PAYEMM LIMITED – PRIVACY POLICY

Effective Date: May 1, 2026

1. INTRODUCTION

Payemm Limited (“Payemm”, “we”, “us”, or “our”) is committed to protecting your personal information.

This Privacy Policy explains how we collect, use, store, and share your information when you use the Payemm platform.

By creating an account or using Payemm, you acknowledge and agree to the collection, use, and sharing of your information as described in this Privacy Policy.

2. DEFINATIONS

‘Personal Data’ means any data (whether stored in an electronic or printed form) relating to a living individual who can be identified from the data; or from the data and other information in the possession of, or likely to come into the possession of Payemm.

“Services” means access to goods and services made available through Payemm, including but not limited to gift cards, bill payments, and mobile top-ups.

Any phrases or words not defined herein shall bear the meanings given to them in Payemm’s Terms and Conditions

3. INFORMATION WE COLLECT

The Information, including Personal Data, of our clients is collected and processed by the officers, agents and staff of Payemm and in some cases third-parties, on the basis of the business relationship which has been established between a client and Payemm. We collect information necessary to provide, operate, and improve our services and the services offered to our clients.

3.1. Personal Information

Information which is needed for identifying our clients, such as:.

  • First name, last name, aliases of our clients
  • Sex
  • Date of birth
  • Tax Registration Number (TRN)
  • Phone number
  • Email address
  • Postal Address

3.2. Account Information

  • Login credentials
  • Account activity and status
  • Verification progress

3.3. Verification & KYC Data

Information collected from publicly available resources or forums, including, but not limited to, information collected from databases we use to carry out compliance checks and credit checks such as.

  • Tax Identity
  • Billing and postal
  • address verification details
  • Credit Reports
  • Employment history


Verification services are facilitated through trusted third-party providers.

3.4. Payment Information

Information on payment transactions and data which is necessary for us to make or process payments on behalf of our clients but at the same time implement fraud prevention measures, including credit / debit card numbers, security code numbers and other such relevant billing details such as:

  • Payment method details submitted through the platform
  • Tokenized payment references from our payment processor


Please note that Payemm does not store full debit card numbers or credit card numbers.

3.5. Transaction & Repayment Data

  • Purchase history
  • Transaction details
  • Repayment
  • schedules
  • Payment history
  • Account balances

Communications & Support Data

  • Messages sent to customer support
  • Appeal submissions
  • Communication history


3.7. Technical & Operational Data

  • System logs
  • Usage data necessary for platform operation, performance, and security


3.8. Other Data

  • Any data or information which we are legally bound to collect to comply with the Proceeds of Crime Act, and anti-money laundering regulations which may be in effect as well as to comply with our client intake procedures from time to time.


This section does not contain an exhaustive list which is reflective of the varied nature of Personal Data processed as part of a business providing Buy now pay later services.

4. HOW WE USE YOUR INFORMATION

We use your information to operate, manage, and improve Payemm.

4.1. Account Management

  • Create and maintain your account
  • Authenticate users and manage access


4.2. Verification & Compliance

  • Verify your identity
  • Perform KYC checks
  • Meet legal and regulatory requirements


4.3. Eligibility & Risk Assessment

  • Assess eligibility for services
  • Evaluate repayment behavior
  • Manage risk


4.4. Transaction Processing

  • Process purchases and payments
  • Deliver services such as gift cards, bill payments, and mobile top-ups

4.5. Repayments & Account Management

  • Process installment repayments
  • Initiate authorized payment attempts
  • Manage overdue accounts and recovery processes


4.6. Fraud Prevention & Security

  • Detect and prevent fraud
  • Monitor account activity
  • Protect the platform and users


4.7. Customer Support

  • Respond to inquiries
  • Manage appeals
  • Resolve issues


4.8. Communications

We may send notifications related to:

  • Account activity
  • Repayments
  • Transactions
  • Service updates


4.9. Operations & Improvement

  • Maintain internal records
  • Improve platform performance and user experience
5. HOW WE SHARE YOUR INFORMATION

5.1. We will limit sharing of our clients’ Personal Data as follows:

  • We may share our clients’ Personal Data with an affiliate or associated entity of Payemm on a confidential basis, who may only use your Personal Data for the purposes listed above and who will be bound by law or contract to protect your Personal Data and only use your Personal Data in accordance with our instructions.
  • We may share our clients’ Personal Data with any government agency in Jamaica for the purposes of fraud and crime prevention purposes, including financial institutions and regulatory bodies.
  • We may convey our clients’ Personal Data with any government agency in Jamaica for the purposes of processing an application on behalf of any of our clients.
  • We may share our clients’ Personal Data with any third- party to whom we assign or novate any of the rights or obligations of Payemm.
  • We may share our clients’ Personal Data with courts, law enforcement authorities, regulators or attorneys or other parties where it is reasonably necessary for the establishment, exercise or defense of a legal or equitable claim, or for the purposes of a confidential alternative dispute resolution process.
  • We will otherwise only disclose our clients’ Personal Data when our client directs us orgives us permission to do so, when we are required by applicable law or regulations or judicial or official request to do so, or as required to investigate actual or suspected fraudulent or criminal activities.
  • We may also use aggregated Personal Data and statistics for the purpose of monitoring website or mobile application usage in order to help us develop our website, our applications and our services.


5.2. We may also share our clients’ Personal Data with a variety of the following categories of third parties as necessary:

  • Our professional advisers such as lawyers and accountants.
  • Professional indemnity or other relevant insurers.
  • Regulators/tax authorities/corporate registries.
  • Third parties to whom we outsource certain services such as, without limitation, document processing and translation services, confidential waste disposal, IT systems or software providers, IT Support service providers, document and information storage providers.

We may share your information with trusted third parties where necessary such as :

5.3. Service Providers

  • Identity verification providers (e.g. Cleared)
  • Payment processors (e.g. FAC)
  • Service fulfillment partners


5.4. Internal Systems

We may use internal systems such as CRM tools to support:

  • customer service
  • appeals
  • collections tracking


5.5. Collections & Recovery

Third-party partners may be engaged to recover outstanding balances where necessary.

5.6. Legal & Regulatory Authorities

Where required by law, regulation, or legal process.

5.7. Credit Reporting

Payemm may share repayment performance information with licensed credit bureaus or data agencies, including EveryData Jamaica, where permitted by law.

Such information may include:

  • repayment history
  • account status
  • outstanding obligations

Users may request access to their reported information and dispute inaccuracies in accordance with applicable laws.

5.8. Cross-Border Processing

5.9. There may be circumstances in which the Personal Data of our clients would be transferred to a territory outside of Jamaica and such territory may not provide for an adequate level of data protection as granted in Jamaica.

5.10. When making such transfers, we shall ensure that the data are subject to appropriate safeguards in accordance with any applicable data protection legislation.

5.11. By registering for an account with us, you hereby consent to Payemm transferring your personal data to a territory outside of Jamaica

5.12. Further to the consent of our clients given for such transfer of Personal Data, our clients shall not hold us liable for the manner in which their Personal Data is held or processed by any third parties which are situated outside Jamaica.

Some of our third party service providers may store or process data outside of Jamaica. Where this occurs, Payemm will use the best available commercial means that appropriate safeguards are in place to protect your information.

Payemm shares only what is reasonably necessary to operate the platform and meet its obligations.

Please note the list provided herein is non-exhaustive and there may be other instances where we need to share our clients’ Personal Data with other parties in order to provide our services as effectively as we can.

6. PAYMENT DATA & SECURITY

6.1. We take appropriate technical and organizational measures to keep our clients’ Personal Data confidential and secure, in accordance with our internal policies and procedures regarding storage of, access to and disclosure of Personal Data. Our clients’ Personal Data is kept in the electronic systems of our office, in back storage systems and on paper files.

6.2. All of our officers, advisors, workers and data processors (i.e. those who process our clients’ Personal Data on our behalf, for the purposes listed above), who have access to, and are associated with the processing of our clients’ Personal Data, are obliged to respect the confidentiality of such Personal Data.

6.3. Payemm, however, does not make any representations or warrants that our clients’ Personal Data may not be accessed, disclosed, altered, or destroyed by breach of such safeguards. Payemm will notify our clients immediately in the event of a security breach and will maintain an incident response policy that includes notifications consistent with applicable law.

7. CAN CLIENTS REFUSE TO SHARE PERSONAL DATA WITH PAYEMM

7.1. Personal Data is received by our office on a voluntary basis and upon request from us on the basis of us being in compliance with the laws of Jamaica.

Where, however ,clients refuse to provide us with the Personal Data requested by our office, we may not be able to provide any services because we are legally required to adhere to anti-money laundering and/or compliance regulations or require such data inorder for us to process the instructions or otherwise to provide our clients with our corporate and trustee services

8. COMMUNICATIONS

By using Payemm, you agree to receive communications from Payemm via:

  • Email
  • SMS
  • WhatsApp
  • In-app notifications


These may include:

  • verification messages
  • repayment reminders
  • transaction confirmations
  • account updates
9. DATA RETENTION

9.1. We will generally keep the Personal Data of our clients provided to us during the course of our engagement for a period of seven (7) years or such other period as may be necessary in the circumstances. We will ordinarily retain copies of files, either in physical form or electronically, for a period of at least seven (7) years after termination of the client’s agreement with Payemm. Thereafter our files may be destroyed, and we are not obliged to provide our clients with any notice of such destruction.

9.2. We retain your information for as long as reasonably necessary to:

  • provide services
  • maintain account records
  • manage risk and fraud
  • support customer service
  • comply with legal and regulatory obligations


Retention periods may vary depending on the type of data and applicable legal requirements.
Where data is no longer required, it will be securely deleted or anonymized.

10. YOUR RESPONSIBILITIES

You are responsible for:

  • providing accurate information
  • keeping your contact details up to date
  • protecting your account credentials
11. LEGAL BASIS & COMPLIANCE

Payemm processes personal data in accordance with applicable data protection laws in Jamaica.

We collect and use data only as necessary to:

  • operate our services
  • manage risk
  • meet legal and regulatory obligations
12. YOUR RIGHTS

12.1. Our clients will have the following rights with respect to their Personal Data:

  • Access: Our clients are entitled to ask us if we are processing their Personal Data and, if we are, our clients can request access to their Personal Data. This enables our clients to receive a copy of the Personal Data we hold about them;
  • Rectification: Our clients are entitled to request that any incomplete or inaccurate Personal Data we hold about them is rectified. If our clients are entitled to rectification and if we have shared their Personal Data with others, we will notify them about the rectification where possible. If our clients make such a request, where possible and lawful to do so, we will also tell our clients who we have shared their Personal Data with so that our clients may contact them directly.
  • Erasure: Our clients are entitled to ask us to delete or remove Personal Data so long as we are not prohibited from doing so by operation of any law in force in Jamaica. if our clients withdraw their consent (where applicable). If we have shared their Personal Data with others, we will notify them about the erasure where possible.
  • Restriction: Our clients are entitled to ask us to suspend the processing of their Personal Data, for example, if our clients would like for us to establish its accuracy or the reason for processing it;
  • Transfer: Our clients may request that we transfer their Personal Data to another party;
  • Objection: Our clients are entitled to ask us to stop processing their Personal Data in certain circumstances, for example, where the processing is likely to cause substantial damage or distress except if we can demonstrate compelling legal grounds for the processing.
  • Marketing: Our clients also have the right to object where we are processing their Personal Data for direct marketing purposes. Our clients may opt-out of receiving direct marketing from us at any time.
  • Automated decisions: Our clients may contest any automated decision made about them where this has a legal or similar significant effect and ask for it to be reconsidered.
  • Consent: If we rely on our clients’ consent (or explicit consent) as our legal basis for processing their Personal Data, our clients may withdraw their consent at any time. However, please note that this will not affect the lawfulness of any processing carried out before our clients withdraw their consent. If our clients withdraw their consent, we may not be able to provide our services to those clients. Our clients will be reminded of this upon the withdrawal of their consent to the processing of Personal Data


12.2. If our clients would like to exercise any of the abovementioned rights, they may contact the Data Privacy contact set out in this Policy below.

Payemm will respond to requests within a reasonable timeframe and in accordance with applicable laws.

13. CHANGES TO THIS PRIVACY POLICY

13.1. This Privacy Policy was last updated May 6, 2026. We may make changes to this Privacy Policy from time to time. To ensure that you are always aware of how we use our clients’ Personal Data we will update this Privacy Policy from time to time to reflect any changes to our use of our clients’ Personal Data. We may also make changes as required to comply with changes in applicable law or regulatory requirements. Where it is practicable, we will notify our clients by email of any significant changes. However, we encourage our clients to review this Privacy Policy periodically to be informed of how we use their Personal Data.

14. LINKS TO THIRD PARTY WEBSITES

14.1. Our website, newsletters, email updates and other communications may, from time to time, contain links to and from the websites of others. The Personal Data thatour clients provide through these websites is not subject to this Privacy Policy and the treatment of our clients’ Personal Data by such websites is not our responsibility.

14.2. If our clients follow a link to any other websites, please note that these websites have their own privacy notices which will set out how their Personal Data is collected and processed when visiting those sites.

15. APPLICABLE LAW

This Privacy Policy shall be governed by and construed in accordance with the laws of Jamaica.

16. CONTACT

For privacy-related questions or support:

Payemm Limited

support@payemm.com