Privacy Policy

Paymera (“we”, “our”, “us”, or the “Company”) is developed and operated by Lemonilab FZCO, a software development company based in Dubai, UAE, under license number: 12303. Paymera operates a closed-loop digital wallet mobile application designed for visitors and guests of participating smart business parks in the United Arab Emirates. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you download, install, and use the Paymera mobile application (the “App”).

By using Paymera, you consent to the data practices described in this policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the App.

2.1 Personal Information

When you register for and use Paymera, we may collect:

• Mobile Phone Number: Used for account registration, authentication, and communication

We do not collect bank account details, card numbers, or financial institution information.

2.2 Transaction Data

• Points earned through activities, promotions, and partner interactions
• Points spent at participating merchants within the business park
• Transaction timestamps, amounts, and merchant identifiers
• Digital receipts and transaction history
• QR code scan records for peer-to-peer transfers

2.3 Device and Technical Information

We may automatically collect certain technical information when you use the App, including:

• Device Information: Device model, operating system type and version, and app version
• Biometric Authentication Status: Face ID/Touch ID capability (actual biometric data never leaves your device)
• Network Information: IP address and general connection type
• Usage Data: App interaction logs, screens viewed, session duration, and feature usage patterns

2.4 Location Information

With your explicit consent, we may collect precise location data to verify your presence within participating business parks for earning points and accessing location-specific offers. You can disable location services at any time through your device settings.

We use your personal information for the following purposes:

3.1 Service Delivery

• Creating and managing your Paymera account and digital wallet
• Processing point earnings, redemptions, and peer-to-peer transfers
• Generating digital receipts and maintaining transaction history
• Enabling QR code payments and biometric authentication
• Providing customer support and responding to inquiries

3.2 Analytics and Improvement

• Analyzing usage patterns and trends to improve App functionality and user experience
• Monitoring App performance, diagnosing technical issues, and fixing bugs
• Generating aggregated, anonymized statistics about App usage

3.3 Communications

• Sending transactional notifications related to your account activity (e.g., point transfers, redemptions)
• Delivering service announcements, updates, and security alerts
• Providing information about new features, promotions, or participating merchants within the business park (you may opt out of promotional communications at any time)

3.4 Security and Fraud Prevention

• Detecting, investigating, and preventing fraudulent transactions or unauthorized access
• Verifying user identity through OTP and biometric authentication
• Enforcing our Terms and Conditions and protecting the integrity of the platform

3.5 Legal Compliance

• Complying with applicable laws, regulations, and legal processes in the United Arab Emirates
• Responding to lawful requests from government authorities

We implement comprehensive security measures to protect your personal information:

• Biometric Security: Face ID and Touch ID data is processed locally on your device and never transmitted to our servers
• OTP Verification: Time-sensitive one-time passwords for sensitive operations
• Encryption: Data is encrypted in transit and at rest using industry-standard protocols
• Access Controls: Strict employee access policies and regular security audits
• Session Management: Automatic session timeouts and device management capabilities

While we strive to use commercially acceptable means to protect your personal information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

We do not sell, rent, or trade your personal information. We do not use any third-party analytics SDKs, advertising frameworks, or tracking tools. We may share your data only in the following circumstances:

5.1 Participating Merchants

When you make a transaction, we share limited information (transaction amount, timestamp, and your account identifier) with the participating merchant to process your payment. Merchants do not receive your personal contact details.

5.2 Business Park Operators

Aggregated and anonymized usage statistics may be shared with business park operators to improve services. This data cannot be used to identify individual users.

5.3 Service Providers

We engage trusted third-party service providers for hosting and other operational needs. These providers are contractually bound to protect your data and use it only for specified purposes.

5.4 Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

6.1 Retention Period

We retain your personal information and transaction data for as long as your account is active. If your account becomes inactive, we retain your data for a period of two (2) years from the date of your last activity, after which it is permanently deleted. We may retain certain data for longer periods where required by applicable law or regulation.

6.2 Account Deletion

You may request deletion of your account at any time using the “Delete Account” option available within the App. To protect your security, you will be required to re-authenticate via OTP before the deletion process begins. Once confirmed, your account will become immediately inaccessible, and all associated personal data will be permanently deleted within seven (7) days. Please note that this action is irreversible, and any remaining points balance will be forfeited upon deletion.

You have the following rights regarding your personal information:

• Right to Access: You may request a copy of the personal data we hold about you
• Right to Correction: You may request that we correct any inaccurate or incomplete personal information
• Right to Deletion: You may request the deletion of your account and personal data as described in Section 6.2
• Right to Data Portability: You may request a copy of your data in a structured, commonly used format
• Right to Withdraw Consent: You may withdraw your consent to data processing at any time, including disabling location services through your device settings
• Right to Object: You may object to the processing of your personal data for certain purposes, such as promotional communications

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within thirty (30) days.

Paymera is intended for use by individuals who are eighteen (18) years of age or older. We do not knowingly collect, solicit, or maintain personal information from anyone under the age of 18. If you are under 18, please do not register for or use the App.

If we become aware that we have inadvertently collected personal information from a person under 18, we will take immediate steps to delete such information from our records. If you believe that a minor has provided us with personal information, please contact us at [email protected] so that we can take appropriate action.

In the event of a data breach that compromises the security of your personal information, we will notify affected users without undue delay through the App and, where possible, via the contact information associated with your account. We will also notify the relevant regulatory authorities as required by applicable law. Our notification will include the nature of the breach, the types of data affected, the measures we have taken to address the breach, and recommendations for steps you can take to protect yourself.

This Privacy Policy shall be governed by and construed in accordance with the laws of the United Arab Emirates. Any disputes arising from or in connection with this Privacy Policy shall be subject to the exclusive jurisdiction of the courts of the United Arab Emirates.

We may update this Privacy Policy from time to time. We will notify you of significant changes through the App or via the contact information associated with your account. The “Last Updated” date at the top of this policy indicates when the most recent revisions were made. Your continued use of Paymera after changes become effective constitutes acceptance of the revised policy. We encourage you to review this Privacy Policy periodically.