Privacy Policy

Effective Date: October 31, 2025

This Privacy Policy describes how WASASOFT MOBILE & WEB DEVELOPMENT (“Company,” “we,” “us,” or “our”) handles and uses the information collected from users of the OdiL mobile application and services operating in Papua New Guinea (PNG).

1. Information We Collect

We collect and store information primarily for user identification, service provision, receipt generation, and compliance with anti-fraud/AML/CTF requirements.

1.1 Information You Provide Directly

  • Personal Identification Data: Name, contact number, email address.
  • Business/Merchant Data (Required for Onboarding): Business name, physical address, email, and contact details. This information is specifically used for verification, fraud avoidance, and compliance checks.

1.2 Information We Receive From Third Parties

  • Transaction Status Data: We receive confirmation of transaction success or failure from the BSP Pay payment gateway to update your transaction history within the app.
  • Financial Details (EXCLUSION): We DO NOT collect, store, or process your sensitive payment information (such as credit card numbers, CVVs, or bank details). These details are handled exclusively by the BSP Pay payment gateway.

2. How We Use Your Information

We use the collected data for the following essential purposes:

a. Service Provision: To allow customers to make payments and merchants to receive them, and to generate digital receipts. b. Identification: To verify the identity of Merchants and Customers using the Service. c. Compliance and Security (AML/CTF): To perform due diligence, verify business information, and monitor transactions to prevent fraud and ensure compliance with all applicable AML and CTF regulations, including those advised by BSP Bank. d. Service Operations: To manage our cloud services (Strapi) and ensure the smooth operation of the application.

3. Sharing and Disclosure of Information

We will only share your information with external parties in the following limited circumstances:

3.1 External Service Providers

We share necessary information with our service providers to ensure the core functions of the Service:

  • Payment Gateway (BSP Pay): We share transaction details (excluding sensitive payment data) to initiate and track payment processing.
  • Cloud Hosting (Strapi): Data is stored and processed on our cloud infrastructure.

3.2 Legal and Compliance Requirements

We may disclose your information if required by law or in good faith belief that such action is necessary to:

  • Comply with legal obligations in PNG.
  • Respond to requests from regulatory bodies, including requirements from BSP Bank related to AML and CTF policies, which may necessitate account investigation and suspension.
  • Protect our rights or property.

4. Data Security and Retention

4.1 Data Security

We implement reasonable technical and organizational measures to protect your information against unauthorized access, use, or disclosure. However, no internet transmission or electronic storage is entirely secure.

4.2 Data Retention

We retain your personal and transaction data only as long as necessary for the purposes outlined in this policy and to satisfy any legal or accounting requirements. Please note our retention period is limited to approximately one (1) to two (2) years.

REMINDER TO USERS: As per our Terms & Conditions, you are responsible for maintaining your own definitive financial records and should not rely on the Service for long-term data archival.

5. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

odil@odil.space