The App is made available to you by the HyperPay INC , a company established under the laws of British Virgin Island and registered in British Virgin Island with commercial registration number 1600690, and having its place of business at Turkey Bin Abdelaziz street, Riyadh 12364, Kingdom of Saudi Arabia represented By Muhannad Ebawini its Chief Executive Officer
1.1 How we collect your personal information
We collect personally identifiable information about you only when you specifically give it to us. We may also collect information relating to the transactions you carry out, including details of any bank accounts you transact to and from the App. We do not generally disclose this information to third parties except in the circumstances set out in Section 1.5 below.
1.2 Sharing your personal information with third parties
1.3 Marketing communications
We may send marketing information to you in relation to promotions that we run from time to time or service offerings we consider may be of interest to you.
Third party providers will not be permitted to market to you directly in connection with other services they offer. In the event that you receive any such marketing communication that you have not specifically requested you should let us know immediately.
The transmission of information via the Internet is not completely secure. We will do our best to protect your personal information while it is in our possession, however, we cannot guarantee the security of your data transmitted online or over the App.
We recognize industry standards and employ security safeguards to protect personally identifiable information from unauthorized access and misuse. All information you provide to us is stored on secure servers. Any payment transactions will be protected and safeguarded by encryption.
1.4 Disclosure of your information
We may disclose your personal information to third parties in the following circumstances:
- In order to provide services available through the App;
- Where those third parties assist us in supplying our services to you or perform certain functions on our behalf, including IT support services or professional services;
- In the event of a sale, merger, liquidation, receivership or transfer of assets of HyperPay, to the prospective buyer of the business and their professional advisers; and
- If required to do so by law, a court order or by a regulatory authority of competent jurisdiction or if we believe that such disclosure is necessary, to protect, defend or enforce our rights. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
Please note that in order to cooperate with governmental requests, summons or court orders, or to protect other users or our systems, we reserve the right to disclose any information we consider necessary or appropriate, including your user profile information (ie name, email address, etc.), usage history, and content submitted to the App.
ISMS Corporate Policy
Information security threats are a risk that has a very high impact on the entire organization. Consequently, building a policy that covers the desired information security requirements and defines other aspects such as the objectives of the information security, ownership of the policy, and delegation of duties will help manage and respond to information security incidents properly.
The policy applies to all information created or received in HyperPay. This policy forms the basis of the HyperPay Information Security Management System (ISMS) and Privacy Information Management System (PIMS) of related policies and procedures, based on the International Standard 27001 and ISO 27701, taking a risk-based approach to embed embedding appropriate levels of information security controls and countermeasures.
Compliance with this document is mandatory, HyperPay managers shall ensure continuous compliance monitoring within their departments. Compliance with the statements of this document is a matter of annual review by the Cybersecurity Function. Any violation will result in disciplinary action by Human Resources.
Disciplinary action will be depending on the severity of the violation which will be determined by the investigations. Actions such as termination or others as deemed appropriate by HyperPay Management and escalate to HR Department.
- Policy Statement
It is the policy of HyperPay to ensure that appropriate controls and countermeasures are put in place to protect corporate and personnel data, as well as the information technology systems, and services, and equipment of HyperPay.
a. HyperPay is committed to protecting its information assets, personnel, intellectual property, computer systems, data, and equipment from all threats, whether internal or external, deliberate, or accidental, this should be achieved with minimum inconvenience to authorized users and against threats to the level of service required by the HyperPay to conduct its business.
b. HyperPay shall adopt ISO 27001, ISO 27701 Information Security Management System (ISMS), and Privacy Information Management System (PIMS) as a tool to implement a formal system for protecting the confidentiality, integrity, and availability of information.
c. HyperPay is committed to complying with all regulatory and legislative requirements imposed on the organization by governmental authorities.
d. HyperPay is committed to satisfying the information security expectations and requirements of interested parties, and to provide providing the necessary resources to achieve this.
e. Information security risks are being managed based on HyperPay ’s approved risk management Framework.
f. HyperPay is committed to treating security incidents and suspected vulnerabilities per their respective nature.
g. Information security objectives will be defined based on the implemented risk assessment and will be monitored and reviewed by the privacy and Information Security Management System Steering Committee.
h. HyperPay is committed to continually improve improving its ISMS and PIMS through the implementation of the Plan–Do–Check–Act cycle.