Privacy Notice

Last updated on:12th December 2024

This Privacy Notice outlines Optimus Fintech Inc.’s approach to privacy to fulfil its obligations under applicable privacy laws.

Optimus is SaaS offering which automates and optimizes the manual processes needed to keep organizations finance and payment back-office running smoothly enabling teams to be more agile, innovative & productive.

This Privacy Notice is published in compliance with the privacy laws:

1. European Union General Data Protection Regulation (GDPR), 2018.

2. The Indian Information Technology (Amendment) Act, 2008 and The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Information) Rules, 2011.

3. California's Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA)

4. Personal Information Protection and Electronic Documents Act ("PIPEDA")

5. Personal Information Protection Act (British Columbia, Quebec, Alberta)

This Privacy Notice applies to all Personal Data processed by us.Please note that this Privacy Notice is applicable to all instances where we play the role of a Data Controller while deciding the purpose and means of processingPersonal Data and also as a Data Processor dealing with Personal Data when we collect and process personal data for fulfilling our contractual obligations to our customers.

This Privacy Notice applies to all the products/solutions offered by Optimus Fintech Inc.

Throughout this document, the terms “we”, “us”, “our” & “ours” refer to Optimus Fintech Inc.

We use your data to provide and improve the Service. By using the Service, you agree to collect and use information per this notice Unless otherwise defined in this Privacy Notice, terms used in this Privacy Notice have the same meanings as in the applicable regulations.

Information Collection and Use

We collect several different types of information for various purposes to provide and improve our Service to you. Most of the Personal Data we process is provided by you directly to us when you use our website. This also includes the Personal Data collected automatically and in the background by us when you use our website.

We may also receive Personal Data about you from third parties and publicly available sources of information.

We process two main types of personal data.

• Data from Clients / Customer: Personal data that forms part of data that is provided by our clients/customers and their end-users for processing. Financial data if shared by the customer as part of transaction logs.
• Other Data: Personal data about our customers, visitors, and other individuals that is collected and processed directly by us.

Our Clients / Customers are the controllers of Data from them. Optimus Fintech Inc. is the processor of Data provided by the Client / Customer and the controller of 'Other Data'.

Types of Data Collected

Data from Customer / Clients

As customers, you provide data to us for processing as part of usage of our services.

Data from the Customers / Clients may be processed by us as a result of customer's use of the Services when our customers input information into the Service. For example,

• Optimus Fintech Inc. customer organizations who use our professional services may grant us access to data of their Website users such as IP address, Device Id, name, email, contact number, browsing patterns as well as their customer database.
• Optimus Fintech Inc. May process financial data that is provided by the customers as part of the transaction logs.

Other Data

Subscription data: You provide personal data to us as part of signing up for our case study on our websites. We may also collect personal information from you when you use interactive features of the Websites, promotions, requesting customer support, or otherwise communicating with us.

Get in touch / Contact us data: When you enquire about our platforms and professional services, we collect and store this data to communicate with you and respond to your enquiry.

Job applicant's data: When you submit your name, contact details and resume to apply for any job openings at Optimus Fintech Inc.

Demographic, Identity & Communication Data:

• Email address
• First name and last name
• Phone number

Online Identifiers:

• Cookies and Usage Data

Usage Data: We may also collect information on how the Service is accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g., IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

Use of Cookies and Other Tracking Mechanisms

We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.

Cookies are small text files that are placed on your computer. They are widely used to make websites work, or work more efficiently, as well as to provide information about your actions to the owners of the website.

Most web browsers allow you some control of cookies through browser settings.

To check out how we use Cookies, please visit our Cookie Policy page.

Use of Data

Optimus Fintech Inc. uses the collected data for various purposes:

• To provide and maintain the Service.
• To notify you about changes to our Service
• To allow you to participate in interactive features of our Service when you choose to do so.
• To provide customer care and support.
• To provide analysis or valuable information so that we can improve the Service.
• To monitor the usage of the Service
• To detect, prevent and address technical issues.
• To comply with the legal or regulatory requirements.

Basis of processing your personal data

• Consent: We process your data only if you have given your consent freely for the same. Where You have explicitly agreed to/consented to us processing your Personal Data for a specific reason.

• Contractual necessity: The processing is necessary for the performance of the contract we have with our customers. For example, if the processing is necessary in order to fulfill our commitments under the applicable terms of service.

• Legitimate Interest: We process your data on the grounds of legitimate interest, for example to provide our services, and to monitor the performance of the products/services or for demonstration of the Optimus application.

Where the processing is based on your consent, you have the right to withdraw your consent at any point in time. Please note that should the withdrawal of consent result in us not being able to continue offering our products and services to you, we reserve the right to withdraw or cease our products and services to you upon your withdrawal. You may withdraw consent by contacting us with a written request to the contact details specified below in the ‘Contact Us’ section. Upon receipt of your request to withdraw your consent, the consequences of withdrawal will be communicated to you. Upon your agreement to the same, your request for withdrawal will be processed.

Marketing Communication

If, in accordance with applicable legal requirements, we send you marketing communications regarding our Services or the services of third parties that we believe will be interesting to you, you can ask us to stop sending such communications at any time by contacting us using the information in the “Contact Information” section below. In our marketing email messages, you can also opt out by following the instructions located at the bottom of such emails. Please note that, regardless of your request, we may still use and share certain information as permitted by this Policy or as required by applicable law. For example, you may not opt out of certain transactional emails from us, such as those confirming your requests or providing you with updates regarding our Policy or other terms.

Transfer Of Data

Your information, including Personal Data, may be transferred to — and maintained on — computers outside your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those from your jurisdiction.

If you are located outside India and choose to provide information to us, please note that we transfer the data, including Personal Data, to India and process it there.

Your consent to this Privacy Notice, followed by your submission of such information, represents your agreement to that transfer.

Optimus Fintech Inc. will take all steps reasonably necessary to ensure that your data is treated securely and by this Privacy Notice as well as with adequate protection in place in compliance with applicable laws and regulations.

Cross- border data transfer

No transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place, including the security of your data and other personal information. Personal Data we hold about you may be transferred to other countries for any of the purposes described in this Privacy Notice. While the information is in the other jurisdiction, it may be accessed by the courts, law enforcement, and national security authorities.

Your Information Shared with Others

We may disclose your information to:

Employees and Subsidiaries: We at Optimus Fintech Inc. might share your personal data with our employees, and subsidiaries that need to know in order to help us provide our services or to process the information on our behalf.

Legal Requirement: We provide your personal data when we are required to provide such information in response to a court order or other applicable laws or legal processes.

If we have consent: We may share and disclose information with your consent or at your direction. Where we rely on your consent to use your personal data, you have the right to withdraw that consent at any time. Please contact us using the details in the ‘Contact information’ section of this notice.

Tax Authorities: Relevant tax, payments, and customs authorities, who may pass this on to tax authorities in other jurisdictions. The tax regulations require us to collect information about each investor’s tax residency.

To prevent fraud and protect rights: We believe that disclosure is necessary to prevent or respond to fraud, defend our websites against attacks, or protect the property and safety of Optimus Fintech Inc. and users, or the public.

Regulators and Auditors: The regulators, the Financial Conduct Authority, or any relevant regulatory authority where they are entitled to require disclosure; also, we may be required to share information with auditors appointed by the providers of such products or services.

To Comply with Laws: If we receive a request for information, it may be necessary by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence for us to disclose your Personal Information. We may also disclose information about you if we determine that for purposes of legal compliance with any applicable privacy and data protection requirement, national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate. We may also disclose information about you if we determine that disclosure is reasonably necessary to enforce our terms and conditions or protect our operations or users. Additionally, in the event of a reorganization, merger, or sale we may transfer any and all Personal Information we collect to the relevant third party.

Third Party Disclosure

Legal Requirements: Optimus Fintech Inc. may disclose your Data in the good faith belief that such action is necessary to:

• To comply with a legal obligation
• To protect and defend the rights or property of Optimus Fintech Inc.
• To prevent or investigate possible wrongdoing in connection with the Service
• To protect the personal safety of users of the Service or the public
• To protect against legal liability

We do not sell and/or trade your data. We do not transfer your data to third parties. This does not include application hosting partners and other parties who assist us in operating our application, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it’s release is appropriate tocomply with the law, enforce our site policies, or protect ours or others’ rights, property or safety.

Security Measures to Protect your Data

Security Measures

We implement security controls to prevent breaches and unauthorised access to your data.

We maintain reasonable and appropriate security measures to protect Customer Data from loss, misuse, and unauthorized access, disclosure, alteration, and destruction.

Examples of security measures include physical access controls, HTTPS, restricted access to data, monitoring for threats and vulnerabilities etc.

We also subject our services to internationally recognized certification and attestation standards. Details about our security measures are available at our Group website.

Protection of personal information

Our Sites and Services uses commercial efforts to maintain safeguards for protection of your Personal Information

Optimus Fintech Inc. takes all measures reasonably necessary to protect against the unauthorized access, use, alteration or destruction of potentially personally identifying.

Duration of Retaining Personal Data

We keep the Personal Data we collect for as long as it is required for the purposes set out in this Privacy Notice. We take reasonable steps to delete Personal Data that is no longer needed.

Links To Other Sites

Our Service may contain links to other sites that we do not operate. You will be directed to that third party's site if you click on a third-party link. We strongly advise you to review the Privacy Notice of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

Children’s Privacy

Our Service does not address anyone under the age of 18 (“Children”). We do not knowingly collect personally identifiable information from anyone under the age of 18. Please get in touch with us if you are a parent or guardian and know that your Children have provided us with Personal Data. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

Your Privacy Rights

Your rights as per GDPR

You have the following rights, and we commit to provide you with the same:

- Right of Access: You have the right to get access to your Personal Data that is with us along with other supporting information.

- Right to Rectification: You have the right to ask us to rectify your Personal Data that is with us that you think is inaccurate. You also have the right to ask us to complete your Personal Data that you think is incomplete.

- Right to Erasure: You have the right to ask us to erase your Personal Data that is with us under certain circumstances.

- Right to Restriction of Processing: You have the right to ask us to restrict the processing of your Personal Data under certain circumstances.

- Right to Data Portability: You have the right to ask that we transfer the Personal Data you gave us to another organization, or to you, under certain circumstances.

- Right to Object: You have the right to object to the processing of your Personal Data under certain circumstances.

- Right to not be subjected to Automated individual decision-making, including profiling - we are not using any of the processes related to this right.

- Right to lodge a complaint with the Supervisory Authority: You have the right to lodge a complaintwith your local data protection authority or the regulator.

Whenever you use our services, we aim to provide you easy means to access, modify, delete, object to or restrict use of your personal information

We strive to give you ways to access, update/modify your data quickly or to delete it unless we must keep that information for legal purposes. These rights can be exercised by contacting us with your specific request using the details set out in the "Contact Information" section below.

Your Rights as per Canadian Privacy Regulations

• Right to be informed: You can request access to your personal information, including how it's being used and disclosed.
• Right to Access: You have a right to access the personal information that Optimus Fintech holds about you.
• Right to Rectification: You have a right to challenge the accuracy and completeness of the information, and have that information amended as appropriate. This right includes correcting, deleting or adding to the information. Optimus ensures to destroy, erase, or anonymize any personal information that is no longer required to fulfill the identified purposes.
• Right to Withdraw Consent: You have the right to withdraw your consent to the processing of your personal information at any time. Please note that should the withdrawal of consent result in us not being able to continue offering our products and services to you, we reserve the right to withdraw or cease our products and services to you upon your withdrawal. You may withdraw consent by contacting us with a written request to the contact details specified below in the ‘Contact Us’ section. Upon receipt of your request to withdraw your consent, the consequences of withdrawal will be communicated to you. Upon your agreement to the same, your request for withdrawal will be processed.
• Right to Erasure: You may require us to cease disseminating your information or to de-index any hyperlink attached to your name that provides access to the information by a technological means, if the dissemination of the information contravenes the law or a court order.
• Right to Data Portability: If your computerized personal information was collected by Optimus Fintech in the past, you may ask to collect or to transfer that information to another natural person or legal body.
• Right to Challenge Compliance: Individuals can challenge Optimus Fintech's PIPEDA compliance by writing to the organization's Privacy Officer at dpo@optimusfintech.com. If unresolved, these complaints can escalate to the Office of The Privacy Commissioner.
• Right to Rectification: You have the right to ask us to rectify your Personal Data that is with us that you think is inaccurate. You also have the right to ask us to complete your Personal Data that you think is incomplete.

Notice to California Individuals

California residents have a legal right to request organizations to tell them how their Personal Information has been shared, if at all, with third parties for the third parties’ direct marketing purposes. To make such a request, please reach us at the contact information listed below. This request may be made no more than once per calendar year, and we reserve our right not to respond to requests submitted other than to the email or mailing addresses specified below.

Do Not Track

Certain web browsers and other devices you may use to access the Sites may permit you to submit your preference that you do not wish to be “tracked” online. We do not currently commit to responding to “do not track” requests, in part, because no common industry standard for “do not track” has been adopted by industry groups, technology companies, or regulators. We will make efforts to monitor developments around Do Not Track browser technology and the implementation of a standard.

Sale or Sharing of your personal information

Optimus Fintech will not Sell or Share Customer and website visitors Personal Information under the Agreement.

Use of sensitive personal information

Optimus Fintech does not collect any Sensitive Personal Information from the Customers and website visitors under the Agreement.

Retention, Use, Disclosure of Personal Data

Optimus Fintech will not retain, use, or disclose Customer Personal Information according to the Agreement outside of the direct business relationship with Customer or for any purpose, including a Commercial Purpose, other than as necessary for the specific purpose of providing the Products for Customer according to the Agreement, or as otherwise set out in the Agreement or as permitted by the CCPA. 

Your California Privacy Rights

In addition to rights of access, correction, and deletion, as described above, California Consumers may have certain additional rights in connection with the personal information we collect about you, many of which are subject to exceptions under applicable law:

- The right to access and disclosure and portability: You may have the right to request, twice during a twelve-month period, the following information about the personal information we have collected about you.

• the categories and specific pieces of personal information we have collected about you;
• the categories of sources from which we collected the personal information;
• the business or commercial purpose for which we collected or sold the personal information;
• the categories of third parties with whom we shared the personal information;
• the categories of personal information that we sold or disclosed for a business purpose, and the categories of third parties to whom we sold or disclosed that information for a business purpose; and
• the specific pieces of personal information we obtained from you in a format that is easily understandable, and to the extent technically feasible, in a structured commonly used, machine-readable format.

- The right to non-discrimination: We will not deny, charge different prices for, or provide a different level of quality of goods or services if you choose to exercise these rights.If You are a resident of California and want to exercise any of Your CCPA/CPRA rights, you can get in contact with Us at: “Contact Information” section below

International users

Your information is maintained and processed by us and our third-party service providers. Thus, your information may be maintained, processed, and stored in other jurisdictions that may have different data protection laws than those in your country of residence. If your information is transferred in these ways, please note that we comply with applicable legal requirements governing the transfer of information across borders. By using the Services, you agree to and acknowledge these transfers.

Changes To This Privacy Notice

We may update our Privacy Notice from time to time. We will notify you of any changes by posting the new Privacy Notice on this page. We will inform you via a prominent notice on our Service before the change becomes effective and update the “effective date” at the top of this Privacy Notice.

You are advised to review this Privacy Notice periodically for any changes. The Privacy Notice changes are effective when posted on this page.

Contact Us

If you have any questions about this Privacy Notice, please contact us by Email Address:dpo@optimusfintech.com