Consumer Privacy Policy

Last Updated Date 25 January 2021

OPY USA Inc (“Opy”) values your privacy and we want to be transparent with you in the way that we collect and use your personal information. This Consumer Privacy Policy explains how we collect, use, protect, and disclose personal information about consumers when you receive services through us or when you use our website or mobile application as well as any rights you may have about these practices.

Contents

  1. Federal Privacy Notices
  2. Online Privacy Policy
  3. Changes
  4. Questions
  5. California Consumers

1. Federal Privacy Notices

If you are an Opypay applicant or borrower, the federal Gramm-Leach-Bliley Act (“GLBA”) and Fair Credit Reporting Act (“FCRA”) regulate how we and the third-party originating bank for Opypay collect, use, and disclose personal information about you. Pursuant to those laws, information about our collection and sharing practices are described in our Privacy Notices, which will be provided to you in accordance with applicable law.

2. Online Privacy Policy

2.1 What are the types of personal information we collect?

The following are examples of the types of personal information and other information we may collect about you:

a. Your name and identifying information, such as your date of birth, driver’s license number, and social security number;

b. Your contact information, such as your address, email, and phone number;

c. Financial information, such as your bank account, debit card, or credit card number;

d. Your Opypay account transaction and payment history;

e. Technical information in connection with your visit to our website or use of our mobile application, such as your device ID, the Internet Protocol (IP) address used to connect your computer to the internet address, the files requested, browser type and version, browser plug-in types and versions, and operating system; and

f. Information about your visit and your behaviour on our website, such as the webpages that you click on, the website you visit before and after visiting our website (including date and time), time and length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, traffic data, location data, and weblogs.

2.2. What are the sources from which we collect personal information about you?

We collect personal information and other information about you from a number of sources, including:

a. When you give us your personal information in order to receive services or information, such as when you register for a user account, submit an application for Opypay, or contact us by phone, email or other means;

b. Third parties, such as marketing agencies, market research companies, credit reporting agencies, and identity verification service providers; and

c. Cookies, web beacons, mobile application plug ins, or other similar technologies.

2.3. How do we use the information we collect about you?

We use the information collected about you in a number of ways, including to:

a. Engage in marketing, market research, and business development;

b. Process your requests for credit;

c. Communicate with you about your Opypay account and credit transactions;

d. Process your payments;

e. Provide you customer support and respond to your inquiries;

f. Resolve complaints and disputes;

g. Detect, investigate and prevent potentially prohibited or illegal activities, such as fraud;

h. Engage in risk profiling and other data analytics;

i. Operate, improve, maintain, and ensure the security of our website and mobile application;

j. Recognize you when you return to our website or mobile application, store information about your preferences, and customise the website according to your individual interests;

k. Comply with laws and regulations;

l. Exercise or defend our legal rights –this may include where we reasonably consider it is in our legitimate interests or the legitimate interests of others, as well as where we are legally required to do so; and

m. Use in connection with any other legitimate business purpose permitted by applicable law.

2.4. Who do we share information about you with?

We may share the personal information and other information we collect about you with:

a. Our affiliates;

b. Service providers, including companies that assist us with marketing, identity verification and fraud prevention, delivering text communications, payment processors, debt collection, suppliers of technical and support services, and suppliers of analytical services;

c. Merchants that partner with Opy;

d. Credit Reporting Agencies;

e. Other companies in connection with a merger, acquisition, or the sale of assets;

f. Third parties, including governmental authorities and law enforcement, to (i) protect or defend our legal rights, interests or property; (ii) protect the safety and security of our customers or members of the public; (iii) protect against fraud; and (iv) comply with applicable law, subpoena or legal process;

g. Third parties in an anonymized and aggregated manner; and

h. Other third parties for any business purpose permitted by applicable law.

2.5. Cookies.

Some pages on our website use cookies, which are small files placed on your internet browser when you visit our website. We use cookies in order to offer you a more tailored experience in the future, by understanding and remembering your particular browsing preferences. Where we use cookies on our website, you may be able to block their use. To do so, you can activate the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies), you may not be able to access all or parts of our website or to use all the functionality provided through our website.

2.6. Do Not Track Signals.
Many web browsers possess a do-not-track feature that lets your browser tell websites you visit that you do not want to have your online activities tracked. At this time, our website does not respond to browser do-not-track signals

2.7. Security.
Unfortunately, no data transmission over the internet can be guaranteed as totally secure. While Opy strives to protect such information and keep your information confidential, it does not warrant and cannot ensure the security of any information transmitted to it by you. Accordingly, any information transmitted to Opy is transmitted at the risk of the sender. Nevertheless, once Opy receives transmissions from you, it will take reasonable steps to preserve the security and confidentiality of your information.

2.8. Links to Third-Party Websites.
Our website and mobile application may contain hyperlinks to websites that are not operated by us. These hyperlinks are provided for your reference and convenience only and do not imply any endorsement of the activities of such third-party websites or any association with their operators. This Privacy Policy only applies to the personal information that we collect or which we receive from third party sources, and we cannot be responsible for personal information about you that is collected and stored by third parties. Third party websites have their own terms and conditions and privacy policies, and you should read these carefully before you submit any personal information to these websites. We do not endorse or otherwise accept any responsibility or liability for the content of such third party websites or third party terms and conditions or policies.

2.9. Minors.
You must be 18 years of age or older to register as an account user and receive services through our website and mobile application. Our website and mobile application are not directed at persons under 18 years of age and we do not knowingly collect any information about such persons.

3. Changes.

We may update this Privacy Policy from time to time. Any changes we make to our Privacy Policy in the future will be posted on this webpage. We will also notify you of any changes to Privacy Policy, including the Federal Privacy Notices, in accordance with applicable law. Please check back frequently to see any updates or changes to our Privacy Policy.

4. Questions.

If you have questions about our privacy practices, please contact us at privacy@opy.com or through our customer portal.

5. California Consumers.

5.1. California Consumer Privacy Act.
If you are a California resident who is a natural person, the California Consumer Privacy Act (“CCPA”) provides certain rights concerning your personal information, unless an exception applies. These exceptions include information subject to the GLBA and FCRA. In addition to the exceptions under the CCPA, the CCPA does not consider information to be personal information if it cannot be reasonably linked to any consumer or household. Most of the information that Opy collects, uses, and shares is exempt from the CCPA as it is subject to the GLBA, subject to the FCRA, or it is not considered personal information. Below is a description of the remaining information collected by Opy that is considered personal information under the CCPA, as well as your rights pertaining to this information.

5.2. Personal Information Under the CCPA Collected by Opy.
Your Email Address If You Signed Up to Receive Updates and News From Opy. If you signed up to receive email updates from us, we collected your email address. We use this email address to market products and services as well as provide information about Opy. We may share this information with a marketing service provider. We do not sell this information to third parties.

5.3. CCPA Right to Know.
Under the CCPA, California residents have the right to know:

a. The specific pieces of information that have been collected about you;

b. The categories of personal information we collected about you over the past 12 months;

c. The categories of sources from which such personal information has been collected over the past 12 months;

d. The categories of personal information about you that we have shared or sold over the past 12 months;

e. The business or commercial purpose for collecting or selling such personal information over the past 12 months; and

f. The categories of third parties with whom we shared or sold your personal information over the past 12 months.

5.4. CCPA Right to Delete
Under the CCPA, California residents have the right to request that we delete any of your personal information that we have collected and retained, subject to certain exceptions.

5.5. CCPA Right to Opt Out of the Sale of Personal Information
Under the CCPA, California residents have the right to direct companies that sell their personal information to not sell their personal information. We do not sell personal information subject to the CCPA.

5.6. CCPA Right to Non-discrimination.
Under the CCPA, California residents have the right to not be discriminated against for having exercised the rights established by the CCPA.

5.7. Submitting a CCPA Request.
To submit a CCPA request, email us at privacy@opy.com and provide in your email:

a. Your name;

b. Your address;

c. Whether it is a “Request to Know,” a “Request to Delete,” or both; and

d. Your account number (if any).

We may request additional information to verify your identity. If you are a California resident, you may designate an authorized agent to exercise any of the rights listed above on your behalf. We will require authorized agents to have a written authorization confirming that authority and may seek to further verify the request.

Effective Date: January 2021