PayWise Digital ID Policy

(Terms and Conditions)

Introduction

Welcome to PayWise! PayWise (the “Company”) offers a secure and efficient digital onboarding process for personal and business accounts which includes the process of digitally determining and authenticating the identity (the “Digital ID Process”) of the persons and/or entities associated with such accounts (the “Account Holders”). This may require the collection of facial recognition data and the scanning of legal identification documents as part of the Digital Identity Process. This policy document outlines the terms and conditions associated with PayWise’ Digital ID Process. Please read the following information carefully to understand how PayWise handles your data.

Purpose of Digital ID Process PayWise uses the Digital ID Process for the following purposes:

  1. Verification: To verify the identity of individuals and entities during the account creation and onboarding process.
  2. Compliance: To fulfil the legal requirements established by the Finance Intelligence Unit of Trinidad and Tobago (FIUTT), Government of the Republic of Trinidad and Tobago (GoRTT), and the Central Bank of Trinidad and Tobago (CBTT).
  3. Security: To ensure the security and integrity of PayWise’s services and to prevent unauthorised access to such services.
Data Collected

As part of the Digital ID Process, PayWise collects, stores, and disposes in accordance with the Data Protection Act of Trinidad and Tobago (the “Act”), the following data:

  1. Facial Recognition Data: classified as personal information under the Act and may include images, videos, or other facial recognition data used to confirm the identity of individuals.
  2. Legal Identification Documents: Scanned copies of legal identification documents, which may include passports, national identification cards, drivers’ licenses, and/or business registration documents.
  3. Account Holder Data: Personal or business contact information such as names, addresses, telephone numbers, and other contact details.

PayWise will expressly inform Account Holders of the purposes for the collection of the Digital ID data at or before the collection of such data, and will only utilize the data consistent with the stated purposes, or as otherwise permissible by the Act.

Access to Data

PayWise is committed, to the best extent reasonably possible and practicable, to ascertaining that the Account Holders’ data is accurate and updated as necessary when collected. Account Holders have the right to access their data, and the right to have their data corrected or deleted (the “Rights”), subject to legal requirements. Account Holders also have a duty to ensure that the data they are providing to PayWise is, to the best of their knowledge, true and updated. To exercise these Rights, Account Holders are encouraged to contact PayWise's Customer Support team [[email protected] or 1(868)610-9323].

Data Protection

At PayWise, safeguarding all data of Account Holders is of the utmost priority. The Company has implemented comprehensive and stringent data protection measures to ensure the security of the personal information (as defined by the Act) being obtained on the Account-Holder throughout the Digital ID Process. PayWise values the trust of its Account Holders and thus remains committed to maintaining the rigorous data security and privacy measures implemented.

Robust Data Security Measures

PayWise has implemented the following robust data protection measures in its commitment to securing the data of Account Holders:

  1. Encryption: All data transmitted during the Digital ID Process is encrypted using industry-standard encryption protocols. This ensures that the Account Holders’ data remains confidential and secure, and helps prevent unauthorised access and/or disposal (deletion) of such data.
  2. Access Control: The Company’s access controls are designed to prevent unauthorised access and unsanctioned data handling and usage. Thus, access to the Account Holders’ data is strictly controlled, whereby only authorised personnel who require access to perform their duties gain access to the data they are authorized to handle.
  3. Data Isolation: The Account Holders’ Digital ID data is isolated and segmented from other operational data within PayWise’ systems. This isolation not only helps to further prevent unauthorized access but also minimises the risk of unintended disclosure and/or alteration of the Digital ID data
  4. Regular Security Audits: PayWise conducts regular security audits and assessments to identify and address potential vulnerabilities in its systems including where the Account Holder’s Digital data is stored. These audits are part of the Company’s commitment to maintaining the high standard of data protection required by the Act.
Continuous Improvements

In keeping with its dedication to securely collect and store the Account Holders’ date, PayWise seeks to continuously update and improve its security measures to adapt to and mitigate against new threats and vulnerabilities to its systems. PayWise’s commitment to protect the Account Holders’ data is ongoing, and as such remains dedicated to keeping all data in its systems secure.

Responsible Data Handling

PayWise adheres to the privacy principles and provisions of the Act and therefore will not share the data of any Account Holder with third parties without the explicit written consent of the Account Holder in question, except upon request by a law-enforcement agency, court order, and/ or in cases where third-party services are utilized as part of the Digital ID Process (and in such cases the Account Holder will be notified and given the opportunity to provide consent where required for disclosure to such third parties), and only for the purposes outlined in these terms and conditions.

Vigilant Data Breach Response

In the unlikely event of a data breach, PayWise has established a robust incident response plan. This plan includes immediate action to stop and mitigate against the breach, notification to the affected Account Holders and other relevant parties, and notification to and collaboration with relevant stakeholders and authorities to address the breach.

Shared Responsibility

PayWise also welcomes and facilitates the Account Holders’ active participation in the protection of their data. Account Holders are required to ensure that their login credentials, such as passwords or access codes, are kept securely at all times. If an Account Holder suspects that there has been unauthorised access to their account or data, PayWise must be notified immediately and the Account Holder must also change the password to their account.

Accessibility and Queries

Account Holders, as prescribed by the Act, are invited to pose questions and direct their concerns to, and/or require additional information from PayWise about its data protection measures, and thus are encouraged to contact PayWise's Customer Support team [[email protected] or 1(868)610-9323]. PayWise remains ready to assist Account Holders and provide the information they need.

Data Retention

PayWise will retain your Digital ID data as follows:

  1. Open Accounts: PayWise will retain Account Holders’ Digital ID data only for as long as their accounts remain actively open with PayWise and it is necessary to retain such data to satisfy the purposes for its collection in the first place. In compliance with the Act, such data will not be disclosed, without the Account Holders’ consent, for purposes other than the reason/s for its collection, inclusive of cross border disclosure. Additionally, any data being disclosed externally by PayWise will only be disclosed to jurisdictions containing comparable or more stringent safeguards than those of Trinidad and Tobago.
  2. Closed Accounts: PayWise will retain the data for closed accounts for as long as it is necessary to still retain such data to fulfil the purposes for which it was collected, and/or for compliance reasons.
Data Destruction

PayWise is committed to safeguarding the data of Account Holders and not retaining such data for longer than necessary or legally permissible. As such PayWise will take all steps, to the best extent reasonably possible and practicable, to destroy the Account Holders’ data when such data is no longer required for the purposes for which it was collected, or legally required. Therefore, the following will apply regarding the Company’s destruction of the Account Holders’ data:

  1. Data Destruction Upon Closure: In the event of an account closure, PayWise will securely and irreversibly destroy the Digital ID data of Account Holders when the purposes for which it was collected or a legal mandate to keep such data no longer exists. By doing so PayWise will be ensuring that such data is no longer accessible or recoverable.
  2. Audit and Verification: PayWise will conduct regular audits to ensure the proper and timely destruction of data associated with closed accounts. Account Holders are encouraged to direct their questions or concerns about the Company’s data retention practices to PayWise's Customer Support team.
Right to Request Data Deletion

At PayWise, the right of Account Holders to data privacy is paramount, thus they may request the deletion of their data by contacting the PayWise Customer Support team. On receiving an Account Holder’s deletion request, PayWise will permanently destroy the following types of Account Holder data:

  1. Facial Recognition Data
  2. Scanned Legal Identification Documents, and
  3. Personal or Business Information.

Account Holders are reminded that data deletion is subject to legal requirements and compliance obligations, thus, PayWise will retain data necessary for legal and regulatory purposes, including closed account data for as long as required by law.

Consent

By using PayWise's services and undergoing the Digital ID Process, you (the Account Holder) consent to the collection and processing of your data inclusive of the possibility of the data being shared with a third party as part of the Digital ID Process outlined in these terms and conditions. By proceeding with the Digital ID Process, you acknowledge that you have read and agreed to the terms and conditions contained in this Policy document.

Contact Us

If you have any questions or concerns about PayWise’s Digital ID Process or these terms and conditions, please contact us at PayWise [[email protected] or 1(868)610-9323].

Changes to Terms

PayWise reserves the right to modify these terms and conditions as needed. Account Holders will be notified of any changes via PayWise’s website or other appropriate communication channels.