1. Privacy Policy

Al-Qaseh Company for Financial Services and Electronic Payment realizes the importance of privacy and protection of personal data in the digital world, and therefore it is committed to protecting the privacy of users of Al-Qaseh services while browsing or using our websites, applications or services.
This privacy policy will explain how the company ensures the protection of personal data at an advanced level, such as any information relating to users who can be identified, directly or indirectly, in particular by reference to an identifying feature such as a name, an identification number, location information, an online identifier, or One or more User Identifiers hereinafter referred to as “Personal Data”
This privacy policy applies to all services offered and provided by Al-Qaseh company on its websites, digital applications, and other digital properties.
We may also send other special notices highlighting certain uses we want to make of your personal data as well as the ability to subscribe or cancel specific uses including new services or other services that may have their own privacy policy.

2. Who We Are

Al-Qaseh Company for Financial Services and Electronic Payment: It is an Iraqi company specialized in electronic payment services and licensed by the Central Bank of Iraq.
It helps the financial, banking, government and various business sectors manage their financial transactions electronically with confidence and security, while providing an electronic application to complete payment operations, through which it is possible to follow up the operations that take place and transfer money from one card to another and other features.
Al-Qaseh scope of work includes the following:
– Issuing and managing electronic cards.
– Preparing and managing electronic payment points.
– Accepting all card transactions on POS machines and ATMs.
– Processing transactions.
– Transfer money service.
– Compliance and anti-fraud management services.
– Maintaining confidentiality of information according to international certification standards (PCI-DSS).
– Providing advisory services.
– Providing various services to banks and state institutions.
3. Third-Party

Al-Qaseh websites may contain links that allow you to leave their website and access another website. Linked sites are not under our privacy control and these sites have different privacy policies. Al-Qaseh privacy policy applies to personal information obtained through websites or through Al-Qaseh applications or any related products. Therefore, we urge you to be careful not to use any personal information via the Internet, and Al-Qaseh is not responsible for any obligation towards other sites.
4. Why do we collect and process your personal data

We collect and process your personal data for the following purposes:

• To provide you the services you request, and to use online forms and surveys, and to sign up for certain services, such as newsletters, SMS updates or to create an account.
• To maintain and improve our services, to understand how you use our services and to implement other functions, and to develop new services and offers.
• To specify services to your needs and interests, to provide you with tailored content such as advertisements and related services, to allow us to get to know you better so we can give you more services that you request, more offers, exclusive offers, information and competitions and to give you a better user experience, and to detect more complex things such as which ads you may find more benefit or which services and information are more relevant to you, giving you a better and more useful experience of our digital services.
• To carry out payment transactions, to store transaction history, and to comply with a legal or regulatory obligation.
• To communicate with you and to allow you to contact Al-Qaseh company, keep a record of conversations, help you resolve any problems you may encounter, send you promotions and direct marketing, tell you about our services such as providing you with information about upcoming programs, or adding modifications to our digital services.
• To create and maintain a reliable and secure environment, investigate, detect, prevent, or report fraud, distortion, breaches, security incidents, or other potentially prohibited or illegal activities, protect our sellers, your rights, and the safety and integrity of our services, and to enforce our Terms of Service or other agreements or policies, and to verify your identity.
• To comply with any applicable laws or regulations, respond to lawful requests for information from government or through legal process, to fulfill any other purpose disclosed to you in connection with our services, and to contact you to resolve disputes and provide assistance with our services.

5. How do we collect information about you
When you request to create an account and start using the services of the company, you will be asked to provide us with personal information (KYC), including your full name, date of birth, address, email address, phone number, and other identifying information that we collect. In addition, in order to verify your identity, we may be required to ask you for valid proof of your identity (for example, a copy of your passport and/or national identity card).

You must ensure that the e-mail address that you have registered is always up to date so that we can always contact you with important information related to your account.

Your Internet Protocol (IP) address is a unique number assigned to your computer or to your Internet service provider (ISP), information about your computer (for example, the type of browser) and roaming information (for example, the pages you visit on www.alqaseh.iq, in addition to the number of times you access www.alqaseh.iq, may also be tracked against your personal information for fraud prevention purposes and to improve the service for you.

And to help you protect against fraud and misuse of your personal information, we may collect information about you and your interaction with the company’s services. We may also assess your computer, mobile phone or other access device for malicious software or activity.

Al-Qaseh may monitor or record telephone conversations with you or anyone acting on your behalf. By contacting the Al-Qaseh company, you acknowledge that your communication may be monitored, or recorded without notice or subsequent notification.

We may collect additional information from or about you in other ways not specifically described herein. For example, we may collect information about your contact with our customer service team or save results when you answer a survey we offer.

6. Why do we collect this data and information
• We use your personal information to provide and improve the company’s services to you. We may also use your personal information to prevent illegal activities and enforce our User Agreement with you.

For example, we may share some of the personal information you provide to us with banks (for example, to comply with our anti-money laundering obligations), for processing and verification services, or for fraud detection purposes. In such circumstances we may need to ask you for proof of identity (for example, a copy of your passport, national identity card, etc.).

These organizations may not use your personal information for any other secondary purposes beyond the purpose for which your personal information was provided to them by us, unless they are required by law to do so.

Although we make every effort to protect your privacy, we may need to disclose your personal information to law enforcement agencies, government agencies, other third parties assisting with fraud investigations, or other third parties to protect the company or its users from any risk, or with third parties government, where we are compelled by a court or similar legal process, or where we are required to comply with the law, or where we are cooperating with an ongoing law enforcement investigation, or where we have a good faith belief that such belief is necessary to prevent harm material or financial loss, to report suspected illegal activity, or to investigate a possible violation of our User Agreement.
• For marketing purposes: We may use your personal information if you “Subscribe” to promotional activities for our products, new features, special offers, and advertising of our products.
• Sending messages periodically: The registered email address or phone number will be used to send information and updates related to our site and our service. It may also be used to respond to inquiries, or other requests or questions. If the user decides to join / subscribe to our mailing list, he will receive messages that may include news, updates, or information related to the product or service.

7. Personal data records
Al-Qaseh retains your personal information for as long as necessary in order to achieve any of the previously mentioned purposes and also keeps the data for the purpose of complying with applicable legislation, regulatory purposes.

8. Why do we secure information
We design our systems with the consumer’s security and privacy in mind.
We work to protect the security of the consumer’s personal information during transmission by using encryption protocols and software (SSL, VPN).

When card information and account data are processed, the data will be stored in accordance with the strict PCI-DSS rules (“Payment Card Industry Data Security Standard”), only in encrypted form and only in a database which can be accessed by authorized staff only.

Al-Qaseh uses firewalls and PAM to prevent unauthorized access to its servers; the servers are located at a safe location to which only authorized staff of Al-Qaseh have access.

All staff members and all persons involved in the processing of data are subject to an obligation to comply with all laws related to data protection. We restrict access to personal data about the consumer to those employees who need to know that information to provide products or services to the consumer.

We maintain appropriate administrative, technical and physical safeguards to protect the personal data we have about the consumer against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access.

It is important for the consumer to protect against unauthorized access to the consumer’s password and to the consumer’s computers, devices, and applications. We recommend using a unique password for the consumer’s account that is not utilized for other online accounts. The consumer must make sure to sign off when finished using a shared computer. Also, the consumers must NOT SHARE THEIR PASSWORD. If the consumers do share their password with a third party for any reason, the third party may have access to the consumer’s account with Al-Qaseh and the consumer’s personal information, and the consumer shall be responsible for all actions taken using the consumer’s credentials.

9. What are the limits of liability

The company disclaims any responsibility when the card is damaged or stolen and the customer does not notify the company through the official communication channels or through the application. The company has the right to disclose card information and operations carried out to a third party within the limits of what it deems appropriate in accordance to the controls and instructions of Iraqi law and the Anti-Money Laundering and Terrorist Financing Office Law (39) of (2015) and to comply with the instructions of the Central Bank of Iraq, Visa International, and MasterCard in cases that requires notification.

The company disclaims any responsibility for any hacking incidents that the client may be exposed to as a result of the card misuse inside web analysis software sites. As it is agreed, that the company, its representatives, directors, and/or employees will not be responsible for any legal and/or material liability (financial compensation) of any kind which might result from any delay, non-implementation, failure to authorize any transaction executed by it and/or through them in the event of any defect, malfunction, ineffectiveness of any kind and/or for any reason whatsoever related to the company or any of the computer devices through which the electronic payment process is carried out and/or computer programs, programmed devices or the electronic device, the e-commerce program, any device, program or system used for relied upon directly or indirectly.

10. Responsibility, Review, and Audit
AL-QASEH reviews and updates its security policies and plans to maintain organizational security objectives and meet regulatory requirements at least annually.