Information updated: 18.03.2024

Privacy Policy

General provisions

1. According to the Joint Controller Agreement No. 20180919 from September 19, 2018, your personal data controller is the Paysera network. Contact details of Paysera are available at Paysera website. Contact details of the data protection officer authorised by Paysera: [email protected]
Using services provided solely by "Paysera Bank of Georgia" JSC, personal data collected through Paysera Bank of Georgia is processed under this Privacy Policy of "Paysera Bank Georgia" JSC. Contact details of Paysera Bank Georgia are available at Paysera Bank Georgia website. Contact details of the data protection officer authorised by Paysera Bank Georgia: [email protected]

2. Personal data collected by Paysera Bank Georgia is processed in accordance with the Law of Georgia "On Personal Data Protection", the General Data Protection Regulation (hereinafter — the GDPR) and other legal acts. All employees, agents, and employees of the agents of Paysera Bank Georgia who know the secret of personal data must keep it safe even after termination of the employment or contractual relationship.

3. Paysera Bank Georgia, in accordance with the applicable legal requirements, shall ensure the confidentiality of personal data and the implementation of appropriate technical and organisational measures to protect personal data from unauthorised access, disclosure, accidental loss, alteration, destruction, or other unlawful processing.

4. This Privacy Policy sets out the basic rules for the collection, storage, processing, and retention of your personal data, other information relating to you, the scope, purpose, sources, recipients, and other important aspects of your personal data when you use banking services provided by Paysera Bank Georgia.

5. By accessing and/or using the information on this website and/or our services, you acknowledge and confirm that you have read, understood, and agree to this Privacy Policy. Also, after you register with the system and start using our services, this Privacy Policy becomes a Supplement to the General Payment Services Agreement.

6. Paysera Bank Georgia reserves the right, at its sole discretion, to modify this Privacy Policy at any time by publishing an updated version of the Privacy Policy on the website and, if the changes are substantial, notifying clients by email. An amended or updated version of this Privacy Policy shall take effect upon its publishing on the website.

7. If the user of the services is a business or is an organizational entity that is not a business, this Privacy Policy applies to individual clients whose data is transmitted to us by the legal entity/ organizational entity. The user shall inform the data subjects (managers, recipients, agents, etc.) of the transfer of their data to Paysera Bank Georgia in accordance with the Georgian law on personal data protection and Article 14 of the GDPR.

8. If the client/user intends to use/is using services not provided by "Paysera Bank of Georgia" JSC, but other partner of the Paysera Network, personal data collected through Paysera Network is being processed under separate Privacy Policy of Paysera Network. I.e. If you want to use services provided by other Paysera partner - please, follow this link.

Data processing purposes. Data providers, deadlines, recipients

9. The main purpose for which Paysera Bank Georgia collects your personal data is to provide the Banking services to clients who use banking products. As a Bank, Paysera Bank Georgia is bound by law to establish and verify your identity prior to entering into financial services transactions with you, also, at the time of the provision of the services, to request further information, as well as assess and store this information for the retention period set out by legislation. Taking this into account, you must provide correct and complete information.

10. PURPOSE: client's identification, provision of Banking services (bank account opening, transfers of funds, payment collection and other), or implementation of other legal obligations of the Bank..
10.1 Personal data is processed for this purpose in compliance with legal requirements related to:
​​​​​​​10.1.1 establishment and verification of the client's identity;
​​​​​​​10.1.2 conclusion and execution of agreements with the client or in order to take steps at the request of the client;
​​​​​​​10.1.3 execution of transfers of funds and transmission of the necessary information together with a transfer in accordance with legislation;
​​​​​​​10.1.4 implementation of the "Know Your Client" requirements;
​​​​​​​10.1.5 continuous and periodic monitoring of the client’s activity;
​​​​​​​10.1.6 risk assessment;
10.1.7 updating client data in order to ensure its accuracy;
​​​​​​​10.1.8 prevention of possible money laundering and terrorist financing, prevention of fraud, detection, investigation and informing of such activity, determination of politically exposed persons or financial sanctions imposed on the client;
10.1.9 ensuring proper risk and organisation management.

10.2 For this purpose, the following personal data may be processed::
name, surname, national identification number, address, date of birth, a face photo, citizenship, data from an identity document and a copy of the document, direct video transmission (direct video broadcast) recording, email address, phone number, current account number, IP address, current professional or work activity, current public/state function, and other data required by legal acts governing the prevention of money laundering and terrorist financing.

10.3 This personal data is collected and processed on the basis of a legal obligation imposed on the bank, including the law of Georgia on commercial banks, law on payment systems and payment services, the law of Georgia on Payment System and Payment Services, The Regulation adopted by the NBG (National Bank of Georgia) on Providing the Necessary Information to Payment Service Users When Providing Payment Services; Regulation adopted by the NBG (National Bank of Georgia) on execution of payment transactions; Regulation adopted by the NBG (National Bank of Georgia) on Card-based Instruments; Regulation adopted by the NBG (National Bank of Georgia) on Strong Customer Authentication, the law of Georgia on on facilitating the prevention of money laundering and the financing of terrorism, and other applicable legal acts, and is required in order to open an account and/or provide a Banking service.

10.4 Data retention period: The data storage period is 15 (fifteen) years, unless a longer period is provided by Georgian legislation. In accordance with the Law of Georgia "on facilitating the prevention of money laundering and the financing of terrorism", the mentioned data must be stored for 5 years after the termination of business relationship or conclusion of a one-time transaction, and in accordance with Article 23 of the Law of Georgia "On the Activities of Commercial Banks", the data is additionally stored for another 10 (ten) years.

10.5 Data providers and sources:
the data subject directly, banks, credit and other financial institutions and their branches, state and non-state registers, databases for checking the data of identity documents (including databases of expired documents and other international databases), authority check registers (registers of notarised authority, Registry of Notary Acts and other databases), the Register of Incapacitated and Disabled Persons, the Population Register, debtors’ registry, other databases, companies processing consolidated debtor files/credit information (e.g. in Georgia “SC Credit Information Bureau Creditinfo Georgia” or other), companies maintaining registers of international sanctions, law enforcement agencies, bailiffs, legal entities/an organizational entity that is not a legal entity (provided you are a representative, employee, founder, shareholder, participant, contractor, or the real beneficiary of these legal entities/organizational entities), partners or other legal entities that engage us or are engaged by us in the provision of services, social networks where you have a profile linked to our system, and other persons.

10.6 Groups of data recipients:
supervisory authorities, Banks, credit, financial, payment and/or electronic money institutions, pre-trial investigation, investigation institutions, state tax authorities/agencies, payment service representatives or partners of Paysera Network (if the transaction is carried out using their services), recipients of transaction funds receiving the information in payment statements together with the funds of the transaction, the recipients’ bank, payment service providers and correspondents, participants, and/or parties related to national, European, and international payment systems, debt collection and recovery agencies, companies processing consolidated debtor files/credit information (e.g. in Georgia “SC Credit Information Bureau Creditinfo Georgia” or other), lawyers, bailiffs, National Bureau of Enforcement, tax authorities/agencies, auditors, other entities having a legitimate interest, other persons under an agreement with Paysera network/Paysera Bank Georgia JSC or on other lawful bases.

11. PURPOSE: Debt management.
11.1 Personal data under this purpose is processed in order to manage and collect debts, submit claims, demands, lawsuits, etc.

11.2 For this purpose, the following personal data may be processed: name, surname, national identification number, address, date of birth, data from an identity document, email address, phone number, payment account number (bank/Emoney), IP address, payment account statements, available assets/property, information about public-law restrictions, seizures, lien, mortgage, information requested from the insurance company when settling an insurance event, guarantors, co-debtors, collateral providers and other data related to the circumstances in which the debt arose/related to debt managing.

11.3 Data retention period: The term is determined in accordance with the Law of Georgia "On the Activities of Commercial Banks", relevant normative acts of the National Bank of Georgia and the Civil Code of Georgia.

11.4 Data providers:
the data subject directly, credit, financial, payment and/or electronic money institutions, state and non-state registers, including the Population Register, immovable property registry, business registry, public-law restrictions and obligations registry,companies processing consolidated debtor files/credit information (e.g. in Georgia “SC Credit Information Bureau Creditinfo Georgia”or other), debtors registry, partners, other persons.

11.5 Groups of data recipients:
companies processing consolidated debtor files/credit information e.g. in Georgia “JSC Credit Information Bureau Creditinfo Georgia” or other), credit, financial, payment and/or electronic money institutions, lawyers, bailiffs, courts, arbitration or another form of alternative dispute resolution, pre-trial investigation institutions, state tax agencies, debt collection and recovery agencies, insurance companies, and other entities having a legitimate interest.

11.6 Please note that:
11.6.1 if you have a debt to Paysera Bank Georgia and you are postponing the performance of your obligations for more than 30 (thirty) days, Paysera Bank Georgia has the right to provide the information on your identity, contact details, and credit history, i.e. financial and property liabilities and information on their execution, and debts and their payment to companies managing debtors' databases (such as the credit institution JSC Credit Information Bureau Creditinfo Georgia in Georgia*), as well as to debt collection companies. You can access your credit history by contacting the credit bureau directly.
11.6.2 Paysera Bank Georgia JSC will collect/process all credit/non-credit and other relevant information about the Client that involves data supply and retrieval to/from CIB (“JSC Credit Information Bureau Creditinfo Georgia”) in compliance with procedures and terms envisaged by the Georgian legislation. Data described herein are processed for assessing the Client’s creditworthiness and will be accessible to creditor(s) and data receiver(s)/provider(s) connected to CIB, in compliance with rules envisaged by the Georgian legislation. At the request of the Client, the Data Processor (“JSC Credit Information Bureau Creditinfo Georgia”) is obliged to correct, update, complete, block, delete or destroy the data if they are incomplete, inaccurate, outdated, or were collected and processed unlawfully.

12.1 Personal data is processed for this purpose in order to:
12.1.1 maintain the business relationship and communication with the client;
12.1.2 protect the interests of the client and/or Paysera Bank Georgia/ Paysera Network;
12.1.3 prevent disputes, provide evidence of business communication with the client (recordings of conversations, correspondence);
12.1.4 perform quality assessment and ensure the quality of services provided by Paysera Bank Georgia/Paysera Network;
12.1.5 where it is necessary for the execution of the agreement, in order to take steps at the request of the client, or in implementing a legal obligation.

12.2 For this purpose, the following personal data may be processed:
name, surname, address, date of birth, email address, phone number, IP address, current account statements, phone/audio video conversation recordings, and correspondence with the client and any other data necessary to fulfill the stated purposes.

12.3 Data retention period:
The term is determined in accordance with the Law of Georgia "On the Activities of Commercial Banks", relevant normative acts of the National Bank of Georgia and the Civil Code of Georgia.

12.4 Data providers: the data subject directly.

12.5 Data recipients:
supervisory authorities, companies processing consolidated debtor files/credit information, lawyers, bailiffs, courts, arbitration or another form of alternative dispute resolution, pre-trial investigation institutions, debt collection and recovery agencies, Persons carrying out research on the services provided to the client, other entities having a legitimate interest, other entities under an agreement with Paysera Bank Georgia/Paysera Network.

13. PURPOSE: Credit rating assessment, credit risk management, and automated decision making.
13.1 The personal data for this purpose is processed to assess the creditworthiness of clients, to manage the credit risk, and to meet the requirements related to operational risk management and capital adequacy, so that Paysera Bank Georgia can offer to provide funding.

13.2 The following personal data may be processed for this purpose: name, surname, address, date of birth, email address, telephone number, payment account number (bank/Emoney), IP address, payment account statements, client's balance on the account, financial liabilities, credit rating, credit and payment history, income, education, workplace, current work position, work experience, available assets/property, information about public-law restrictions, seizures, lien, mortgage, information about insured banking product, and data on family members/relatives/related persons guarantors, co-debtors, collateral providers and other information.

13.3 Data retention period:
In the case of data processing carried out by PAYSERA's partner, Payera Bank of Georgia JSC - The term is determined in accordance with the Law of Georgia "On the Activities of Commercial Banks", relevant normative acts of the National Bank of Georgia and the Civil Code of Georgia.

13.4 Data Providers:
the data subject directly, credit and other financial institutions and their branches, law enforcement agencies, other state institutions, state and non-state registers, including the Population Register, immovable property registry, business registry, public-law restrictions and obligations registry, companies processing consolidated debtor files/credit information (e.g. in Georgia “SC Credit Information Bureau Creditinfo Georgia” or other), debtors registry, individual persons who provide data about spouses, children, and other persons related by kinship or affinity, co-debtors, guarantors, collateral providers, etc., legal entities/other organizational entities when the client is a representative, employee, contractor, shareholder, participant, owner, etc. of these legal/organizational entities, and partners or other legal entities who Paysera employs for service provision.

13.5 Data recipients:
credit, financial, payment and/or electronic money institutions or service providers assisting in the assessment of creditworthiness, and companies processing consolidated debtor files/debtor information, insurance companies.

13.6 In order to conclude or offer to enter into a funding agreement with you and to provide you with services, Paysera Bank Georgia will, in certain cases, apply decision-making based on the automated processing of your personal data. In this case, the system checks your creditworthiness with a set algorithm and assesses whether the service can be provided. If the automated decision is negative, it may be changed by the client providing more data. Paysera Bank Georgia takes all the necessary measures to protect your rights, freedoms, and legitimate interests. You have the right to demand human intervention, express your opinion, and challenge an automated decision. You have the right to oppose an automated decision by contacting Paysera Bank Georgia directly.

14. PURPOSE: Protection of interests of Paysera Bank Georgia and the client (video surveillance on the premises of Paysera)..
14.1 Personal data for this purpose is processed in order to ensure the security of Paysera Bank Georgia and/or the client, to protect the life and health of the client and/or their representative, and other rights of Paysera Bank Georgia and the client (video surveillance and recording in the premises of Paysera) in pursuit of the legitimate interest to protect clients, employees, and visitors of Paysera Bank Georgia and their property, as well as the property of Paysera Bank Georgia.

14.2 For this purpose, the following personal data may be processed:
video recordings on the premises managed by Paysera Bank Georgia.
14.4 Before entering the premises of Paysera Bank Georgia where video surveillance is conducted, you are informed about the surveillance by special markings placed in a prominent place.

14.5 Data retention period:
1 (one) year.

14.6 Data providers:
the data subject directly who visits the premises of Paysera Bank Georgia where video surveillance is conducted and is captured by the surveillance camera.

14.7 Data recipients:
courts, pre-trial investigation institutions, lawyers (only in case of an attempt of crime/committing a crime).

15. PURPOSE: Informing the client about services.
15.1 Personal data for this purpose is processed in order to inform the client about the services provided by Paysera Bank Georgia , their prices, specifics, changes in the terms of the agreements concluded with the client, and for sending system and other messages relating to the provided Paysera Bank Georgia services

15.2 The following personal data may be processed for this purpose:
email address, phone number.

15.3 The data subject confirms that they are aware that such messages are necessary for the execution of the General Services Agreement and/or its supplements concluded between the client and Paysera Bank Georgia and they are not considered to be direct marketing messages.

15.4 Data retention period:
24 (twenty-four) months after the termination of the business relationship with the client.

15.6 PURPOSE: Informing the client about services.

15.6 Data recipients:
the data for this purpose is not provided to other persons.

16. PURPOSE: Direct marketing.
16.1 For this purpose, personal data is processed in order to provide clients with offers on the services provided by Paysera Bank Georgia/Paysera Network and find out the clients' opinions on the above-mentioned services.

16.2 The following personal data may be processed for this purpose: any data provided by the client to the bank and/or obtained by the bank within the framework of banking services received by the client will be processed. This includes data collected during the performance of any banking operation, including but not limited to customer identifiers, financial information, contact details (name, surname, email address, and phone number) and location data.

16.3 For this purpose, Paysera Bank Georgia/Paysera network sends newsletters and direct marketing messages after obtaining the client's consent. Paysera Bank Georgia and/or Paysera's network are authorized to provide customers with direct marketing offers and information tailored to them regarding loans, deposits, and other banking products through SMS and/or voice calls to the phone number, email notifications, and/or notifications within the Paysera mobile application. Paysera Bank Georgia/Paysera network may use a newsletter service provider while ensuring that said provider complies with the personal data protection requirements set out in the Joint Controller Agreement. The client may revoke their consent upon receiving newsletters or direct marketing messages by clicking on the Revoke your consent link as well as informing Paysera Bank Georgia at any time about their refusal to process personal data for direct marketing purposes by e-mail [email protected].

16.4 Data retention period: until the termination of the business relationship with the client or until the day the client objects to the data processing for this purpose.

16.5 Data providers:
the data subject directly.

16.6 Data recipients:
The data for this purpose may be transmitted to Paysera partner network, search or social networking systems (the possibility to object data processing is ensured by the websites of these systems), newsletter service providers.

17. PURPOSE: Statistical analysis.
Your personal data collected for the aforementioned purposes, except for the national identification number, identity documents and their details, also the exact place of residence, may be processed for the purpose of statistical analysis. For this purpose, personal data shall be processed in such a way that, by including it in the scope of statistical analysis, it is not possible to identify the data subjects concerned. The collection of your personal data for the purpose of statistical analysis is based on the legitimate interest to analyse, improve, and develop the conducted activity. You have the right to disagree and object to your personal data processing for such purpose at any time and in any form by informing Paysera Bank Georgia thereof. However, Paysera Bank Georgia may continue to process the data for statistical purposes if it proves that the data is processed for compelling legitimate reasons beyond the interests, rights, and freedoms of the data subject or for the establishment, exercise, or defence of legal claims.

18. PURPOSE: Service improvement.
The data collected for all of the above purposes can be used to improve technical and organisational tools, IT infrastructure, adapt services to the devices used, develop new Paysera Bank Georgia/Paysera Network services, enhance satisfaction with existing services, as well as test and improve technical tools and IT infrastructure.

19. PURPOSE: Service misuse prevention and proper service delivery.
The data collected for all of the above purposes may be used to prevent unauthorised access and use, i.e. to ensure privacy and information security.

20. For the processing of personal data, Paysera Bank Georgia/Paysera Network may engage data processors and/or, at its own discretion, hire other persons to perform certain ancillary functions on behalf of Paysera Bank Georgia/Paysera Network (e.g. data centres, hosting, cloud hosting, system administration, system development, software development, provision, support services such as improvement and development; services of customer service centres; marketing, communication, consulting, temporary staffing, or similar services). In such cases, Paysera Bank Georgia/Paysera Network shall take the necessary measures to ensure that such data processors process personal data in accordance with Paysera's instructions and applicable laws, and shall require compliance with the appropriate personal data security measures. Paysera Bank Georgia/Paysera Network shall also ensure that such persons are bound by confidentiality obligations and cannot use such information for any purpose other than the performance of their functions.

21. Personal data collected for the purposes specified in this Privacy Policy shall not be processed in any ways incompatible with these legitimate purposes or legal requirements.

22. The data referred to above will be provided and received through a software tool used by Paysera Bank Georgia/Paysera Network or its authorised agent, also by other means and third persons with whom Paysera Bank Georgia/Paysera Network has entered into personal data processing agreements in accordance with laws and regulations.

Geographical area of processing

23. Generally, personal data is processed in the territory of Georgia and within the European Union/European Economic Area (EU/EEA) but may in certain cases be transmitted and processed outside the EU/EEA.

24. Personal data is being transferred and processed outside the EU/EEA where the transfer is necessary for the conclusion or execution of a contract (for example, when a payment is carried out to a third party or through a third party partner (correspondent)) or for example, when the client carries out commerce activities using an online platform (is a registered user) where payment service providers/banks of registered users are subject to specific customer information requirements) when law provisions stipulate the need for the transfer, or when the client gave their consent. We seek to ensure that appropriate technical and organisational measures are in place in all of these cases as indicated in the Joint Controller Agreement.

Profiling

25. Profiling carried out by Paysera Bank Georgia/Paysera Network involves the processing of personal data by automated means for the purposes of legislation relating to risk management and continuous and periodic monitoring of transactions in order to prevent fraud; such ongoing profiling is based on the legal obligations of Paysera Bank Georgia/Paysera Network.

26. For the purpose of direct marketing and statistical analysis, profiling may be carried out using Matomo, Google, Facebook, and other analytics tools.

Processing the personal data of minors

27. A minor under 18 (eighteen) years of age, seeking to use the services of Paysera Bank Georgia, shall provide written consent from their representative (parent or legal guardian) with regard to their personal data processing.

Cookie policy

28. Paysera Bank Georgia/Paysera Network may use cookies on this website. Cookies are small files sent to a person's Internet browser and stored on their device. Cookies are transferred to a personal computer upon first visiting the website.

29. Usually, Paysera Bank Georgia/Paysera Network uses only the necessary cookies on the person's device for identification, enhancement of the website functionality and use, and facilitating a person's access to the website and the information it contains. Paysera Bank Georgia/Paysera Network may use other cookies upon receiving the client's consent. You will find a brief description of different types of cookies here:

Strictly necessary cookies.

30. These cookies are necessary in order for you to be able to use different features on the Paysera Bank Georgia/Paysera Network website. They are essential for the website to work and cannot be switched off. They are stored on your computer, mobile phone or tablet while you are using the website and are only valid for a limited amount of time. They are usually set in response to actions made by you while browsing such as changing your privacy settings, logging in and filling out various forms.

Statistics cookies.

31. These cookies are used to collect and report on anonymous information in order to find out how our visitors use the website.

Analytics cookies.

32. These cookies are used to monitor the number and traffic of website users. Analytics cookies help us find out which websites are visited the most and how visitors use them to improve the quality of our services. If you do not consent to the use of these cookies, we will not include your visit to our statistics.

Marketing cookies.

33. These cookies are used to provide relevant information about our services based on your browsing habits to improve content selection and offer more options while using our website. In addition, these cookies may be used in our third-party partners' websites for reporting purposes. In that way, we would also receive information about your browsing history from our official partners' websites where we place our ads. If you do not consent to the use of these cookies, you will only see non-personalised advertising.

34. Most web browsers accept cookies, but the person can change the browser settings so that cookies would not be accepted. It should be noted that unlike other types of cookies, rejecting necessary cookies may affect the website functionality, and some features may not work properly. Upon first visiting the Paysera Bank Georgia/Paysera Network website, you will see a pop-up message with a list of specific types of cookies you may choose to accept or decline. If you decide to accept the necessary and the other types of cookies, you can change your selection and revoke your consent by clicking on Cookies Settings at the bottom of the page.

The right of access, rectification, erasure of your personal data, and to restrict data processing

35. You have the following rights:
35.1 THE RIGHT OF ACCESS TO DATA:
to obtain information as to whether or not Paysera Bank Georgia processes your personal data, and, where that is the case, access to the personal data processed by Paysera Bank Georgia and to receive information on what personal data and from which sources are collected, the purposes of the processing, the recipients to whom the personal data have been or may be provided; to obtain from Paysera Bank Georgia a copy of the personal data undergoing processing in accordance with the applicable law. Upon the receipt of your written request, Paysera Bank Georgia, within the time limit laid down in the legislation, shall provide the requested data in writing, or specify the reason of refusal. Once in a calendar year, data may be provided free of charge, but in other cases, remuneration may be set at a level not exceeding the cost of the data provision. More information on the right of access to data and its processing can be found here.

35.2 THE RIGHT OF RECTIFICATION:
if your data processed by Paysera Bank Georgia is incorrect, incomplete, or inaccurate, you can address Paysera Bank Georgia in writing for the rectification of the incorrect or inaccurate data or to have the incomplete personal data completed by providing a relevant request;

35.3 THE RIGHT TO BE FORGOTTEN:
to request the termination of the data processing (erase the data), when that the data subject withdraws the consent on which the processing is based, or the personal data is no longer necessary in relation to the purposes for which it was collected, or the personal data has been unlawfully processed, or the personal data has to be erased for compliance with a legal obligation. A written notice of objection to personal data processing shall be submitted to Paysera Bank Georgia personally, by post, or via electronic means of communication. If your objection has legal grounds, Paysera Bank Georgia, after examining the request, shall terminate any actions of processing of your personal data, with the exception of cases provided for by law. It should be noted that the right to require the immediate erasure of your personal data may be limited due to the obligation of Paysera Bank Georgia as a Bank to store data about the clients' identification, payment transactions, concluded agreements, etc. for the period laid down in legislation;

35.4 THE RIGHT TO RESTRICT THE PROCESSING OF DATA:
to request to restrict the processing of personal data, when the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data; the processing is unlawful, and the data subject opposes the erasure of the personal data and requests the restriction of its use instead; the controller no longer needs the personal data for the purposes of the processing, but it is required by the data subject for the establishment, exercise, or defence of legal claims. A data subject who has obtained restriction of processing shall be informed by the data controller before the restriction of processing is lifted;

35.5 THE RIGHT TO OBJECT:
the right to object to the processing of your personal data for direct marketing purposes;

35.6 RIGHT TO LODGE A COMPLAINT:
You can address the supervisory authority with a claim regarding the processing of your personal data by Payera Bank of Georgia JSC, if you believe that the personal data is processed in violation of your rights and legitimate interests stipulated by applicable legislation. Information about the supervisory authority can be found here;

If the claim is about data processing during the particular service provided by any other Paysera Partner – you can contact the supervisory authority in the territory of your data processing Partner;

35.7 RIGHT TO CONTACT:
You can contact the data controller and/or the data protection officer of Payera Bank Georgia for the purpose of exercising your rights;

35.8 other statutory rights.
You can send your request for access, rectification, update, addition, blocking, deletion and destruction of data, or objection to data processing via email to: [email protected]. The person submitting the request must clearly indicate their full name and send the request via the email specified in the system. After receiving the request, a representative of the Bank will contact you to perform your identification and complete the process of execution of your request.

Third-party websites

36. Paysera Bank Georgia/Paysera Network is not responsible for protecting the Client's privacy on websites of third parties, even if the client accesses such websites through links provided on this website. Paysera Bank Georgia/Paysera Network recommends learning the privacy policies of each website that does not belong to Paysera Bank Georgia/Paysera Network .

The use of logos

37. The client, using the services of Paysera Bank Georgia for business objectives and professional interests, agrees that Paysera Bank Georgia/Paysera Network may use their name and/or logo for direct marketing purposes (e.g. by indicating that the client is using the services provided by Paysera Bank Georgia/Paysera Network).

Ensuring Information Security

38. Paysera Bank Georgia/Paysera Network aims to ensure the highest level of security for all information obtained from the Client and public data files. In order to protect this information from unauthorised access, use, copying, accidental or unlawful erasure, alteration, or disclosure, as well as from any other unauthorised form of processing, Paysera Bank Georgia/Paysera Network uses appropriate legal, administrative, technical, and physical security measures.

Biometric data processing

39. In order to receive banking services remotely, in accordance with the rules established by the current legislation, you must go through the electronic identification and verification procedure, within the framework of which, with relevant technical solution, Paysera Bank Georgia will receive and process your personal data, including special category (biometric) data (audio-visual recording and photo).

40. During your electronic identification/verification, Paysera Bank Georgia uses the technical solution developed by "Reizomat" LLC (I/N 402102005) (hereinafter "Identomat") to check the authenticity of the person. In particular, when establishing a person's identity, a video and a dynamic selfie are taken through the Identomat, which verifies the authenticity of the client - we make sure that there is a live person on the other side of the camera and no mask, photo, mannequin or other means are used;

41. If you successfully pass the electronic identification/verification process and Paysera Bank Georgia is sure that you really want to use the banking services, you will be able to receive the relevant remote services.

42. Data is processed and stored by Reizomat Ltd. on a secure server in Frankfurt, Germany. The remote server service providers are DigitalOcean LLC (service agreement with all attachments located at https://www.digitalocean.com/legal/terms-of-service-agreement/) and AWS (data protection terms located at https://www.digitalocean.com/legal/terms-of-service-agreement/) https://aws.amazon.com/legal/?nc1=f_cc). The data is located in the territory of the European Union and its activities comply with the requirements of the GDPR. The data placed on the above server resources is encrypted and the providers of the server resources do not have access to the data content.

43. These Privacy policy provisions are subject to the the Georgian Law on Personal Data Protection and the EU GDPR. All disputes regarding the provisions of the Privacy Policy shall be settled by negotiation and, in case of failure to resolve an issue by negotiation, the dispute shall be taken to courts of Georgia.