Privacy Policy


Volopay Ltd (herein referred as “Volopay”) is a purpose-built spend management solution that helps you escape painful admin work, lack of control and blinkered visibility. We bring together a unified platform for business payments: ranging from software subscriptions to petty cash, business travel to online advertising, employee reimbursements to vendor pay-outs; approval-based workflows for credit, accounting integrations and budgeting (collectively, the “Services”).


We treat all personal information covered by this Privacy Policy as pertaining to individuals acting as business representatives, and not in their individual or household capacity. For a description of how we handle consumers’ information as a service provider on behalf of our business customers, please review our Product Privacy Notice.


 We may collect and use personal data when we do business with you or when you do business with those that use our services. Some of our services may be accessed directly by you, including through our websites that reference this policy (e.g. www.volopay.co) (collectively “Sites”). Many of our services are provided to others in connection with their own business and activities, and you may engage with Volopay services as part of another’s service, such as when you make a payment to a merchant and we provide the payment processing services to that merchant through Volopay (collectively, we refer to Sites and direct and indirect services as “Services”). This policy applies to Volopay’s own Services.


 The Services may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party services and are not responsible for their privacy statements. When you leave the Website/Sites or access third-party links through the Services, we encourage you to read the privacy policy of each third-party service provider.


This Privacy Policy includes important information about your Personal Data and we encourage you to read it carefully. You can also use these links to jump to a specific section.



1. Overview


Volopay obtains Personal Data about you from various sources. “You” may be a visitor to one of our Sites (“Visitor”), a user of one or more of our Services (“User” or “Volopay User”), or a direct or indirect customer of a User (“Customer”). If you are a customer, your agreement with the relevant Volopay User should explain how the Volopay User shares your Personal Data with Volopay. If you have questions about this sharing, then you should direct those questions to the Volopay User.



2. Personal Data We Collect


a) Personal Data is any information that relates to an identified or identifiable individual, and can include information about how you engage with our Services (e.g. device information, IP Address). In many cases, the Personal Data that you provide directly to us through our Services will be apparent from the context in which you provide the data. However, broadly we collect the below mentioned data:


● Name (Including Any Alias Used by You); 

● Contact Data, such as your email address and telephone numbers

● Gender;

● Date Of Birth;

● Nationality;

● Country Of Residence;

● Identification Number;

● Tax Residency;

● Government-issued ID;

● Tax Identifier;

● Business Information;

● Proof Of Identity;

● Proof Of Residence;

● Employment Information;

● Financial Information;

● Transaction Information;

● Proof Of Source of Funds.


b) Technical Data, which includes your IP address, browser information including browser type and version, time zone setting and location, browser plug-in types and versions, web browser application details, corresponding location details, operating system and platform, and other technology on the devices you use to access the Services.


c) Usage Data, which includes information about how you use the services.


d) Marketing and Communications Data, which includes your preferences in receiving marketing from us and our third parties and your communication preferences.


e) This Personal Data (e.g., name, address, phone number, country) helps us to confirm identities and prevent fraud. We may also use technology to assess the fraud risk associated with an attempted transaction by any person/user/third party.



3. How Do We Collect Personal Data


We use different methods to collect data from and about you including direct interactions, automated technologies or interactions and from third party or publicly available sources.


a) Direct Interactions - You provide us your personal data when you interact with us. This includes personal data you provide when you:


● apply for our products or services;

● subscribe to our services, publications, or newsletters;

● request marketing to be sent to you;

● enter a competition, promotion, or online surveys;

● register for demonstrations;

● download case studies; or


b) Automated technologies or interactions - As you interact with the Services, we will automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this personal data by using cookies, server logs, and other similar technologies. We may also receive Technical Data about you if you visit other websites that employ our cookies.


c) Information from Third-Party Sources - From time to time, the Company may obtain information about you and/or your Data Subject(s) from third-party sources as required or permitted by applicable laws, including from:


● Public databases; 

● Credit bureaus;

● Technical Data from analytics providers and search information providers;

● Employment-related Data from third-party consultants and websites, including but not limited to websites like LinkedIn and other job portal sites;

● Id verification partners; and

● Social media platforms.


The Company obtains such information from third-party sources to comply with its legal obligations, including applicable anti-money laundering laws and to ensure that the services and/or products of the Company are not used fraudulently or for other illicit activities.



4. Use of Personal Data


Customer Personal Data will be collected and used by the Company for any one or more of the following purposes: 


● To assess and evaluate your eligibility for registering an account and/or subaccount(s) with the company;


● To manage the relationship between you and the company which will include notifying you about changes to our Terms or this Policy, or asking you to leave a review or take a survey; 


● To enable the company to perform its obligations under or in connection with the provision of services and/or products to you;


● To maintain legal and regulatory compliance in the jurisdictions in which the company operates; 


● To enforce the terms and conditions of any agreement between you and the company (including this policy);


● To enable the company to improve its services (including troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data);


● To use data analytics to improve the Services, and/or Our products and Services and marketing and customer relationships, and your experiences; 


● To provide you with access to our newsletters, demonstrations, and case studies


● To send you updates on the services and/or products of the company, benefits, promotions and other such promotional material from time to time at the email address and/or contact number provided by you to the company;


● To manage our third-party relationships, such as those with our vendors and partners; For recruitment purposes and employment-related opportunities; 


● Where required under any applicable laws; 


● Where required under any order of court from a court of competent jurisdiction; 


● Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.



5. Protection and Retention of Personal Data


● We store all Your Personal Information on servers, which are restricted and highly secured with the necessary firewalls, and this server is accessible only by Our limited authorized personnel. 


● We take all steps necessary to ensure that Your Personal Information is treated securely and in accordance with this Policy. Once We receive Your Personal Information, We use strict procedures and security features to prevent unauthorized third party access. 


● Any disclosure of Customer Personal Data (whether internally or otherwise) will only be carried out on a need-to-know basis. 


● We process the Personal Information collected in a lawful and proper manner and take appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of the Personal Information. 


● However, it needs be acknowledged and agreed that no method of transmission over the internet or method of electronic storage is completely secure and the Company makes no representation and/or warranty (whether express or implied) that there will be no unauthorised:


a) Access to the Customer Personal Data;

b) Copying of the Customer Personal Data; and/or

c) Disposal of the Customer Personal Data.


We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.


We retain personal information for as long as appropriate to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish or defend legal claims, or for fraud prevention purposes. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of personal information, the purposes for which we process personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.



6. Cookies


Cookies, which are text files that websites store on a visitor‘s device to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently, remembering your preferences, enabling functionality, helping us understand user activity and patterns, and facilitating online advertising.


We use cookies to distinguish you from other users of the Services and remember your preferences. This helps us to provide you with a seamless user experience when you use our Services and also allows us to improve the Services.



7. Disclosure of Personal data collected


We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, or reporting requirements.


 Volopay does not sell or rent Personal Data to marketers or unaffiliated third parties. We share your Personal Data with trusted entities, as outlined below:


● Any governmental agency or regulatory authority of any jurisdiction properly exercising its powers; Professional advisers of the company; 

● Parties providing services and/or products to the company (including information technology services, know-your-client and anti-money laundering compliance services providers); 

● Related corporations of the company, if any; Entities that the company is in discussions with for a merger or an acquisition of the company by such other entities; 

● Entities that acquire the assets of the company pursuant to any applicable law, including the laws of insolvency in respective jurisdiction; 

● Entities pursuant to any order of court from a court of competent jurisdiction


Further, the Company may continue to use and disclose Customer Personal Data for a reasonable period following the termination of the relationship between you and the Company for any one or more of the following purposes: 


● To allow the Company to fulfil its outstanding obligations to you under any agreement between you and the Company, if any; 

● To allow the Company to enforce its rights under any agreement between you and the Company, if any; 

● For such purposes to which you have given your consent in writing; 

● Where required under any applicable laws; 

● Where required under any order of court from a court of competent jurisdiction 

● We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you


ID Verification Partners may use a combination of government records and publicly available information about you to verify your identity, including the following information relating to you:

 

● Name; 

● Address; 

● Employment information;

● Public employment profile (where applicable); 

● Credit history; and 

● Status on sanctions lists maintained by public authorities (where applicable).



8. Your data protection rights


Depending on your location and subject to applicable law, you may have the following rights with regard to the Personal Data we control about you:


● The right to request access to your personal data. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.


● The right to request confirmation of whether Volopay processes Personal Data relating to you, and if so, to request a copy of that Personal Data;


● The right to request that Volopay rectifies or updates your Personal Data that is inaccurate, incomplete or outdated;


● The right to request that Volopay erase your Personal Data in certain circumstances provided by law; 


● The right to request that Volopay restrict the use of your Personal Data in certain circumstances, such as while Volopay considers another request that you have submitted (including a request that Volopay make an update to your Personal Data); 


● The right to request that we export your Personal Data that we hold to a third party or you, where technically feasible. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.


● Where the processing of your Personal Data is based on your previously given consent, you have the right to withdraw your consent at any time. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.; and/or 


● In some cases, you may also have the right to object to the processing of your Personal Data.


Where the Company is unable to comply with any request under Paragraph 7 above, the Company shall inform you of the reason(s) for being unable to do so.



9. Process for exercising data protection rights


We will comply with your request to the extent required by applicable law. We will not be able to respond to a request if we no longer hold your Personal Data. If you feel that you have not received a satisfactory response from us, you may have the right under applicable laws to consult with the data protection authority in your country. For your protection, we may need to verify your identity before responding to your request, such as verifying that the email address from which you send the request matches your email address that we have on file.


If we no longer need to process Personal Data about you in order to provide our Services or our Sites, we will not maintain, acquire or process additional information in order to identify you for the purpose of responding to your request. We try to respond to all legitimate requests within 1 month. Occasionally it could take us longer than 3 months if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.



10. Transfer of Customer Personal Data outside of Jurisdiction


In the event that the Company and/or its services providers store, transfer or otherwise process Customer Personal Data outside of jurisdiction, the Company shall take steps to ensure that the Customer Personal Data continues to receive a standard of protection that is at least comparable to that provided under the laws of that jurisdiction. Please contact us for further information about any such transfers or the specific safeguards applied.



11. Use by Minors


The Services are not directed to minors, including children under the age of 16, and we request that they not provide Personal Data through the Services. If we learn that we have collected personal information through our services from a child under 16 without the consent of the child’s parent or guardian as required by law, we will delete it.



12. Jurisdiction-specific Provisions


(i). United States – California


If you are a consumer located in California, we process your personal data in accordance with the California Consumer Privacy Act (CCPA). This section provides additional details about the personal information we collect and use for purposes of CCPA:


a) How We Collect, Use, and Disclose your Personal Information The Personal Data We Collect section describes the personal information we may have collected about you, including the categories of sources of that information. We collect this information for the purposes described in the How We Use Personal Data section. We share this information as described in the How We Disclose Personal Data section. ‘


b) Your CCPA Rights and Choices as a California consumer and subject to certain limitations under the CCPA, you have choices regarding our use and disclosure of your personal information:


Exercising the right to know: You may request the following information about the personal information we have collected about you: the categories and specific pieces of personal information we have collected about you;


● The categories of sources from which we collected the personal information;

● The categories of sources from which we collected the personal information;

● The categories of third parties with whom we shared the personal information; and

● The categories of personal information about you that we disclosed for a business purpose, and the categories of third parties to whom we disclosed that information for a business purpose.

● Exercising the right to delete: You may request that we delete the personal information we have collected from you, subject to certain limitations under applicable law

● Exercising the right to delete: You may request that we delete the personal information we have collected from you, subject to certain limitations under applicable law

● Non-discrimination: The CCPA provides that you may not be discriminated against for exercising these rights.



13. Updates to this Policy and Data Protection officer


We reserve the right to modify or make minor updates to this Privacy Policy, and we encourage you to visit this site from time to time to be aware of and review any updates. We will notify you of material changes, changes that limit any of the rights you have related to the manner in which we process your personal information under this Privacy Policy, or that we are required to disclose by law, via a prominent notice on our website, login screen, your mobile app, or via email at least 30 days prior to the changes taking effect.

 

You may contact the data protection officer of the Company if you have any questions on this Policy, question on how we process or handle your personal data, or for any enquiries or feedback or as stated in this Policy as follows:


Name: Rajesh Raikwar

Address: 245 8th Ave #1135 New York, NY 10011

Email Address: rajesh@volopay.co

Telephone Number: +1 (726) 203-8615

privacy policy