Privacy Policy

Last Updated On: 01/05/25

Purpose

The purpose of this document is to define a broad policy applicable to protection of “Privacy” of individuals whose information is in the hands of the Company.

This policy will also be reflected in the website of the Company when available. It will also be reflected in the Privacy Practice Statement that may be shared with business associates where required.

Scope, Purpose, Nature and period of the data collected

This Policy applies to all Company’s employees, Customers, Merchants, co-branding or Business Partners, Vendors, Employees of Third Parties and Consultants who share Business data and / or personal information with PokiBit
PokiBit may collect any information that is not in the public domain concerning the business and/ or finances of each of the Parties, for the purpose of determining their identity and verifying their background, whether or not reduced to writing and whether or not patentable or protected by copyright or the law of trade secrets including, without prejudice to the generality of the foregoing, reports, interpretations, forecasts, documents and information as required from individuals or other entities under RBI’s Master Directions on KYC, corporate business plans, financial projections, financial details and accounts, products, services, planned products, planned services, marketing and advertising plans, marketing and advertising requirements, budgets, fee levels, customer/ client lists, commissions, commission charges, pricing policies technical know – how concepts and all information about research and development. PokiBit may update the KYC records of its customers on a periodic basis to ensure that the documents, data or information collected is kept up-to-date and relevant by undertaking reviews of the existing records once in every two years for high-risk customers, once in every eight years for medium risk customers and once in every ten years for low-risk customers from the date of opening of the account/last KYC update.

Privacy Commitment

PokiBit values privacy rights of individuals whose personal information is generated, processed, transmitted, Stored or otherwise accessed by PokiBit or any of its employees of the Company as a part of our activities and are committed to protection of the privacy rights of such individuals as required under law. In particular, PokiBit has put in place reasonable managerial, operational, technical, legal, and behavioral control measures to comply with the provisions of the Privacy and Security obligations as required under law. No personal information is either used or disclosed by PokiBit except as required or as permitted or as authorized and this policy is strictly binding on all the employees of the company as well as the business associates.

Sanctions

Any violation of the Privacy or Security Policies of PokiBit by its employees will attract appropriate sanctions, including termination as per the procedures laid out in the Sanction Policy.
Any violation of the Privacy or Security Policies of the Company by its business associates will attract appropriate penalties including termination of the contracts.

Changes

PokiBit reserves the right to change the privacy practices at its sole discretion. Whenever a material change is made to the privacy practice, a revised Privacy Practice notice will be posted on the website. Where feasible, stakeholders will also be informed through electronic means. PokiBit uses commercially reasonable efforts to ensure that the collection of Personal Information is limited to that which is necessary to fulfil the identified purposes. In case of use of information in a manner different than the purpose for which it is collected, then consent will be obtained prior to such use.

Transfer of Information

PokiBit may use and share the user information with a reliable and reputed third-party payment gateway to whom we are associated in order to ensure a swift and comfortable payment mechanism for the individuals. PokiBit ensures that all of the individual’s personally identifiable information will never be disclosed in ways not otherwise described in this Privacy Policy. By way of example (without limiting and foregoing), PokiBit may be forced to disclose information to the government, law enforcement agencies or third parties.

Enforcement

PokiBit is responsible to facilitating RBI, NPCI, PCI DSS, ISO and other agencies nominated by RBI/ NPCI, to access the data, information, and systems of technology service provider related to Wallet and carry out audits as and when required by RBI and NPCI

Cookies

PokiBit may use third-party advertising companies to serve advertisements on our behalf. These companies may employ cookies and action tags (also known as single-pixel gifs or web beacons) to measure advertising effectiveness. Any information that these third parties collect via cookies and action tags is completely anonymous.
Who can access Personal Information? PokiBit follows a strategic principle whereby, access to Personal information is restricted only to such of employees who are required to access the information for the purpose of delivering whatever services are committed to be delivered by PokiBit

PokiBit has not subcontracted any part of the work

Compliance, Grievance and Nodal Officer

The Company has designated the following person as the Privacy and Information Security Compliance, Grievance and Nodal Officer for the implementation of all compliance and grievance requirements under this Information Security Policy.

Name : xxxxx

Email ID : accounts@pokibit.com

Data Breach Notification

If any employee of PokiBit or its business associates becomes aware of a potential breach of Privacy of information entrusted to him or accessed by him, he shall inform the organization immediately. Any delay in reporting such incidents shall be deemed as a serious breach of the policy.

Confidentiality

Personal Information is regarded as confidential and therefore will not be divulged to any third party except as set forth in this and any other term of use applicable to our services.

How we Secure Personal Information

Data is secured in the facilities of PokiBit under a well-developed information security policy as well as an IT Act 2008 compliance policy.
Personal information no longer required is destroyed subject to requirements of archival guided by the Data Archival Policy.
Information in process is closely monitored through appropriate technical means to ensure that there is no accidental or intentional compromise of security.
Any accidental access to personal information is recorded as a security incident and managed as per the Information Security Incident Management Policy.
As per HR policy they are made fully aware that any activity performed with a user id is the sole responsibility of the owner of the ID.

How we use or Disclose Information

Personal information is used or disclosed strictly in accordance with the provisions of law and as authorized by the data owner/customer. PokiBit recognizes the right of an individual to claim access to his information in the possession of PokiBit. However, in the absence of any direct prior agreement, disclosures are always routed through the client.