Privacy Policy

Back to Home

1. Introduction

Ginih Business Cloud ("Ginih," "we," "us," or "our") is committed to protecting the privacy and security of your information. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you use our Banking SaaS platform and Receivable Automation services (collectively, the "Services").

As a provider of financial technology services, we handle sensitive business and financial data. We maintain the highest standards of data protection and comply with applicable data protection laws and financial services regulations.

2. Definitions

• "Client" — a business entity that has entered into a service agreement with Ginih to use our Banking SaaS and/or Receivable Automation services.
• "Authorized Users" — employees, contractors, or agents of a Client authorized to access and use the Services on behalf of the Client.
• "Personal Data" — any information relating to an identified or identifiable natural person.
• "Financial Data" — banking information, transaction records, account details, payment information, and other financial records processed through our Services.
• "Services" — our Banking SaaS platform, Receivable Automation tools, and related features and functionalities.

3. Information We Collect

3.1 Business Information

When you register for our Services, we collect:

• Company name, business registration number, and tax identification number
• Business address and contact information
• Industry type and business description
• Authorized Users' names, email addresses, job titles, and phone numbers

3.2 Financial Data

To provide our Banking SaaS and Receivable Automation services, we collect and process:

• Bank account information and credentials (encrypted)
• Transaction histories and payment records
• Invoice data, accounts receivable information, and payment status
• Customer and vendor financial records
• Account reconciliation data
• Payment processing information
• Financial reports and analytics data

3.3 Technical Information

We automatically collect certain technical information when you access our Services:

• IP addresses, device identifiers, and browser types
• Operating system and device information
• Log data, including access times, pages viewed, and actions taken
• Cookie data and similar tracking technologies
• API usage and integration data

3.4 Communication Data

We collect information from your communications with us, including:

• Customer support inquiries and responses
• Feedback, surveys, and product reviews
• Email correspondence and chat logs

4. How We Use Your Information

4.1 Service Delivery

• Provide, maintain, and improve our Banking SaaS platform and Receivable Automation services
• Process transactions and facilitate banking integrations
• Automate receivables management and payment collections
• Generate financial reports and analytics
• Perform account reconciliation and financial tracking
• Facilitate communication between your business and your customers regarding payments

4.2 Account Management

• Create and manage Client accounts and Authorized User profiles
• Authenticate users and prevent unauthorized access
• Provide customer support and respond to inquiries
• Send service-related notifications and updates
• Process billing and manage subscriptions

4.3 Security and Fraud Prevention

• Monitor for suspicious activity and potential fraud
• Investigate security incidents and prevent unauthorized access
• Verify identity and authenticate transactions
• Maintain audit trails for security and compliance purposes
• Comply with anti-money laundering (AML) and know-your-customer (KYC) requirements

4.4 Service Improvement and Analytics

• Analyze usage patterns and improve platform performance
• Develop new features and enhance existing functionality
• Conduct research and statistical analysis
• Optimize user experience and interface design

4.5 Legal and Regulatory Compliance

• Comply with applicable laws, regulations, and legal processes
• Meet financial reporting and audit requirements
• Respond to law enforcement and regulatory requests
• Enforce our Terms of Service and protect our legal rights

5. Legal Basis for Processing

• Contractual Necessity — processing is necessary to perform our contract with you and provide the Services
• Legitimate Interests — processing is necessary for our legitimate business interests, such as fraud prevention, security, and service improvement
• Legal Obligation — processing is required to comply with applicable laws and regulations
• Consent — where required by law, we obtain your explicit consent for specific processing activities

6. How We Share Your Information

6.1 Service Providers and Partners

We share information with trusted third-party service providers who assist us in delivering the Services:

• Cloud Infrastructure Providers — for secure data storage and hosting (e.g., Amazon Web Services)
• Banking and Financial Institutions — to facilitate banking integrations and transaction processing
• Payment Processors — to process payments and handle payment-related services
• Authentication Services — for secure user authentication and identity verification
• Analytics Providers — for platform analytics and performance monitoring

All service providers are contractually obligated to maintain the confidentiality and security of your information and may only use it for the purposes we specify.

6.2 Business Transfers

If Ginih is involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will notify you of any such change and the choices you may have.

6.3 Legal Requirements

We may disclose your information when required by law or in response to court orders, subpoenas, requests from law enforcement or regulatory authorities, investigations of fraud or illegal activity, or to protect our rights, property, or safety.

6.4 With Your Consent

We may share your information with other third parties when you provide explicit consent to do so.

7. Data Security

7.2 Compliance and Certifications

We are committed to maintaining compliance with recognized security standards:

• PCI DSS (Payment Card Industry Data Security Standard) compliance for payment processing
• Industry best practices for financial services security
• Ongoing evaluation and implementation of additional security certifications

7.3 Incident Response

In the event of a data breach or security incident that affects your information, we will notify affected Clients in accordance with applicable laws and regulations, investigate the incident thoroughly, cooperate with relevant authorities as required by law, and provide reasonable assistance.

7.4 Limitations

While we implement robust security measures, no system is completely secure. We cannot guarantee absolute security of your information. You are responsible for maintaining the confidentiality of your account credentials and notifying us immediately of any unauthorized access.

8. Data Retention

We retain your information for as long as necessary to provide the Services and fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

8.1 Active Account Data

While your account is active, we retain all information necessary to provide the Services.

8.2 Financial Records

Financial data and transaction records are retained in accordance with applicable financial regulations and tax laws (typically 7–10 years), contractual obligations with Clients, and audit and compliance requirements.

8.3 Account Closure

After account closure, we will delete or anonymize Personal Data within 90 days (unless retention is required by law), retain Financial Data for the period required by applicable regulations, and maintain anonymized and aggregated data for analytics and service improvement.

9. Your Rights and Choices

9.1 Access and Portability

You have the right to access your Personal Data and Financial Data stored in our systems, request a copy of your data in a structured, commonly used format, and export your data for use with other services.

9.2 Correction and Update

You may update or correct your information through your account settings or by contacting our support team at info@ginih.com.

9.3 Deletion

You may request deletion of your Personal Data, subject to legal and regulatory retention requirements, legitimate business needs (e.g., fraud prevention, audit trails), and contractual obligations.

9.4 Restriction and Objection

You may request restriction of processing under certain circumstances, object to processing based on legitimate interests, and opt out of marketing communications while still receiving service-related messages.

9.5 Withdrawal of Consent

Where processing is based on consent, you may withdraw consent at any time. This will not affect the lawfulness of processing before withdrawal.

9.6 Exercising Your Rights

To exercise any of these rights, please contact us at info@ginih.com. We will respond to your request in accordance with applicable law. We may require verification of your identity before processing your request and may charge a reasonable fee for certain requests as permitted by law.

10. International Data Transfers

Our Services may involve transferring your information to countries outside of your jurisdiction. When we transfer data internationally, we ensure adequate protection through standard contractual clauses, data processing agreements with service providers, compliance with applicable data transfer regulations, and technical and organizational security measures.

11. Cookies and Tracking Technologies

• Essential Cookies — required for the Services to function properly
• Analytics Cookies — help us understand how users interact with our platform
• Functional Cookies — remember your preferences and settings
• Security Cookies — authenticate users and prevent fraudulent activity

You can control cookies through your browser settings. Note that disabling certain cookies may limit your ability to use some features of our Services. We use third-party analytics services (such as Google Analytics) to analyze platform usage.

12. Third-Party Integrations

Our Services integrate with third-party banking systems, accounting software, and other business tools. When you connect third-party services, you authorize us to access and process data from those services as necessary. Third-party services have their own privacy policies, which govern their use of your information. We are not responsible for the privacy practices of third-party services.

13. Children's Privacy

Our Services are designed for business use and are not intended for individuals under 18 years of age. We do not knowingly collect Personal Data from children. If we become aware that we have collected information from a child, we will take steps to delete it promptly.

14. Client Responsibilities

If you are a Client using our Services to process information about your customers or employees, you are the data controller and are responsible for compliance with applicable data protection laws. You must have a lawful basis for processing and sharing data with Ginih and must provide appropriate notices to your data subjects.

Our relationship as data processor is governed by our Data Processing Agreement (DPA), which forms part of our Terms of Service.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. For material changes, we will make reasonable efforts to notify Clients via email or through the platform. Changes will generally be effective 30 days after notification, unless immediate implementation is required by law or for security reasons. Your continued use of the Services after changes become effective constitutes acceptance of the updated Privacy Policy.

16. Limitations and Disclaimers

While we implement and maintain reasonable security measures consistent with industry standards, we cannot guarantee absolute security. No method of transmission over the Internet or electronic storage is 100% secure. We are not responsible for the privacy practices of third-party services you integrate with our platform. We reserve the right to modify, suspend, or discontinue any aspect of our Services at any time.

This Privacy Policy is incorporated into and subject to our Terms of Service. In the event of any conflict, the Terms of Service shall govern.

17. Contact Us

18. Data Protection Officer

If you have concerns about how we handle your Personal Data, you may contact our Data Protection Officer at info@ginih.com.

19. Supervisory Authority

Where applicable under local law, you have the right to lodge a complaint with your local data protection supervisory authority if you believe we have not complied with applicable data protection laws.

20. Jurisdictional Information

20.1 European Economic Area & United Kingdom

If you are located in the EEA or UK and we provide Services to you, you may have additional rights under the GDPR and UK GDPR, including the right to lodge a complaint with your supervisory authority, the right to data portability, and rights regarding automated decision-making. We will endeavor to comply with GDPR requirements to the extent they apply to our Services.

20.2 California Residents

If you are a California resident and we provide Services to you, you may have rights under the CCPA, including the right to know what Personal Data we collect, the right to request deletion (subject to exceptions), the right to opt-out of the sale of Personal Data (note: we do not sell Personal Data), and the right to non-discrimination.

20.3 Other Jurisdictions

We strive to comply with applicable data protection laws in all jurisdictions where we operate. If you have specific questions about compliance in your jurisdiction, please contact us at info@ginih.com.