their privacy statements.
3. HOW DO WE COLLECT YOUR PERSONAL INFORMATION?
How we collect Personal Information (including Sensitive Personal Information) will depend on the following broader situations:
- In case of the Personal Information (including Sensitive Personal Information) provided to the merchant, bank or any other person using Wibmo’s Services, we collect Personal Information:
- directly from you, under a contractual arrangement or from publicly available sources in accordance with Indian applicable laws.
- from financial institutions and fraud prevention agencies for the purposes of conducting fraud and risk assessments or analysis;
- using cookies and other tracking web beacons when you visit our website (see section 11 of this Wibmo Privacy Statement for more explanation).
- In case the Personal Information (including Sensitive Personal Information) provided to the customers of the Client, this Personal Information is then collected byWibmo in furtherance to a contract which you may have with the Client. In this situation, Wibmo is processing your Personal Information in capacity of a data processor. When we act as data processor, we collect Personal Information:
- directly from you. We collect Personal Information (including Sensitive Personal Information) directly from you in different ways while providing Services wherein we are collecting information directly from you on behalf of our Client(s) through various websites, applications, platforms or product or service offerings.
- from our Clients and/ or third parties including our business partners, in accordance with our contracts with the Clients, including:
- Clients who have either entered into a contract with you or have obtained your consent or through any other legal means as may be available in accordance with applicable laws of India, to collect your information and share your information with other parties;
- from financial institutions and fraud prevention agencies for the purposes of conducting fraud and risk assessments or analysis. For example, while providing Services to our Clients or to you (as applicable), we may undertake checks for the purposes of preventing fraud and money laundering, and to verify your identity. These checks require us to collect information about you from our business partners and independent service providers including technology providers who have entered into contracts with us;
- from publicly available sources in accordance with applicable laws of India; and
- from cookies and other tracking web beacons when processing a Transaction (see section 11 of this Wibmo Privacy Statement for more explanation on cookies and other technologies).
4. WHAT ARE THE LAWFUL GROUNDS THAT WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?
For collecting, processing (including using and storing), disclosing or sharing your Sensitive Personal Information as described in this Wibmo Privacy Statement, being a data controller, you consent to the processing of your Personal Information, including Sensitive Personal Information in accordance with the contract you enter into with us, subject to Indian applicable laws.
We are further authorized by our Clients under the contracts which we have entered into to process your Personal Information, including Sensitive Personal Information, and by using the Services with the Client. In this instance, you acknowledge that Wibmo is collecting, processing (including using and storing), and sharing your Personal Information, including Sensitive Personal Information, for one or more of the purposes detailed on this Wibmo Privacy Statement. We understand that it is the responsibility of the Client to ensure that you have been advised of your rights and the Client has obtained all approvals from you for regarding collecting, processing (including using and storing), disclosing or sharing your Personal Information, including Sensitive Personal Information, as described in this Wibmo Privacy Statement.
If the Personal Information, including Sensitive Personal Information, in relation to you in capacity of a Client, you may, of course, decline to share certain information with us, in which case we may not be able to provide to you some or all of our Services. This may also affect our ability to process your Personal Information, including Sensitive Personal Information, and may therefore lead, at our sole discretion, to the non-availability or discontinuation of the certain Services or features of our Services, where such Personal Information, including Sensitive Personal Information, is used or was being used.
5. THE PURPOSES FOR WHICH WE PROCESS YOUR PERSONAL INFORMATION.
We process your Personal Information, including Sensitive Personal Information, for the purposes mentioned below:
- To enable the Clients to provide their services to you which may include transaction processing, and card issuance etc.
- To provide our Services to Clients in performance of our contract with them and to comply with the requirements of the contracts which we have entered into with the Clients for the provision of Services e.g. to verify, authenticate the Transactions, issue cards, conduct KYC and customer due diligence on behalf of the Client. We process and use the Personal Information only to the extent strictly necessary to perform our obligations or as otherwise provided under our services contract.
6. WHEN AND TO WHOM DO WE DISCLOSE YOUR PERSONAL INFORMATION?
Wibmo only discloses Personal Information to the its employees and personnel that have a need to access the Personal Information for providing the required Services, while we ensure that all such employees and personnel are bound by a confidentiality agreements and on a strict need to know policy. Wibmo take all reasonable steps to ensure the reliability of all its employees and personnel who have access to the Personal Information. Wibmo may share your Personal Information including Sensitive Personal Information with:
- sub-processors, service providers or vendors under contract who assist us with our business. Wibmo will ensure that all third parties engaged to process Personal Information (including Sensitive Personal Information) are aware of and comply with the contents of the Wibmo Privacy Statement and the restrictions in relation to their access, use, and disclosure of Personal Information including Sensitive Personal Information.
- authorized financial institutions, banking partners and service providers, with whom we partner to jointly create and offer the Services. Depending on the type of Services chosen by the Client, Wibmo will share the information with the financial institutions, banking partners and service providers that validate and process each means of payment for corresponding approval, validation and settlement.
- the companies that we plan to merge with or the entities acquired by us subject to the providing the Client with the required notification. In such situation we will require that the new combined entity or the acquiring entity or the acquired entity follows this Wibmo Privacy Statement with respect to your Personal Information (including Sensitive Personal Information).
- the government officials, regulatory bodies, courts/tribunals, law enforcement agencies, fraud detection agencies or other such agencies or authorities when we are compelled to do so by law (such as via a subpoena, court order or similar legal procedure).
7. INTERNATIONAL DATA TRANSFERS
Your Personal Information (including Sensitive Personal Information) may be processed in India (in particular, payments related data) or in another country, if allowed under that country’s applicable laws. Wibmo follows PayU’s Global Privacy Program, founded on group wide, international recognized privacy principles.
Should your Personal Information, including Sensitive Personal Information, move outside India, we will ensure that our service providers comply with higher or same level of data protection laws as are applicable in the country where the Personal Information is processed.
8. HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION?
Wibmo may store your Personal Information (including Sensitive Personal Information) for as long as the same is required as per our Contracts with the Clients or as may be required under applicable laws. While acting as a data processor, Wibmo will act on the instructions of the Client, delete or return all Personal Information including Sensitive Personal Information to the Client as per the agreement under the contract and retain copies only if the same is required in accordance with applicable laws. While acting as data controllers, Wibmo may store your Personal Information, including Sensitive Personal Information, for as long as necessary.
How long we keep your Personal Information is determined in accordance with applicable legal, accounting and compliance reporting requirements.
9. WHAT ARE YOUR RIGHTS?
We ensure that you may exercise your privacy rights under applicable privacy and data protection laws.
While Wibmo is acting as a data controller, the Clients may exercise their privacy rights in terms of their Contract, our policies and this Wibmo Privacy Statement. Wibmo shall provide reasonable assistance in catering to requests from its Clients regarding the processing, amendment or withdrawal of Personal Information (where permissible).
While Wibmo is acting in the capacity of a data processor, if you wish to exercise any of the data subject rights granted to you in accordance with applicable laws, you should directly contact the Client who is the controller of your Personal Information. Once we receive an instruction from the Client regarding any data subject right request to be implemented, we will act in accordance with the instructions of the Client.
10. SECURITY: HOW WE PROTECT & STORE PERSONAL INFORMATION
The security of your Personal Information, including Sensitive Personal Information, is important to us. We have security controls as are required in accordance with our agreement with the Clients, including taking necessary physical, technical, managerial, and operational measures that are designed to improve the integrity and security of information that we collect or receive and maintain these measures as are required by applicable laws of India and are accepted industry practices.
In addition, Wibmo follows the payments industry standards regarding the protection of payment card information. We conduct regular audits to maintain the appropriate level of security certification with the Payments Card Information Security Standard Council (PCI) in respect of protecting card data.
Wibmo also regularly reviews its policies regarding the collection, storage, using and processing of your Personal Information, including Sensitive Personal Information, including physical security measures, preventing alteration, loss, query, use or fraudulent or unauthorized access of your Personal Information, including Sensitive Personal Information.
Wibmo has put in place procedures to deal with information breach and will notify the Client as the controller and any applicable regulator or authority of a breach where we are legally required to do so.
Wibmo ensures to comply with its obligations under the applicable data protection law, and shall also take such steps as are requested by the Client to enable the Client to comply with its obligations under the applicable data protection law.
11. COOKIES AND OTHER TECHNOLOGIES
Wibmo uses cookies, web beacons and similar techniques when you access our website or platforms. We explain how we use cookies and the choices you have when it comes to our use of cookies below.
What is a cookie? A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by Wibmo and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts.
More specifically, we use cookies and other tracking technologies for the following purposes:
Targeting Cookies
These cookies may be set through our Website by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly Personal Information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Performance Cookies
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our website. They help us to know which pages are the most and least popular and see how visitors move around the website. All information these cookies collect is aggregated. If you do not allow these cookies we will not know when you have visited our website, and will not be able to monitor its performance.
Strictly Necessary Cookies
These cookies are necessary for the website or our Services to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site or parts of our Services will not then work.
If you want to learn even more about how to disable and delete cookies on your browser, click on any of the links below depending on your choice of browser.
Should your browser not be listed below, or if you want to learn more about cookies in general, please visit www.allaboutcookies.org.
MozillaFirefox®
Microsoft®InternetExplorer
GoogleChrome™
Safari®
Opera(R)
LinkedIn (https://www.linkedin.com/legal/cookie-policy)
12. MINORS
Wibmo does not voluntarily or actively collect, process Personal Information (including Sensitive Personal Information) of minors. The Client who is the sharing the information with Wibmo must have obtained prior consent of the parents or guardians of the minor regarding collecting the processing the Personal Information of the minor. In the event minor’s information is processed by Wibmo without a prior consent of the parents or guardian, please reach out to the Client directly.
If we learn that we collected the Personal Information (including Sensitive Personal Information) of a minor from the Data Controller without them first receiving a verifiable parental consent, we will take steps to deal with the information in a manner consistent with applicable laws of India as soon as possible.
13. CHANGES TO THE WIBMO PRIVACY STATEMENT
This Wibmo Privacy Statement may change or be amended over time. The recent version of this Wibmo Privacy Statement is published on Wibmo’s website.
Please revisit this page periodically to stay aware of any changes to this Wibmo Privacy Statement. Your continued use of our services confirms your acceptance of this Wibmo Privacy Statement, as amended. If you do not agree to this Wibmo Privacy Statement, as amended, you must stop using our services and notify us.
In case you need any change in your Personal Information, please inform the Client who is the controller of your data.
14. HOW TO CONTACT US
The controller of this privacy statement is enStage Software Private Limited having its registered office at No 25, Shankaranarayana Building 1 First Floor, East Wing, M G Road Bangalore – 560001, India and having CIN no. U72200KA2000PTC028279. We are happy to address any of any queries, concerns or questions relating to processing, of information which you can raise by writing to us at dpo@wibmo.com.
Any complaints or discrepancies in relation to the processing of Personal Information (including Sensitive Personal Information) can be addressed to:
Grievance Officer
Enstage Software Private Limited,
1 First Floor, East Wing, M G Road,
Bangalore – 560001