Privacy Policy
Last Modified: 18 September 2025
INTRODUCTION
1.1. This Privacy Policy applies to your access and use of the independent platform (“Platform”) linked to www.DOSHFX.com (“Website”) under the DOSH brand (“We, “Us”, “Ours”), by any User (referred to as “You”, “Your”, or “Trader”). We operate as an independent platform and website under the DOSH brand. For the purposes of this document, “DOSH” refers to:
DOSHX PTY Ltd: A company duly incorporated under the laws of South Africa, duly licensed by the Financial Sector Conduct Authority, South Africa, with licence number 52900.
1.2. We are committed to protecting your privacy. This Privacy Policy (hereinafter referred to as “Privacy Policy” or “Policy”) applies to all persons using our services, website environment (available at www.DoshFX.com), using any of DoshFX’s application(s), or when you otherwise do business or contact us. This Policy governs our online privacy practices, the methods and types of personal information that we received, collect, disclose, and store, how the personal information is used, with whom it may be shared, what choices are available to you regarding the collection, use, and distribution of your personal information, what kind of security procedures are in place to protect the loss, misuse or alteration of the information under our control, your rights regarding your personal information and whom to contact with questions or concerns. This Policy shall be read alongside the General Terms and Conditions of the Platform. In the event of any conflict between this Policy and the General Terms and Conditions, the former shall prevail to the extent both apply to arrangements delineated in this Policy. Any capitalised term not defined here will derive its meaning from its definition in the general Terms and Conditions available on the Website.
1.3. This Privacy Policy explains how DoshFX, as well as its affiliates (hereinafter referred to as “DoshFX Operators”), including but not limited to legal persons, unincorporated organisations, and teams that provide services, collect, use, process, disclose, share, transfer, and protect personal information obtained through DoshFX and its partners. So, the terms we, us, and our refer to DoshFX and DoshFX Operators collectively.
1.4. By using our website environment (available at https://DoshFX.com (“Website” or “Platform” as the context may require), our applications, or our services, you (“User”, “You”, “Your”) consent to this Policy and to the data practices described in it, in addition to consenting to it explicitly when using the Website. If you do not agree with the data practices described in this Policy, you may choose to stop using our services or the Website. We periodically update this Policy and encourage you to review it frequently.
1.5. Please carefully read this Privacy Policy, because it applies to the DoshFX website and/or DoshFX mobile application, along with related services, information and communications, materials, and any software that we make available that allows you to access relevant services and DoshFX software, communication, and mail operations regardless of whether you register or log in to use the services or not. When visiting Platforms, you acknowledge, understand, and consent to all provisions described in this Privacy Policy. We will not use your personal information for any purpose not covered in this Privacy Policy or the Terms and Conditions (including any other business rules of DoshFX) without prior notification to you and your consent. If you do not agree with any part of this Privacy Policy, please stop using the services immediately.
PURPOSE
2.1. This Policy has been developed for purposes of compliance with the Protection of Personal Information Act 2013 (“ POPIA”) and the General Data Protection Regulation 2016 (“GDPR”), and other data protection-oriented provisions within applicable regulations, as DoshFX offers services to residents in the European Economic Area (“EEA”) and the Republic of South of Africa.
2.2. To confirm your identity in compliance with the Know Your Customer (KYC), Anti-Money Laundering (AML), and Counter-Terrorist Financing (CFT) regulations.
2.3. In order to promote our services to You, we may send you information about our products, features, promotions, surveys, news, updates, and events. We also aim to tailor our marketing messages to your preferences. If you prefer not to receive marketing communications, you can choose to opt out during the account creation process. Additionally, you have the option to unsubscribe from our marketing emails at any time or submit a support ticket to request removal from our marketing list.
2.4. Our objective is to follow the prescribed procedures established by organisations like the United Nations, European Union, the U.K. Treasury, and the U.S. Office of Foreign Assets Control (OFAC) to carry out sanctions screening. We seek to establish safeguards that deter us from participating in transactions with individuals, organisations, or countries included on the sanctions list.
2.5. To oversee and uphold your account within our system and to identify and thwart any fraudulent or unauthorised utilisation of our products and services.
2.6. When you are asked to provide personal information, you may decline, but if you choose not to provide data that is necessary to enable us to make our services available to you, you may not be able to sign up for our services, and some features may be limited. If you fail, neglect, and/or refuse to or are unable to provide us with any Personal Information which we necessarily need to provide you with services, or that we need to collect by law (for example, identification information for KYC/AML obligations), we may not be able to provide you with services. In this case, we have the right to discontinue the provision of services to you and/or close your account. In such a situation, we will notify you at the earliest.
2.7. DoshFX collects certain personal information to enable us to operate effectively and to provide you with the best experiences on our website and our operations. DoshFX prides itself on transparency, and as such, you have choices about the personal information we collect.
2.8. DoshFX collects the personal information to enhance the quality of products and services that are offered, while also innovating to create new offerings.
2.9. Some of the information we obtain is collected to comply with applicable laws and regulations, including anti-money laundering laws. This Policy explains:
· The types of information we collect about you
· How we use information about you
· Types of information we disclose to third parties and the types of such third parties
· How we protect your personally identifiable information; and
· How you may instruct us not to disclose certain information about you that we are otherwise permitted to disclose by law.
INFORMATION WE COLLECT FROM YOU
3.1. The kinds of Personal Information we collect will depend on the type of interaction you have with us (for example, Telephone calls to us may also be recorded for training and quality assurance purposes). Generally, we collect the following information (“Information”) about you if you are:
3.2. Natural Person (Individual customers)
· Identification information, such as your name, email address, and home address (including documents such as current utility bill, i.e., electricity, telephone, gas, or mobile phone bill, documents issued by a government department that shows the end user’s address, bank statement (not older than 3 months) that shows the end user’s address), contact number, date of birth, gender, demographic and location data, billing address, username, along with identification details of documents confirming such details (such as passport, driver’s licence, National identity card);
· Country of birth;
· ID expiry details;
· Profession;
· Expected annual income;
· Source of funds;
· Purpose of transactions; and
· Method of payments.
Legal Entity (Corporate customers)
· Copies of Commercial Licence/Trade Licence (or equivalent)
· Copies of the Certificate of Incorporation
· Copies of Certificate of Incumbency
· Copies of Memorandum of Association (MoA)
· Copies of Share Certificate/Share Register (where details of shareholders are not available in the MoA)
· Copies of Documents providing details of Ultimate Beneficial Owners
· Purpose and nature of the intended business relationship (BOR)
· Copies of identification document of Owner(s) (passports/ID cards)
· An authorisation letter must be taken for a representative of the legal entity who carries out transactions on its behalf
· Copies of documents providing details of the relationship with the company and powers of authorised signatories who have the authorisation to carry out transactions on behalf of the Company, along with their identification documents.
Compliance approval is required prior to onboarding the legal entity.
· If the Legal entity or any of its UBOs/Authorised signatories is found to be Foreign Politically Exposed Persons(FPEP), then onboarding should be completed only after obtaining approval from the Managing Director/Chief Executive Officer of DoshFX
· Residential status & address (whether incorporated/operating from, etc.)
· Phone numbers
· FPEP/PEP status
· Appropriate evidence must be collected for the verification and confirmation of the sources of funds, the purpose of the transaction, and the commercial/economic reason for each transaction. The receipt must be signed by the representative of the legal entity who carries out the transaction on its behalf and retains the records.
Notwithstanding the foregoing, we shall further collect the following Information:
· Information you provide when you participate in promotions offered by us or our partners, respond to our surveys or otherwise communicate with us.
· Information about when and where the transactions occur, the names of the transacting parties, a description of the transactions, the payment or transfer amounts, billing and shipping information, and the devices and payment methods used to complete the transactions.
· Information about the location of your device and some other device specifics, including your hardware model, operating system and version, unique device identifier, mobile network information, and information about the device’s interaction with our services.
· Information about how you use our services, including your carrier operating system, connection type, referring URLs, access time, browser type and language, and Internet Protocol (‘IP’) address, as well as other information which may be collected and used by us automatically through the browser on your device or otherwise.
· Information about you from third parties, such as data providers and credit organisations, where permitted by law.
· Information contained in or relating to any communication that you send to us, with or without our request, including, without limitation, the communication content and metadata associated with the communication.
· Information collected by Cookies and Web beacons (defined below), including using web beacons and sending cookies to your device.
· Your connections with others whose personal information we may collect or hold.
· online payment details, which may include third-party payment systems, credit, or direct debit details for your bank account to process transactions contemplated by our services.
3.3. Information may also include information we collect about your individual preferences. We may collect the Information in the course of your signing up for our services, in the course of our identity or account verification process, or in the course of your use of our Services.
3.4. This policy applies to your Information when you use our website and interact generally with us, but does not apply to Third-Party Sites. We are not responsible for the privacy policies or content of Third-Party Sites.
3.5. For the avoidance of doubt, unless stated otherwise, this policy will govern our collection of your Personal Information irrespective of the forum. Your continued usage of our website and/or services will be taken to indicate your acceptance of the terms of this privacy policy insofar as it relates to our website.
3.6. We do not knowingly collect data from, or market to, children below the legal age as established under their relevant domestic laws. By using the services, you represent that you are at least the age of majority within your respective domestic law or that you are the parent or guardian of such a minor and consent to such minor’s/dependent’s use of the Services. If we learn that personal Information from users who are less than the age of majority has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records.
MODE OF COLLECTION
4.1. We usually collect and store information, including in paper, the physical and electronic forms provided by you when you communicate with us by telephone, email, web-based form, letter, facsimile, or other means, including when:
· We provide you with our services via telephone, email, or our website.
· You participate in our functions, events, or activities or on our social media pages.
· You request that we provide you with information concerning our products or services.
· You upload or submit information to us or our website; or
· You complete any forms requesting information from you, including on registration with us, complete any survey or provide feedback to us concerning our products or services.
4.2. Where practicable, we will only collect information from you. However, we will also collect your Information through our partners and third parties who supply services to us or utilise automated tools, whom you have authorised to share such personal information with other parties, including but not limited to, channels such as public databases, credit bureaus, ID verification partners, blockchain data, marketing partners and resellers, advertising partners and analytics providers.
4.3. Please note that we use our own and third-party computer servers, including our website hosts, data backups, and payment gateway(s), which may be located outside of the Republic of South Africa, and your Information will likely be stored and transmitted overseas as part of the normal operation of our business. Refer to the relevant provision in our General Terms and Conditions to understand how we handle your data during such operations.
4.4. We also collect information from your computer or mobile device automatically when you browse our website. This information may include:
· the date and time of your visit;
· your domain;
· locality;
· operating system;
· the server your computer or mobile is using to access our Website;
· your browser and version number;
· search terms you have entered to find our Website or access our Website;
· pages and links you have accessed both on our Website and other websites;
· the last website you visited;
· the pages of our Website that you access;
· the device you use to access our Website; and your IP Address.
4.5. While we do not use some of this information to identify you personally, we may record certain information about your use of our websites, such as which pages you visit and the time and date of your visit, and that information could potentially be used to identify you.
4.6. It may be possible for us to identify you from information collected automatically from your visit(s) to our website. If you have registered an account with us, we will be able to identify you through your username and password when you log into our website. Furthermore, if you access our website via links in an email we have sent you, we will be able to identify you.
4.7. The device you use to access our website may collect information about you, including your location, using longitude and latitude coordinates obtained through GPS, Wi-Fi, or cell site triangulation. For information about your ability to restrict the collection and use of such information, please use the settings available on your device.
4.8. We may use statistical analytics software tools and software known as cookies, which transmit data to third-party servers located overseas. To our knowledge, our analytic providers do not identify individual users or associate your IP Address with any other data held by them.
4.9. We will retain your Information for any period we consider necessary to provide our products and services to you and to comply with our legal obligations. The period may vary depending on the type of Information we hold.
HOW WE SHARE AND USE YOUR INFORMATION
5.1. We shall share and use your information with and for:
· Any person who works with us or with one or two groups of companies.
· To our related entities, employees, officers, agents, contractors, other companies that provide services to us, sponsors, government agencies, or other third parties to satisfy the purposes for which the information was collected or for another purpose if that other purpose is closely related to the primary purpose of collection and an individual would reasonably expect us to disclose the information for that secondary purpose.
· Any entity that forms part of DoshFX to process your payments that you have authorised and to provide you with the goods and services that you have opted for.
· Any financial and other institutions to facilitate authorised payment processing and to deliver our range of products and services.
· Entities and firms that offer services to us, encompassing technical infrastructure, marketing, and analytics, as well as web and app development.
· Entities and organisations that support us in the realm of fraud prevention services and aid us in identity verification and safeguarding against fraud or financial misconduct, taking appropriate actions as warranted by the outcomes of such investigations.
· Our professional advisers, consultants, and other similar services.
· Any financial and other institutions to facilitate authorised payment processing and to deliver our range of products and services.
· The selected and trusted group of third party/parties to fulfil our obligations under our contract with you and to meet government, regulatory, and law enforcement requests, and to continue providing you with the services. We will only disclose your personal information to third-party service providers under strict terms of confidentiality. We do not allow our third-party service providers to use your personal information for their purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.
· The third parties
- who help us to verify the identity of our clients and customers, and other software service providers who assist us to provide the services we provide to you.
- who help us analyse the information we collect so that we can administer, support, improve or develop our business and the services we provide to you, including cloud hosting services, off-site backups, and customer support.
- Who shall use your information to let you know about goods and services which may be of interest to you in accordance with the applicable laws.
· The merchants and the recipients of funds are to identify you as the sender of the funds and to a party who sends you funds in connection with a transfer to you of funds.
· Law enforcement or government agency, or is required by law, or legal processes, such as a subpoena, court, or another legal process with which we are required to comply, including our obligations under applicable anti-money laundering laws.
· Enforcing the terms of this policy or enforcing any of our Terms and Conditions with you.
· Our professional advisers, such as consultants, bankers, professional indemnity insurers, brokers, and auditors, so that we can meet our regulatory obligations, and administer, support, improve or develop our business.
· Any other person, with your consent (express), to:
- Facilitate the sale of all or a substantial part of our assets or business, or to companies with which we propose to merge, or who propose to acquire us and their advisers.
- Protect the interests of our users, clients, customers, and third parties from cybersecurity risks or incidents and other risks or incidents; and
- Maintain the integrity of our Website and protect our rights, interests, and property and those of third parties.
· In addition to the above recipients, we will disclose your personal information if we are requested to do so by law enforcement or if the disclosure is made in connection with either the normal operation of our business in a way that you might reasonably expect, for example, if such disclosure is incidental to IT services being provided to our business or for the resolution of any dispute that arises between you and us. This disclosure may involve your Personal Information being transmitted overseas.
5.2. In the event of a proposed restructuring or sale of our business (or part of our business) or where a company proposes to acquire or merge with us, we may disclose personal information to the buyer and their advisers without your consent, subject to compliance with the applicable regulations. If we sell the business and the sale is structured as a share sale, you acknowledge that this transaction will not constitute the ‘transfer’ of Personal Information.
WE PROCESS AND USE AGGREGATED, ANONYMISED, AND DE-IDENTIFIED DATA
6.1. We may also create, process, collect, use, and share aggregated, anonymised, or de-identified Information, such as statistical or demographic data, for any purpose which may be derived from your Personal Information. We may use this data to comply with legal or regulatory obligations and for any business purpose, including to better understand users’ needs and behaviours, improve our products and services, conduct business intelligence and marketing, and detect security threats.
6.2. We may share such Information with members of our group, service providers, and our key partners. Some of these third parties may be in a jurisdiction outside the laws as stated in this Policy, in which case we will take all necessary steps to ensure that your Personal Information is treated securely and that such transfers are permitted under the applicable data protection laws.
6.3. We may also use any or all the personal information above to administer and manage our business in general, to detect and prevent misuse of our services (including fraud and unauthorised payments), and to enforce our Terms and Conditions or any other contract to which we may be a party to.
HOW WE SHALL SECURE YOUR PERSONAL INFORMATION
7.1. We place a significant emphasis on ensuring the security of your personal data.
7.2. We regularly assess and implement appropriate and reasonable technical and organisational security measures to ensure the safety of your personal information.
7.3. Our employees undergo training to handle personal data securely and with the utmost respect. Failure to adhere to these standards may result in disciplinary actions. While we take measures to safeguard your personal data, we cannot guarantee its absolute security. In the event of a data breach, please refer to the “Data breaches” section below. It is essential for you to take responsibility for securing your account login credentials and complying with DoshFX Terms of Use regarding account security.
CONSENT MECHANISM
By creating a DoshFX Account, you are consenting to our processing, storage, utilisation, and sharing of your personal information in accordance with this Privacy Policy. If you disagree with any aspect of this Privacy Policy or the Terms and Conditions, or if you wish to withdraw any previously given consent, please contact us at info@DoshFX.com. It's important to note that if you withdraw any essential permissions or revoke consent for processing and storing information such as your DoshFX Account data, Financial and KYC Information, or any other information required to offer you our Services, we may be required to discontinue providing those Services to you.
RETENTION OF PERSONAL INFORMATION WITHOUT CONSENT
9.1. In certain cases, we may process your personal information without your explicit knowledge or consent, but only in cases where such processing is mandated or allowed by Applicable Law.
9.2. We will keep it for any necessary period to serve our legitimate business interests. These interests include meeting legal requirements, preventing fraud, resolving disputes, upholding agreements, safeguarding the interests of DoshFX and its customers, and as mandated by applicable laws.
9.3. Your biometric data is held by our third-party service providers for a maximum period of one year following the conclusion of your customer relationship with us.
MARKETING
10.1. We may contact you with information regarding our products, services, news, and promotions, or engage in communication for marketing purposes through various channels such as email, push notifications, in-app messages, text messages, or other means. Our marketing communications will always adhere to relevant laws, including consent and opt-out regulations.
10.2. You have the option to opt out of receiving marketing communications at any time. This can be done by selecting the "Unsubscribe" option, which is included in all marketing messages sent to you. Additionally, you can manage your communication preferences by accessing your account settings within our app or on our website.
10.3. It is important to note that opting out of marketing content will not affect your receipt of critical communications related to the security or functioning of your account.
THIRD-PARTY ADVERTISING AND ANALYTICS
11.1. Our websites or communications may contain links to other third-party websites, which are not owned or operated by us and are regulated by their privacy policies. If you click on a third-party link, you will be directed to that third party’s platform. We strongly advise you to review the privacy policy of every platform you visit. We are not responsible for the privacy policies of these third-party websites, regardless of whether they were accessed using the links from our website. We have no control over and assume no liability for the content, privacy policies, or practices of any third-party platforms or services.
CONSENT FOR PERFORMANCE OF CONTRACT; LEGAL OBLIGATIONS
12.1. You grant consent for the processing of your personal information. This processing will be done to fulfil all legal obligations stemming from contracts involving you, or to provide services that you have contracted us to deliver, or to take necessary actions upon your request before entering into a contract with you.
12.2. When you apply for or sign up for our services, you grant us the authorisation and consent to obtain information about you from third parties and share such information with them. This process is carried out in the context of identity or account verification, fraud detection, collection procedures, or as otherwise permitted or mandated by applicable law.
12.3. You have the option to revoke this consent at any time. Please note that withdrawing your consent will not impact the legality of processing that occurred based on your previous consent. The withdrawal of consent will become effective within 30 calendar days of your request submission. If you wish to make such a request, kindly contact us at info@DoshFX.com.
12.4. We provide detailed, clear, and easily revocable explanations about the specific information we gather, how we collect it, the reasons behind its collection, how we share it, and the duration for which we retain it in this Policy.
12.5. We will store your data only for the duration necessary to fulfil our obligations or achieve the intended purposes for which the information was gathered, and in accordance with Applicable Law. The determination of the appropriate retention period will take into account factors such as the quantity, nature, and sensitivity of the data; potential risks associated with unauthorised use or disclosure of the data; the purposes for which we process the data and whether alternate methods can achieve those purposes; and relevant legal requirements. Unless required otherwise by applicable law, upon the conclusion of the retention period, we will either delete personal data from our systems and records or take suitable measures to ensure its proper removal from our system.
YOUR DATA PROTECTION RIGHTS
13.1. Right to be informed: This means you have a right to know
a. The identity and contact details of the Company.
b. The purposes of processing your personal information, as well as the legal basis for the processing.
c. The legitimate interests pursued by us or by a third party who processes your personal information.
d. Recipients or categories of recipients of your personal information.
e. Our intention to transfer your personal information to a third country or international organisation and reference to the appropriate safeguards and the means to obtain a copy.
f. The period for which your personal information will be stored, or if that is not possible, the criteria used to determine that period.
g. Whether the provision of personal information is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obligated to provide the personal information and the possible consequences of failure to provide such data.
h. The existence of automated decision-making, including profiling and meaningful information about the logic involved.
Where we intend to further process your personal information for a purpose other than that for which the personal information was collected, we must apprise you, before such further processing, with information on those other purposes and with any other relevant information.
13.2. Right of access: This is your right to see what personal information is held about you by us. Particularly, you have the right to:
a. Receive confirmation as to whether your personal information is being processed.
b. Access your personal information which we are processing along with the purposes of the processing; the categories of personal information being processed; the recipients or categories of recipients to whom the personal information has been or will be disclosed; the envisaged period for which the personal information will be stored, or, if not possible, the criteria used to determine that period; where the personal information is not collected from you, any available information as to their source.
c. Where your personal information is transferred to a third country or an international organisation, you have the right to be informed of the appropriate safeguards relating to the transfer.
d. A copy of your personal information being processed; and
e. Any further copies requested by you, upon paying a reasonable fee.
13.3. Right to rectification: This is your right to have your personal information corrected, rectified, or amended if what is held by us or a third party onboarded by us is incorrect/inaccurate in some way.
13.4. Right to erasure: This is your right, under certain circumstances, to ask for your personal information to be deleted. This would apply if your personal information were no longer required for the purposes it was collected for, your consent for the processing of that data has been expressly withdrawn, or where your personal information has been unlawfully processed. Once deleted, all your data will be removed from our systems and will not be recoverable.
13.5. Right to withdraw consent: If you wish for the Company to stop processing your personal information, it is your right to withdraw consent, preventing the Company from further processing the same personal information.
13.6. Right to restrict processing: This is your right to ask for a temporary halt or pause in processing your data, such as in the case where a dispute or legal case must be concluded, or the data is being corrected.
13.7. Right to data portability: This is your right to object to the further processing of your personal information, which is inconsistent with the primary purpose for which it was collected, which includes profiling, automation, and direct marketing.
13.8. Right to object: This is your right to object to the further processing of your personal information, which is inconsistent with the primary purpose for which it was collected, which includes profiling, automation, and direct marketing.
13.9. Rights in relation to automated decision-making and profiling: This is your right not to be subject to a decision based solely on automated processing.
Please note that whether you have these rights will depend on the domestic data protection laws of your country. You may want to consult with a legal advisor to better understand your personal data-related rights in your jurisdiction.
We aim to respond to all legitimate requests without undue delay and within thirty (30) calendar days of receipt of any request from you. Occasionally, it may take us longer than thirty (30) calendar days if your request is particularly complex or if you have made duplicate or numerous requests. In this case, we will notify you of receipt of such request(s) and keep you updated as to the status of progress concerning such request(s).
If you have any of these rights under your domestic data protection laws and wish to exercise any of them, please contact us at info@DoshFX.com. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This security measure is to ensure that your personal information is not disclosed to any person who has no right to receive it.
LEGAL RECOURSE TO RELEVANT AUTHORITIES
14.1. If you are located in the Republic of South Africa and believe there has been a potential violation of the POPI Act, you have the right to file a complaint with the Information Regulator of South Africa at any time.
14.2. If you are situated in the European Union (EU) or the European Economic Area (EEA), you have the right to lodge a complaint with a supervisory or regulatory authority within an EU or EEA member state where you reside, where we may have a presence (if applicable), or where an alleged breach of data protection laws has occurred.
14.3. However, before reaching out to any such authority, we would appreciate the opportunity to address and resolve your concerns. Please contact us as the initial step in resolving your complaint promptly and to your satisfaction. You can reach us via email at info@DoshFX.com.
WE DO NOT MISUSE YOUR PERSONAL INFORMATION
15.1. Without your explicit consent, we do not engage in the sale, trade, or transfer of your information, whether it is public or private, for any purpose whatsoever. The sole exception to this practice is when it is essential for us to provide you with our Services and enhance your personalised experience with us.
15.2. We collect, process, and utilise information about you for the following purposes:
· To deliver our products and services to you, which includes processing your transactions and carrying out your requests to utilise our services.
· To enhance, personalise, and facilitate your utilisation of our products and services.
· To gauge, tailor, and enrich our services, encompassing the design, content, and functionality of our website, as well as monitoring and assessing trends and usage in connection with our services.
· To conduct research, verify and ensure the accuracy of information, compile and analyse statistics pertinent to our business operations.
· To enhance our customer service and effectively manage our relationship with you.
15.3. Subject to your prior consent, we may send you periodic emails containing news, updates, and information related to our services. Additionally, we may conduct surveys to gather feedback. These communications aim to keep you informed about our products, services, promotions, discounts, incentives, and rewards, which may be offered by us or carefully chosen partners. These communications will be based on your chosen communication preferences, as well as applicable legal requirements, and will be directed to the email address you provided for such purposes.
15.4. We use your information for various purposes, including but not limited to:
· Managing our internal information processing and IT systems.
· Operating our website and providing our services, with a focus on ensuring their security.
· Maintaining backups of our databases and complying with our internal policies, procedures, and applicable laws.
· Communicating with you, which includes delivering requested information and support, technical notices, security alerts, and administrative messages. It also involves resolving disputes, collecting fees, and assisting with service-related issues.
· Establishing, exercising, or defending legal claims, whether in court proceedings or other legal procedures, to protect our rights, your rights, and the rights of others.
· Managing and mitigating risks, obtaining professional advice, and fulfilling our legal obligations as required by law or through written agreements with third parties.
· Displaying transaction history for your reference.
· Protecting the rights, property, security, or integrity of our services.
· Facilitating corporate acquisitions, mergers, or transactions.
· Developing new products and services.
· Protecting our rights, enforcing our Terms and Conditions or other applicable agreements or policies, verifying your identity, investigating and preventing fraud, security breaches, and other potentially prohibited or illegal activities, and complying with any relevant laws, regulations, or legal processes.
COOKIES
16.1. When you visit our website or the websites of our partners, we and our partners may utilise cookies and other tracking technologies (“Cookies”). These Cookies are small files that store information on your computer, mobile device, or another electronic device. They allow us to identify you across various websites, services, devices, and browsing sessions. Cookies also aid in tailoring online content and advertising, remembering your preferences for future visits to the website, evaluating the efficiency of our promotions, safeguarding against potential fraud, and analysing your interactions, as well as those of other users, with the website.
16.2. If you choose not to provide consent for us to use cookies for gathering information while you're using our website, you have the option to configure your browser settings to delete, disable, or block specific cookies. You can find guidance on managing cookie preferences for popular web browsers such as Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, and Apple Safari on their respective websites.
16.3. There may be instances where we request your consent to use cookies, particularly when you access specific sections of our website. For instance, you might be asked whether you want the website to remember certain information about you.
16.4. It is important to note that certain functionalities and features of our website rely on the use of cookies. If you choose to disable cookies, it may limit your ability to use our website, or certain parts of our site may not work correctly.
16.5. During your initial visit to our website or after you’ve cleared your cookies, you may encounter a banner prompting you to accept our use of cookies and other tracking technologies. Unless you’ve adjusted your browser settings to reject cookies or decline our cookie policy, our system will generate cookies when you access our website.
16.6. Our website may also incorporate web beacons (sometimes referred to as single-pixel gifs) or similar technologies. These electronic images serve several purposes:
· Facilitating the delivery of cookies.
· Tracking the number of users who have visited our website.
· Assessing the effectiveness of our promotional materials, including whether and when you engage with them.
· Placing web beacons on their websites or within their promotional materials, typically as part of our business development and data analysis efforts.
· Allowing web beacons to be incorporated into our website by analytics services to help us compile aggregated statistics regarding the performance of our promotional campaigns and other operations.
16.7. It is worth mentioning that web beacons utilised by analytics services might enable them to deploy cookies or other identifiers on your device. This enables them to collect information about your online activities across different applications, websites, or products.
SECURITY PRECAUTIONS AND MEASURES
17.1. We are deeply committed to ensuring the security of your information. To prevent any unauthorised access or disclosure, we have implemented robust physical, electronic, and managerial procedures to protect and secure the data we collect online. We adhere to industry-standard technical measures, and we require our affiliates and vendor partners to employ data encryption technology. Here are some of the specific measures we take:
· Physical Measures: We store materials containing your personal information in secure, locked facilities.
· Electronic Measures: Electronic records containing your personal information are stored in computer systems and storage media with stringent login restrictions.
· Management Measures: Only authorised employees with a clear understanding of our internal confidentiality rules are allowed access to your personal information. We have also established strict physical access controls for our premises and files.
· Technical Measures: We use encryption technologies for transmitting and storing your personal data. We employ various general security technologies and management systems to minimise the risk of unauthorised access, disclosure, damage, misuse, or alteration of your information. Our web server is protected by a firewall.
· Other Measures: We regularly scan our facilities for security vulnerabilities to ensure their integrity. Your personal information is stored behind secure networks and can only be accessed by a limited number of individuals who have been granted special access rights and are bound to maintain confidentiality.
17.2. While we make every effort to secure your data, it’s important to note that no method of transmission over the Internet or electronic storage can be guaranteed 100% secure. Nevertheless, we are dedicated to safeguarding your data and limiting access to it.
17.3. We do not guarantee that your data will never be accessed, disclosed, altered, or destroyed due to breaches of our physical, technical, or managerial safeguards. We advise you to verify the legitimacy of any website requesting financial or payment information related to our services, as there is a risk of impersonation by hackers.
17.4. If you receive any suspicious communication or requests, please do not provide your information and report it to us immediately at support@DoshFX.com. Notify us promptly at compliance@DoshFX.com if you become aware of any unauthorised access to or use of your Account.
17.5. As we cannot guarantee against all possible risks, it is essential to take steps to protect your personal information, including selecting a strong and unique password and not sharing it with third parties.
17.6. Additionally, please be aware that we cannot ensure the security or confidentiality of data transmitted via the internet, email, phone, WhatsApp, SMS, or other wireless connections, as we have no control over the data's protection once it leaves and until it reaches our systems. If you suspect your data’s security has been compromised, contact us at compliance@DoshFX.com.
17.7. In the unlikely event of a data breach with a significant impact on your rights, we will promptly inform you of the breach's nature, potential consequences, and the measures we have taken to address and mitigate its effects. Please reach out to us at support@DoshFX.com in such a scenario for further information and advice on mitigating potential adverse effects.
17.8. We also conduct comprehensive security risk assessments to enhance the effectiveness of our risk mitigation controls and protect your data's integrity.
HOW CAN YOU CONTACT US
18.1. If you have any questions or concerns regarding this policy, if you want to access or rectify the information we have on record about you, or if you wish to file a complaint, please get in touch with us in writing at compliance@DoshFX.com.
18.2. To provide you with access to your information, we may request certain details from you, including but not limited to verifying your identity. Depending on the nature of the request, there might be a fee associated with accessing your Personal Information. We will notify you of any applicable fees before proceeding with your request. We aim to handle all requests for Personal Information within a reasonable timeframe, ideally within 14 days, but in any case, no later than 30 calendar days from the date of your request.
18.3. If you want to have your personal information removed, please reach out to us using the contact information provided above. We will take reasonable steps to delete the information, unless we are required to retain it for legal or auditing purposes.
18.4. You may also have the ability to view, access, edit, or delete (where possible) your personal information through your user dashboard on our website. However, please be aware that certain data or information may be restricted from editing or deletion to ensure your continued access to our website.
CHANGES TO THIS POLICY
19.1. From time to time, we may revise, amend, or supplement this Policy to reflect necessary changes in law, our personal information collection and usage practices, the features of our offerings, or certain advances in technology. If any material changes are made to this Policy, the changes may be prominently posted on our Website. However, the onus is also on you to occasionally familiarise yourself with the contents of this Policy, for your information, and particularly to do so every time you access our website, play the game or make use of our services.
19.2. Changes to this Policy are effective when they are published.
INTRODUCTION
1.1. This Privacy Policy applies to your access and use of the independent platform (“Platform”) linked to www.DOSHFX.com (“Website”) under the DOSH brand (“We, “Us”, “Ours”), by any User (referred to as “You”, “Your”, or “Trader”). We operate as an independent platform and website under the DOSH brand. For the purposes of this document, “DOSH” refers to:
DOSHX PTY Ltd: A company duly incorporated under the laws of South Africa, duly licensed by the Financial Sector Conduct Authority, South Africa, with licence number 52900.
1.2. We are committed to protecting your privacy. This Privacy Policy (hereinafter referred to as “Privacy Policy” or “Policy”) applies to all persons using our services, website environment (available at www.DoshFX.com), using any of DoshFX’s application(s), or when you otherwise do business or contact us. This Policy governs our online privacy practices, the methods and types of personal information that we received, collect, disclose, and store, how the personal information is used, with whom it may be shared, what choices are available to you regarding the collection, use, and distribution of your personal information, what kind of security procedures are in place to protect the loss, misuse or alteration of the information under our control, your rights regarding your personal information and whom to contact with questions or concerns. This Policy shall be read alongside the General Terms and Conditions of the Platform. In the event of any conflict between this Policy and the General Terms and Conditions, the former shall prevail to the extent both apply to arrangements delineated in this Policy. Any capitalised term not defined here will derive its meaning from its definition in the general Terms and Conditions available on the Website.
1.3. This Privacy Policy explains how DoshFX, as well as its affiliates (hereinafter referred to as “DoshFX Operators”), including but not limited to legal persons, unincorporated organisations, and teams that provide services, collect, use, process, disclose, share, transfer, and protect personal information obtained through DoshFX and its partners. So, the terms we, us, and our refer to DoshFX and DoshFX Operators collectively.
1.4. By using our website environment (available at https://DoshFX.com (“Website” or “Platform” as the context may require), our applications, or our services, you (“User”, “You”, “Your”) consent to this Policy and to the data practices described in it, in addition to consenting to it explicitly when using the Website. If you do not agree with the data practices described in this Policy, you may choose to stop using our services or the Website. We periodically update this Policy and encourage you to review it frequently.
1.5. Please carefully read this Privacy Policy, because it applies to the DoshFX website and/or DoshFX mobile application, along with related services, information and communications, materials, and any software that we make available that allows you to access relevant services and DoshFX software, communication, and mail operations regardless of whether you register or log in to use the services or not. When visiting Platforms, you acknowledge, understand, and consent to all provisions described in this Privacy Policy. We will not use your personal information for any purpose not covered in this Privacy Policy or the Terms and Conditions (including any other business rules of DoshFX) without prior notification to you and your consent. If you do not agree with any part of this Privacy Policy, please stop using the services immediately.
PURPOSE
2.1. This Policy has been developed for purposes of compliance with the Protection of Personal Information Act 2013 (“ POPIA”) and the General Data Protection Regulation 2016 (“GDPR”), and other data protection-oriented provisions within applicable regulations, as DoshFX offers services to residents in the European Economic Area (“EEA”) and the Republic of South of Africa.
2.2. To confirm your identity in compliance with the Know Your Customer (KYC), Anti-Money Laundering (AML), and Counter-Terrorist Financing (CFT) regulations.
2.3. In order to promote our services to You, we may send you information about our products, features, promotions, surveys, news, updates, and events. We also aim to tailor our marketing messages to your preferences. If you prefer not to receive marketing communications, you can choose to opt out during the account creation process. Additionally, you have the option to unsubscribe from our marketing emails at any time or submit a support ticket to request removal from our marketing list.
2.4. Our objective is to follow the prescribed procedures established by organisations like the United Nations, European Union, the U.K. Treasury, and the U.S. Office of Foreign Assets Control (OFAC) to carry out sanctions screening. We seek to establish safeguards that deter us from participating in transactions with individuals, organisations, or countries included on the sanctions list.
2.5. To oversee and uphold your account within our system and to identify and thwart any fraudulent or unauthorised utilisation of our products and services.
2.6. When you are asked to provide personal information, you may decline, but if you choose not to provide data that is necessary to enable us to make our services available to you, you may not be able to sign up for our services, and some features may be limited. If you fail, neglect, and/or refuse to or are unable to provide us with any Personal Information which we necessarily need to provide you with services, or that we need to collect by law (for example, identification information for KYC/AML obligations), we may not be able to provide you with services. In this case, we have the right to discontinue the provision of services to you and/or close your account. In such a situation, we will notify you at the earliest.
2.7. DoshFX collects certain personal information to enable us to operate effectively and to provide you with the best experiences on our website and our operations. DoshFX prides itself on transparency, and as such, you have choices about the personal information we collect.
2.8. DoshFX collects the personal information to enhance the quality of products and services that are offered, while also innovating to create new offerings.
2.9. Some of the information we obtain is collected to comply with applicable laws and regulations, including anti-money laundering laws. This Policy explains:
· The types of information we collect about you
· How we use information about you
· Types of information we disclose to third parties and the types of such third parties
· How we protect your personally identifiable information; and
· How you may instruct us not to disclose certain information about you that we are otherwise permitted to disclose by law.
INFORMATION WE COLLECT FROM YOU
3.1. The kinds of Personal Information we collect will depend on the type of interaction you have with us (for example, Telephone calls to us may also be recorded for training and quality assurance purposes). Generally, we collect the following information (“Information”) about you if you are:
3.2. Natural Person (Individual customers)
· Identification information, such as your name, email address, and home address (including documents such as current utility bill, i.e., electricity, telephone, gas, or mobile phone bill, documents issued by a government department that shows the end user’s address, bank statement (not older than 3 months) that shows the end user’s address), contact number, date of birth, gender, demographic and location data, billing address, username, along with identification details of documents confirming such details (such as passport, driver’s licence, National identity card);
· Country of birth;
· ID expiry details;
· Profession;
· Expected annual income;
· Source of funds;
· Purpose of transactions; and
· Method of payments.
Legal Entity (Corporate customers)
· Copies of Commercial Licence/Trade Licence (or equivalent)
· Copies of the Certificate of Incorporation
· Copies of Certificate of Incumbency
· Copies of Memorandum of Association (MoA)
· Copies of Share Certificate/Share Register (where details of shareholders are not available in the MoA)
· Copies of Documents providing details of Ultimate Beneficial Owners
· Purpose and nature of the intended business relationship (BOR)
· Copies of identification document of Owner(s) (passports/ID cards)
· An authorisation letter must be taken for a representative of the legal entity who carries out transactions on its behalf
· Copies of documents providing details of the relationship with the company and powers of authorised signatories who have the authorisation to carry out transactions on behalf of the Company, along with their identification documents.
Compliance approval is required prior to onboarding the legal entity.
· If the Legal entity or any of its UBOs/Authorised signatories is found to be Foreign Politically Exposed Persons(FPEP), then onboarding should be completed only after obtaining approval from the Managing Director/Chief Executive Officer of DoshFX
· Residential status & address (whether incorporated/operating from, etc.)
· Phone numbers
· FPEP/PEP status
· Appropriate evidence must be collected for the verification and confirmation of the sources of funds, the purpose of the transaction, and the commercial/economic reason for each transaction. The receipt must be signed by the representative of the legal entity who carries out the transaction on its behalf and retains the records.
Notwithstanding the foregoing, we shall further collect the following Information:
· Information you provide when you participate in promotions offered by us or our partners, respond to our surveys or otherwise communicate with us.
· Information about when and where the transactions occur, the names of the transacting parties, a description of the transactions, the payment or transfer amounts, billing and shipping information, and the devices and payment methods used to complete the transactions.
· Information about the location of your device and some other device specifics, including your hardware model, operating system and version, unique device identifier, mobile network information, and information about the device’s interaction with our services.
· Information about how you use our services, including your carrier operating system, connection type, referring URLs, access time, browser type and language, and Internet Protocol (‘IP’) address, as well as other information which may be collected and used by us automatically through the browser on your device or otherwise.
· Information about you from third parties, such as data providers and credit organisations, where permitted by law.
· Information contained in or relating to any communication that you send to us, with or without our request, including, without limitation, the communication content and metadata associated with the communication.
· Information collected by Cookies and Web beacons (defined below), including using web beacons and sending cookies to your device.
· Your connections with others whose personal information we may collect or hold.
· online payment details, which may include third-party payment systems, credit, or direct debit details for your bank account to process transactions contemplated by our services.
3.3. Information may also include information we collect about your individual preferences. We may collect the Information in the course of your signing up for our services, in the course of our identity or account verification process, or in the course of your use of our Services.
3.4. This policy applies to your Information when you use our website and interact generally with us, but does not apply to Third-Party Sites. We are not responsible for the privacy policies or content of Third-Party Sites.
3.5. For the avoidance of doubt, unless stated otherwise, this policy will govern our collection of your Personal Information irrespective of the forum. Your continued usage of our website and/or services will be taken to indicate your acceptance of the terms of this privacy policy insofar as it relates to our website.
3.6. We do not knowingly collect data from, or market to, children below the legal age as established under their relevant domestic laws. By using the services, you represent that you are at least the age of majority within your respective domestic law or that you are the parent or guardian of such a minor and consent to such minor’s/dependent’s use of the Services. If we learn that personal Information from users who are less than the age of majority has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records.
MODE OF COLLECTION
4.1. We usually collect and store information, including in paper, the physical and electronic forms provided by you when you communicate with us by telephone, email, web-based form, letter, facsimile, or other means, including when:
· We provide you with our services via telephone, email, or our website.
· You participate in our functions, events, or activities or on our social media pages.
· You request that we provide you with information concerning our products or services.
· You upload or submit information to us or our website; or
· You complete any forms requesting information from you, including on registration with us, complete any survey or provide feedback to us concerning our products or services.
4.2. Where practicable, we will only collect information from you. However, we will also collect your Information through our partners and third parties who supply services to us or utilise automated tools, whom you have authorised to share such personal information with other parties, including but not limited to, channels such as public databases, credit bureaus, ID verification partners, blockchain data, marketing partners and resellers, advertising partners and analytics providers.
4.3. Please note that we use our own and third-party computer servers, including our website hosts, data backups, and payment gateway(s), which may be located outside of the Republic of South Africa, and your Information will likely be stored and transmitted overseas as part of the normal operation of our business. Refer to the relevant provision in our General Terms and Conditions to understand how we handle your data during such operations.
4.4. We also collect information from your computer or mobile device automatically when you browse our website. This information may include:
· the date and time of your visit;
· your domain;
· locality;
· operating system;
· the server your computer or mobile is using to access our Website;
· your browser and version number;
· search terms you have entered to find our Website or access our Website;
· pages and links you have accessed both on our Website and other websites;
· the last website you visited;
· the pages of our Website that you access;
· the device you use to access our Website; and your IP Address.
4.5. While we do not use some of this information to identify you personally, we may record certain information about your use of our websites, such as which pages you visit and the time and date of your visit, and that information could potentially be used to identify you.
4.6. It may be possible for us to identify you from information collected automatically from your visit(s) to our website. If you have registered an account with us, we will be able to identify you through your username and password when you log into our website. Furthermore, if you access our website via links in an email we have sent you, we will be able to identify you.
4.7. The device you use to access our website may collect information about you, including your location, using longitude and latitude coordinates obtained through GPS, Wi-Fi, or cell site triangulation. For information about your ability to restrict the collection and use of such information, please use the settings available on your device.
4.8. We may use statistical analytics software tools and software known as cookies, which transmit data to third-party servers located overseas. To our knowledge, our analytic providers do not identify individual users or associate your IP Address with any other data held by them.
4.9. We will retain your Information for any period we consider necessary to provide our products and services to you and to comply with our legal obligations. The period may vary depending on the type of Information we hold.
HOW WE SHARE AND USE YOUR INFORMATION
5.1. We shall share and use your information with and for:
· Any person who works with us or with one or two groups of companies.
· To our related entities, employees, officers, agents, contractors, other companies that provide services to us, sponsors, government agencies, or other third parties to satisfy the purposes for which the information was collected or for another purpose if that other purpose is closely related to the primary purpose of collection and an individual would reasonably expect us to disclose the information for that secondary purpose.
· Any entity that forms part of DoshFX to process your payments that you have authorised and to provide you with the goods and services that you have opted for.
· Any financial and other institutions to facilitate authorised payment processing and to deliver our range of products and services.
· Entities and firms that offer services to us, encompassing technical infrastructure, marketing, and analytics, as well as web and app development.
· Entities and organisations that support us in the realm of fraud prevention services and aid us in identity verification and safeguarding against fraud or financial misconduct, taking appropriate actions as warranted by the outcomes of such investigations.
· Our professional advisers, consultants, and other similar services.
· Any financial and other institutions to facilitate authorised payment processing and to deliver our range of products and services.
· The selected and trusted group of third party/parties to fulfil our obligations under our contract with you and to meet government, regulatory, and law enforcement requests, and to continue providing you with the services. We will only disclose your personal information to third-party service providers under strict terms of confidentiality. We do not allow our third-party service providers to use your personal information for their purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.
· The third parties
- who help us to verify the identity of our clients and customers, and other software service providers who assist us to provide the services we provide to you.
- who help us analyse the information we collect so that we can administer, support, improve or develop our business and the services we provide to you, including cloud hosting services, off-site backups, and customer support.
- Who shall use your information to let you know about goods and services which may be of interest to you in accordance with the applicable laws.
· The merchants and the recipients of funds are to identify you as the sender of the funds and to a party who sends you funds in connection with a transfer to you of funds.
· Law enforcement or government agency, or is required by law, or legal processes, such as a subpoena, court, or another legal process with which we are required to comply, including our obligations under applicable anti-money laundering laws.
· Enforcing the terms of this policy or enforcing any of our Terms and Conditions with you.
· Our professional advisers, such as consultants, bankers, professional indemnity insurers, brokers, and auditors, so that we can meet our regulatory obligations, and administer, support, improve or develop our business.
· Any other person, with your consent (express), to:
- Facilitate the sale of all or a substantial part of our assets or business, or to companies with which we propose to merge, or who propose to acquire us and their advisers.
- Protect the interests of our users, clients, customers, and third parties from cybersecurity risks or incidents and other risks or incidents; and
- Maintain the integrity of our Website and protect our rights, interests, and property and those of third parties.
· In addition to the above recipients, we will disclose your personal information if we are requested to do so by law enforcement or if the disclosure is made in connection with either the normal operation of our business in a way that you might reasonably expect, for example, if such disclosure is incidental to IT services being provided to our business or for the resolution of any dispute that arises between you and us. This disclosure may involve your Personal Information being transmitted overseas.
5.2. In the event of a proposed restructuring or sale of our business (or part of our business) or where a company proposes to acquire or merge with us, we may disclose personal information to the buyer and their advisers without your consent, subject to compliance with the applicable regulations. If we sell the business and the sale is structured as a share sale, you acknowledge that this transaction will not constitute the ‘transfer’ of Personal Information.
WE PROCESS AND USE AGGREGATED, ANONYMISED, AND DE-IDENTIFIED DATA
6.1. We may also create, process, collect, use, and share aggregated, anonymised, or de-identified Information, such as statistical or demographic data, for any purpose which may be derived from your Personal Information. We may use this data to comply with legal or regulatory obligations and for any business purpose, including to better understand users’ needs and behaviours, improve our products and services, conduct business intelligence and marketing, and detect security threats.
6.2. We may share such Information with members of our group, service providers, and our key partners. Some of these third parties may be in a jurisdiction outside the laws as stated in this Policy, in which case we will take all necessary steps to ensure that your Personal Information is treated securely and that such transfers are permitted under the applicable data protection laws.
6.3. We may also use any or all the personal information above to administer and manage our business in general, to detect and prevent misuse of our services (including fraud and unauthorised payments), and to enforce our Terms and Conditions or any other contract to which we may be a party to.
HOW WE SHALL SECURE YOUR PERSONAL INFORMATION
7.1. We place a significant emphasis on ensuring the security of your personal data.
7.2. We regularly assess and implement appropriate and reasonable technical and organisational security measures to ensure the safety of your personal information.
7.3. Our employees undergo training to handle personal data securely and with the utmost respect. Failure to adhere to these standards may result in disciplinary actions. While we take measures to safeguard your personal data, we cannot guarantee its absolute security. In the event of a data breach, please refer to the “Data breaches” section below. It is essential for you to take responsibility for securing your account login credentials and complying with DoshFX Terms of Use regarding account security.
CONSENT MECHANISM
By creating a DoshFX Account, you are consenting to our processing, storage, utilisation, and sharing of your personal information in accordance with this Privacy Policy. If you disagree with any aspect of this Privacy Policy or the Terms and Conditions, or if you wish to withdraw any previously given consent, please contact us at info@DoshFX.com. It's important to note that if you withdraw any essential permissions or revoke consent for processing and storing information such as your DoshFX Account data, Financial and KYC Information, or any other information required to offer you our Services, we may be required to discontinue providing those Services to you.
RETENTION OF PERSONAL INFORMATION WITHOUT CONSENT
9.1. In certain cases, we may process your personal information without your explicit knowledge or consent, but only in cases where such processing is mandated or allowed by Applicable Law.
9.2. We will keep it for any necessary period to serve our legitimate business interests. These interests include meeting legal requirements, preventing fraud, resolving disputes, upholding agreements, safeguarding the interests of DoshFX and its customers, and as mandated by applicable laws.
9.3. Your biometric data is held by our third-party service providers for a maximum period of one year following the conclusion of your customer relationship with us.
MARKETING
10.1. We may contact you with information regarding our products, services, news, and promotions, or engage in communication for marketing purposes through various channels such as email, push notifications, in-app messages, text messages, or other means. Our marketing communications will always adhere to relevant laws, including consent and opt-out regulations.
10.2. You have the option to opt out of receiving marketing communications at any time. This can be done by selecting the "Unsubscribe" option, which is included in all marketing messages sent to you. Additionally, you can manage your communication preferences by accessing your account settings within our app or on our website.
10.3. It is important to note that opting out of marketing content will not affect your receipt of critical communications related to the security or functioning of your account.
THIRD-PARTY ADVERTISING AND ANALYTICS
11.1. Our websites or communications may contain links to other third-party websites, which are not owned or operated by us and are regulated by their privacy policies. If you click on a third-party link, you will be directed to that third party’s platform. We strongly advise you to review the privacy policy of every platform you visit. We are not responsible for the privacy policies of these third-party websites, regardless of whether they were accessed using the links from our website. We have no control over and assume no liability for the content, privacy policies, or practices of any third-party platforms or services.
CONSENT FOR PERFORMANCE OF CONTRACT; LEGAL OBLIGATIONS
12.1. You grant consent for the processing of your personal information. This processing will be done to fulfil all legal obligations stemming from contracts involving you, or to provide services that you have contracted us to deliver, or to take necessary actions upon your request before entering into a contract with you.
12.2. When you apply for or sign up for our services, you grant us the authorisation and consent to obtain information about you from third parties and share such information with them. This process is carried out in the context of identity or account verification, fraud detection, collection procedures, or as otherwise permitted or mandated by applicable law.
12.3. You have the option to revoke this consent at any time. Please note that withdrawing your consent will not impact the legality of processing that occurred based on your previous consent. The withdrawal of consent will become effective within 30 calendar days of your request submission. If you wish to make such a request, kindly contact us at info@DoshFX.com.
12.4. We provide detailed, clear, and easily revocable explanations about the specific information we gather, how we collect it, the reasons behind its collection, how we share it, and the duration for which we retain it in this Policy.
12.5. We will store your data only for the duration necessary to fulfil our obligations or achieve the intended purposes for which the information was gathered, and in accordance with Applicable Law. The determination of the appropriate retention period will take into account factors such as the quantity, nature, and sensitivity of the data; potential risks associated with unauthorised use or disclosure of the data; the purposes for which we process the data and whether alternate methods can achieve those purposes; and relevant legal requirements. Unless required otherwise by applicable law, upon the conclusion of the retention period, we will either delete personal data from our systems and records or take suitable measures to ensure its proper removal from our system.
YOUR DATA PROTECTION RIGHTS
13.1. Right to be informed: This means you have a right to know
a. The identity and contact details of the Company.
b. The purposes of processing your personal information, as well as the legal basis for the processing.
c. The legitimate interests pursued by us or by a third party who processes your personal information.
d. Recipients or categories of recipients of your personal information.
e. Our intention to transfer your personal information to a third country or international organisation and reference to the appropriate safeguards and the means to obtain a copy.
f. The period for which your personal information will be stored, or if that is not possible, the criteria used to determine that period.
g. Whether the provision of personal information is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obligated to provide the personal information and the possible consequences of failure to provide such data.
h. The existence of automated decision-making, including profiling and meaningful information about the logic involved.
Where we intend to further process your personal information for a purpose other than that for which the personal information was collected, we must apprise you, before such further processing, with information on those other purposes and with any other relevant information.
13.2. Right of access: This is your right to see what personal information is held about you by us. Particularly, you have the right to:
a. Receive confirmation as to whether your personal information is being processed.
b. Access your personal information which we are processing along with the purposes of the processing; the categories of personal information being processed; the recipients or categories of recipients to whom the personal information has been or will be disclosed; the envisaged period for which the personal information will be stored, or, if not possible, the criteria used to determine that period; where the personal information is not collected from you, any available information as to their source.
c. Where your personal information is transferred to a third country or an international organisation, you have the right to be informed of the appropriate safeguards relating to the transfer.
d. A copy of your personal information being processed; and
e. Any further copies requested by you, upon paying a reasonable fee.
13.3. Right to rectification: This is your right to have your personal information corrected, rectified, or amended if what is held by us or a third party onboarded by us is incorrect/inaccurate in some way.
13.4. Right to erasure: This is your right, under certain circumstances, to ask for your personal information to be deleted. This would apply if your personal information were no longer required for the purposes it was collected for, your consent for the processing of that data has been expressly withdrawn, or where your personal information has been unlawfully processed. Once deleted, all your data will be removed from our systems and will not be recoverable.
13.5. Right to withdraw consent: If you wish for the Company to stop processing your personal information, it is your right to withdraw consent, preventing the Company from further processing the same personal information.
13.6. Right to restrict processing: This is your right to ask for a temporary halt or pause in processing your data, such as in the case where a dispute or legal case must be concluded, or the data is being corrected.
13.7. Right to data portability: This is your right to object to the further processing of your personal information, which is inconsistent with the primary purpose for which it was collected, which includes profiling, automation, and direct marketing.
13.8. Right to object: This is your right to object to the further processing of your personal information, which is inconsistent with the primary purpose for which it was collected, which includes profiling, automation, and direct marketing.
13.9. Rights in relation to automated decision-making and profiling: This is your right not to be subject to a decision based solely on automated processing.
Please note that whether you have these rights will depend on the domestic data protection laws of your country. You may want to consult with a legal advisor to better understand your personal data-related rights in your jurisdiction.
We aim to respond to all legitimate requests without undue delay and within thirty (30) calendar days of receipt of any request from you. Occasionally, it may take us longer than thirty (30) calendar days if your request is particularly complex or if you have made duplicate or numerous requests. In this case, we will notify you of receipt of such request(s) and keep you updated as to the status of progress concerning such request(s).
If you have any of these rights under your domestic data protection laws and wish to exercise any of them, please contact us at info@DoshFX.com. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This security measure is to ensure that your personal information is not disclosed to any person who has no right to receive it.
LEGAL RECOURSE TO RELEVANT AUTHORITIES
14.1. If you are located in the Republic of South Africa and believe there has been a potential violation of the POPI Act, you have the right to file a complaint with the Information Regulator of South Africa at any time.
14.2. If you are situated in the European Union (EU) or the European Economic Area (EEA), you have the right to lodge a complaint with a supervisory or regulatory authority within an EU or EEA member state where you reside, where we may have a presence (if applicable), or where an alleged breach of data protection laws has occurred.
14.3. However, before reaching out to any such authority, we would appreciate the opportunity to address and resolve your concerns. Please contact us as the initial step in resolving your complaint promptly and to your satisfaction. You can reach us via email at info@DoshFX.com.
WE DO NOT MISUSE YOUR PERSONAL INFORMATION
15.1. Without your explicit consent, we do not engage in the sale, trade, or transfer of your information, whether it is public or private, for any purpose whatsoever. The sole exception to this practice is when it is essential for us to provide you with our Services and enhance your personalised experience with us.
15.2. We collect, process, and utilise information about you for the following purposes:
· To deliver our products and services to you, which includes processing your transactions and carrying out your requests to utilise our services.
· To enhance, personalise, and facilitate your utilisation of our products and services.
· To gauge, tailor, and enrich our services, encompassing the design, content, and functionality of our website, as well as monitoring and assessing trends and usage in connection with our services.
· To conduct research, verify and ensure the accuracy of information, compile and analyse statistics pertinent to our business operations.
· To enhance our customer service and effectively manage our relationship with you.
15.3. Subject to your prior consent, we may send you periodic emails containing news, updates, and information related to our services. Additionally, we may conduct surveys to gather feedback. These communications aim to keep you informed about our products, services, promotions, discounts, incentives, and rewards, which may be offered by us or carefully chosen partners. These communications will be based on your chosen communication preferences, as well as applicable legal requirements, and will be directed to the email address you provided for such purposes.
15.4. We use your information for various purposes, including but not limited to:
· Managing our internal information processing and IT systems.
· Operating our website and providing our services, with a focus on ensuring their security.
· Maintaining backups of our databases and complying with our internal policies, procedures, and applicable laws.
· Communicating with you, which includes delivering requested information and support, technical notices, security alerts, and administrative messages. It also involves resolving disputes, collecting fees, and assisting with service-related issues.
· Establishing, exercising, or defending legal claims, whether in court proceedings or other legal procedures, to protect our rights, your rights, and the rights of others.
· Managing and mitigating risks, obtaining professional advice, and fulfilling our legal obligations as required by law or through written agreements with third parties.
· Displaying transaction history for your reference.
· Protecting the rights, property, security, or integrity of our services.
· Facilitating corporate acquisitions, mergers, or transactions.
· Developing new products and services.
· Protecting our rights, enforcing our Terms and Conditions or other applicable agreements or policies, verifying your identity, investigating and preventing fraud, security breaches, and other potentially prohibited or illegal activities, and complying with any relevant laws, regulations, or legal processes.
COOKIES
16.1. When you visit our website or the websites of our partners, we and our partners may utilise cookies and other tracking technologies (“Cookies”). These Cookies are small files that store information on your computer, mobile device, or another electronic device. They allow us to identify you across various websites, services, devices, and browsing sessions. Cookies also aid in tailoring online content and advertising, remembering your preferences for future visits to the website, evaluating the efficiency of our promotions, safeguarding against potential fraud, and analysing your interactions, as well as those of other users, with the website.
16.2. If you choose not to provide consent for us to use cookies for gathering information while you're using our website, you have the option to configure your browser settings to delete, disable, or block specific cookies. You can find guidance on managing cookie preferences for popular web browsers such as Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, and Apple Safari on their respective websites.
16.3. There may be instances where we request your consent to use cookies, particularly when you access specific sections of our website. For instance, you might be asked whether you want the website to remember certain information about you.
16.4. It is important to note that certain functionalities and features of our website rely on the use of cookies. If you choose to disable cookies, it may limit your ability to use our website, or certain parts of our site may not work correctly.
16.5. During your initial visit to our website or after you’ve cleared your cookies, you may encounter a banner prompting you to accept our use of cookies and other tracking technologies. Unless you’ve adjusted your browser settings to reject cookies or decline our cookie policy, our system will generate cookies when you access our website.
16.6. Our website may also incorporate web beacons (sometimes referred to as single-pixel gifs) or similar technologies. These electronic images serve several purposes:
· Facilitating the delivery of cookies.
· Tracking the number of users who have visited our website.
· Assessing the effectiveness of our promotional materials, including whether and when you engage with them.
· Placing web beacons on their websites or within their promotional materials, typically as part of our business development and data analysis efforts.
· Allowing web beacons to be incorporated into our website by analytics services to help us compile aggregated statistics regarding the performance of our promotional campaigns and other operations.
16.7. It is worth mentioning that web beacons utilised by analytics services might enable them to deploy cookies or other identifiers on your device. This enables them to collect information about your online activities across different applications, websites, or products.
SECURITY PRECAUTIONS AND MEASURES
17.1. We are deeply committed to ensuring the security of your information. To prevent any unauthorised access or disclosure, we have implemented robust physical, electronic, and managerial procedures to protect and secure the data we collect online. We adhere to industry-standard technical measures, and we require our affiliates and vendor partners to employ data encryption technology. Here are some of the specific measures we take:
· Physical Measures: We store materials containing your personal information in secure, locked facilities.
· Electronic Measures: Electronic records containing your personal information are stored in computer systems and storage media with stringent login restrictions.
· Management Measures: Only authorised employees with a clear understanding of our internal confidentiality rules are allowed access to your personal information. We have also established strict physical access controls for our premises and files.
· Technical Measures: We use encryption technologies for transmitting and storing your personal data. We employ various general security technologies and management systems to minimise the risk of unauthorised access, disclosure, damage, misuse, or alteration of your information. Our web server is protected by a firewall.
· Other Measures: We regularly scan our facilities for security vulnerabilities to ensure their integrity. Your personal information is stored behind secure networks and can only be accessed by a limited number of individuals who have been granted special access rights and are bound to maintain confidentiality.
17.2. While we make every effort to secure your data, it’s important to note that no method of transmission over the Internet or electronic storage can be guaranteed 100% secure. Nevertheless, we are dedicated to safeguarding your data and limiting access to it.
17.3. We do not guarantee that your data will never be accessed, disclosed, altered, or destroyed due to breaches of our physical, technical, or managerial safeguards. We advise you to verify the legitimacy of any website requesting financial or payment information related to our services, as there is a risk of impersonation by hackers.
17.4. If you receive any suspicious communication or requests, please do not provide your information and report it to us immediately at support@DoshFX.com. Notify us promptly at compliance@DoshFX.com if you become aware of any unauthorised access to or use of your Account.
17.5. As we cannot guarantee against all possible risks, it is essential to take steps to protect your personal information, including selecting a strong and unique password and not sharing it with third parties.
17.6. Additionally, please be aware that we cannot ensure the security or confidentiality of data transmitted via the internet, email, phone, WhatsApp, SMS, or other wireless connections, as we have no control over the data's protection once it leaves and until it reaches our systems. If you suspect your data’s security has been compromised, contact us at compliance@DoshFX.com.
17.7. In the unlikely event of a data breach with a significant impact on your rights, we will promptly inform you of the breach's nature, potential consequences, and the measures we have taken to address and mitigate its effects. Please reach out to us at support@DoshFX.com in such a scenario for further information and advice on mitigating potential adverse effects.
17.8. We also conduct comprehensive security risk assessments to enhance the effectiveness of our risk mitigation controls and protect your data's integrity.
HOW CAN YOU CONTACT US
18.1. If you have any questions or concerns regarding this policy, if you want to access or rectify the information we have on record about you, or if you wish to file a complaint, please get in touch with us in writing at compliance@DoshFX.com.
18.2. To provide you with access to your information, we may request certain details from you, including but not limited to verifying your identity. Depending on the nature of the request, there might be a fee associated with accessing your Personal Information. We will notify you of any applicable fees before proceeding with your request. We aim to handle all requests for Personal Information within a reasonable timeframe, ideally within 14 days, but in any case, no later than 30 calendar days from the date of your request.
18.3. If you want to have your personal information removed, please reach out to us using the contact information provided above. We will take reasonable steps to delete the information, unless we are required to retain it for legal or auditing purposes.
18.4. You may also have the ability to view, access, edit, or delete (where possible) your personal information through your user dashboard on our website. However, please be aware that certain data or information may be restricted from editing or deletion to ensure your continued access to our website.
CHANGES TO THIS POLICY
19.1. From time to time, we may revise, amend, or supplement this Policy to reflect necessary changes in law, our personal information collection and usage practices, the features of our offerings, or certain advances in technology. If any material changes are made to this Policy, the changes may be prominently posted on our Website. However, the onus is also on you to occasionally familiarise yourself with the contents of this Policy, for your information, and particularly to do so every time you access our website, play the game or make use of our services.
19.2. Changes to this Policy are effective when they are published.
INTRODUCTION
1.1. This Privacy Policy applies to your access and use of the independent platform (“Platform”) linked to www.DOSHFX.com (“Website”) under the DOSH brand (“We, “Us”, “Ours”), by any User (referred to as “You”, “Your”, or “Trader”). We operate as an independent platform and website under the DOSH brand. For the purposes of this document, “DOSH” refers to:
DOSHX PTY Ltd: A company duly incorporated under the laws of South Africa, duly licensed by the Financial Sector Conduct Authority, South Africa, with licence number 52900.
1.2. We are committed to protecting your privacy. This Privacy Policy (hereinafter referred to as “Privacy Policy” or “Policy”) applies to all persons using our services, website environment (available at www.DoshFX.com), using any of DoshFX’s application(s), or when you otherwise do business or contact us. This Policy governs our online privacy practices, the methods and types of personal information that we received, collect, disclose, and store, how the personal information is used, with whom it may be shared, what choices are available to you regarding the collection, use, and distribution of your personal information, what kind of security procedures are in place to protect the loss, misuse or alteration of the information under our control, your rights regarding your personal information and whom to contact with questions or concerns. This Policy shall be read alongside the General Terms and Conditions of the Platform. In the event of any conflict between this Policy and the General Terms and Conditions, the former shall prevail to the extent both apply to arrangements delineated in this Policy. Any capitalised term not defined here will derive its meaning from its definition in the general Terms and Conditions available on the Website.
1.3. This Privacy Policy explains how DoshFX, as well as its affiliates (hereinafter referred to as “DoshFX Operators”), including but not limited to legal persons, unincorporated organisations, and teams that provide services, collect, use, process, disclose, share, transfer, and protect personal information obtained through DoshFX and its partners. So, the terms we, us, and our refer to DoshFX and DoshFX Operators collectively.
1.4. By using our website environment (available at https://DoshFX.com (“Website” or “Platform” as the context may require), our applications, or our services, you (“User”, “You”, “Your”) consent to this Policy and to the data practices described in it, in addition to consenting to it explicitly when using the Website. If you do not agree with the data practices described in this Policy, you may choose to stop using our services or the Website. We periodically update this Policy and encourage you to review it frequently.
1.5. Please carefully read this Privacy Policy, because it applies to the DoshFX website and/or DoshFX mobile application, along with related services, information and communications, materials, and any software that we make available that allows you to access relevant services and DoshFX software, communication, and mail operations regardless of whether you register or log in to use the services or not. When visiting Platforms, you acknowledge, understand, and consent to all provisions described in this Privacy Policy. We will not use your personal information for any purpose not covered in this Privacy Policy or the Terms and Conditions (including any other business rules of DoshFX) without prior notification to you and your consent. If you do not agree with any part of this Privacy Policy, please stop using the services immediately.
PURPOSE
2.1. This Policy has been developed for purposes of compliance with the Protection of Personal Information Act 2013 (“ POPIA”) and the General Data Protection Regulation 2016 (“GDPR”), and other data protection-oriented provisions within applicable regulations, as DoshFX offers services to residents in the European Economic Area (“EEA”) and the Republic of South of Africa.
2.2. To confirm your identity in compliance with the Know Your Customer (KYC), Anti-Money Laundering (AML), and Counter-Terrorist Financing (CFT) regulations.
2.3. In order to promote our services to You, we may send you information about our products, features, promotions, surveys, news, updates, and events. We also aim to tailor our marketing messages to your preferences. If you prefer not to receive marketing communications, you can choose to opt out during the account creation process. Additionally, you have the option to unsubscribe from our marketing emails at any time or submit a support ticket to request removal from our marketing list.
2.4. Our objective is to follow the prescribed procedures established by organisations like the United Nations, European Union, the U.K. Treasury, and the U.S. Office of Foreign Assets Control (OFAC) to carry out sanctions screening. We seek to establish safeguards that deter us from participating in transactions with individuals, organisations, or countries included on the sanctions list.
2.5. To oversee and uphold your account within our system and to identify and thwart any fraudulent or unauthorised utilisation of our products and services.
2.6. When you are asked to provide personal information, you may decline, but if you choose not to provide data that is necessary to enable us to make our services available to you, you may not be able to sign up for our services, and some features may be limited. If you fail, neglect, and/or refuse to or are unable to provide us with any Personal Information which we necessarily need to provide you with services, or that we need to collect by law (for example, identification information for KYC/AML obligations), we may not be able to provide you with services. In this case, we have the right to discontinue the provision of services to you and/or close your account. In such a situation, we will notify you at the earliest.
2.7. DoshFX collects certain personal information to enable us to operate effectively and to provide you with the best experiences on our website and our operations. DoshFX prides itself on transparency, and as such, you have choices about the personal information we collect.
2.8. DoshFX collects the personal information to enhance the quality of products and services that are offered, while also innovating to create new offerings.
2.9. Some of the information we obtain is collected to comply with applicable laws and regulations, including anti-money laundering laws. This Policy explains:
· The types of information we collect about you
· How we use information about you
· Types of information we disclose to third parties and the types of such third parties
· How we protect your personally identifiable information; and
· How you may instruct us not to disclose certain information about you that we are otherwise permitted to disclose by law.
INFORMATION WE COLLECT FROM YOU
3.1. The kinds of Personal Information we collect will depend on the type of interaction you have with us (for example, Telephone calls to us may also be recorded for training and quality assurance purposes). Generally, we collect the following information (“Information”) about you if you are:
3.2. Natural Person (Individual customers)
· Identification information, such as your name, email address, and home address (including documents such as current utility bill, i.e., electricity, telephone, gas, or mobile phone bill, documents issued by a government department that shows the end user’s address, bank statement (not older than 3 months) that shows the end user’s address), contact number, date of birth, gender, demographic and location data, billing address, username, along with identification details of documents confirming such details (such as passport, driver’s licence, National identity card);
· Country of birth;
· ID expiry details;
· Profession;
· Expected annual income;
· Source of funds;
· Purpose of transactions; and
· Method of payments.
Legal Entity (Corporate customers)
· Copies of Commercial Licence/Trade Licence (or equivalent)
· Copies of the Certificate of Incorporation
· Copies of Certificate of Incumbency
· Copies of Memorandum of Association (MoA)
· Copies of Share Certificate/Share Register (where details of shareholders are not available in the MoA)
· Copies of Documents providing details of Ultimate Beneficial Owners
· Purpose and nature of the intended business relationship (BOR)
· Copies of identification document of Owner(s) (passports/ID cards)
· An authorisation letter must be taken for a representative of the legal entity who carries out transactions on its behalf
· Copies of documents providing details of the relationship with the company and powers of authorised signatories who have the authorisation to carry out transactions on behalf of the Company, along with their identification documents.
Compliance approval is required prior to onboarding the legal entity.
· If the Legal entity or any of its UBOs/Authorised signatories is found to be Foreign Politically Exposed Persons(FPEP), then onboarding should be completed only after obtaining approval from the Managing Director/Chief Executive Officer of DoshFX
· Residential status & address (whether incorporated/operating from, etc.)
· Phone numbers
· FPEP/PEP status
· Appropriate evidence must be collected for the verification and confirmation of the sources of funds, the purpose of the transaction, and the commercial/economic reason for each transaction. The receipt must be signed by the representative of the legal entity who carries out the transaction on its behalf and retains the records.
Notwithstanding the foregoing, we shall further collect the following Information:
· Information you provide when you participate in promotions offered by us or our partners, respond to our surveys or otherwise communicate with us.
· Information about when and where the transactions occur, the names of the transacting parties, a description of the transactions, the payment or transfer amounts, billing and shipping information, and the devices and payment methods used to complete the transactions.
· Information about the location of your device and some other device specifics, including your hardware model, operating system and version, unique device identifier, mobile network information, and information about the device’s interaction with our services.
· Information about how you use our services, including your carrier operating system, connection type, referring URLs, access time, browser type and language, and Internet Protocol (‘IP’) address, as well as other information which may be collected and used by us automatically through the browser on your device or otherwise.
· Information about you from third parties, such as data providers and credit organisations, where permitted by law.
· Information contained in or relating to any communication that you send to us, with or without our request, including, without limitation, the communication content and metadata associated with the communication.
· Information collected by Cookies and Web beacons (defined below), including using web beacons and sending cookies to your device.
· Your connections with others whose personal information we may collect or hold.
· online payment details, which may include third-party payment systems, credit, or direct debit details for your bank account to process transactions contemplated by our services.
3.3. Information may also include information we collect about your individual preferences. We may collect the Information in the course of your signing up for our services, in the course of our identity or account verification process, or in the course of your use of our Services.
3.4. This policy applies to your Information when you use our website and interact generally with us, but does not apply to Third-Party Sites. We are not responsible for the privacy policies or content of Third-Party Sites.
3.5. For the avoidance of doubt, unless stated otherwise, this policy will govern our collection of your Personal Information irrespective of the forum. Your continued usage of our website and/or services will be taken to indicate your acceptance of the terms of this privacy policy insofar as it relates to our website.
3.6. We do not knowingly collect data from, or market to, children below the legal age as established under their relevant domestic laws. By using the services, you represent that you are at least the age of majority within your respective domestic law or that you are the parent or guardian of such a minor and consent to such minor’s/dependent’s use of the Services. If we learn that personal Information from users who are less than the age of majority has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records.
MODE OF COLLECTION
4.1. We usually collect and store information, including in paper, the physical and electronic forms provided by you when you communicate with us by telephone, email, web-based form, letter, facsimile, or other means, including when:
· We provide you with our services via telephone, email, or our website.
· You participate in our functions, events, or activities or on our social media pages.
· You request that we provide you with information concerning our products or services.
· You upload or submit information to us or our website; or
· You complete any forms requesting information from you, including on registration with us, complete any survey or provide feedback to us concerning our products or services.
4.2. Where practicable, we will only collect information from you. However, we will also collect your Information through our partners and third parties who supply services to us or utilise automated tools, whom you have authorised to share such personal information with other parties, including but not limited to, channels such as public databases, credit bureaus, ID verification partners, blockchain data, marketing partners and resellers, advertising partners and analytics providers.
4.3. Please note that we use our own and third-party computer servers, including our website hosts, data backups, and payment gateway(s), which may be located outside of the Republic of South Africa, and your Information will likely be stored and transmitted overseas as part of the normal operation of our business. Refer to the relevant provision in our General Terms and Conditions to understand how we handle your data during such operations.
4.4. We also collect information from your computer or mobile device automatically when you browse our website. This information may include:
· the date and time of your visit;
· your domain;
· locality;
· operating system;
· the server your computer or mobile is using to access our Website;
· your browser and version number;
· search terms you have entered to find our Website or access our Website;
· pages and links you have accessed both on our Website and other websites;
· the last website you visited;
· the pages of our Website that you access;
· the device you use to access our Website; and your IP Address.
4.5. While we do not use some of this information to identify you personally, we may record certain information about your use of our websites, such as which pages you visit and the time and date of your visit, and that information could potentially be used to identify you.
4.6. It may be possible for us to identify you from information collected automatically from your visit(s) to our website. If you have registered an account with us, we will be able to identify you through your username and password when you log into our website. Furthermore, if you access our website via links in an email we have sent you, we will be able to identify you.
4.7. The device you use to access our website may collect information about you, including your location, using longitude and latitude coordinates obtained through GPS, Wi-Fi, or cell site triangulation. For information about your ability to restrict the collection and use of such information, please use the settings available on your device.
4.8. We may use statistical analytics software tools and software known as cookies, which transmit data to third-party servers located overseas. To our knowledge, our analytic providers do not identify individual users or associate your IP Address with any other data held by them.
4.9. We will retain your Information for any period we consider necessary to provide our products and services to you and to comply with our legal obligations. The period may vary depending on the type of Information we hold.
HOW WE SHARE AND USE YOUR INFORMATION
5.1. We shall share and use your information with and for:
· Any person who works with us or with one or two groups of companies.
· To our related entities, employees, officers, agents, contractors, other companies that provide services to us, sponsors, government agencies, or other third parties to satisfy the purposes for which the information was collected or for another purpose if that other purpose is closely related to the primary purpose of collection and an individual would reasonably expect us to disclose the information for that secondary purpose.
· Any entity that forms part of DoshFX to process your payments that you have authorised and to provide you with the goods and services that you have opted for.
· Any financial and other institutions to facilitate authorised payment processing and to deliver our range of products and services.
· Entities and firms that offer services to us, encompassing technical infrastructure, marketing, and analytics, as well as web and app development.
· Entities and organisations that support us in the realm of fraud prevention services and aid us in identity verification and safeguarding against fraud or financial misconduct, taking appropriate actions as warranted by the outcomes of such investigations.
· Our professional advisers, consultants, and other similar services.
· Any financial and other institutions to facilitate authorised payment processing and to deliver our range of products and services.
· The selected and trusted group of third party/parties to fulfil our obligations under our contract with you and to meet government, regulatory, and law enforcement requests, and to continue providing you with the services. We will only disclose your personal information to third-party service providers under strict terms of confidentiality. We do not allow our third-party service providers to use your personal information for their purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.
· The third parties
- who help us to verify the identity of our clients and customers, and other software service providers who assist us to provide the services we provide to you.
- who help us analyse the information we collect so that we can administer, support, improve or develop our business and the services we provide to you, including cloud hosting services, off-site backups, and customer support.
- Who shall use your information to let you know about goods and services which may be of interest to you in accordance with the applicable laws.
· The merchants and the recipients of funds are to identify you as the sender of the funds and to a party who sends you funds in connection with a transfer to you of funds.
· Law enforcement or government agency, or is required by law, or legal processes, such as a subpoena, court, or another legal process with which we are required to comply, including our obligations under applicable anti-money laundering laws.
· Enforcing the terms of this policy or enforcing any of our Terms and Conditions with you.
· Our professional advisers, such as consultants, bankers, professional indemnity insurers, brokers, and auditors, so that we can meet our regulatory obligations, and administer, support, improve or develop our business.
· Any other person, with your consent (express), to:
- Facilitate the sale of all or a substantial part of our assets or business, or to companies with which we propose to merge, or who propose to acquire us and their advisers.
- Protect the interests of our users, clients, customers, and third parties from cybersecurity risks or incidents and other risks or incidents; and
- Maintain the integrity of our Website and protect our rights, interests, and property and those of third parties.
· In addition to the above recipients, we will disclose your personal information if we are requested to do so by law enforcement or if the disclosure is made in connection with either the normal operation of our business in a way that you might reasonably expect, for example, if such disclosure is incidental to IT services being provided to our business or for the resolution of any dispute that arises between you and us. This disclosure may involve your Personal Information being transmitted overseas.
5.2. In the event of a proposed restructuring or sale of our business (or part of our business) or where a company proposes to acquire or merge with us, we may disclose personal information to the buyer and their advisers without your consent, subject to compliance with the applicable regulations. If we sell the business and the sale is structured as a share sale, you acknowledge that this transaction will not constitute the ‘transfer’ of Personal Information.
WE PROCESS AND USE AGGREGATED, ANONYMISED, AND DE-IDENTIFIED DATA
6.1. We may also create, process, collect, use, and share aggregated, anonymised, or de-identified Information, such as statistical or demographic data, for any purpose which may be derived from your Personal Information. We may use this data to comply with legal or regulatory obligations and for any business purpose, including to better understand users’ needs and behaviours, improve our products and services, conduct business intelligence and marketing, and detect security threats.
6.2. We may share such Information with members of our group, service providers, and our key partners. Some of these third parties may be in a jurisdiction outside the laws as stated in this Policy, in which case we will take all necessary steps to ensure that your Personal Information is treated securely and that such transfers are permitted under the applicable data protection laws.
6.3. We may also use any or all the personal information above to administer and manage our business in general, to detect and prevent misuse of our services (including fraud and unauthorised payments), and to enforce our Terms and Conditions or any other contract to which we may be a party to.
HOW WE SHALL SECURE YOUR PERSONAL INFORMATION
7.1. We place a significant emphasis on ensuring the security of your personal data.
7.2. We regularly assess and implement appropriate and reasonable technical and organisational security measures to ensure the safety of your personal information.
7.3. Our employees undergo training to handle personal data securely and with the utmost respect. Failure to adhere to these standards may result in disciplinary actions. While we take measures to safeguard your personal data, we cannot guarantee its absolute security. In the event of a data breach, please refer to the “Data breaches” section below. It is essential for you to take responsibility for securing your account login credentials and complying with DoshFX Terms of Use regarding account security.
CONSENT MECHANISM
By creating a DoshFX Account, you are consenting to our processing, storage, utilisation, and sharing of your personal information in accordance with this Privacy Policy. If you disagree with any aspect of this Privacy Policy or the Terms and Conditions, or if you wish to withdraw any previously given consent, please contact us at info@DoshFX.com. It's important to note that if you withdraw any essential permissions or revoke consent for processing and storing information such as your DoshFX Account data, Financial and KYC Information, or any other information required to offer you our Services, we may be required to discontinue providing those Services to you.
RETENTION OF PERSONAL INFORMATION WITHOUT CONSENT
9.1. In certain cases, we may process your personal information without your explicit knowledge or consent, but only in cases where such processing is mandated or allowed by Applicable Law.
9.2. We will keep it for any necessary period to serve our legitimate business interests. These interests include meeting legal requirements, preventing fraud, resolving disputes, upholding agreements, safeguarding the interests of DoshFX and its customers, and as mandated by applicable laws.
9.3. Your biometric data is held by our third-party service providers for a maximum period of one year following the conclusion of your customer relationship with us.
MARKETING
10.1. We may contact you with information regarding our products, services, news, and promotions, or engage in communication for marketing purposes through various channels such as email, push notifications, in-app messages, text messages, or other means. Our marketing communications will always adhere to relevant laws, including consent and opt-out regulations.
10.2. You have the option to opt out of receiving marketing communications at any time. This can be done by selecting the "Unsubscribe" option, which is included in all marketing messages sent to you. Additionally, you can manage your communication preferences by accessing your account settings within our app or on our website.
10.3. It is important to note that opting out of marketing content will not affect your receipt of critical communications related to the security or functioning of your account.
THIRD-PARTY ADVERTISING AND ANALYTICS
11.1. Our websites or communications may contain links to other third-party websites, which are not owned or operated by us and are regulated by their privacy policies. If you click on a third-party link, you will be directed to that third party’s platform. We strongly advise you to review the privacy policy of every platform you visit. We are not responsible for the privacy policies of these third-party websites, regardless of whether they were accessed using the links from our website. We have no control over and assume no liability for the content, privacy policies, or practices of any third-party platforms or services.
CONSENT FOR PERFORMANCE OF CONTRACT; LEGAL OBLIGATIONS
12.1. You grant consent for the processing of your personal information. This processing will be done to fulfil all legal obligations stemming from contracts involving you, or to provide services that you have contracted us to deliver, or to take necessary actions upon your request before entering into a contract with you.
12.2. When you apply for or sign up for our services, you grant us the authorisation and consent to obtain information about you from third parties and share such information with them. This process is carried out in the context of identity or account verification, fraud detection, collection procedures, or as otherwise permitted or mandated by applicable law.
12.3. You have the option to revoke this consent at any time. Please note that withdrawing your consent will not impact the legality of processing that occurred based on your previous consent. The withdrawal of consent will become effective within 30 calendar days of your request submission. If you wish to make such a request, kindly contact us at info@DoshFX.com.
12.4. We provide detailed, clear, and easily revocable explanations about the specific information we gather, how we collect it, the reasons behind its collection, how we share it, and the duration for which we retain it in this Policy.
12.5. We will store your data only for the duration necessary to fulfil our obligations or achieve the intended purposes for which the information was gathered, and in accordance with Applicable Law. The determination of the appropriate retention period will take into account factors such as the quantity, nature, and sensitivity of the data; potential risks associated with unauthorised use or disclosure of the data; the purposes for which we process the data and whether alternate methods can achieve those purposes; and relevant legal requirements. Unless required otherwise by applicable law, upon the conclusion of the retention period, we will either delete personal data from our systems and records or take suitable measures to ensure its proper removal from our system.
YOUR DATA PROTECTION RIGHTS
13.1. Right to be informed: This means you have a right to know
a. The identity and contact details of the Company.
b. The purposes of processing your personal information, as well as the legal basis for the processing.
c. The legitimate interests pursued by us or by a third party who processes your personal information.
d. Recipients or categories of recipients of your personal information.
e. Our intention to transfer your personal information to a third country or international organisation and reference to the appropriate safeguards and the means to obtain a copy.
f. The period for which your personal information will be stored, or if that is not possible, the criteria used to determine that period.
g. Whether the provision of personal information is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obligated to provide the personal information and the possible consequences of failure to provide such data.
h. The existence of automated decision-making, including profiling and meaningful information about the logic involved.
Where we intend to further process your personal information for a purpose other than that for which the personal information was collected, we must apprise you, before such further processing, with information on those other purposes and with any other relevant information.
13.2. Right of access: This is your right to see what personal information is held about you by us. Particularly, you have the right to:
a. Receive confirmation as to whether your personal information is being processed.
b. Access your personal information which we are processing along with the purposes of the processing; the categories of personal information being processed; the recipients or categories of recipients to whom the personal information has been or will be disclosed; the envisaged period for which the personal information will be stored, or, if not possible, the criteria used to determine that period; where the personal information is not collected from you, any available information as to their source.
c. Where your personal information is transferred to a third country or an international organisation, you have the right to be informed of the appropriate safeguards relating to the transfer.
d. A copy of your personal information being processed; and
e. Any further copies requested by you, upon paying a reasonable fee.
13.3. Right to rectification: This is your right to have your personal information corrected, rectified, or amended if what is held by us or a third party onboarded by us is incorrect/inaccurate in some way.
13.4. Right to erasure: This is your right, under certain circumstances, to ask for your personal information to be deleted. This would apply if your personal information were no longer required for the purposes it was collected for, your consent for the processing of that data has been expressly withdrawn, or where your personal information has been unlawfully processed. Once deleted, all your data will be removed from our systems and will not be recoverable.
13.5. Right to withdraw consent: If you wish for the Company to stop processing your personal information, it is your right to withdraw consent, preventing the Company from further processing the same personal information.
13.6. Right to restrict processing: This is your right to ask for a temporary halt or pause in processing your data, such as in the case where a dispute or legal case must be concluded, or the data is being corrected.
13.7. Right to data portability: This is your right to object to the further processing of your personal information, which is inconsistent with the primary purpose for which it was collected, which includes profiling, automation, and direct marketing.
13.8. Right to object: This is your right to object to the further processing of your personal information, which is inconsistent with the primary purpose for which it was collected, which includes profiling, automation, and direct marketing.
13.9. Rights in relation to automated decision-making and profiling: This is your right not to be subject to a decision based solely on automated processing.
Please note that whether you have these rights will depend on the domestic data protection laws of your country. You may want to consult with a legal advisor to better understand your personal data-related rights in your jurisdiction.
We aim to respond to all legitimate requests without undue delay and within thirty (30) calendar days of receipt of any request from you. Occasionally, it may take us longer than thirty (30) calendar days if your request is particularly complex or if you have made duplicate or numerous requests. In this case, we will notify you of receipt of such request(s) and keep you updated as to the status of progress concerning such request(s).
If you have any of these rights under your domestic data protection laws and wish to exercise any of them, please contact us at info@DoshFX.com. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This security measure is to ensure that your personal information is not disclosed to any person who has no right to receive it.
LEGAL RECOURSE TO RELEVANT AUTHORITIES
14.1. If you are located in the Republic of South Africa and believe there has been a potential violation of the POPI Act, you have the right to file a complaint with the Information Regulator of South Africa at any time.
14.2. If you are situated in the European Union (EU) or the European Economic Area (EEA), you have the right to lodge a complaint with a supervisory or regulatory authority within an EU or EEA member state where you reside, where we may have a presence (if applicable), or where an alleged breach of data protection laws has occurred.
14.3. However, before reaching out to any such authority, we would appreciate the opportunity to address and resolve your concerns. Please contact us as the initial step in resolving your complaint promptly and to your satisfaction. You can reach us via email at info@DoshFX.com.
WE DO NOT MISUSE YOUR PERSONAL INFORMATION
15.1. Without your explicit consent, we do not engage in the sale, trade, or transfer of your information, whether it is public or private, for any purpose whatsoever. The sole exception to this practice is when it is essential for us to provide you with our Services and enhance your personalised experience with us.
15.2. We collect, process, and utilise information about you for the following purposes:
· To deliver our products and services to you, which includes processing your transactions and carrying out your requests to utilise our services.
· To enhance, personalise, and facilitate your utilisation of our products and services.
· To gauge, tailor, and enrich our services, encompassing the design, content, and functionality of our website, as well as monitoring and assessing trends and usage in connection with our services.
· To conduct research, verify and ensure the accuracy of information, compile and analyse statistics pertinent to our business operations.
· To enhance our customer service and effectively manage our relationship with you.
15.3. Subject to your prior consent, we may send you periodic emails containing news, updates, and information related to our services. Additionally, we may conduct surveys to gather feedback. These communications aim to keep you informed about our products, services, promotions, discounts, incentives, and rewards, which may be offered by us or carefully chosen partners. These communications will be based on your chosen communication preferences, as well as applicable legal requirements, and will be directed to the email address you provided for such purposes.
15.4. We use your information for various purposes, including but not limited to:
· Managing our internal information processing and IT systems.
· Operating our website and providing our services, with a focus on ensuring their security.
· Maintaining backups of our databases and complying with our internal policies, procedures, and applicable laws.
· Communicating with you, which includes delivering requested information and support, technical notices, security alerts, and administrative messages. It also involves resolving disputes, collecting fees, and assisting with service-related issues.
· Establishing, exercising, or defending legal claims, whether in court proceedings or other legal procedures, to protect our rights, your rights, and the rights of others.
· Managing and mitigating risks, obtaining professional advice, and fulfilling our legal obligations as required by law or through written agreements with third parties.
· Displaying transaction history for your reference.
· Protecting the rights, property, security, or integrity of our services.
· Facilitating corporate acquisitions, mergers, or transactions.
· Developing new products and services.
· Protecting our rights, enforcing our Terms and Conditions or other applicable agreements or policies, verifying your identity, investigating and preventing fraud, security breaches, and other potentially prohibited or illegal activities, and complying with any relevant laws, regulations, or legal processes.
COOKIES
16.1. When you visit our website or the websites of our partners, we and our partners may utilise cookies and other tracking technologies (“Cookies”). These Cookies are small files that store information on your computer, mobile device, or another electronic device. They allow us to identify you across various websites, services, devices, and browsing sessions. Cookies also aid in tailoring online content and advertising, remembering your preferences for future visits to the website, evaluating the efficiency of our promotions, safeguarding against potential fraud, and analysing your interactions, as well as those of other users, with the website.
16.2. If you choose not to provide consent for us to use cookies for gathering information while you're using our website, you have the option to configure your browser settings to delete, disable, or block specific cookies. You can find guidance on managing cookie preferences for popular web browsers such as Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, and Apple Safari on their respective websites.
16.3. There may be instances where we request your consent to use cookies, particularly when you access specific sections of our website. For instance, you might be asked whether you want the website to remember certain information about you.
16.4. It is important to note that certain functionalities and features of our website rely on the use of cookies. If you choose to disable cookies, it may limit your ability to use our website, or certain parts of our site may not work correctly.
16.5. During your initial visit to our website or after you’ve cleared your cookies, you may encounter a banner prompting you to accept our use of cookies and other tracking technologies. Unless you’ve adjusted your browser settings to reject cookies or decline our cookie policy, our system will generate cookies when you access our website.
16.6. Our website may also incorporate web beacons (sometimes referred to as single-pixel gifs) or similar technologies. These electronic images serve several purposes:
· Facilitating the delivery of cookies.
· Tracking the number of users who have visited our website.
· Assessing the effectiveness of our promotional materials, including whether and when you engage with them.
· Placing web beacons on their websites or within their promotional materials, typically as part of our business development and data analysis efforts.
· Allowing web beacons to be incorporated into our website by analytics services to help us compile aggregated statistics regarding the performance of our promotional campaigns and other operations.
16.7. It is worth mentioning that web beacons utilised by analytics services might enable them to deploy cookies or other identifiers on your device. This enables them to collect information about your online activities across different applications, websites, or products.
SECURITY PRECAUTIONS AND MEASURES
17.1. We are deeply committed to ensuring the security of your information. To prevent any unauthorised access or disclosure, we have implemented robust physical, electronic, and managerial procedures to protect and secure the data we collect online. We adhere to industry-standard technical measures, and we require our affiliates and vendor partners to employ data encryption technology. Here are some of the specific measures we take:
· Physical Measures: We store materials containing your personal information in secure, locked facilities.
· Electronic Measures: Electronic records containing your personal information are stored in computer systems and storage media with stringent login restrictions.
· Management Measures: Only authorised employees with a clear understanding of our internal confidentiality rules are allowed access to your personal information. We have also established strict physical access controls for our premises and files.
· Technical Measures: We use encryption technologies for transmitting and storing your personal data. We employ various general security technologies and management systems to minimise the risk of unauthorised access, disclosure, damage, misuse, or alteration of your information. Our web server is protected by a firewall.
· Other Measures: We regularly scan our facilities for security vulnerabilities to ensure their integrity. Your personal information is stored behind secure networks and can only be accessed by a limited number of individuals who have been granted special access rights and are bound to maintain confidentiality.
17.2. While we make every effort to secure your data, it’s important to note that no method of transmission over the Internet or electronic storage can be guaranteed 100% secure. Nevertheless, we are dedicated to safeguarding your data and limiting access to it.
17.3. We do not guarantee that your data will never be accessed, disclosed, altered, or destroyed due to breaches of our physical, technical, or managerial safeguards. We advise you to verify the legitimacy of any website requesting financial or payment information related to our services, as there is a risk of impersonation by hackers.
17.4. If you receive any suspicious communication or requests, please do not provide your information and report it to us immediately at support@DoshFX.com. Notify us promptly at compliance@DoshFX.com if you become aware of any unauthorised access to or use of your Account.
17.5. As we cannot guarantee against all possible risks, it is essential to take steps to protect your personal information, including selecting a strong and unique password and not sharing it with third parties.
17.6. Additionally, please be aware that we cannot ensure the security or confidentiality of data transmitted via the internet, email, phone, WhatsApp, SMS, or other wireless connections, as we have no control over the data's protection once it leaves and until it reaches our systems. If you suspect your data’s security has been compromised, contact us at compliance@DoshFX.com.
17.7. In the unlikely event of a data breach with a significant impact on your rights, we will promptly inform you of the breach's nature, potential consequences, and the measures we have taken to address and mitigate its effects. Please reach out to us at support@DoshFX.com in such a scenario for further information and advice on mitigating potential adverse effects.
17.8. We also conduct comprehensive security risk assessments to enhance the effectiveness of our risk mitigation controls and protect your data's integrity.
HOW CAN YOU CONTACT US
18.1. If you have any questions or concerns regarding this policy, if you want to access or rectify the information we have on record about you, or if you wish to file a complaint, please get in touch with us in writing at compliance@DoshFX.com.
18.2. To provide you with access to your information, we may request certain details from you, including but not limited to verifying your identity. Depending on the nature of the request, there might be a fee associated with accessing your Personal Information. We will notify you of any applicable fees before proceeding with your request. We aim to handle all requests for Personal Information within a reasonable timeframe, ideally within 14 days, but in any case, no later than 30 calendar days from the date of your request.
18.3. If you want to have your personal information removed, please reach out to us using the contact information provided above. We will take reasonable steps to delete the information, unless we are required to retain it for legal or auditing purposes.
18.4. You may also have the ability to view, access, edit, or delete (where possible) your personal information through your user dashboard on our website. However, please be aware that certain data or information may be restricted from editing or deletion to ensure your continued access to our website.
CHANGES TO THIS POLICY
19.1. From time to time, we may revise, amend, or supplement this Policy to reflect necessary changes in law, our personal information collection and usage practices, the features of our offerings, or certain advances in technology. If any material changes are made to this Policy, the changes may be prominently posted on our Website. However, the onus is also on you to occasionally familiarise yourself with the contents of this Policy, for your information, and particularly to do so every time you access our website, play the game or make use of our services.
19.2. Changes to this Policy are effective when they are published.