Privacy Policy

Overview

Oceanpayment has formulated this Privacy Policy with the purpose of elucidating how we collect, retain, process, share and transfer your personal data when you utilize our services. This Privacy Policy is applicable to the personal data provided by you when utilizing our services.

This Privacy Policy is intended to provide you with an understanding of our privacy protection measures and the privacy options available to you when utilizing our services. If you have any inquiries regarding privacy protection measures that are not explicitly addressed in this Privacy Policy, please feel free to contact us.

What types of personal data do we collect?

We will collect the information about you when utilizing our services. We will gather information pertaining to you, which includes:

Transaction and experience information. We shall collect the transaction information and other information related to the transaction, such as payment amount, the amount paid for the product or service, merchant information which includes the payment method utilized to complete the transaction. Additionally, we may collect device information, technical usage data, and geographical location information.
Additional information in connection with your use of our services. We will collect other information from or about you when you communicate with us, contact our customer service team, or respond to surveys.

Why we retain personal data?

We retain personal data to fulfill legal or regulatory obligations, as well as to conduct our business. If it aligns with our legitimate business interests and within the extent permitted by law, we may retain personal data for longer than legally required.

Why Oceanpayment processes personal data?

We collect, use, and store your personal data for the reasons stated in the table below:

Meet our business, and use some of the data collected to improve our products and services, which includes training models for fraud and loss prevention and analyzing the performance of Ocean payment’s products as permitted by applicable laws and agreements. It requires the personal data to train the Oceanpayment’s fraud and loss prevention model, including the model used by Oceanpayment’s risk control. These products rely in part on their ability to recognize certain features that help determine whether a transaction is fraudulent.
Fulfil our obligations and enforce the Terms of Service, including compliance with all applicable laws and regulations.

Styled Table

PROCESSING PURPOSE	CATEGORIES OF PERSONAL DATA	LEGAL BASES
Service Provision. To deliver services to you, including service-related communications, support, customization, and notifications.	Your name, contact details, payment information such as bank account details and transactions, and/or payment card details including card number, CVC code, and expiration date.	Our contractual obligation to fulfill our agreement with you, in accordance with applicable data protection laws.
Fraud Detection. We utilize your Personal Data collected across our Services to identify and prevent fraudulent activities against us, our business users, and financial partners, including detecting unauthorized access through your online behavior.	Transaction details. This encompasses: name, email address, billing/shipping address, payment method information (e.g., credit or debit card number, bank account details, or card image), merchant and location, purchase amount, transaction date, and potentially some details of your purchase, phone number, and tax identification number. This also includes browsing history, usage data, referring URLs, location, cookies data, device information, and identifiers. IP address and physical address.	Our legitimate interest in monitoring and detecting fraudulent activities to protect our End Users from potentially harmful actions.
Marketing and Promotions. We may use your Personal Data to determine your eligibility for and present you with additional Services. We also use End User Personal Data for targeted advertising and marketing. We do not share End Customer Personal Data with third parties for their marketing purposes unless you or the third party grant permission.	Contact details such as name, email address, work phone number, and job title. Connection data including IP address and online behavior (pages visited, time spent on pages, etc.).	Consent provided for processing this personal information. Our legitimate interest in conducting marketing activities to offer you products or services that may appeal to you.
Legal Compliance and Risk Mitigation. We process and share Personal Data as necessary: (i) to comply with applicable laws, (ii) to adhere to payment method regulations in connection with the use of that method (e.g., network rules for Visa); (iii) to enforce our contractual rights; (iv) to protect the Services, rights, privacy, safety, and property of Oceanpayment, you, or others, including against fraudulent or malicious activity and security incidents; and (v) to respond to legitimate legal requests from courts, law enforcement, regulatory bodies, and other public authorities, including those outside your country of residence.	Any Personal Data we handle, including information required for identity verification such as government-issued identification or selfie images.	Where such processing or disclosures are necessary for compliance with our legal obligations, protection of a person's vital interests, public interest, significant public interest, or to serve Oceanpayment's or a third party's legitimate interest in maintaining security, preventing legal violations, harm, or crime, enforcing or defending legal rights, claims, or obligations, facilitating tax collection, or preventing tax fraud or loss.

Do we share personal data?

We do not share Users’ personal data with any third parties unless we have Users’ express consent or are required by law to do so. However, we may share personal data with any third parties (including, but not limited to, our affiliates, partner financial institutions, clearing organizations, card organizations, state authorities, and our partners) in the following circumstances:

We engage third parties to provide services on our behalf and need to share personal data in order to fulfil their responsibilities. For example, we do this in order to provide payment processing services to our users. The third parties to whom we may disclose personal data for this purpose are banks, payment method providers and payment processors. These third party service providers may provide services to you, verify your identity, assist in the processing of transactions or provide customer service;
We are required by law or regulation or by government authorities to share personal data;
We may share personal data in order to protect our users, our rights or public safety;
Support for our audit, compliance and corporate governance functions;
In order for you to use some of our services or products and to fulfil their functions, we need the assistance of third parties or to provide services in cooperation with third party products, and we will only be able to provide you with the corresponding services if the necessary profile information is provided to the third party;
In order to provide services to you, we need to provide your transaction information to banking and financial institutions, clearing organizations, card organizations, etc. Such transaction information includes, but is not limited to, the type of transaction, the specific content of the goods or services, the name of the merchant that provides the goods or services, the name and account number of both parties of the payment and receipt, the date of the transaction, the exact time of the transaction, the amount of the transaction and so on;
If you are sued, applied for arbitration, criminally or administratively investigated, investigated by a clearing organization or card organization, or complained against by another party, or if you file a lawsuit, apply for arbitration, apply for criminal or administrative investigation, apply for investigation by an organization, or file a complaint, we will provide your identity information, transaction information and other related information to the relevant consumer protection authorities, cooperative banks and financial institutions, clearing organizations, card organizations, self-regulatory organizations of the industry, and supervisory authorities to settle the above disputes, except where the provision of such information is expressly prohibited by laws and regulations;
In addition, Oceanpayment may provide aggregated statistical information to third parties (including other businesses and members of the public) about the usage patterns of our services, including how, when and why users use our services. These profiles do not reveal your personal identity or provide information related to your use of the Services. We will not share your personal data with third parties for their marketing purposes without your consent.

What rights do you have?

You have the right to object to our processing of your personal data, including analyses. You can also request for the correction or deletion of specific data, as well as to impose restrictions on the processing of your data. Additionally, you have the right to request that we transfer some of certain information to other organizations. In some situations, you may object to the processing of your data and you may withdraw this consent at any time where we have asked you to consent to the processing of personal data. If we are processing your data for our legitimate interests, you can contact us if you need more information regarding this matter. However, there are some exceptions to these rights. For example, we will not be able to delete your data if we are required by law to retain it or if we hold it under contractual agreement with you. Similarly, access to your data may be denied if providing the information would reveal personal information about others, or if we are prohibited by law from disclosing such information.

If you wish to exercise these rights, please contact us.

Opting Out of Data Sharing

You have the right to opt out of having your personal data shared with third parties. To exercise this right, please follow the instructions below:

Opt-Out Request: Send a request to opt out of data sharing to our Data Protection Officer (DPO) at dpo@oceanpayment.com. Please include your full name, contact information, and a clear statement specifying your request to opt out of data sharing.
Confirmation: Upon receiving your request, we will send you a confirmation email acknowledging your opt-out request and provide you with further instructions if needed.
Processing Time: We will process your opt-out request within 30 working days from the date of receipt. During this period, we may reach out to you for additional information to ensure we accurately fulfill your request.
Contact Information: For any questions or additional assistance regarding your opt-out request, please contact us at dpo@oceanpayment.com or reach out to our customer support team.

Please note that opting out of data sharing may affect your ability to use certain features of our services. We are committed to respecting your privacy and will handle your request in accordance with applicable data protection laws.

How do we protect your personal data?

We are committed to implementing appropriate security measures to protect users’ personal data against unauthorized access, use, disclosure or damage. The implemented security measures include firewalls, data encryption, physical access control of data centers and authorization control of information access. We will strictly comply with applicable privacy protection laws and regulations and
adopt necessary technical means to ensure the security of users’ personal data.

Can children use our services?

Children under the age of 13 are prohibited from using our services. We do not knowingly collect information, including Personal Data, from children or any other individuals who are prohibited by law from using our services. If we unknowingly collect Personal Data from a child under the age of 13, it will be promptly deleted upon our awareness, unless we are required by law to retain such information. If you believe that information has been mistakenly or erroneously collected from a child under the age of 13, please do not hesitate to reach out to us for further assistance.

If you are a minor over the age of 13 and under the age of 18, you will need to obtain your parents’ or guardians’ consent before submitting your profile information, and we recommend that you use our services under the direction or supervision of a parent or guardian. If your parents or guardians do not agree with your submission of personal information or your use of our services, please terminate the submission of information or the use of our services immediately.

About cross-border of personal information

In order to provide services to you, we may carry out settlement, clearing or data verification with overseas merchants, overseas partner institutions, overseas card organizations or clearing organizations, or overseas affiliates. In this process, we will provide some of your personal information to overseas merchants, overseas partner institutions, overseas card organizations or clearing organizations, overseas affiliates, and if you do not agree to the provision of such information, you will not be able to use our services. By using our services, you are deemed to have given your consent to such operations.

Jurisdiction-specific provisions

EEA and UK. You may exercise your rights by contacting our DPO at dpo@oceanpayment.com. If you are a resident of the EEA or if OPEU is identified as your data controller, and you believe our processing of your information contradicts the General Data Protection Regulation (GDPR), you may direct your questions or complaints to the Irish Data Protection Commission. If you are a resident of the UK, direct your questions or concerns to the UK Information Commissioner’s Office.

Singapore. In this Policy, “applicable law” includes the Personal Data Protection Act 2012 (PDPA) (No. 26 of 2012) as amended from time to time. In some cases, and as permitted under the PDPA, we may rely on “deemed consent” as a legal basis. For example, we do so when you voluntarily provide your personal data to us. If you have any questions or complaints about this Policy, please contact our DPO at dpo@oceanpayment.com.

Hong Kong. In this Policy, “applicable law” encompasses the Personal Data (Privacy) Ordinance (PDPO) of Hong Kong. If you are a resident of Hong Kong and are not satisfied with our response to a complaint you have lodged under this Policy, you have the option to reach out to the Privacy Commissioner for Personal Data, Hong Kong. You are entitled to request access to or correction of the Personal Data that Oceanpayment maintains about you, or to revoke any consent you have provided for the processing of your personal data. To invoke these rights, please get in touch with our Data Protection Officer at dpo@oceanpayment.com.

United States. If you are a consumer located in the United States (“US”), we process your personal information in accordance with US privacy laws, including the California Consumer Privacy Act ( “CCPA”), Colorado Privacy Act, Connecticut Act Concerning Personal Data Privacy and Online Monitoring, Florida Digital Bill of Rights, Montana Consumer Data Privacy Act, Oregon Consumer Privacy Act, Texas Data Privacy and Security Act, Utah Consumer Privacy Act, and Virginia Consumer Data Protection Act. For specific details, please seehere. Oceanpayment uses cookies, including advertising cookies, as described in ourCookie Policy.
Your Rights and Choices. As a US consumer and subject to certain limitations under US privacy laws, you may have choices regarding our use and disclosure of your Personal Data (learn moreabout data subject rights metrics). In addition to theabove rights, other rights include:
Exercising the right to know: You have a right to request additional information about the categories of personal information collected, sold, disclosed, or shared; purposes for which this personal information was collected, sold, or shared; categories of sources of personal information; and categories of third parties with whom we disclosed or shared this personal information.

Global Privacy Control signals. Oceanpayment honors the Global Privacy Control (GPC) opt-out preference signals.

Disclosure of Information to Affiliates and Non-affiliated Third Parties

Affiliates: We may share your personal data with our affiliates, which include companies under common control or ownership with Oceanpayment. These affiliates help us provide, improve, and manage our services. Examples of our affiliates include our parent company and subsidiaries involved in payment processing and risk management.
Non-affiliated Third Parties: We may disclose your personal data to non-affiliated third parties in the following categories.

Payment Processors: Companies that handle transactions and payment processing on our behalf.
Financial Institutions: Banks and other financial entities involved in the transaction settlement and clearing process.
Regulatory Authorities: Government agencies and bodies required to enforce legal and regulatory compliance.
Service Providers: Third-party vendors that assist in various business functions such as customer support, data analysis, and fraud prevention.
Legal and Compliance Entities: Entities involved in legal proceedings, investigations, or audits.

We do not share your personal data with third parties for their own marketing purposes without your explicit consent. If you have any concerns about our data sharing practices, please contact us.

Changes to the Privacy Policy

We may revise this Privacy Policy from time to time. The date of the last revision to the Privacy Statement is located at the bottom of the page. By continuing to use Oceanpayment’s services, you agree to the changes to this Privacy Statement. All revisions will automatically take effect 30 days after they are initially posted on the website.

Contact Us

If you have any questions, please feel free to contact us via email at dpo@oceanpayment.com.

Effective Date

August 16, 2024