PRIVACY POLICY

When User uses, accesses, or interacts with the PAPER Platform and/or Our services, the User has agreed to the Terms & Conditions of PAPER Platform Usage and this Privacy Policy which describes the basis for obtaining, collecting, processing, analysing, storing, improving and updating, displaying, announcing, transferring, disseminating, or disclosing, and/or deleting or destroying Privacy Data ("Privacy Data Processing") that can be used to identify the User provided by the User to Us in order to obtain services on the PAPER Platform or collected independently by Us to improve services and meet the provisions of applicable laws and regulations.

This Privacy Policy must be read as and is an integral part of the Terms & Conditions of Use of the PAPER Platform. By registering on and using the PAPER Platform, the User declares that:

  1. The Privacy Data provided is true, accurate, current, and complete and valid;
  2. The User has obtained sufficient consent from the Partner if the User provides information related to the Partner's Privacy Data to PAPER, which is needed to use the Services on the PAPER Platform and
  3. The User gives consent to PAPER to obtain, collect, process, analyse, display, send, open, store, change, delete, manage and/or use the data for the purposes as stated in this Privacy Policy.

1. Definition

  1. Any term beginning with a capital letter that is intentionally given a definition under the Terms & Conditions of PAPER Platform Usage, remains applicable and retains the same definition in the Digital Payment Service Terms & Conditions, to the extent not otherwise defined.
  2. The Terms set out below have definitions as follows:
    "Privacy Data" is data concerning an identified or identifiable natural person individually or in combination with other information either directly or indirectly through electronic or non-electronic systems.

2. Acquisition, Collection and Use of Privacy Data

a. The Granted Privacy Data by User to PAPER

The User's Privacy Data that We obtain through direct provision and/or input by User is including but not limited to:

  1. Name, e-mail address, telephone number, password, Identity Card, individual Taxpayer Identification Number (TIN), individual address, digital signature, and other information provided by the User when registering or updating an account using the Service; or contacting customer service on the PAPER Platform.
  2. Data related to the use of the Service, including product name or type, product quantity, date and time of invoice issuance, accounting records, logos or trademarks, and other data provided by the User to use the Service in the form of making invoices, sales orders, receipts and others available on the PAPER Platform
  3. Payment Data, including bank account data, virtual accounts, credit cards, and electronic money provided by the User to make payments with Digital Payment Services on the PAPER Platform.
  4. Relevant data located on the User's electronic device that requires approval of access rights from the User to Us to be uploaded to the PAPER Platform.
  5. Partner Data, namely the components of Privacy Data as stated in point 2.a.(1), 2.a.(2), or 2.a.(3) which can be used to identify Partners and are required by Users to use the Service and are registered, entered, or provided by Users independently into the PAPER Platform.

b. Recorded Privacy Data When Using PAPER Platform

The User Privacy Data that we obtain through automated processing is including but not limited to:

  1. Location data, including IP address, Wi-Fi location and geolocation (GPS).
  2. Data in the form of time/timestamp of each User activity in connection with the use of the PAPER Platform, including registration, login and transaction times.
  3. User preference data, including User interactions in using the PAPER Platform, stored options, and selected settings. Such data is obtained using cookies, pixel tags, and similar technologies that create and maintain a unique identifier.
  4. Electronic device data, including the type of hardware, software, operating system, IMEI number, language selection, unique device identifier, advertising identifier, serial number, device movement information, and/or mobile network information used when accessing PAPER Platform.
  5. Log data, including records on servers that receive data such as device IP address, date and time of access, application features or pages viewed, application work processes and other system activities, browser type, and/or third party sites or services that the User used before interacting with the PAPER Platform.

c. Privacy Data Usage Purposes

We use Users' Privacy Data for the following purposes:

  1. Processing and follow-up of Service usage, including payment-related activities.
  2. Implementation of user/customer services such as problem solving, reports or complaints, or providing education and information related to the Service to Users through communication channels such as e-mail, text messages, or telephone calls.
  3. Improvement, maintenance, repair, and promotion of Services through activities such as data analysis; research and development; adding features; troubleshooting electronic systems or operational activities of the PAPER Platform; displaying advertisements, notifications, or surveys on the User dashboard or sending advertisements, notifications, or surveys to the User's communication channels recorded on the PAPER Platform.
  4. Investigation, supervision, and follow-up of payment activities that are suspected of being suspicious, contain elements of fraud or crime, or violate the Terms & Conditions of PAPER Platform Usage.

d. Privacy Data Disclose Purposes

We disclose User Privacy Data in certain cases as follows:

  1. Disclosure to the competent authorities and related authorities such as financial institutions in the context of handling legal disputes, enforcing the provisions of applicable laws and regulations, or investigating suspected criminal acts, including money laundering practices and financing of terrorism activities.
  2. Disclosure to the competent authorities in order to fulfil the applicable taxation provisions.

e. Modification, Storage, Deletion and Revocation of Consent of Users' Privacy Data

We disclose the User's Privacy Data in certain cases as follows:

  1. The User can change the information related to the Privacy Data provided through the Settings menu on the PAPER Platform.
  2. The User may correct his Privacy Data under PAPER's control by sending a correction request to the contact address stated in this Privacy Policy, to the extent permitted by the provisions of the applicable laws and regulations and at a reasonable cost charged to the User. The request for correction must be supported by identity documents and sufficient authority for the request.
  3. PAPER only retains the User's Privacy Data for the period permitted by law. In the event that this period has been exceeded, the User's Privacy Data no longer fulfils the purposes for which the Privacy Data is processed, or there is a request for erasure of the Privacy Data by the User, PAPER will delete all of the User's Privacy Data and its copies.
  4. Based on the provisions of laws and regulations, the User may withdraw consent to the acquisition, collection and use of the User's Privacy Data by sending a request to Us as part of the User's rights as a Data Subject. With the withdrawal of such consent, the User can no longer use the PAPER Service.

f. Sub-Contractor Usage

In the event that the provision of PAPER Services requires Privacy Data Processing support from vendors, partners or sub-contractors, PAPER guarantees the User that the processing of the User's Privacy Data by such Service supporters is carried out based on a legitimate legal relationship, in accordance with this Privacy Policy and the principles of Privacy Data protection, and subject to applicable laws and regulations.

3. User's Request as Privacy Data Subject

As permitted by laws and regulations, User may submit a request to exercise their rights as a data subject to PAPER ("Data Subject Request"). The types of rights and technical implementation of the rights that can be requested are in accordance with those stated in the law on privacy data protection and its implementing regulations.

4. PAPER Platform Security

  1. PAPER is committed to always maintaining the security of the PAPER Platform and the confidentiality of User Data stored in its system as well as possible and urges Users to also maintain the security of the password and OTP code they have to access the PAPER Platform.
  2. In the event of an incident related to the protection of User Privacy Data in the PAPER system or control, PAPER will notify the User in writing within the period stipulated by the Law on Privacy Data Protection and its implementing regulations.
  3. The implementation of compensation for incidents related to the User's Privacy Data in the PAPER system or control is carried out in accordance with the results of the security audit and the provisions of the applicable laws and regulations.
  4. In the event that an incident related to the User's Privacy Data can be proven to have occurred due to the User's negligence in maintaining the security of his/her Privacy Data, password or OTP code, including but not limited to the consequences of social engineering attacks such as phishing, tailgating, business email compromise, scareware, and so on that occur outside the PAPER Platform, then it is the User's personal risk and outside the responsibility of PAPER.

5. Company Data

PAPER performs Processing of User and Partner company data entered by Users independently and/or automatically recorded on the PAPER Platform such as company name, company telephone number, type of business entity, profit and loss statement, etc. as necessary to provide the best possible Service to Users. In performing such Processing, PAPER applies the principles of data protection and security in accordance with industry standards.

6. Privacy Policy Updates

PAPER may change or update this Privacy Policy from time to time. PAPER shall send and/or display a 30 (thirty) days of notice to Users prior to such changes or updates becoming effective.

7. Contacts Related to This Privacy Policy

Inquiries and/or requests regarding these Privacy Policy can be submitted electronically to support@my-paper.co