Privacy Policy

Last updated: November 22, 2025

At HessaPay, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services.

1. Information We Collect

1.1 Information You Provide

When you join our waitlist, we collect:

  • Name: To personalize your experience
  • Email Address: To send you updates about HessaPay launch and early access

1.2 Analytics Data (Optional)

With your explicit consent, we may collect:

  • Device Information: Device type, browser type, operating system
  • Usage Data: Pages visited, time spent on pages, navigation patterns
  • Location Data: General location (city/country level) based on IP address

Note: Analytics collection requires your consent via the checkbox on the waitlist form. You can opt out at any time.

2. How We Use Your Information

We use the collected information for:

  • Service Delivery: Managing the waitlist and providing early access notifications
  • Product Improvement: Understanding user preferences to enhance HessaPay features
  • Communication: Sending launch updates, product news, and HessaPro benefits
  • Security: Detecting and preventing fraud, abuse, and security incidents

3. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption: All data transmitted to our servers is encrypted using SSL/TLS
  • Secure Storage: Your information is stored on secure servers protected by firewalls
  • Access Controls: Strict access limitations ensure only authorized personnel can access your data
  • Regular Audits: We conduct regular security audits and vulnerability assessments

4. GDPR Compliance

If you are located in the European Economic Area (EEA) or GCC countries with similar data protection laws, you have the following rights:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Request corrections to inaccurate data
  • Right to Erasure: Request deletion of your personal data ("Right to be Forgotten")
  • Right to Restriction: Request limitation on how we process your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing of your personal data
  • Right to Withdraw Consent: Withdraw consent for data processing at any time

To exercise these rights, contact us at privacy@hessapay.com

5. Data Retention

We retain your personal information only as long as necessary:

  • Waitlist Data: Retained until HessaPay launches, then transferred to your account or deleted upon request
  • Analytics Data: Anonymized and aggregated data may be retained indefinitely for statistical purposes
  • Deleted Accounts: Personal data is permanently deleted within 30 days of account closure

6. Third-Party Services

We use the following third-party services:

  • Google Forms & Sheets: Waitlist data collection and management
  • Cloudflare: Website hosting, CDN, and DDoS protection

These services have their own privacy policies and are GDPR-compliant. We do not sell or share your data with third parties for marketing purposes.

7. Cookies and Tracking

Our website uses minimal cookies:

  • Essential Cookies: Required for website functionality (language preference, session management)
  • Analytics Cookies: Only loaded if you consent via the waitlist form checkbox

You can control cookies through your browser settings. Disabling cookies may limit website functionality.

8. Children's Privacy

HessaPay is not intended for users under 18 years of age. We do not knowingly collect data from children. If you believe we have collected information from a minor, contact us immediately at privacy@hessapay.com.

9. Changes to This Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated "Last updated" date. Continued use of our services after changes constitutes acceptance of the updated policy.

10. Contact Us

For privacy-related questions or to exercise your data rights, contact us:

11. Regulatory Compliance

HessaPay is committed to complying with:

  • GDPR (General Data Protection Regulation - EU)
  • GCC Data Protection Laws (Kuwait, UAE, Saudi Arabia, Bahrain, Qatar, Oman)
  • Central Bank of Kuwait Regulations for financial technology services
← Back to Home