Last updated: 21st Dec 2020
IntaSend ("us", "we", or "our") operates https://intasend.com (the "Site"). This page informs you of our policies regarding the collection, use, and disclosure of Personal Information we receive from users of the Site and other IntaSend services, including and not limited to the API, Documentation sites, and Web Widgets.
We use your Personal Information only for providing and improving the Service. By using the Service, you agree to the collection and use of information in accordance with this policy.
IntaSend offers an online payment platform that makes it easy for merchants to accept electronic payments from customers.
IntaSend obtains Personal Data about you from various sources to provide our Services and to manage our Sites. You may be a visitor to one of our websites, a user of one or more of our Services, or a customer of an IntaSend Client.
While using our Site, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally, identifiable information may include but is not limited to your name ("Personal Information").
As part of our operations, IntaSend collects and processes certain types of information (such as name, telephone numbers, address, etc.) of individuals that make them easily identifiable. These individuals include current, past, and prospective employees, merchants, suppliers/vendors, customers of merchants, Users, and other individuals whom IntaSend communicates or deals with, jointly and/or severally (“Data Subject(s)”).
IntaSend is firmly committed to complying with applicable data protection laws, regulations, rules, and principles to ensure the security of Personal Information handled by the Company.
To gain full access to our website and services, you must register for an IntaSend account. When you register for an account, we collect Personal Information that you voluntarily provide to us. Personal Information refers to information relating to an identified person or information that can be used to identify you (e.g email address, bank details, name, telephone number). It may also include anonymous information that may be linked to you specifically, (e.g. IP address).
We use your Personal Information to:
We may retrieve additional Personal Information about you from third parties and other identification/verification services such as your financial institution and payment processor. With your consent, we may also collect additional Personal Information in other ways including emails, surveys, and other forms of communication. Once you begin using our services through your IntaSend account we will keep records of your transactions and collect information of your other activities related to our services. We will not share or disclose your Personal Information with a third party without your consent except as may be required for the purpose of providing you with our services or under applicable legislation.
In providing you with the services, we may rely on third-party servers located in foreign jurisdictions from time to time, which as a result, may require the transfer or maintenance of your personally identifiable information on computers or servers in foreign jurisdictions. We will endeavor to ensure that such foreign jurisdictions have data protection legislation that is no less than the existing data protection regulations in force in Kenya and your personally identifiable information is treated in a safe and secure manner.
We do not collect your Personal Information when you visit the website. However, so we can monitor and improve our website and services we may collect non-personally-identifiable information. We will not share or disclose this information with third parties except as a necessary part of providing our website and services. We may use the information to target advertisements to you.
When you test our services using the “Sandbox” part of our website, we collect both non-personally identifiable information and personally identifiable information. Information we collect includes your IP address, information about your computer, and other standard web log information to monitor the test transactions. We also collect and store your email address and card information you provide to conduct the test transactions. In compliance with the Payment Card Industry Data Security Standard (PCI DSS Requirements”), we implement access control measures, security protocols, and standards including the use of encryption and firewall technologies to ensure your card information is safe and secure in our servers, additionally, we implement periodical security updates to ensure that our security infrastructures are in compliance with reasonable industry standards. We will not share and disclose your card information.
When you checkout with IntaSend on a merchant’s website, we collect your card information and store, your email address, your mobile phone number, and your billing and shipping address. To ensure your card information is kept safe and secure on our servers, we implement access control measures (physical and virtual), security protocols, policies, and standards including the use of encryption and firewall technologies in compliance with the PCI DSS Requirements and we implement periodical security updates to ensure that our security infrastructures are in compliance with reasonable industry standards.
IntaSend collects Personal Information only for identified purposes and for which consent has been obtained. Such Personal Information cannot be reused for another purpose that is incompatible with the original purpose, except consent is obtained for such purpose
IntaSend limits Personal Information collection and usage to data that is relevant, adequate, and absolutely necessary for carrying out the purpose for which the data is processed.
IntaSend will evaluate whether and to what extent the processing of Personal Information is necessary and where the purpose allows, anonymized data will be used.
Cookies are files with a small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer's hard drive.
Like many sites, we use "cookies" to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Site.
Our cookies never store personal or sensitive information; they simply hold a unique random reference to you so that once you visit the site we can recognize who you are and provide certain content to you.
IntaSend shall establish adequate controls in order to protect the integrity and confidentiality of Personal Information, both in digital and physical format, and to prevent Personal Information from being accidentally or deliberately compromised.
IntaSend is committed to managing your Personal Information in line with global industry best practices. We protect your Personal Information using physical, technical, and administrative security measures to reduce the risks of loss, misuse, unauthorized access, disclosure, and alteration, we also use industry-recommended security protocols to safeguard your Personal Information. Other security safeguards include but are not limited to data encryption, firewalls, and physical access controls to our building and files and only granting access to Personal Information to only employees who require it to fulfill their job responsibilities. Any Personal Information processing undertaken by an employee who has not been authorized to carry such out as part of their legitimate duties is unauthorized.
Employees may have access to Personal Information only as is appropriate for the type and scope of the task in question and are forbidden to use Personal Information for their own private or commercial purposes or to disclose them to unauthorized persons, or to make them available in any other way.
IntaSend does not sell, trade, or rent personal information to anyone. However, to enable us to render our services to you on our website, we may share your information with trusted third parties, such third parties include financial institutions, payment processors verification services, sanctions screening, and identity verification services as well as any third parties that you have directly authorized to receive your Personal Information. Your Personal Information may be stored in locations outside the direct control of IntaSend, for instance, on servers or databases co-located with hosting providers.
We may disclose your Personal Information in compliance with applicable law or a legal obligation to which we are bound.
Where Personal Information is to be transferred to a country outside Kenya, IntaSend shall put adequate measures in place to ensure the security of such Personal Information. This will be done under the following conditions:
IntaSend will take all necessary steps to ensure that Personal Information is transmitted in a safe and secure manner. Details of the protection given when your Personal Information is transferred outside Kenya shall be provided to you upon request.
Processing of Personal Information by IntaSend shall be lawful if at least one of the following applies:
Individuals who have Personal Information held by IntaSend are entitled to reach out to IntaSend to exercise the following rights:
Your request will be reviewed by IntaSend Data Protection Officer and carried out except as restricted by law or IntaSend’s statutory obligations. You may decline to provide your personal information when it is requested by IntaSend, however, certain services or all the services may be unavailable to you. You may review your account settings and update your Personal Information directly or by contacting us.
We will retain your information for as long as your account is active or as needed to provide our services to you, comply with our legal and statutory obligations, or verify your information with a financial institution.
IntaSend is statutorily obligated to retain the data you provide us with in order to process transactions, ensure settlements, make refunds, identify fraud, and in compliance with laws and regulatory guidelines applicable to us, our banking providers, and card processors.
Therefore, even after closing your IntaSend account, we will retain certain Personal Information and transaction data to comply with these obligations. All Personal Information shall be destroyed by IntaSend where possible. For all Personal Data and records obtained, used, and stored by IntaSend, we shall perform periodical reviews of the data retained to confirm the accuracy, purpose, validity, and requirement to retain.
The length of storage of Personal Information shall, amongst other things, be determined by:
IntaSend maintains a data breach procedure in order to deal with incidents concerning Personal Information or practices leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Information transmitted, stored, or otherwise processed. You may contact our DPO upon becoming aware of any breach of Personal Information or if your access credentials have been compromised, to enable us to take the necessary steps towards ensuring the security of your Personal Information or account.
We make reasonable efforts to ensure a level of security appropriate to the risk associated with the processing of Personal Data. We maintain organizational, technical, and administrative measures designed to protect Personal Data within our organization against unauthorized access, destruction, loss, alteration, or misuse. Your Personal Data is only accessible to a limited number of personnel who need access to the information to perform their duties. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please contact us immediately.
Email: [email protected]