سیاست‌نامه حریم خصوصی در همراه‌کارت (privacy policy)

Privacy Policy in Hamrah card

Hamrah Card Mobile application, launched by Hamrah Payda Co. for users to do everyday banking, is a money transfer system under supervision of Shaparak (electronic card payment network) and the Central Bank of I.R.I along with the official license of e-farda (Ertebat Farda Co.)

Terms and conditions Applied and used in the Hamrah Card is according to the Rules and regulations announced by the Central Bank of I.R.I, Therefore, By subscribing in Hamrah Card you agree to perform your financial activities throughout the Hamrah Card  in accordance with the Rules and regulations  of the Central Bank of I.R.I.  Unless otherwise proven, the application has the right to block user’s access without prior notice.

Hamrah Card provides services under the following terms and conditions:

Thus, these conditions, accepted as a binding contract, shall govern the relationship between users and the company.

Based on such acceptance, it is necessary, in advance to the use of Hamrah Card services, to accurately read the terms and conditions. The use of Hamrah Card services Constitutes acceptance of the following terms.

Privacy

Privacy Policy is about how to apply and use your personal information in order to provide the services in Hamrah Card. According to the Cybercrime law[1] Hamrah Card, by all means and resources is committed to protect user information and shall not disclose information to any third party either natural or legal persons in order to use for advertisements or other services. The system users of Hamrah Card have the right to delete their own personal information provided while registration.

It is obvious, in case of any crime or complaint, Hamrah Card will provide the required information to the competent authorities only with the official order of the judicial, security and supervisory authorities.

By accepting the Privacy Policy and Terms of registration, you expressly consent to the collection and processing your information, according to the terms of the upper said privacy policy.

Information retention

The main function of the Hamrah Card is to provide banking and financial services. Thus, given such function, the sensitivity and importance of the information, Hamrah Card is required to save and record your official identity in order to accommodate and prevent criminal abuse, your transaction history to track, ensure the accuracy of the money transfer, and banking reconciliation and other necessary operations, or to address Cyber police information (Fata).

Therefore, if you use the Hamrah Card after confirmation of your access, in practice, you provide permission to store your information in Hamrah Card. These include are:

Information

• Name, email address, phone No., contact information, date of birth, gender, city and province, the image uploaded by the user;
• In accordance with the rules and regulation of the Central Bank I.R.I and Shaparak in order to have a strong authentication) SCA = Strong Customer Authentication (without National ID and phone number in the name of the cardholder connection to payment network. For this reason, Hamrah Card will collect this information thorough the registration process.
• All done transactions; date and time, phone number of transactor, national ID number, origin and destination card number in encrypted form, amount, account number  or SHEBA Number, device type, IP Address, Type of transaction, bill information, …
• Some other information will collected by Hamrah Card with your permission. For example, if you want to enjoy a simple user experience in fund transfer (with no need to enter a destination card number) you can permit us to access to your contacts (Contacts Stored in your mobile phone) so that you can experience easier money transfer and purchasing gifts. Hamrah Card, to ensure money deposit, send gift to someone who you want to receive the gift, follow up complaints, banking reconciliation, etc., would keep this information in secure servers. These servers are located in data center of eFarda (Belonging to the Ayandeh bank) approved by the regulatory bodies, the Central Bank of I.R.I and SHAPARAK .

Access

Access to SMS information: To receive the verification code and filling it automatically in the required fields and auto filling bills info from SMS and payment forms, you can permit Hamrah Card to access to your SMS.

Access to the camera:  To scan the card number, billing information, billing barcode with your phone’s camera you can permit Hamrah Card to access your phone’s camera.

Access to your contact list: Dear user, for making financial transactions with your smartphone contacts that are members of HamrahCard without having their Card Number, Buying Sim Card credit and Mobile Internet Package for them, Getting informed about their membership in HamrahCard, and post-transaction reviews, such as finding discrepancies and your financial safety, you can give read contact and write contact access to HamrahCard.
Note that HamrahCard only store your contacts phone number on storage devices of Ertebat Farda Company and these devices are approved by and under scrutiny of Central Bank of Islamic Republic of Iran.

To follow up the privacy policies, Hamrah Card, only to provide financial services to the users and with authorization of the user, activates this feature. You can deactivate this feature anytime you want.

Photos / Files / Media:  to receive some services such as, capital investment, insurance and other services this access required to upload documents/Photos by user.

Confidential and sensitive information of card or account, from the perspective of banking system regulator) such as password and CVV2), in any way in, will not be recorded or saved. Such information only used while doing transactions throughout the secured and encrypted bank infrastructure to send to card issuer.

Security

Your information in saved in the servers of Hamrah Card located in Iran. Information to be considered as an asset that must be protected, and thus to protect personal information and prevent unauthorized access and disclosure of them we use the following methods and tools:

DisposablePassword-

Static login password-

Login with fingerprint-

Authentication if password is forgotten-

Authentication if logging in to a new device-

Active Device menu-

For further information, visit the article”measures to enhance the security of users”.

On the other hand, everyone must keep passwords and card information out of reach of others who is trying to access her important information and prevent misuse by third parties.

Events (Log Data)

It is required to collect and save some information in case of fault events (Log Data) to gather up and take action to fix the problem.

Collected information includes; Device ID, Device OS version, Device Model, user IP and the time and date of events and other matters related to the service.

Marketing operations and analysis of user behavior

This system does not use or sell user’s personal information without explicit user consent to any third party for marketing purposes. Hamrah Card reserves her right to analyze statistical behavior and characteristics of users to gage the interest and usage of the services the Hamrah Card or prevent and solve potential problems or upgrade services.

Period of information Retention

Information stored on the servers of the Hamrah Card related to the finished transactions even after disabling the account by user on the basis of rules, regulations and/or instructions of the Central Bank of I.R.I, SHAPARAK and FATA Police and other regulatory authorities concerned to review and use for any legal references until we have been ordered otherwise .

Public announcement

It is possible regulatory authorities modify and improve the Privacy Policy at any time and Hamrah Card have to obey these changes. The modified information will announced publicly.

Final agreements

The user acknowledges that she fully read the terms and conditions of Hamrah Card services, is aware of them, gives her permission to application of them, and is obliged to provisions of the terms and conditions.

[1] Iran, Islamic Republic of – Law No. 71063 on Computer Crimes.