Privacy Policy

 

1. Introduction

Basata Company (“Basata”, “we”, “us”, or “our”) is committed to protecting the privacy and personal data of all individuals who interact with our services, website, and mobile application. This Privacy Policy explains how we collect, use, store, share, and protect your information in accordance with Egyptian Personal Data Protection Law.

2. Scope

This policy applies to all registered customers, merchants, business partners, website visitors, and any individual whose data is processed by Basata in the course of providing payment services.

3. Data We Collect

3.1 Registration & Account Data

Collected when you register or create an account on our platform:

• Full name and date of birth

• Phone number and email address

3.2 Financial & Payment Data

Collected to facilitate payment processing:

• Card tokens and wallet identifiers (we do not store full card numbers)

• Payment method preferences and linked financial instruments

• Biometric or device authentication data as processed by Apple Pay (Face ID, Touch ID, or passcode) — we do not access or store this data; it is handled exclusively by Apple at the device level

3.3 Transaction Data

Generated automatically each time a transaction is initiated or completed:

• Transaction ID, reference number, and order number

• Payment amount, currency, and timestamp

• Payment status (success / failed / refunded)

• Merchant name and service category

 

3.4 Technical & Usage Data

Collected automatically when you access our platform:

• IP address, device identifiers, and browser type

• Pages visited, session data, and interaction logs

• Cookies and geolocation (with consent)

4. Legal Basis for Processing

• Contractual Necessity: To deliver the service you have requested.

• Legal Obligation: Compliance with applicable AML/CFT laws and regulations.

• Legitimate Interest: Fraud prevention, security monitoring, and service improvement.

• Consent: Marketing communications and geolocation tracking, where you have provided explicit consent.

5. How We Use Your Data

• Account creation and management: To register, verify, and maintain your account.

• Payment processing and settlement: To execute, record, and reconcile transactions carried out through our platform.

• Fraud and security: Monitoring for unusual patterns and protecting customer funds.

• Customer support: To investigate and resolve disputes, complaints, and transaction queries.

• Communication: Service notifications and (with consent) marketing.

• Legal purpose: Exercising or defending legal claims and responding to lawful authority request.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this policy, or as required by applicable law.

Upon expiry of the applicable retention period, data is securely deleted or anonymized in accordance with our internal data lifecycle procedures.

7. Data Sharing and Disclosure

We do not sell your personal data. Sharing occurs only in the following circumstances:

• Regulatory authorities: Any judicial bodies upon lawful request.

• Payment networks: Visa, Mastercard, and other licensed payment schemes to the extent required to process your transactions.

• Apple: Where Apple Pay is used as a payment method, Apple processes transaction data in accordance with Apple’s own Privacy Policy. Basata does not receive or store your Apple Pay credentials or card details.

• Acquiring and issuing banks: Licensed financial institutions involved in the settlement of payment transactions.

• Technology & compliance vendors: Cloud providers and fraud detection providers, all bound by contractual data protection obligations. We ensure that any third party with whom we share user data is bound by contractual obligations to provide the same or equal protection of user data as stated in this Privacy Policy

8. Payment Processing & Apple Pay

8.1 Payment Methods

Basata provides users with secure payment options within the application, including Apple Pay where available. Apple Pay allows users to complete transactions using the payment methods stored in their Apple Wallet.

8.2 Apple Pay Usage

When you choose to pay using Apple Pay:

• Basata enables Apple Pay as a secure payment method for transactions within the app.

• Payment authentication is handled by Apple using device-level security (Face ID, Touch ID, or passcode).

• Basata does not control or store Apple Pay authentication credentials.

 

8.3 Payment Data Collection

For Apple Pay and other payment methods:

• Basata does not collect or store full card numbers.

• Basata does not have access to your Apple Pay card details.

• Apple Pay processes payment information securely through Apple and your card issuer.

 

Basata may store limited transactional data, including: transaction ID, payment status, amount, timestamp, and order or reference number. This information is used for transaction tracking and reconciliation, customer support, fraud prevention and dispute handling, and financial reporting and auditing purposes.

8.4 Payment Security

All payment transactions are processed using secure and encrypted communication channels. Basata follows industry-standard security practices to protect user data and financial information. Payment credentials are handled by Apple Pay and/or licensed payment service providers and are not directly accessible by Basata.

8.5 Third-Party Payment Processing

Payments made through Apple Pay are processed by Apple and the relevant financial institutions. Basata may also integrate with licensed payment service providers to facilitate transactions. These third parties operate under their own privacy policies and security standards.

8.6 Refunds and Disputes

Refunds, chargebacks, and payment disputes may be handled through Basata’s internal support processes and/or in coordination with payment providers and financial institutions. Users may be required to provide transaction details to investigate and resolve payment issues.

8.7 Apple Privacy Commitments

In accordance with Apple’s App Store Review Guidelines (Guideline 5.1.1), Basata commits to maintaining transparent data practices, ensuring all third-party vendors provide equal protection of user data, and empowering users with accessible, in-app mechanisms to easily withdraw consent and request account and data deletion.

9. Security Measures

Basata implements appropriate technical and organizational measures to protect your personal data against unauthorized access, disclosure, alteration, or destruction. These measures include:

• Encryption of data in transit using TLS/SSL protocols.

• Encryption of sensitive data at rest.

• Role-based access controls and least-privilege access policies.

• Regular security assessments and vulnerability management.

• Incident response and breach notification procedures in line with regulatory requirements

10. Cookies

We use essential, analytical, functional, and marketing cookies. Essential cookies cannot be disabled. All others require your consent and can be managed via your browser settings or our cookie consent banner.

11. Contact Information

• Email: compliance@basatapay.com

• Hotline: 16233