Privacy Policy of FFIN Payments LLP
The Organization may also receive Personal Information from its partners through the websites, programs, products, or services you use. In relevant cases, the transfer of Personal Information is possible only as established by applicable law and is carried out based on agreements between the Organization and each of the Partners.
- The Law of the Republic of Kazakhstan dated May 21, 2013, No. 94-V "On Personal Data and their Protection";
- The Law of the Republic of Kazakhstan dated August 28, 2009, No. 191-IV "On Counteracting the Legalization (Laundering) of Proceeds from Crime and the Financing of Terrorism";
- The Order of the Minister of Digital Development, Innovations, and Aerospace Industry of the Republic of Kazakhstan dated October 21, 2020, No. 395/NҚ "On Approval of the Rules for the Collection and Processing of Personal Data" (as amended on May 06, 2023).
The Enterprise instructs the Organization to collect Data related to the collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, transfer (distribution, provision, access), adjustment, combination, depersonalization, blocking, deletion, scoring, destruction, and protection of Data.
Accordingly, the Organization considers "Data" to be all information provided by Users of the Organization's services during their use or obtained automatically, as well as the consents of your Users (including those regarding third parties) for the provision of services by the Organization, its partners, and government agencies (hereinafter — "Services").
Personal information collected during the operation of websites and/or the provision of partner services may vary depending on whether you use your account to access them.
When logged into your account, Personal Information collected by the Organization and/or partner services may be linked to other Personal Information collected by the Organization (e.g., identity data, contact details, age, gender, etc.).
The Organization and partner services do not verify the accuracy of the Personal Information provided or your legal capacity, unless specified in user agreements.
The Organization and its partners assume you provide accurate and sufficient Personal Information and update it in a timely manner.
Categories of Personal Information collected may include:
i) Registration info: name, phone number, address, and age;
(ii) Electronic data: HTTP headers, IP address, cookies, web beacons/pixel tags, browser ID, hardware/software info, and Wi-Fi network data;
(iii) Date and time of access to sites/services;
(iv) Information regarding activity during service use;
(v) Geolocation information;
(vi) Other information necessary for specific partner services;
(vii) Information received from partners under agreements between you, the partner, and the Organization;
(viii) Payment card data and other payment information provided by you or received from Partners/third parties involved in payment operations.
- Offer personalized Services based on agreements between the Enterprise, the Organization, and/or third parties;
- Identify, authenticate, and authorize the Enterprise and Users for security and financial transactions;
- Provide access to the Organization’s Services;
- Send special offers (electronic messages, SMS, push notifications) regarding products/services from the Organization or third parties, process requests, and verify User data.
With the consent of the Enterprise and Users, the Organization will transfer Data to partners to offer products and services. Data is also processed to comply with legal requirements, fulfill obligations to government agencies, handle claims, debt collection, legal processes, prevent fraud, and ensure data security.
- Right to access Data;
- Right to correct Data;
- Right to delete Data;
- Right to restrict processing;
- Right to receive a copy of Data;
- Right to object to processing;
- Right to data portability.
- maintaining authorization;
- determining how the Organization’s Services are used;
- offering services and products that may be of interest;
- etc.
FFIN Payments Limited Liability Partnership
1. Data Collection and Processing methods:
(a) Registration and/or authorization on the Operator’s website or mobile application;
(b) Signing consent electronically, via digital signature, or using a one-time password (OTP) sent via SMS or push notification;
(c) Visiting electronic resources, including accepting Cookies;
(d) Using the Operator’s products or services.
2. Transfer of Data, including but not limited to personal data, data constituting a banking secret, insurance secret, commercial secret in the securities market, and any other secret protected by law, to the affiliates of the Operator, agents of the Operator, and any other third parties (hereinafter collectively referred to as — "Third Parties"), when the provision of Data is required in accordance with the requirements of applicable law, for the purposes of the provision of products and services to the Subject by the Operator or Third Parties, or for the purposes of fulfilling obligations under a contract between the Operator and the specified Third Parties. The Subject agrees that the Data may be included in the databases of the Operator or Third Parties, where the Subject's personal data may subsequently be processed without any involvement of the Operator; provided that the Operator undertakes to require Third Parties to ensure the confidentiality of the transferred Data;Cross-Border Transfer: Consent is given for the transfer of Data outside the Republic of Kazakhstan as necessary for processing. The Subject acknowledges that countries receiving the Data may have lower storage requirements and protection standards than those in Kazakhstan.
3. Cross-border transfer by the Operator of the Data outside the territory of the Republic of Kazakhstan and the territory of the AIFC to the territory of states in cases where it is necessary for the purposes of collection and processing of Data stated in this consent. The Subject agrees that the countries to which the Data may be transferred may have conditions and requirements for the storage of Data lower than those provided by the applicable law of the Republic of Kazakhstan / AIFC, and the Data operators in these countries may not be able to provide them with adequate protection.
4. In this Consent, "Data" includes, but is not limited to, information/details relating to a Subject who is identified or identifiable based on such information, recorded on an electronic medium, including, without exception: surname, first name; phone number; email address; model of the Subject's device and data on its operating system language and browser type and (or) the type of internet connection used during the visit; Subject's location data obtained by IP address; information about purchases made by the Subject on the Internet and other metadata for analytics (cookies, etc.); content posted by the Subject or viewed by them on the Internet; changes in user status and duration of the visit.
5. The Subject's Data is collected and processed for the purpose of (the list is not exhaustive): the activities of the Operator and Third Parties in providing financial services, marketing and advertising activities, research, promotions, providing (sending) to the Subject any information materials, including those about products and (or) services and (or) offers of the Operator and Third Parties, as well as other notifications via telephone, facsimile, and other types of communication, as well as through open communication channels (including SMS messages, e-mail, push notifications, voice messages, remote access systems, social networks, etc.), as well as for payment using QR codes or barcodes, for selecting a payment or service recipient from phone book contacts, for displaying the Subject's avatar/photo in the mobile application of the Operator and/or Third Parties, for receiving and providing the Subject's digital documents to/from digital document services, for voice communication with representatives of the Operator/Third Parties; for the delivery of goods and provision of services to the Subject; for checks by the Operator/Third Party related to the fulfillment of requirements for countering the legalization (laundering) of proceeds from crime and the financing of terrorism; for the protection of the Operator's clients from fraudulent actions of Subjects.
i. The Subject's personal data may not be distributed by the Operator and (or) Third Parties in publicly available sources, except for cases where the Subject's corresponding written consent for such actions has been obtained.
ii. This Consent is provided for the entire period of the Operator's activity or until the date when an updated consent is issued and communicated to the Subject.
Notification about the use of cookies
Our website, like most others, uses cookies and other similar technologies (pixel tags, etc.) to provide services that best suit your interests and needs, and to collect statistical and marketing information to analyse and improve our services and websites.
By using this site, you consent to the use of cookies and other similar technologies in accordance with this Notice.
If you do not agree to us using this type of cookie, you must adjust your browser settings accordingly or not use our website.
Please note that if you block or delete cookies, we cannot guarantee that our website will work correctly on your browser.
Cookies that are stored through the website do not contain information that can be used to identify you.
What is a cookie and other similar technologies
A cookie is a small text file stored on your computer, smartphone or other device that you use to visit websites.
Some pages you visit may also collect information using pixel tags and web beacons, which are electronic images called single-pixel (1×1) or blank GIF images.
Cookies may be placed on your device by us ("own" cookies) or by other operators ("third party" cookies).
We use two types of cookies on the website: 'session cookies' and 'persistent cookies'. Session cookies are temporary cookies that remain on your device until you leave the site. A persistent cookie stays on your device for a long time or until you manually delete it (how long a cookie stays on your device will depend on the length or "lifetime" of the particular cookie and your browser settings).
Cookies come in different types:
Necessary. These files are necessary to ensure the proper operation of the site, the use of its functions. Disabling the use of such files will lead to a drop in site performance, inability to use its components and services.
Cookies related to performance, efficiency and analytics. These cookies allow us to analyse visitors' interaction with the site, optimise the content of the site, measure the effectiveness of advertising campaigns by providing information on the number of visitors to the site, the time of use, and errors that occur.
Functional cookies remember users who have already visited our site, their individual parameters (such as language and region, for example) and preferences, and help to personalise the content of the site.
Social Media Access Buttons. These are used to allow users to share a link to a social media page or bookmark an email. These buttons are links to social media websites owned by third parties, which in turn may record information about your online activity, including on our website. Please review the respective terms of use and privacy policies of such sites to understand how they use your data and how you can opt-out or delete your data.
Third Party Web Services. We sometimes use third-party web services on this website. For example, to display certain elements (images, videos, presentations, etc.), to organise surveys, etc. As with social media buttons, we cannot prevent these sites or external domains from collecting information about how you use the content on the site.
How do I manage cookies?
Most internet browsers are initially set to automatically accept cookies.
At any time, you can change your browser settings to block cookies or to alert you when cookies are sent to your device (refer to your specific browser's usage guide). Disabling cookies may affect your browsing experience.
If you use multiple devices and/or browsers to access the Internet, the appropriate settings must be changed in each of them.
Final Terms
At our sole discretion, we may change this Notice from time to time.
If you have any questions, we can be contacted using the contacts on our website.
