You are using an outdated browser. For a faster, safer browsing experience, upgrade for free today.

OMA Emirates

Privacy Policy

Privacy Policy

Your privacy is important to us. This is OMA Group’s policy to respect your privacy to help you understand how the Company collects and uses the information you submit, or which is otherwise collected when you access or use OMA SoftPOS.


1. Introduction

OMA SoftPOS (referred to herein as “SoftPOS” or the “App”) is a mobile point of sale solution provided by OMA Group (the “Company”) which enables users to make payments digitally.


  • This Policy applies to information collected in respect of individuals or any other legal person who use SoftPOS and for merchants who use the App to accept payments.
  • In this Policy, “you” means an individual or merchant who accesses or uses the App.
  • In this Policy, “Identification Data” means any data in a form that can identify you, whether you are a merchant, and “Non-identifying Data” means information in a form that does not, on its own, permit direct association with you or any other natural or legal person.
  • This Policy only governs the collection and use of information collected through or in connection with the App. It does not apply to information collected in other ways or to any other websites, products, software, or services operated by the Company. It does not modify or alter other agreements you may have, or enter later, with the Company.
  • This Policy does not apply to the data collection and use practices of any third parties you may contract with using or in connection with the App, including but not limited to merchants or your mobile service provider.
  • By accessing or using the App or providing information to the Company through the App, you agree to the practices described in this Policy and acknowledge your consent to the terms set out in this Privacy Policy. IF YOU DO NOT agree with any of the practices/ terms described in this policy, DO NOT ACCESS OR USE THE APP.
  • In addition to this Policy, for certain features of the App, the Company may present different or additional information practices and terms specific to those activities at the time the information is collected.
2. What information does the Company collect?

The Company collects certain Identification Data when you register with SoftPOS. If you register as a merchant, the Bank will collect the required details.

When you execute transactions using the App, the Company will generate and maintain records of those transactions. When you log in to the App, it requests access to the device location. At the time of registration, it will require Terminal ID and Merchant ID that is provided by the bank and the OTP that is sent to you via email/ SMS. The email/mobile number needs to be provided to the bank when registered with the bank.

The App may collect Identification Data from the devices on which you install or access the App, such as: Android ID, device brand, device model, name of Operating System and Operating System version, the location of your devices, including specific geographic locations, such as through GPS, Bluetooth, or WiFi signals; and your IP address.

The Company may collect Non-identifying Data such as your device settings, language, time zone, and information about user activities on the App, and security state (For example Root– Android; Overlay detection – Android; Emulator detection – Android; Debugger detection – Android, Hooks detection – android), Phone State (For example network information, the status of calls) and internet connection using (such as IP address, connection speed, provider).


3. How does the Company use your information?

The Company uses the information it collects:
a) to provide the payment and associated services within the App to you;
b) to evaluate, improve and develop our services and to notify you about these changes;
c) to administer our services, including for troubleshooting and testing purposes;
d) to help keep the App and the Company’s systems and services safe and secure;
e) to send you marketing communications if you provide your consent to do so;
f) Conduct research & analysis to improve our OMA Softpos app and marketing efforts;
g) to respond to you when you contact the Company;
h) for the purposes of anti-money laundering, terrorist financing, and fraud monitoring; and
i) to enforce other legal agreements between you and the Company.
j) The customer’s email address / mobile number will be used for no other purpose than sending the e-receipt, except when the Customer has consented to otherwise.


4. When will the Company disclose your information?

The Company has an obligation to keep your Identification Data confidential and to make it available only:
to you;
to the Central Bank of the United Arab Emirates (the “Central Bank”);
to other regulatory authorities that are approved to receive the data by the Central Bank;
by the order of a UAE court;
to Al Etihad Credit Bureau and other parties as necessary for compliance with anti-money laundering and terrorist financing laws; or
In order to provide services to you, we share certain information about you with our affiliates so that they can serve you more efficiently. Our affiliates maintain the same privacy standards as us. In order for us to conduct our operations, we may need to share information with our service providers, including data processing companies, cheque, ATM, and other payment processing companies, payment networks, and financial service providers with whom we have joint marketing agreements. These service providers act on our behalf and have agreed in writing to keep the customer information we provide to them confidential. We do not share your data with independent third parties offering their own products and services.

Any Non-identifying Data the Bank collects is aggregated with the data of other users and may be disclosed for the purposes described in this Policy without your further consent or any other restriction.

Your personal information may also be processed where it is necessary to establish, exercise, or defend legal claims. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others. We may process your personal information where such processing is necessary in order for us to comply with a legal obligation to which we are subject.


5. How does the Company protect your information?

The Company takes appropriate technical and organizational measures to protect your information against accidental and unlawful loss, destruction, alteration, disclosure, access, or use. All information you provide to the Company is stored on secured servers and may also be stored on other devices used by us in performance of service and accessed and used subject to SoftPOS security policies and standards.

However, the Company cannot control every risk associated with internet usage, so there is always a risk associated with the usage of internet and data sharing online. Given that the Internet is not a secure medium, we do not guarantee that information may not be accessed, disclosed, altered, or destroyed by breach of any kind. Please understand and appreciate the same, post which only, you should continue using SoftPOS and services and/or product/s it offers. No data transmission over the Internet can be guaranteed to be secure from intrusion; any transmission is at your own risk. However, we maintain commercially reasonable physical, electronic and procedural safeguards to protect your personal information in accordance with data protection legislative requirements.

Where you are in possession of a password which enables you to access certain parts of the App or softPOS, you are responsible for keeping this password confidential and for complying with any other security procedures that we notify you of. We ask you not to share a password with anyone.


6. Where does the Company hold your information?

In accordance with the laws of the UAE, we will store your data within the UAE. Notwithstanding this, if we are required and permitted by law to transfer any of your personal data to a country outside that in which we collected it pursuant to the above-listed circumstances, we will do so in accordance with the applicable data privacy legislation. The lawful requirements will depend on the flow of personal data, meaning it will depend on whether the sharing of personal data is cross-border and which countries are involved. At all times, we will ensure a similar degree of protection is afforded to your personal data outside the country in which you are based.


7. Could the Company make changes to this Policy?

The Company may vary/ amend the content of its App/ SoftPOS or services without notice, and consequently, the Privacy Policy may change at any time in the future. We, therefore, encourage you to review it from time to time to stay informed of how we are using personal information.

If the Company updates or modifies this Privacy Policy, it will change the “Last Updated” date at the beginning of this Privacy Policy. Any amended policy will be effective immediately after the date it is posted. If you do not agree to the revised policy, you should discontinue your use of the App. By continuing to access or use the App after the effective date, you confirm your acceptance of the revised policy and all of the terms incorporated therein by reference.


8. What happens to my information when I stop using the App?

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements.

With this in mind, we have determined that:

as required by applicable law, particularly those that relate to anti-money laundering, we may store your data for five years from the date of the transaction, or longer if subject to the regulations; and

upon canceling your Account, we may store all data related to your Account, for up to five years from the date of cancellation before permanently deleting it.

We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation or other regulatory enforcement or action in respect of our relationship with you and/or your use of the Services.

The retention periods are based on business needs and your information that is no longer needed is either irreversibly anonymized (and the anonymized information may be retained) or securely destroyed.


9. Help and Support

You can access help and support or file a complaint in relation to this Policy by contacting the OMA Group Call Centre at support.softpos@omaemirates.com other support services provided by the Company as published on the App.