Privacy Policy

General Provisions of Privacy Policy

Our company (hereinafter referred to as “Aurapay”) hereby declares that Aurapay strives to protect the personal information (hereinafter referred to as “Personal Information”) of our customers (hereinafter referred to as “User” or “Users”), always keeping the following in mind:

• Aurapay appoints a “person responsible for Personal Information protection” in relation to Personal Information of Users, its business partners and its employees, and strictly protects such information by always conducting thorough employee education as well as enhancing internal control and system security.
• If Aurapay acquires and uses the information of User, Aurapay uses such information within the minimum scope specified in the Terms of Use of Aurapay (hereinafter referred to as the “Terms”) and any other terms and conditions, for provision of various services incidental to credit card payment, proper credit examination or operations management. Aurapay does not acquire, use or provide such information beyond such scope. Further, Aurapay takes necessary measures for such purposes.
• Aurapay may provide or deposit the information of User to its business partners such as credit card companies within the above scope, to improve its services or the convenience of User. In such case, Aurapay selects such partners who have a sufficient level of Personal Information protection, and implement such protection.
• Aurapay diligent strives to maintain User information that is the most accurate and up-to-date. Upon User request Aurapay will promptly act to ensure that any needed changes are made. If any erroneous information is found, Aurapay promptly corrects such information.
• Aurapay takes necessary security measures against any threats such as unauthorized access to, or loss, destruction, falsification or leakage of Personal Information. If such threats become apparent, Aurapay strives to correct such security measures to deal with such threats.
• Aurapay may send various useful information to User by different means (such as email, website notification, postal mail, etc. If User does not wish to receive such information, Aurapay promptly responds to the request for suspension of such sending by User.
• Aurapay prevents any unauthorized external access by maintaining security measures for its systems such as firewalls. Aurapay concurrently uses “SSL encryption technology” and its unique encryption technology for data communications in relation to Personal Information. Aurapay fully supervises and monitors its servers in a data center under lock-up control under 24 hour security guard. Any and all settlement information such as credit card information is encrypted and stored in the data base.
• Aurapay complies with any and all laws, regulations, guidelines, codes or any other rules in relation to handling of Personal Information. Aurapay improves and operates its “Personal Information Protection Management System” by continuously reviewing it.
• Aurapay conducts a periodic audit and strives to implement and observe its Privacy Policy.

Privacy Policy

 In this Privacy Policy (hereinafter referred to as “Privacy Policy”), Aurapay explains to Users how Aurapay collects, stores, uses and protects Personal Information of Users. With respect to any and all products, services, contents, functions, technologies or functionalities provided on the Aurapay website, all related websites, applications or services (hereinafter collectively referred to as the “Services”), at the time when User makes new registration in, access to or use the Services, such User shall be deemed to have agreed to Privacy Policy and any collection, storage or use by Aurapay in relation to Personal Information of such User, Unless otherwise agreed by and between User and Aurapay, this Privacy Policy stipulates the use of the Services by User (including but not limited to any person or entity who uses the Services in the course of transactions or operations). Aurapay may revise this Privacy Policy anytime, by posting such “revised Privacy Policy” on the website of Aurapay. Such revised Privacy Policy shall become effective on the date of release. If any important change is included in the revised Privacy Policy, Aurapay notifies Users of such change by advising of the same on the “Updates of Policy” section of its website at least 15 days prior to such change. User shall be deemed to have agreed to such revised Privacy Policy, at the time of termination of such 15-day notice period.

Collection of User Information

When User uses the Services, his/her IP address and standard log information such as type of browser used or pages accessed on the website of Aurapay are collected.
When using the Services, the following User information collected.

• Contact information: name, address, phone number, e-mail address, and any other similar information
• Financial information: credit card number presented by User when linking to his/her account or using the Services

Before approving of use of the Services by User, Aurapay may request such User to submit additional information to confirm the identity or address of such User or to manage risks, such as date of birth, identification certificate number, nationality or any other identification information. Further, Aurapay may acquire the information in relation to User from third parties such as credit research agencies or identification services.

While User is using the Services, Aurapay collects the information in relation to the transactions, any other activities on the website or use of the Services by such User. Aurapay may collect the information in relation to the computer or any other access devices of such User to prevent any unauthorized or wrongful act.

When User downloads or uses any mobile Aurapay applications or accesses any of the websites of Aurapay for mobile terminals, Aurapay can receive the information in relation to the location and mobile terminal (including its unique identifier) of such User. Aurapay can use such information to provide the services based on such location information, such as advertisements, search results or any other customized contents. It is common for mobile terminals to control or invalidate the location information service on the menu of such terminals. If User has any question about how to invalidate the location information service of his/her terminal, such User needs to contact his/her mobile service provider or the manufacturer of such terminal.

User may choose to request Aurapay to provide access to the specific Personal Information stored by third parties such as social media (e.g. Facebook, Twitter) websites. The information received by Aurapay differs from website to website, and such information is managed by such website. If User associates the account managed by any third party with his/her account of the Services and permits Aurapay to access to such information, such User shall be deemed to have agreed that Aurapay collects, stores and uses such information in accordance with Privacy Policy.

Namely, Aurapay can collect any additional information from such User or any additional information in relation to such User from any other information source. Such information source includes communications of such User with Aurapay’s Customer Service Team, answers of such User in cooperating with research or surveys, conversations of such User with the employees of Aurapay-affiliated companies or any other companies (based on the privacy policy of each company and applicable laws), or any other account (all or part of) which such User is reasonably considered to manage. Any and all conversations with User by phone are monitored or recorded for the purposes of quality, education or security. User agrees that any and all communications between such User and Aurapay may be heard, monitored or recorded, without any additional notice or warning to such User.

Handling of Sensitive Information

Aurapay, in principle, does not acquire, use or provide to any third party any information in relation to political opinion, belief (religion, thought or faith), membership of labor union, race, ethnicity, origin, permanent legal domicile, healthcare, sex life and criminal history (hereinafter collectively referred to as “Sensitive Information”). Aurapay may acquire, use or provide to any third party Sensitive Information within its necessary scope in any of the following cases (with strict management on the part of Aurapay):

• If such acquisition, use or provision is based on laws and regulations, etc.;
• If such acquisition, use or provision is necessary to protect life, body or property of any person;
• If such acquisition, use or provision is especially necessary to enhance public health or promote sound development of children;
• If Aurapay is required to cooperate with governmental institutions, local governments or their entrustees, for their performance of the affairs stipulated by laws and regulations;
• If Aurapay acquires, uses or provides to any third party Sensitive Information, to the extent necessary to perform transfer, etc. of any rights or obligations due to inheritance procedures;
• If Aurapay acquires, uses or provides to any third party Sensitive Information, on the basis of the consent of User, to the extent necessary to execute its operations, due to the necessity to ensure appropriate operations of Aurapay;
• If Aurapay uses any biometric authentication information which is Sensitive Information, for identification of User, on the basis of the consent of such User.

Use of Cookies

Cookie, Web beacon, Local storage and similar technologies: Cookie, Web beacon, Local storage and similar technologies: When User accesses the Aurapay website or uses the Services, Aurapay (including its business partners) creates small data files in the computer or any other device of such User. Such data files may be cookie, pixel tag, “Flash Cookie” or any other local storage provided by the browser or related applications used by such User (hereinafter collectively referred to as the “Cookie”). Aurapay uses such Cookies for any of the following purposes. • To recognize such User as User of Aurapay; • To provide the Services, contents or advertisements suited to the applications of such User; • To measure promotional effects; • To confirm that the security of the account of such User is not exposed to any risk; • To reduce any risk and avoid any unauthorized use; • To improve the reliability and security of the Aurapay website and the entire Services.

Aurapay’s Cookie can be refused if the browser or add-on of such browser used by User permits such refusal, unless such Cookie is necessary to prevent any unauthorized use or to ensure the security of the website managed by Aurapay. In the case of refusal of the Cookie, the use of Aurapay’s website or of the Services may be obstructed.

Protection and Storage of Personal Information

The term “Personal Information” in Privacy Policy means any information in relation to a specific individual which is usable to identify such individual. If such information includes any anonymous information where a specific individual cannot be identified, such information is not deemed to be Personal Information.

Aurapay stores and processes Personal Information of User in its computers located in Singapore or in the computers of various customer service centers or operation support centers located all over the world. Aurapay protects Personal Information of User by taking physical, electronic and procedural security measures. Aurapay takes security measures in relation to its computers such as firewalls or data encryption and controls any physical access to its buildings, facilities and files. Further, any permits for access to Personal Information are limited only to the employees who need such Personal Information to perform their duties.

Use of Collected Personal Information

The first purpose of collecting Personal Information of User is to provide such User with a safe, smooth and efficient environment suited to such User. As a result Aurapay uses Personal Information of User for any of the following purposes.

• To conduct transactions and to give notices in relation to such transactions to User;
• To identify User in the processes such as creation of account or reset of password;
• To solve objections, to collect service fees, or to solve problems;
• To control risks, or to detect, prevent and/or correct any unauthorized act or any other potential prohibited or illegal act;
• To detect, prevent or correct any breach of policies, the Terms or any other applicable terms;
• To provide User with customer service;
• To enhance the Services by customizing usage experiences of User;
• To measure the results of the Services and to improve their contents and layout;
• To manage and protect the information technology platform of Aurapay;
• To conduct target marketing, to provide advertisements or service updates, or to distribute notices on campaigns, on the basis of the means of communication designated by User;
• To contact User by phone, text message (SMS) or e-mail, in accordance with the conditions approved in the Terms;
• To examine creditworthiness and solvency of User, making comparative reviews of information accuracy, and to verify them together with third-party institutions.

Marketing

Aurapay does not sell or lend any Personal Information of User, without express consent of such User, to any third party other than its affiliated companies, for the purpose of marketing of such third party. Aurapay provides User with the Services, contents or advertisements suited to the applications of such User, by integrating the information of such User and the information collected from other companies, and strives to improve the quality and effect of such provision.

Sharing of Personal Information with other Users of Aurapay

Aurapay needs to convey Personal Information of User to any individual or company to whom such User makes payments, in order to process such payments. The contact information and date of registration of User is provided to other Users with whom such User conducts transactions through Aurapay. If User accesses the Services by using any third party, such information and any other information may be shared with such third party. Such third party cannot use such Personal Information for any purpose other than the purpose to make the Services available, without consent of such User.

When User purchases any products or services and makes payments for them via Aurapay, the latter may provide the seller of such products or services with the confirmed billing address of such User for credit card, so that such User can complete the transactions with such seller. Such seller cannot sell its own services by using such information, without consent of such User.

Aurapay enables User to make payments by using the Services and promotes the use of the Services, by collaborating with third parties such as the merchant. Therefore, when User makes payments to any merchant or makes payments through any third party, Aurapay and such third party may share the information in relation to such User, such as e-mail address or mobile phone number. Such information is used to confirm that such User is a member of the Services and that the Services can become effective as a payment method for such User.

Notwithstanding the foregoing, the User’s credit card number is not disclosed to the other party to whom such User makes payments through Aurapay or the third party who provides or uses the Services. However, if User expressly permits such disclosure, or if Aurapay is required to disclose such information in order to comply with the rules of credit card associations, effective regulations or requests of law-enforcement institutions, or to cooperate with investigations of law-enforcement institutions in accordance with the request of laws, such information may be disclosed.

Sharing of Personal Information with Third Party

Aurapay may share User’s Personal Information with any of the following third parties.

• Aurapay provides User with joint content, products or services (registration, transaction, customer service, etc.), together with its affiliated companies, by sharing the User’s information. Further, Aurapay uses such information for detection and prevention of any possible illegal acts or any breach of Aurapay policies, or for decisions in relation to the products, services or communications of such affiliated companies. Such affiliated companies deliver marketing communications to User by using such information, only if such User requests them to provide their services.
• In the case of merger or acquisition, Aurapay requests the company which plans to merge with or acquire Aurapay to comply with the Privacy Policy in relation to Personal Information of Users. If User Personal Information is used in breach of Privacy Policy, Aurapay gives a prior notice to such User.
• Personal Information of User is shared with law-enforcement institutions, governmental institutions or any other third parties in any of the following cases.
  • If Aurapay is obliged to disclose such Personal Information due to any subpoena, court order or any other similar legal procedures;
  • If Aurapay is required to disclose such Personal Information to comply with laws and regulations or the rules of credit card associations;
  • If Aurapay cooperates with any ongoing investigations of law-enforcement institutions;
  • If Aurapay considers in good faith that the disclosure of such Personal Information is necessary to avoid any physical harm or economic loss, to report any suspicious illegal acts or to investigate any breach of the Terms.
• Personal Information of User is shared with other third parties for any of the following purposes.
  • Prevention of wrongful acts and risk management: In the course of Aurapay activities to evaluate and manage risks and avoid wrongful acts,. For example, if User sells or purchases any products at the affiliated companies of Aurapay (hereinafter referred to as “Affiliated Companies”) by using the Services, the account information of such User is shared for protection of such account from any wrongful transactions, warning in the case of detecting any wrongful transactions in such account or evaluation of credit risk, etc. If Aurapay withholds or imposes any other restrictions on the account of User, on the basis of objection, claim, chargeback or any other scenario in relation to purchase and sale of products, the required account information is shared with Affiliated Companies, as part of efforts of prevention of any wrongful acts or risk management. Further, Aurapay may share the account information with Affiliated Companies for operations of programs to evaluate buyers or sellers, as part of efforts of prevention of any wrongful acts or risk management.
  • Customer service: Personal Information of User is shared to provide such User with customer services including support for use of account or solution of objection (issues relating to billing or transaction).
  • Delivery: Personal Information of User is shared to deliver the products by using the Services or to provide related services to such User.
  • Compliance with laws and regulations: Aurapay complies with verification obligations to prevent money laundering and funding to terrorists.
  • Service provider: Aurapay enables its contracted service providers to support a part of the business operations of Aurapay such as prevention of wrongful acts, collection of bill, marketing, customer service or technical service.
• Personal Information of User is shared with any third party permitted or designated by such User in relation to such sharing.

User needs to acknowledge that such third party may be located in the country where the laws in relation to handling of Personal Information are laxer than the laws of the country of such User.

If User uses the Services directly on the website of any third party or through the application of any third party, the information entered by such User on such website or such application (which is not the information directly entered in the Services) is shared with the owner of such website or such application, and therefore such information needs to comply with the privacy policy of such third party. Aurapay shall not be liable for any handling of contents or information by such third party.

Overseas Transfer of Personal Information

Aurapay undertakes best efforts to sufficiently protect Personal Information of Users, regardless of storage location of data, and strives to properly protect Personal Information of Users in transferring such information to overseas locations including those outside of the European Economic Area (EEA).

Use of “Login with Aurapay”

“Login with Aurapay” is a tool developed by Aurapay to improve the usage experience of Users on the internet. “Login with Aurapay” simplifies the account opening and login process, in the case of using the websites of third parties. It also enhances the usage experience of Users on such websites.

In using “Login with Aurapay”, Users do not need to create each user name and each password for each website. A User can sign in by his/her existing login information on participant websites. If User uses “Login with Aurapay”, such User is be deemed to have agreed that Aurapay shares with the participant websites, the information listed on the screen for consent of login or listed in account setup of “Login with Aurapay”. The information which User permits Aurapay to share with third parties is based on the conditions of service and the terms of privacy stipulated by each third party. Therefore, Aurapay recommends User to confirm the policies of each third party.

Access to and Change of Personal Information

User can confirm or edit his/her own Personal Information anytime, by moving to “Individual Setup” on the website of Aurapay after login to the account of such User. User can also cancel the account of the Services. In such case, Aurapay puts a mark of “cancelled” on such account in its data base. However, Aurapay may retain Personal Information of such User for solution of objections or problems, support to investigation, prevention of wrongful acts, enforcement of the Terms or any other measures, for a specific period of time, in accordance with the requirements of laws and within the permitted scope.