Privacy Policy
Introduction
SwiftPay ("we", "our", "us") is committed to protecting your privacy and handling your personal and financial information with transparency and security. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.
Our processing of personal data is governed by the Iraqi Data Protection Law and other applicable data protection regulations. By using our services, you consent to the data practices described in this policy.
Information We Collect
We collect various types of information in connection with our services, including:
- Personal Identification Information: Full name, national ID, email address, phone number, date of birth
- Financial Information: Bank account details, credit/debit card information, payment history, billing details
- Transaction Data: Payment amounts, transaction dates, merchant information, payment references
- Technical Data: IP address, device information, browser type, operating system, unique device identifiers
- Usage Data: Service usage patterns, feature interactions, error logs, performance data
- Location Data: Approximate location derived from IP address or GPS (when using mobile services)
How We Use Your Information
- Process and manage payments and transactions
- Provide customer support and service improvements
- Detect and prevent fraud, money laundering, and other illegal activities
- Comply with legal and regulatory obligations
- Send important service updates, security alerts, and notifications
- Conduct research and analysis to improve our services
- Personalize your experience and provide tailored content
- Manage our business operations and internal administration
Data Security
We implement robust security measures including:
- 256-bit SSL encryption for all data transmissions
- PCI DSS compliance for payment processing
- Regular security audits and penetration testing
- Multi-factor authentication for system access
- Data anonymization and pseudonymization techniques
While we strive to protect your information, no security system is impenetrable. We cannot guarantee absolute security but we continuously work to maintain the highest standards.
Data Retention
We retain personal data only as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law. Our retention periods are:
- Transaction records: 7 years
- User account information: Until account closure plus 2 years
- Financial information: As required by banking regulations
- Technical logs: 1 year
International Data Transfers
Your information may be transferred to and maintained on computers located outside of your country, where data protection laws may differ. We ensure appropriate safeguards are in place for international data transfers, including:
- Standard contractual clauses
- Binding corporate rules
- Data protection agreements with third parties
Cookies and Tracking Technologies
We use cookies and similar technologies to:
- Authenticate users and maintain sessions
- Remember user preferences and settings
- Analyze service usage and performance
- Deliver targeted advertising (with consent)
You can manage your cookie preferences through your browser settings or our cookie consent tool.
Children's Privacy
Our services are not directed to individuals under 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete such information.
Your Rights
Under applicable data protection laws, you have the following rights:
- Access your personal information
- Request correction of inaccurate data
- Request deletion of your data (where applicable)
- Object to processing of your data
- Request restriction of processing
- Data portability
- Withdraw consent (where processing is based on consent)
- Lodge a complaint with a supervisory authority
Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of significant changes through our website or other communication channels. Your continued use of our services after changes constitutes acceptance of the updated policy.
Contact Us
If you have questions about this policy or your personal data, please contact our Data Protection Officer:
- Email: dpo@swiftpayiq.com
- Phone: +964 780 909 8182
- Address: SwiftPay Building, Jadriah, Baghdad, Iraq