Download now
عربي
Join the Ooredoo Money
Privacy Notice
Hello, we’re Ooredoo Money.
We provide you with mobile payment services. In this privacy notice, we explain how we collect, use and protect your personal data when you sign up for and use our services or interact with us online.
Our full company name is:
Ooredoo Financial Services LLC
100 West Bay Centre
Doha, Qatar
QFC Commercial Registration number: 00398
Our full company name is:
Ooredoo Financial Services LLC
100 West Bay Centre
Doha, Qatar
QFC Commercial Registration number: 00398
If you have a question or a problem
You can contact us at customer.service@ooredoo.qa to ask a question or exercise your rights or choices about our privacy practices.
How does Ooredoo Money use personal data?
Providing our services
We provide payment services and deliver key features of our service to you, such as operating our mobile application, sending and receiving payments, integrating with payment partners, or displaying transaction history and payment status.
We provide payment services and deliver key features of our service to you, such as operating our mobile application, sending and receiving payments, integrating with payment partners, or displaying transaction history and payment status.
Identification Authentication Employment Contact Financial Recipient Transaction Connection
Preventing money laundering, fraud and financial crime
We are required by law to conduct customer due diligence and take actions to prevent money laundering, fraud and other illegal activities. We verify your identity and check your presence on sanctions lists, results of adverse media searches, and links to politically exposed persons, to make sure you are using our services legitimately.
We receive industry alerts, analyse interactions with our services, and assess whether your activities match patterns of previous fraudulent or criminal behaviour. We may block transactions or suspend accounts we believe to be fraudulent or unauthorised, or that violate our terms.
We are required by law to conduct customer due diligence and take actions to prevent money laundering, fraud and other illegal activities. We verify your identity and check your presence on sanctions lists, results of adverse media searches, and links to politically exposed persons, to make sure you are using our services legitimately.
We receive industry alerts, analyse interactions with our services, and assess whether your activities match patterns of previous fraudulent or criminal behaviour. We may block transactions or suspend accounts we believe to be fraudulent or unauthorised, or that violate our terms.
Identification Employment Contact Due diligence Transaction
Improving our services
We analyse how people engage with our application, website and services so that we can improve our services and develop new products or features. For example, we might use personal data and other observations to make our application easier to use or our fraud and financial crime screening more accurate.
We use cookies and other online tools to understand how visitors use our application, website and services, to analyse how effective they are, and to test how people might respond to changes to our application, site and services.
We analyse how people engage with our application, website and services so that we can improve our services and develop new products or features. For example, we might use personal data and other observations to make our application easier to use or our fraud and financial crime screening more accurate.
We use cookies and other online tools to understand how visitors use our application, website and services, to analyse how effective they are, and to test how people might respond to changes to our application, site and services.
Transaction Usage Connection
Communicating with you about our services
We send you messages about our services, like payment notifications or alerts for changes. If you need help, we communicate with you to provide customer support.
We track open rates and measure the effectiveness of our communications.
We send you messages about our services, like payment notifications or alerts for changes. If you need help, we communicate with you to provide customer support.
We track open rates and measure the effectiveness of our communications.
Identification Contact Financial Transaction Usage Connection Preferences
Marketing and advertising
We may market to you about our services or carefully selected third parties based on your use of our services. This may include contacting you with information about new developments, offers and special promotions by telephone, text messages, email, push notifications (messages sent by the app) and on the web.
You have choices about how we market to you, and you can contact us or use the app to let us know.
We may market to you about our services or carefully selected third parties based on your use of our services. This may include contacting you with information about new developments, offers and special promotions by telephone, text messages, email, push notifications (messages sent by the app) and on the web.
You have choices about how we market to you, and you can contact us or use the app to let us know.
Identification Contact Financial Transaction Usage Connection Preferences
Investigating claims and other legal activities
Where we believe it is necessary to protect our legal rights and interests and the interests of others, we use personal data in connection with legal claims, compliance, regulatory and audit functions, and in connection with the acquisition, merger or sale of a business.
Under exceptional circumstances, we may be required by law to provide personal data to law enforcement agencies, courts or others in connection with claims and other litigation.
Where we believe it is necessary to protect our legal rights and interests and the interests of others, we use personal data in connection with legal claims, compliance, regulatory and audit functions, and in connection with the acquisition, merger or sale of a business.
Under exceptional circumstances, we may be required by law to provide personal data to law enforcement agencies, courts or others in connection with claims and other litigation.
Identification Authentication Employment Contact Due diligence Financial Transaction Usage Connection
What personal data do we use?
When you set up and use an Ooredoo Money account, we collect personal data about you. Some of that data is what you provide on registration, and we also collect data from other sources. Usually, this will be when you use our services, make enquiries, register or request information or other services, or respond to communications from us.
The personal data we use includes:
The personal data we use includes:
1. Information about you
- Identification information: your name, birthdate, gender and nationality.
- Authentication information: the passcode/mPIN you set to access the application, and answers to security questions used to reset your passcode.
- Employment information: source of income, job title, employer category, employer name and address, and salary range
- Contact information: mobile number, email address, language setting and home address.
- Due diligence information:
- a copy of your national or resident ID, a selfie of you holding it up so that we can verify that it’s yours, and the ID type, number and expiration date.
- positive matches on sanctions and other financial crime alert lists, and the reasons for the match
2. Information about your payments
- Financial information, such as your payment card number, the account holder name, expiration date and CVV/CVC.
- Recipient information, such as the name of the person or company you pay or send money to using our services, their mobile number, and for some services their nationality, place of birth, address and city.
- Transaction information, a description and ID for the transaction, and the payment amount. For remittances, we may also need to collect purpose of the transaction, the source of funds, and the receiver's relationship to you.
3. Information about how you use our product
- Usage information, such as how you enter data on our application or website and how long it takes, and whether you opened an email or clicked a link, how you came to our website, which pages you visit and what you do while you’re there, how long you remain on a page or view a video, whether you opened an email or clicked a link, records of your contact by phone, email, and the reasons for the communication. (To collect this data we use cookies and other tracking technologies)
- Connection information, such as the type of device you use to access our services, operating system and version, device identifiers, network information, IP address and location derived from your IP address. To collect this data we use cookies, advertising pixels and other tracking technologies.
- Preferences, such as the types of services that may interest you, channels of communication, whether you have agreed to receive marketing information about our services, or whether you have opted out.
Your rights and choices
You have rights under data protection law. These include the right to ask for a copy of your personal data, to correct, delete or restrict processing of it, to withdraw consent, and to obtain personal data in a format you can share with a new provider. These rights may be limited in some situations – for example, where we can demonstrate that we have a legal requirement to retain your data.
You can contact us to ask a question about our privacy practices or exercise your rights. If you have unresolved concerns, you may have the right to complain to a data protection authority.
We engage in sales, marketing and lead generation activities, sometimes using cookies and other tracking technologies. We respect your right to opt out of these activities, which you can do at any time by changing your preference setting. You can clear cookies using your web browser, or configure your browser to refuse cookies or notify you when they are set.
You can contact us to ask a question about our privacy practices or exercise your rights. If you have unresolved concerns, you may have the right to complain to a data protection authority.
We engage in sales, marketing and lead generation activities, sometimes using cookies and other tracking technologies. We respect your right to opt out of these activities, which you can do at any time by changing your preference setting. You can clear cookies using your web browser, or configure your browser to refuse cookies or notify you when they are set.
What authorises our processing of your personal data?
We process personal data only where we have appropriate legal grounds.
1. Performing a contract
In most cases, the data we collect and the things we use it for are necessary for us to provide our payment services to you.
For example, when we execute a payment transaction, provide our mobile application, or show a transaction history.
2. Complying with law
Some of the activities we undertake are necessary to comply with our legal and other obligations as a payment provider.
For example, we process personal data for:
- Anti-money laundering and sanctions compliance
- Fraud prevention, customer protection and security
- Activities connected with claims and litigation.
3. Meeting our legitimate interests
We use personal data as necessary to meet our legitimate business interests. When we do, we make sure we understand and work to minimise its privacy impact. For example, we limit the data to what is necessary, control access to the data, and where we can, aggregate or de-identify the data.
Some examples of the ways we use personal data in our legitimate interests are:
- Developing and improving our products and services
- Communicating news
- Hosting and participating in events
What is legitimate interest? Under data protection regulations, companies have the ability to engage in activities without consent under a balancing test: Do we have a legitimate interest in engaging in the activity that is not outweighed by your interests or fundamental rights and freedoms?
4. With your consent
We process personal data with your specific and informed consent. We tell you in the service where you can make a choice or grant consent and you may withdraw it without affecting the underlying processing.
How is personal data protected?
We apply and regularly test a set of information security controls that meet industry best practices and the requirements of our financial services license.
How is personal data shared?
We share personal data with recipients under lawful conditions as required to perform our services or operate our business. Recipients include:
Parties in your transaction
We share personal data with the payees, merchants and financial institutions involved in a transaction, wherever they might be located.
Service providers
Other companies help us conduct the activities described in this privacy notice. We work with service providers who have access to personal data when they provide us with services. For example, service providers may handle card payments, support due diligence, or provide technical infrastructure, web or app development or marketing tools. We impose strict restrictions on how service providers store, use and share data on our behalf.
OFT companies
Other companies in the OFT Group help us provide our regulated services from the country where they are located. For example, support for our regulated services is provided from OFT International LLC, and they may handle personal data to provide these services to OFS. All OFT companies are governed by our global data protection compliance program and subject to this privacy notice.
To a purchaser of our business
If ownership or control of all or part of our business or assets changes, we may transfer personal data to the new owner. If the owner will use the data for purposes other than those disclosed here, they will take the steps required by law to ensure such purposes remain lawful.
Other exceptional circumstances
We share personal data when we think it’s reasonably necessary to enforce agreements or terms, or comply with law, regulation, legal process or government request.
We share personal data with government agencies and other third parties if we believe it is reasonably necessary to protect the security of our services; to protect OFS and our partners, payers or the public from harm or illegal activities, or to respond to an emergency.
Parties in your transaction
We share personal data with the payees, merchants and financial institutions involved in a transaction, wherever they might be located.
Service providers
Other companies help us conduct the activities described in this privacy notice. We work with service providers who have access to personal data when they provide us with services. For example, service providers may handle card payments, support due diligence, or provide technical infrastructure, web or app development or marketing tools. We impose strict restrictions on how service providers store, use and share data on our behalf.
OFT companies
Other companies in the OFT Group help us provide our regulated services from the country where they are located. For example, support for our regulated services is provided from OFT International LLC, and they may handle personal data to provide these services to OFS. All OFT companies are governed by our global data protection compliance program and subject to this privacy notice.
To a purchaser of our business
If ownership or control of all or part of our business or assets changes, we may transfer personal data to the new owner. If the owner will use the data for purposes other than those disclosed here, they will take the steps required by law to ensure such purposes remain lawful.
Other exceptional circumstances
We share personal data when we think it’s reasonably necessary to enforce agreements or terms, or comply with law, regulation, legal process or government request.
We share personal data with government agencies and other third parties if we believe it is reasonably necessary to protect the security of our services; to protect OFS and our partners, payers or the public from harm or illegal activities, or to respond to an emergency.
International transfers
Ooredoo Money is offered from our Qatar headquarters. If you use our services to send money to another country, personal data will be transferred as necessary to complete the transaction. Personal data may also be stored and accessed by service providers located in other countries. Wherever we transfer data, we enter into contracts or seek other ways to ensure service providers treat data as required by law in the country where it was collected.
How long do we keep personal data?
We keep personal data for as long as necessary to provide our services and process payments. We also keep personal data for other legitimate business purposes, such as complying with our legal obligations, resolving disputes, preventing fraud, and enforcing our agreements. According to the payment services laws we operate under, your personal and other related transaction data must be kept for 15 years.
How does our automatic decision-making affect you?
Technology helps us make automatic decisions based on the information we collect about you or a transaction. We routinely test our software to improve the accuracy of these decisions and to prevent unintended bias. These decisions can have effects for you, such as:
- Requiring additional steps to authenticate your identity or verify other information, if the patterns we monitor indicate that doing so would make our services safer and more effective.
- Preventing access to our services, if we determine there is a high likelihood that it would violate our regulatory requirements - for example, if the identification you provide does not match public records, identity verification or credit reference information.
- Pausing services, if we need more information to investigate or prevent suspected fraud or financial crime - for example, if your behaviours match patterns of previous fraudulent activities.
- Cancelling a transaction, if we determine there is a high likelihood that it is illegal or fraudulent.
- Cancelling the service, if we determine that it is being used in violation of the law or our terms.
